feat(core): add host static pubkey to channel cache

[no changelog]

core/src/apps/thp/pairing.py

@@ -393,6 +393,9 @@ async def _handle_credential_request(
         autoconnect=autoconnect,
     )
     credential = issue_credential(message.host_static_pubkey, credential_metadata)
+    ctx.channel_ctx.channel_cache.set_host_static_pubkey(
+        bytearray(message.host_static_pubkey)
+    )  # TODO This could raise an exception, should be handled?
 
     return await ctx.call_any(
         ThpCredentialResponse(

core/src/storage/cache_common.py

@@ -21,6 +21,7 @@ if utils.USE_THP:
     CHANNEL_KEY_SEND = const(2)
     CHANNEL_NONCE_RECEIVE = const(3)
     CHANNEL_NONCE_SEND = const(4)
+    CHANNEL_HOST_STATIC_PUBKEY = const(5)
 
 # Keys that are valid across sessions
 SESSIONLESS_FLAG = const(128)

core/src/storage/cache_thp.py

@@ -2,7 +2,7 @@ import builtins
 from micropython import const
 from typing import TYPE_CHECKING
 
-from storage.cache_common import DataCache
+from storage.cache_common import CHANNEL_HOST_STATIC_PUBKEY, DataCache
 
 if TYPE_CHECKING:
     from typing import Tuple
@@ -41,18 +41,18 @@ class ThpDataCache(DataCache):
 
 
 class ChannelCache(ThpDataCache):
+
     def __init__(self) -> None:
-        self.host_ephemeral_pubkey = bytearray(KEY_LENGTH)
         self.state = bytearray(_CHANNEL_STATE_LENGTH)
         self.iface = bytearray(1)  # TODO add decoding
         self.sync = 0x80  # can_send_bit | sync_receive_bit | sync_send_bit | rfu(5)
-        self.session_id_counter = 0x00
         self.fields = (
             32,  # CHANNEL_HANDSHAKE_HASH
             32,  # CHANNEL_KEY_RECEIVE
             32,  # CHANNEL_KEY_SEND
             8,  # CHANNEL_NONCE_RECEIVE
             8,  # CHANNEL_NONCE_SEND
+            32,  # CHANNEL_HOST_STATIC_PUBKEY
         )
         super().__init__()
 
@@ -60,11 +60,15 @@ class ChannelCache(ThpDataCache):
         self.state[:] = bytearray(
             int.to_bytes(0, _CHANNEL_STATE_LENGTH, "big")
         )  # Set state to UNALLOCATED
-        self.host_ephemeral_pubkey[:] = bytearray(KEY_LENGTH)
         self.state[:] = bytearray(_CHANNEL_STATE_LENGTH)
         self.iface[:] = bytearray(1)
         super().clear()
 
+    def set_host_static_pubkey(self, key: bytearray) -> None:
+        if len(key) != KEY_LENGTH:
+            raise Exception("Invalid key length")
+        self.set(CHANNEL_HOST_STATIC_PUBKEY, key)
+
 
 class SessionThpCache(ThpDataCache):
     def __init__(self) -> None:
@@ -207,12 +211,6 @@ def is_seedless_session(session_cache: SessionThpCache) -> bool:
     return _get_session_state(session_cache) == _SEEDLESS_STATE
 
 
-def set_channel_host_ephemeral_key(channel: ChannelCache, key: bytearray) -> None:
-    if len(key) != KEY_LENGTH:
-        raise Exception("Invalid key length")
-    channel.host_ephemeral_pubkey = key
-
-
 def create_or_replace_session(
     channel: ChannelCache, session_id: bytes
 ) -> SessionThpCache:

core/src/trezor/wire/thp/received_message_handler.py

@@ -335,6 +335,7 @@ async def _handle_state_TH2(ctx: Channel, message_length: int, ctrl_byte: int) -
             if paired:
                 trezor_state = _TREZOR_STATE_PAIRED
                 ctx.credential = credential
+                ctx.channel_cache.set_host_static_pubkey(bytearray(host_static_pubkey))
             else:
                 ctx.credential = None
         except DataError as e: