mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-22 22:38:08 +00:00
feat(common): Add AuthenticateDevice message.
[no changelog]
This commit is contained in:
parent
b221f128ec
commit
2dc5857336
@ -280,6 +280,25 @@ message FirmwareHash {
|
||||
required bytes hash = 1;
|
||||
}
|
||||
|
||||
/**
|
||||
* Request: Request a signature of the provided challenge.
|
||||
* @start
|
||||
* @next AuthenticityProof
|
||||
* @next Failure
|
||||
*/
|
||||
message AuthenticateDevice {
|
||||
required bytes challenge = 1; // A random challenge to sign.
|
||||
}
|
||||
|
||||
/**
|
||||
* Response: Signature of the provided challenge along with a certificate issued by the Trezor company.
|
||||
* @end
|
||||
*/
|
||||
message AuthenticityProof {
|
||||
repeated bytes certificates = 1; // A certificate chain starting with the device certificate, followed by intermediate CA certificates, the last of which is signed by Trezor company's root CA.
|
||||
required bytes signature = 2; // A DER-encoded signature of "\0x13AuthenticateDevice:" + length-prefixed challenge that should be verified using the device certificate.
|
||||
}
|
||||
|
||||
/**
|
||||
* Request: Request device to wipe all sensitive data and settings
|
||||
* @start
|
||||
|
@ -122,6 +122,8 @@ enum MessageType {
|
||||
MessageType_UnlockedPathRequest = 94 [(bitcoin_only) = true, (wire_out) = true];
|
||||
MessageType_ShowDeviceTutorial = 95 [(bitcoin_only) = true, (wire_in) = true];
|
||||
MessageType_UnlockBootloader = 96 [(bitcoin_only) = true, (wire_in) = true];
|
||||
MessageType_AuthenticateDevice = 97 [(bitcoin_only) = true, (wire_out) = true];
|
||||
MessageType_AuthenticityProof = 98 [(bitcoin_only) = true, (wire_in) = true];
|
||||
|
||||
MessageType_SetU2FCounter = 63 [(wire_in) = true];
|
||||
MessageType_GetNextU2FCounter = 80 [(wire_in) = true];
|
||||
|
@ -48,6 +48,8 @@ UnlockPath = 93
|
||||
UnlockedPathRequest = 94
|
||||
ShowDeviceTutorial = 95
|
||||
UnlockBootloader = 96
|
||||
AuthenticateDevice = 97
|
||||
AuthenticityProof = 98
|
||||
FirmwareErase = 6
|
||||
FirmwareUpload = 7
|
||||
FirmwareRequest = 8
|
||||
|
@ -65,6 +65,8 @@ if TYPE_CHECKING:
|
||||
UnlockedPathRequest = 94
|
||||
ShowDeviceTutorial = 95
|
||||
UnlockBootloader = 96
|
||||
AuthenticateDevice = 97
|
||||
AuthenticityProof = 98
|
||||
SetU2FCounter = 63
|
||||
GetNextU2FCounter = 80
|
||||
NextU2FCounter = 81
|
||||
|
@ -2362,6 +2362,36 @@ if TYPE_CHECKING:
|
||||
def is_type_of(cls, msg: Any) -> TypeGuard["FirmwareHash"]:
|
||||
return isinstance(msg, cls)
|
||||
|
||||
class AuthenticateDevice(protobuf.MessageType):
|
||||
challenge: "bytes"
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
*,
|
||||
challenge: "bytes",
|
||||
) -> None:
|
||||
pass
|
||||
|
||||
@classmethod
|
||||
def is_type_of(cls, msg: Any) -> TypeGuard["AuthenticateDevice"]:
|
||||
return isinstance(msg, cls)
|
||||
|
||||
class AuthenticityProof(protobuf.MessageType):
|
||||
certificates: "list[bytes]"
|
||||
signature: "bytes"
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
*,
|
||||
signature: "bytes",
|
||||
certificates: "list[bytes] | None" = None,
|
||||
) -> None:
|
||||
pass
|
||||
|
||||
@classmethod
|
||||
def is_type_of(cls, msg: Any) -> TypeGuard["AuthenticityProof"]:
|
||||
return isinstance(msg, cls)
|
||||
|
||||
class WipeDevice(protobuf.MessageType):
|
||||
|
||||
@classmethod
|
||||
|
@ -8,7 +8,7 @@ SKIPPED_MESSAGES := Binance Cardano DebugMonero Eos Monero Ontology Ripple SdPro
|
||||
TxAckInput TxAckOutput TxAckPrev TxAckPaymentRequest \
|
||||
EthereumSignTypedData EthereumTypedDataStructRequest EthereumTypedDataStructAck \
|
||||
EthereumTypedDataValueRequest EthereumTypedDataValueAck ShowDeviceTutorial \
|
||||
UnlockBootloader
|
||||
UnlockBootloader AuthenticateDevice AuthenticityProof
|
||||
|
||||
ifeq ($(BITCOIN_ONLY), 1)
|
||||
SKIPPED_MESSAGES += Ethereum NEM Stellar
|
||||
|
@ -73,6 +73,8 @@ class MessageType(IntEnum):
|
||||
UnlockedPathRequest = 94
|
||||
ShowDeviceTutorial = 95
|
||||
UnlockBootloader = 96
|
||||
AuthenticateDevice = 97
|
||||
AuthenticityProof = 98
|
||||
SetU2FCounter = 63
|
||||
GetNextU2FCounter = 80
|
||||
NextU2FCounter = 81
|
||||
@ -3466,6 +3468,37 @@ class FirmwareHash(protobuf.MessageType):
|
||||
self.hash = hash
|
||||
|
||||
|
||||
class AuthenticateDevice(protobuf.MessageType):
|
||||
MESSAGE_WIRE_TYPE = 97
|
||||
FIELDS = {
|
||||
1: protobuf.Field("challenge", "bytes", repeated=False, required=True),
|
||||
}
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
*,
|
||||
challenge: "bytes",
|
||||
) -> None:
|
||||
self.challenge = challenge
|
||||
|
||||
|
||||
class AuthenticityProof(protobuf.MessageType):
|
||||
MESSAGE_WIRE_TYPE = 98
|
||||
FIELDS = {
|
||||
1: protobuf.Field("certificates", "bytes", repeated=True, required=False, default=None),
|
||||
2: protobuf.Field("signature", "bytes", repeated=False, required=True),
|
||||
}
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
*,
|
||||
signature: "bytes",
|
||||
certificates: Optional[Sequence["bytes"]] = None,
|
||||
) -> None:
|
||||
self.certificates: Sequence["bytes"] = certificates if certificates is not None else []
|
||||
self.signature = signature
|
||||
|
||||
|
||||
class WipeDevice(protobuf.MessageType):
|
||||
MESSAGE_WIRE_TYPE = 5
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user