chore(core): update cpace implementation

[no changelog]
2025-02-27 06:42:02 +00:00 · 2025-02-17 17:10:45 +01:00 · 2025-02-17 17:10:45 +01:00 · 0831ebbd8d
commit 0831ebbd8d
parent a3dac395bf
2 changed files with 7 additions and 3 deletions
--- a/core/src/apps/thp/pairing.py
+++ b/core/src/apps/thp/pairing.py
@ -220,7 +220,7 @@ async def _handle_code_entry_is_selected_first_time(ctx: PairingContext) -> None
        ctx.channel_ctx.get_handshake_hash(),
    )
    assert ctx.code_code_entry is not None
-    ctx.cpace.generate_keys_and_secret(ctx.code_code_entry.to_bytes(6, "big"))
+    ctx.cpace.generate_keys(ctx.code_code_entry.to_bytes(6, "big"))
    await ctx.write_force(
        ThpCodeEntryCpaceTrezor(cpace_trezor_public_key=ctx.cpace.trezor_public_key)
    )
--- a/core/src/trezor/wire/thp/cpace.py
+++ b/core/src/trezor/wire/thp/cpace.py
@ -17,9 +17,9 @@ class Cpace:
        self.trezor_private_key: bytes
        self.trezor_public_key: bytes

-    def generate_keys_and_secret(self, code_code_entry: bytes) -> None:
+    def generate_keys(self, code_code_entry: bytes) -> None:
        """
-        Generate ephemeral key pair and a shared secret using Elligator2 with X25519.
+        Generate an ephemeral key pair using Elligator2 with X25519.
        """
        sha_ctx = sha512(_PREFIX)
        sha_ctx.update(code_code_entry)
@ -32,6 +32,10 @@ class Cpace:
        self.trezor_public_key = curve25519.multiply(self.trezor_private_key, generator)

    def compute_shared_secret(self, host_public_key: bytes) -> None:
+        """
+        Compute a shared secret using host's public (cpace) key.
+        Must be called after `generate_keys`.
+        """
        self.shared_secret = curve25519.multiply(
            self.trezor_private_key, host_public_key
        )