trezor-firmware/core/src/apps/misc/sign_identity.py

from ustruct import pack, unpack

from trezor import ui
from trezor.crypto.hashlib import sha256
from trezor.messages.SignedIdentity import SignedIdentity
from trezor.ui.text import Text
from trezor.utils import chunks

from apps.common import HARDENED, coins
from apps.common.confirm import require_confirm
from apps.common.keychain import get_keychain


async def sign_identity(ctx, msg):
    if msg.ecdsa_curve_name is None:
        msg.ecdsa_curve_name = "secp256k1"

    keychain = await get_keychain(ctx, msg.ecdsa_curve_name, [[]])
    identity = serialize_identity(msg.identity)

    await require_confirm_sign_identity(ctx, msg.identity, msg.challenge_visual)

    address_n = get_identity_path(identity, msg.identity.index or 0)
    node = keychain.derive(address_n)

    coin = coins.by_name("Bitcoin")
    if msg.ecdsa_curve_name == "secp256k1":
        address = node.address(coin.address_type)  # hardcoded bitcoin address type
    else:
        address = None
    pubkey = node.public_key()
    if pubkey[0] == 0x01:
        pubkey = b"\x00" + pubkey[1:]
    seckey = node.private_key()

    if msg.identity.proto == "gpg":
        signature = sign_challenge(
            seckey,
            msg.challenge_hidden,
            msg.challenge_visual,
            "gpg",
            msg.ecdsa_curve_name,
        )
    elif msg.identity.proto == "signify":
        signature = sign_challenge(
            seckey,
            msg.challenge_hidden,
            msg.challenge_visual,
            "signify",
            msg.ecdsa_curve_name,
        )
    elif msg.identity.proto == "ssh":
        signature = sign_challenge(
            seckey,
            msg.challenge_hidden,
            msg.challenge_visual,
            "ssh",
            msg.ecdsa_curve_name,
        )
    else:
        signature = sign_challenge(
            seckey,
            msg.challenge_hidden,
            msg.challenge_visual,
            coin,
            msg.ecdsa_curve_name,
        )

    return SignedIdentity(address=address, public_key=pubkey, signature=signature)


async def require_confirm_sign_identity(ctx, identity, challenge_visual):
    lines = []
    if challenge_visual:
        lines.append(challenge_visual)

    lines.append(ui.MONO)
    lines.extend(chunks(serialize_identity_without_proto(identity), 18))

    proto = identity.proto.upper() if identity.proto else "identity"
    text = Text("Sign %s" % proto)
    text.normal(*lines)
    await require_confirm(ctx, text)


def serialize_identity(identity):
    s = ""
    if identity.proto:
        s += identity.proto + "://"
    if identity.user:
        s += identity.user + "@"
    if identity.host:
        s += identity.host
    if identity.port:
        s += ":" + identity.port
    if identity.path:
        s += identity.path
    return s


def serialize_identity_without_proto(identity):
    proto = identity.proto
    identity.proto = None  # simplify serialized identity string
    s = serialize_identity(identity)
    identity.proto = proto
    return s


def get_identity_path(identity: str, index: int):
    identity_hash = sha256(pack("<I", index) + identity).digest()

    address_n = (13,) + unpack("<IIII", identity_hash[:16])
    address_n = [HARDENED | x for x in address_n]

    return address_n


def sign_challenge(
    seckey: bytes, challenge_hidden: bytes, challenge_visual: str, sigtype, curve: str
) -> bytes:
    from trezor.crypto.hashlib import sha256

    if curve == "secp256k1":
        from trezor.crypto.curve import secp256k1
    elif curve == "nist256p1":
        from trezor.crypto.curve import nist256p1
    elif curve == "ed25519":
        from trezor.crypto.curve import ed25519
    from apps.common.signverify import message_digest

    if sigtype == "gpg":
        data = challenge_hidden
    elif sigtype == "signify":
        if curve != "ed25519":
            raise ValueError("Unsupported curve")
        data = challenge_hidden
    elif sigtype == "ssh":
        if curve != "ed25519":
            data = sha256(challenge_hidden).digest()
        else:
            data = challenge_hidden
    else:
        # sigtype is coin
        challenge = (
            sha256(challenge_hidden).digest() + sha256(challenge_visual).digest()
        )
        data = message_digest(sigtype, challenge)

    if curve == "secp256k1":
        signature = secp256k1.sign(seckey, data)
    elif curve == "nist256p1":
        signature = nist256p1.sign(seckey, data)
    elif curve == "ed25519":
        signature = ed25519.sign(seckey, data)
    else:
        raise ValueError("Unknown curve")

    if curve == "ed25519":
        signature = b"\x00" + signature
    elif sigtype == "gpg" or sigtype == "ssh":
        signature = b"\x00" + signature[1:]

