mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-18 04:18:10 +00:00
feat(python): add warning for insecure CoSi firmware
This commit is contained in:
parent
0577847352
commit
1afc78e368
@ -14,7 +14,6 @@
|
||||
# You should have received a copy of the License along with this library.
|
||||
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.
|
||||
|
||||
import warnings
|
||||
from typing import TYPE_CHECKING, Optional
|
||||
|
||||
import click
|
||||
@ -34,6 +33,14 @@ def cli() -> None:
|
||||
"""CoSi (Cothority / collective signing) commands."""
|
||||
|
||||
|
||||
def cosi_warn(client: "TrezorClient") -> None:
|
||||
if client.features.model == "1" and client.version < (1, 11, 2):
|
||||
click.echo("WARNING: CoSi signing on your Trezor is insecure.")
|
||||
click.echo("Please update your Trezor to firmware version 1.11.2 or newer.")
|
||||
click.echo("If you used CoSi in the past, consider rotating your keys.")
|
||||
raise click.Abort()
|
||||
|
||||
|
||||
@cli.command()
|
||||
@click.option("-n", "--address", required=True, help=PATH_HELP)
|
||||
@click.argument("data_deprecated", required=False)
|
||||
@ -42,8 +49,9 @@ def commit(
|
||||
client: "TrezorClient", address: str, data_deprecated: Optional[str]
|
||||
) -> "messages.CosiCommitment":
|
||||
"""Ask device to commit to CoSi signing."""
|
||||
cosi_warn(client)
|
||||
if data_deprecated is not None:
|
||||
warnings.warn("'data' argument is deprecated")
|
||||
click.echo("Warning: data argument is deprecated", err=True)
|
||||
|
||||
address_n = tools.parse_path(address)
|
||||
return cosi.commit(client, address_n)
|
||||
@ -63,6 +71,7 @@ def sign(
|
||||
global_pubkey: str,
|
||||
) -> "messages.CosiSignature":
|
||||
"""Ask device to sign using CoSi."""
|
||||
cosi_warn(client)
|
||||
address_n = tools.parse_path(address)
|
||||
return cosi.sign(
|
||||
client,
|
||||
|
Loading…
Reference in New Issue
Block a user