arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-04-23 10:39:03 +00:00
Code Issues Releases Wiki Activity

chore(legacy): Do not allow access to SLIP25 paths.

Browse Source
This commit is contained in:
Andrew Kozlik 2022-06-03 14:50:11 +02:00 committed by Andrew Kozlik
parent 58ef0da703
commit 2f6a7096da
4 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
legacy/firmware/.changelog.d/2289.changed Normal file
View File

@ -0,0 +1 @@
Do not allow access to SLIP25 paths.

1
legacy/firmware/crypto.h
View File

@ -37,6 +37,7 @@
#define PATH_MAX_ACCOUNT 100
#define PATH_MAX_CHANGE 1
#define PATH_MAX_ADDRESS_INDEX 1000000
#define PATH_SLIP25_PURPOSE (PATH_HARDENED | 10025)
#define ser_length_size(len) ((len) < 253 ? 1 : (len) < 0x10000 ? 3 : 5)

8
legacy/firmware/fsm_msg_coin.h
View File

@ -35,6 +35,14 @@ void fsm_msgGetPublicKey(const GetPublicKey *msg) {
curve = msg->ecdsa_curve_name;
}
// Do not allow access to SLIP25 paths.
if (msg->address_n_count > 0 && msg->address_n[0] == PATH_SLIP25_PURPOSE &&
config_getSafetyCheckLevel() == SafetyCheckLevel_Strict) {
fsm_sendFailure(FailureType_Failure_DataError, _("Forbidden key path"));
layoutHome();
return;
}
// derive m/0' to obtain root_fingerprint
uint32_t root_fingerprint;
uint32_t path[1] = {PATH_HARDENED | 0};

1
tests/ui_tests/fixtures.json
View File

@ -119,6 +119,7 @@
"T1_bitcoin-test_getpublickey.py::test_script_type[InputScriptType.SPENDP2SHWITNESS-ypub6WYmBsV-0710fbb3": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"T1_bitcoin-test_getpublickey.py::test_script_type[InputScriptType.SPENDWITNESS-zpub6qP2VY9x7Mx-84eaa56c": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"T1_bitcoin-test_getpublickey.py::test_script_type[None-xpub6BiVtCp7ozsRo7kaoYNrCNAVJwPYTQHjoXF-c37a47fd": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"T1_bitcoin-test_getpublickey.py::test_slip25_path": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"T1_bitcoin-test_getpublickey_curve.py::test_coin_and_curve": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"T1_bitcoin-test_getpublickey_curve.py::test_ed25519_public": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"T1_bitcoin-test_getpublickey_curve.py::test_publickey_curve[ed25519-path4-002e28dc0346d6d30d4e-e6c7a440": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",