    return signature
src/apps: some import refactoring 6 years ago			`from ustruct import pack, unpack`

apps: adjust to last commit 8 years ago			`from trezor import ui`
src/apps: cleanup workflow modules 6 years ago			`from trezor.crypto.hashlib import sha256`
			`from trezor.messages.SignedIdentity import SignedIdentity`
src/app/wallet: sign identity ui 6 years ago			`from trezor.ui.text import Text`
src: run isort 6 years ago			`from trezor.utils import chunks`
src/apps: cleanup workflow modules 6 years ago
seed: pass keychain to workflows, add namespaces 6 years ago			`from apps.common import HARDENED, coins`
src/apps: some import refactoring 6 years ago			`from apps.common.confirm import require_confirm`
core: update references to keychain everywhere 4 years ago			`from apps.common.keychain import get_keychain`
src/apps: cleanup workflow modules 6 years ago

core/wallet: implement keychain for apps.wallet 4 years ago			`async def sign_identity(ctx, msg):`
src/apps: cleanup workflow modules 6 years ago			`if msg.ecdsa_curve_name is None:`
src: run black 6 years ago			`msg.ecdsa_curve_name = "secp256k1"`
src/apps: cleanup workflow modules 6 years ago
core: update references to keychain everywhere 4 years ago			`keychain = await get_keychain(ctx, msg.ecdsa_curve_name, [[]])`
src/apps: cleanup workflow modules 6 years ago			`identity = serialize_identity(msg.identity)`
src/app/wallet: sign identity ui 6 years ago
apps/wallet/{sign_identity, ecdh}: show protocol as part of the header 6 years ago			`await require_confirm_sign_identity(ctx, msg.identity, msg.challenge_visual)`
src/apps: cleanup workflow modules 6 years ago
			`address_n = get_identity_path(identity, msg.identity.index or 0)`
core/wallet: implement keychain for apps.wallet 4 years ago			`node = keychain.derive(address_n)`
src/apps: cleanup workflow modules 6 years ago
src: run black 6 years ago			`coin = coins.by_name("Bitcoin")`
			`if msg.ecdsa_curve_name == "secp256k1":`
src/apps: cleanup workflow modules 6 years ago			`address = node.address(coin.address_type) # hardcoded bitcoin address type`
			`else:`
			`address = None`
			`pubkey = node.public_key()`
			`if pubkey[0] == 0x01:`
src: run black 6 years ago			`pubkey = b"\x00" + pubkey[1:]`
src/apps: cleanup workflow modules 6 years ago			`seckey = node.private_key()`

src: run black 6 years ago			`if msg.identity.proto == "gpg":`
src/apps: cleanup workflow modules 6 years ago			`signature = sign_challenge(`
src: run black 6 years ago			`seckey,`
			`msg.challenge_hidden,`
			`msg.challenge_visual,`
			`"gpg",`
			`msg.ecdsa_curve_name,`
			`)`
apps/wallet: support Signify Ed25519 signatures (#348) 5 years ago			`elif msg.identity.proto == "signify":`
			`signature = sign_challenge(`
			`seckey,`
			`msg.challenge_hidden,`
			`msg.challenge_visual,`
			`"signify",`
			`msg.ecdsa_curve_name,`
			`)`
src: run black 6 years ago			`elif msg.identity.proto == "ssh":`
src/apps: cleanup workflow modules 6 years ago			`signature = sign_challenge(`
src: run black 6 years ago			`seckey,`
			`msg.challenge_hidden,`
			`msg.challenge_visual,`
			`"ssh",`
			`msg.ecdsa_curve_name,`
			`)`
src/apps: cleanup workflow modules 6 years ago			`else:`
			`signature = sign_challenge(`
src: run black 6 years ago			`seckey,`
			`msg.challenge_hidden,`
			`msg.challenge_visual,`
			`coin,`
			`msg.ecdsa_curve_name,`
			`)`
src/apps: cleanup workflow modules 6 years ago
			`return SignedIdentity(address=address, public_key=pubkey, signature=signature)`
apps.wallet: add partial support for SignIdentity (secp256k1 curve only) 8 years ago
apps: accomodate latest seed changes 8 years ago
src/apps: use require_confirm where possible, introduce require_hold_to_confirm 6 years ago			`async def require_confirm_sign_identity(ctx, identity, challenge_visual):`
apps/wallet/{sign_identity, ecdh}: show protocol as part of the header 6 years ago			`lines = []`
			`if challenge_visual:`
			`lines.append(challenge_visual)`

			`lines.append(ui.MONO)`
			`lines.extend(chunks(serialize_identity_without_proto(identity), 18))`

src: run black 6 years ago			`proto = identity.proto.upper() if identity.proto else "identity"`
			`text = Text("Sign %s" % proto)`
ui.text: type -> normal 6 years ago			`text.normal(*lines)`
apps: use mutable Text API 6 years ago			`await require_confirm(ctx, text)`
src/app/wallet: sign identity ui 6 years ago

