feat(core): add libtropic to the unix build

[no changelog]

.gitmodules

@@ -27,7 +27,6 @@
 [submodule "vendor/cmsis_5"]
 	path = vendor/cmsis_5
 	url = https://github.com/ARM-software/CMSIS_5.git
-
 [submodule "vendor/stm32u5xx_hal_driver"]
 	path = vendor/stm32u5xx_hal_driver
 	url = https://github.com/trezor/stm32u5xx_hal_driver.git

core/SConscript.firmware

@@ -695,6 +695,7 @@ if FROZEN:
         use_button='button' in FEATURES_AVAILABLE,
         use_touch='touch' in FEATURES_AVAILABLE,
         ui_layout=ui.get_ui_layout(TREZOR_MODEL),
+        tropic='tropic' in FEATURES_AVAILABLE,
         thp=THP,
         )
 

core/SConscript.unix

@@ -21,7 +21,7 @@ if BENCHMARK and PYOPT != '0':
   print("BENCHMARK=1 works only with PYOPT=0.")
   exit(1)
 
-FEATURES_WANTED = ["input", "sd_card", "dma2d", "optiga"]
+FEATURES_WANTED = ["input", "sd_card", "dma2d", "optiga", "tropic"]
 
 if not models.has_emulator(TREZOR_MODEL):
     # skip unix build
@@ -48,6 +48,7 @@ SOURCE_MOD = [
     'vendor/micropython/extmod/vfs_posix_file.c',
 ]
 SOURCE_MOD_CRYPTO = []
+SOURCE_MOD_TROPIC = []
 RUST_UI_FEATURES = []
 
 # modtrezorconfig
@@ -251,6 +252,14 @@ SOURCE_MOD += [
     'embed/upymod/modutime.c',
 ]
 
+SOURCE_MOD_TROPIC += [
+    'vendor/libtropic/src/libtropic.c',
+]
+
+CPPDEFINES_MOD += ['USE_TREZOR_CRYPTO']
+
+CPPPATH_MOD += ['vendor/libtropic/src/', 'vendor/libtropic/include/']
+
 SOURCE_MICROPYTHON = [
     'vendor/micropython/extmod/modubinascii.c',
     'vendor/micropython/extmod/moductypes.c',
@@ -485,6 +494,7 @@ ALLPATHS=['.',
          'embed/io/usb/inc',
          'embed/sec/entropy/inc',
          'embed/sec/random_delays/inc',
+         'embed/sec/secret/inc',
          'embed/sec/time_estimate/inc',
          'embed/sys/bsp/inc',
          'embed/sec/rng/inc',
@@ -753,6 +763,7 @@ if FROZEN:
         bitcoin_only=BITCOIN_ONLY,
         backlight='backlight' in FEATURES_AVAILABLE,
         optiga='optiga' in FEATURES_AVAILABLE,
+        tropic='tropic' in FEATURES_AVAILABLE,
         use_button='button' in FEATURES_AVAILABLE,
         use_touch='touch' in FEATURES_AVAILABLE,
         ui_layout=ui.get_ui_layout(TREZOR_MODEL),
@@ -770,7 +781,7 @@ if FROZEN:
 #
 
 obj_program = []
-source_files = SOURCE_MOD + SOURCE_MOD_CRYPTO + SOURCE_MICROPYTHON + SOURCE_UNIX
+source_files = SOURCE_MOD + SOURCE_MOD_CRYPTO + SOURCE_MOD_TROPIC + SOURCE_MICROPYTHON + SOURCE_UNIX
 obj_program.extend(env.Object(source=SOURCE_MOD))
 obj_program.extend(env.Object(source=SOURCE_MOD_CRYPTO, CCFLAGS='$CCFLAGS -ftrivial-auto-var-init=zero'))
 if FEATURE_FLAGS["SECP256K1_ZKP"]:

core/embed/projects/unix/main.c

@@ -37,6 +37,7 @@
 #include <unistd.h>
 
 #include <io/display.h>
+#include <sec/secret.h>
 #include <sys/system.h>
 #include <sys/systimer.h>
 #include <util/flash.h>
@@ -56,6 +57,10 @@
 #include <io/touch.h>
 #endif
 
