Mirrors/trezor-suite
2
0
Fork 0
mirror of https://github.com/trezor/trezor-suite.git synced 2026-03-06 23:39:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(connect): throw away credentials unaccepted by device

Browse Source
This commit is contained in:
Marek Polak
2025-10-07 17:01:34 +02:00
committed by Marek Polák
parent 85b34688b2
commit 26ebf67f63
4 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
packages/connect/src/device/thp/handshake.ts
View File

@@ -127,6 +127,17 @@ export const thpHandshake = async (device: Device, unlockPin = false) => {
encryptedPayload: handshakeCredentials.encryptedPayload,
});
if (!handshakeCompletion.message.state && handshakeCredentials.credentials) {
// Known credentials was used but not accepted by device -> throw them away
thpState.removePairingCredential(handshakeCredentials.credentials);
const { credential } = handshakeCredentials.credentials;
const index = settings?.knownCredentials?.findIndex(c => c.credential === credential) ?? -1;
if (index >= 0) {
settings?.knownCredentials?.splice(index, 1);
}
}
thpState.setIsPaired(!!handshakeCompletion.message.state);
thpState.setPhase('pairing');

5
packages/protocol/src/protocol-thp/ThpState.ts
View File

@@ -102,6 +102,11 @@ export class ThpState {
}
}
removePairingCredential({ credential }: ThpCredentials) {
const index = this._pairingCredentials.findIndex(c => c.credential === credential);
if (index >= 0) this._pairingCredentials.splice(index, 1);
}
setNfcSecret(secret: Buffer) {
this._nfcSecret = secret;
}

2
packages/protocol/src/protocol-thp/crypto/pairing.ts
View File

@@ -118,7 +118,7 @@ export const handleHandshakeInit = ({
trezorEphemeralPubkey,
);
// and use first from the list (could be undefined)
const credentials: ThpCredentialResponse | undefined = allCredentials[0];
const credentials = allCredentials.length ? allCredentials[0] : undefined;
// 11.1 If found set (temp_host_static_privkey, temp_host_static_pubkey) = (host_static_privkey, host_static_pubkey).
// 11.2 If not found set (temp_host_static_privkey, temp_host_static_pubkey) = (X25519(0, B), 0).

2
packages/protocol/src/protocol-thp/messages/messageTypes.ts
View File

@@ -48,7 +48,7 @@ export type ThpHandshakeCompletionRequest = {
};
export type ThpHandshakeCompletionResponse = {
state: 0 | 1;
state: 0 | 1 | 2;
};
export type ThpMessageType = ThpProtobufMessageType & {