lukechilds
/
passport-firmware
mirror of https://github.com/lukechilds/passport-firmware.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

PASS1-82: Delete input PSBT file after successful signing

PASS1-82
coreylakey 3 years ago
parent
428a1f0229
commit
6058fcad36
2 changed files with 41 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      ports/stm32/boards/Passport/modules/auth.py
  2. 38
      ports/stm32/boards/Passport/modules/files.py

4
ports/stm32/boards/Passport/modules/auth.py
View File

@ -684,7 +684,7 @@ def sign_transaction(psbt_len, flags=0x0, psbt_sha=None):
def sign_psbt_file(filename): def sign_psbt_file(filename):
# sign a PSBT file found on a microSD card # sign a PSBT file found on a microSD card
from files import CardSlot, CardMissingError from files import CardSlot, CardMissingError, securely_blank_file
from common import dis, system from common import dis, system
# from sram4 import tmp_buf -- the fd.readinto() below doesn't work for some odd reason, even though the fd.readinto() for firmware updates # from sram4 import tmp_buf -- the fd.readinto() below doesn't work for some odd reason, even though the fd.readinto() for firmware updates
tmp_buf = bytearray(1024) tmp_buf = bytearray(1024)
@ -798,6 +798,8 @@ def sign_psbt_file(filename):
# save transaction, in hex # save transaction, in hex
txid = psbt.finalize(fd) txid = psbt.finalize(fd)
securely_blank_file(filename)
# success and done! # success and done!
break break

38
ports/stm32/boards/Passport/modules/files.py
View File

@ -246,4 +246,42 @@ class CardSlot:
return fname, basename+ext return fname, basename+ext
def securely_blank_file(full_path):
# input PSBT file no longer required; so delete it
# - blank with zeros
# - rename to garbage (to hide filename after undelete)
# - delete
# - ok if file missing already (card maybe have been swapped)
#
# NOTE: we know the FAT filesystem code is simple, see
# ../external/micropython/extmod/vfs_fat.[ch]
path, basename = full_path.rsplit('/', 1)
with CardSlot() as card:
try:
blk = bytes(64)
with open(full_path, 'r+b') as fd:
size = fd.seek(0, 2)
fd.seek(0)
# blank it
for i in range((size // len(blk)) + 1):
fd.write(blk)
assert fd.seek(0, 1) >= size
# probably pointless, but why not:
os.sync()
except OSError as exc:
# missing file is okay
if exc.args[0] == ENOENT: return
raise
# rename it and delete
new_name = path + '/' + ('x'*len(basename))
os.rename(full_path, new_name)
os.remove(new_name)
# EOF # EOF

Write Preview
Loading…
Cancel
Save