Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PASS1-82: Delete input PSBT file after successful signing #59

Merged
merged 1 commit into from
Oct 6, 2021
Merged

PASS1-82: Delete input PSBT file after successful signing #59

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion ports/stm32/boards/Passport/modules/auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -684,7 +684,7 @@ def sign_transaction(psbt_len, flags=0x0, psbt_sha=None):

def sign_psbt_file(filename):
# sign a PSBT file found on a microSD card
from files import CardSlot, CardMissingError
from files import CardSlot, CardMissingError, securely_blank_file
from common import dis, system
# from sram4 import tmp_buf -- the fd.readinto() below doesn't work for some odd reason, even though the fd.readinto() for firmware updates
tmp_buf = bytearray(1024)
Expand Down Expand Up @@ -798,6 +798,8 @@ async def done(psbt):
# save transaction, in hex
txid = psbt.finalize(fd)

securely_blank_file(filename)

# success and done!
break

Expand Down
38 changes: 38 additions & 0 deletions ports/stm32/boards/Passport/modules/files.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -246,4 +246,42 @@ def get_file_path(self, filename, path=None):

return fname, basename+ext

def securely_blank_file(full_path):
# input PSBT file no longer required; so delete it
# - blank with zeros
# - rename to garbage (to hide filename after undelete)
# - delete
# - ok if file missing already (card maybe have been swapped)
#
# NOTE: we know the FAT filesystem code is simple, see
# ../external/micropython/extmod/vfs_fat.[ch]

path, basename = full_path.rsplit('/', 1)

with CardSlot() as card:
try:
blk = bytes(64)

with open(full_path, 'r+b') as fd:
size = fd.seek(0, 2)
fd.seek(0)

# blank it
for i in range((size // len(blk)) + 1):
fd.write(blk)

assert fd.seek(0, 1) >= size

# probably pointless, but why not:
os.sync()

except OSError as exc:
# missing file is okay
if exc.args[0] == ENOENT: return
raise

# rename it and delete
new_name = path + '/' + ('x'*len(basename))
os.rename(full_path, new_name)
os.remove(new_name)
# EOF