+#ifdef USE_TROPIC
+#include <sec/tropic_transport.h>
+#endif
+
 #include "py/builtin.h"
 #include "py/compile.h"
 #include "py/gc.h"
@@ -498,6 +503,12 @@ static int sdl_event_filter(void *userdata, SDL_Event *event) {
   return 1;
 }
 
+void drivers_init() {
+#ifdef USE_TROPIC
+    tropic_init();
+#endif
+}
+
 MP_NOINLINE int main_(int argc, char **argv) {
 #ifdef SIGPIPE
   // Do not raise SIGPIPE, instead return EPIPE. Otherwise, e.g. writing
@@ -519,6 +530,8 @@ MP_NOINLINE int main_(int argc, char **argv) {
 
   system_init(&rsod_panic_handler);
 
+  drivers_init();
+
   SDL_SetEventFilter(sdl_event_filter, NULL);
 
   display_init(DISPLAY_RESET_CONTENT);

core/embed/rust/Cargo.toml

@@ -43,6 +43,7 @@ backlight = []
 usb = []
 optiga = []
 ble = []
+tropic = []
 translations = ["crypto"]
 test = [
     "backlight",

core/embed/sec/secret/inc/sec/secret.h

@@ -9,6 +9,7 @@
 #define SECRET_HEADER_LEN 16
 #define SECRET_OPTIGA_KEY_OFFSET 16
 #define SECRET_OPTIGA_KEY_LEN 32
+#define SECRET_TROPIC_KEY_LEN 32
 
 #define SECRET_MONOTONIC_COUNTER_OFFSET 48
 #define SECRET_MONOTONIC_COUNTER_LEN 1024
@@ -57,6 +58,10 @@ secbool secret_optiga_writable(void);
 // Erases optiga pairing secret from the secret storage
 void secret_optiga_erase(void);
 
+secbool secret_tropic_get_trezor_privkey(uint8_t dest[SECRET_TROPIC_KEY_LEN]);
+
+secbool secret_tropic_get_tropic_pubkey(uint8_t dest[SECRET_TROPIC_KEY_LEN]);
+
 // Regenerates the BHK and writes it to the secret storage
 void secret_bhk_regenerate(void);
 

core/embed/sec/secret/unix/secret.c

@@ -7,6 +7,16 @@
 
 #ifdef KERNEL_MODE
 
+static uint8_t SECRET_TROPIC_TREZOR_PRIVKEY_BYTES[] =                                                \
+  {0xf0, 0xc4, 0xaa, 0x04, 0x8f, 0x00, 0x13, 0xa0, 0x96, 0x84, 0xdf, \
+   0x05, 0xe8, 0xa2, 0x2e, 0xf7, 0x21, 0x38, 0x98, 0x28, 0x2b, 0xa9, \
+   0x43, 0x12, 0xf3, 0x13, 0xdf, 0x2d, 0xce, 0x8d, 0x41, 0x64};
+
+static uint8_t SECRET_TROPIC_PUBKEY_BYTES[]  =
+  {0x31, 0xE9, 0x0A, 0xF1, 0x50, 0x45, 0x10, 0xEE, 0x4E, 0xFD, 0x79, \
+   0x13, 0x33, 0x41, 0x48, 0x15, 0x89, 0xA2, 0x89, 0x5C, 0xC5, 0xFB, \
+   0xB1, 0x3E, 0xD5, 0x71, 0x1C, 0x1E, 0x9B, 0x81, 0x98, 0x72};
+
 static secbool bootloader_locked_set = secfalse;
 static secbool bootloader_locked = secfalse;
 