Revert "trezor/utils: refactor 'serialize_identity()'" This reverts commit de217f75dfdefd21e21b4535a52ebda34bc4fae3. 6 years ago			`def serialize_identity(identity):`
src: run black 6 years ago			`s = ""`
Revert "trezor/utils: refactor 'serialize_identity()'" This reverts commit de217f75dfdefd21e21b4535a52ebda34bc4fae3. 6 years ago			`if identity.proto:`
src: run black 6 years ago			`s += identity.proto + "://"`
Revert "trezor/utils: refactor 'serialize_identity()'" This reverts commit de217f75dfdefd21e21b4535a52ebda34bc4fae3. 6 years ago			`if identity.user:`
src: run black 6 years ago			`s += identity.user + "@"`
Revert "trezor/utils: refactor 'serialize_identity()'" This reverts commit de217f75dfdefd21e21b4535a52ebda34bc4fae3. 6 years ago			`if identity.host:`
			`s += identity.host`
			`if identity.port:`
src: run black 6 years ago			`s += ":" + identity.port`
Revert "trezor/utils: refactor 'serialize_identity()'" This reverts commit de217f75dfdefd21e21b4535a52ebda34bc4fae3. 6 years ago			`if identity.path:`
			`s += identity.path`
			`return s`


apps/wallet/{sign_identity, ecdh}: show protocol as part of the header 6 years ago			`def serialize_identity_without_proto(identity):`
			`proto = identity.proto`
			`identity.proto = None # simplify serialized identity string`
			`s = serialize_identity(identity)`
			`identity.proto = proto`
			`return s`


apps.wallet: fix sign_identity 7 years ago			`def get_identity_path(identity: str, index: int):`
src: run black 6 years ago			`identity_hash = sha256(pack("<I", index) + identity).digest()`
apps.wallet: add partial support for SignIdentity (secp256k1 curve only) 8 years ago
src: run black 6 years ago			`address_n = (13,) + unpack("<IIII", identity_hash[:16])`
src/apps: some import refactoring 6 years ago			`address_n = [HARDENED \| x for x in address_n]`
apps.wallet: add partial support for SignIdentity (secp256k1 curve only) 8 years ago
apps: accomodate latest seed changes 8 years ago			`return address_n`
apps.wallet: add partial support for SignIdentity (secp256k1 curve only) 8 years ago

src: run black 6 years ago			`def sign_challenge(`
			`seckey: bytes, challenge_hidden: bytes, challenge_visual: str, sigtype, curve: str`
			`) -> bytes:`
apps: accomodate latest seed changes 8 years ago			`from trezor.crypto.hashlib import sha256`
src: run black 6 years ago
			`if curve == "secp256k1":`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`from trezor.crypto.curve import secp256k1`
src: run black 6 years ago			`elif curve == "nist256p1":`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`from trezor.crypto.curve import nist256p1`
src: run black 6 years ago			`elif curve == "ed25519":`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`from trezor.crypto.curve import ed25519`
src/apps: some import refactoring 6 years ago			`from apps.common.signverify import message_digest`
apps: accomodate latest seed changes 8 years ago
src: run black 6 years ago			`if sigtype == "gpg":`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`data = challenge_hidden`
apps/wallet: support Signify Ed25519 signatures (#348) 5 years ago			`elif sigtype == "signify":`
			`if curve != "ed25519":`
			`raise ValueError("Unsupported curve")`
			`data = challenge_hidden`
src: run black 6 years ago			`elif sigtype == "ssh":`
			`if curve != "ed25519":`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`data = sha256(challenge_hidden).digest()`
			`else:`
			`data = challenge_hidden`
			`else:`
			`# sigtype is coin`
src: run black 6 years ago			`challenge = (`
			`sha256(challenge_hidden).digest() + sha256(challenge_visual).digest()`
			`)`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`data = message_digest(sigtype, challenge)`

src: run black 6 years ago			`if curve == "secp256k1":`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`signature = secp256k1.sign(seckey, data)`
src: run black 6 years ago			`elif curve == "nist256p1":`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`signature = nist256p1.sign(seckey, data)`
src: run black 6 years ago			`elif curve == "ed25519":`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago			`signature = ed25519.sign(seckey, data)`
			`else:`
src: run black 6 years ago			`raise ValueError("Unknown curve")`
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state 7 years ago
src: run black 6 years ago			`if curve == "ed25519":`
			`signature = b"\x00" + signature`
			`elif sigtype == "gpg" or sigtype == "ssh":`
			`signature = b"\x00" + signature[1:]`
apps: accomodate latest seed changes 8 years ago
			`return signature`