@@ -123,6 +133,16 @@ secbool secret_optiga_writable(void) { return secret_wiped(); }
 
 void secret_optiga_erase(void) { secret_erase(); }
 
+secbool secret_tropic_get_trezor_privkey(uint8_t dest[SECRET_TROPIC_KEY_LEN]) {
+  memcpy(dest, &SECRET_TROPIC_TREZOR_PRIVKEY_BYTES, SECRET_TROPIC_KEY_LEN);
+  return sectrue;
+}
+
+secbool secret_tropic_get_tropic_pubkey(uint8_t dest[SECRET_TROPIC_KEY_LEN]) {
+  memcpy(dest, &SECRET_TROPIC_PUBKEY_BYTES, SECRET_TROPIC_KEY_LEN);
+  return sectrue;
+}
+
 void secret_prepare_fw(secbool allow_run_with_secret, secbool _trust_all) {
 #ifdef USE_OPTIGA
   if (sectrue != allow_run_with_secret && sectrue != secret_wiped()) {

core/embed/sec/tropic/inc/sec/tropic_common.h

@@ -0,0 +1,28 @@
+/*
+ * This file is part of the Trezor project, https://trezor.io/
+ *
+ * Copyright (c) SatoshiLabs
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef TREZORHAL_TROPIC_COMMON_H
+#define TREZORHAL_TROPIC_COMMON_H
+
+typedef enum _tropic_result {
+  TROPIC_SUCCESS = 0,     // Operation completed successfully.
+  TROPIC_ERR_SESSION_START,
+} tropic_result;
+
+#endif

core/embed/sec/tropic/inc/sec/tropic_transport.h

@@ -0,0 +1,30 @@
+/*
+ * This file is part of the Trezor project, https://trezor.io/
+ *
+ * Copyright (c) SatoshiLabs
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef TREZORHAL_TROPIC_TRANSPORT_H
+#define TREZORHAL_TROPIC_TRANSPORT_H
+
+#include <trezor_types.h>
+#include "tropic_common.h"
+#include "libtropic.h"
+
+tropic_result tropic_init(void);
+tropic_result tropic_handshake(const uint8_t *trezor_privkey, const uint8_t *tropic_pubkey);
+
+#endif

core/embed/sec/tropic/tropic_transport.c

@@ -0,0 +1,60 @@
+/*
+ * This file is part of the Trezor project, https://trezor.io/
+ *
+ * Copyright (c) SatoshiLabs
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include <trezor_rtl.h>
+#include <sec/tropic_transport.h>
+#include <sec/secret.h>
+#include "ed25519-donna/ed25519.h"
+#include "memzero.h"
+
+#define PKEY_INDEX_BYTE PAIRING_KEY_SLOT_INDEX_0
+
+STATIC lt_handle_t lt_handle = {0};
+
+tropic_result tropic_init(void) {
+  uint8_t tropic_secret_tropic_pubkey[SECRET_TROPIC_KEY_LEN] = {0};
+  uint8_t tropic_secret_trezor_privkey[SECRET_TROPIC_KEY_LEN] = {0};
+
+  ensure((lt_init(&lt_handle) == LT_OK) * sectrue, "lt_init failed");
+  ensure(secret_tropic_get_tropic_pubkey(tropic_secret_tropic_pubkey), "secret_tropic_get_tropic_pubkey failed");
+  ensure(secret_tropic_get_trezor_privkey(tropic_secret_trezor_privkey), "secret_tropic_get_trezor_privkey failed");
+
+  tropic_result result = tropic_handshake(tropic_secret_trezor_privkey, tropic_secret_tropic_pubkey);
+
+  memzero(tropic_secret_trezor_privkey, sizeof(tropic_secret_trezor_privkey));
+
+  ensure((result == TROPIC_SUCCESS) * sectrue, "tropic_handshake failed");
+
+  return TROPIC_SUCCESS;
+}
+
+inline tropic_result tropic_handshake(const uint8_t *trezor_privkey, const uint8_t *tropic_pubkey) {
+  lt_ret_t ret = LT_FAIL;
+
+  uint8_t trezor_pubkey[SECRET_TROPIC_KEY_LEN] = {};
+  curve25519_scalarmult_basepoint(trezor_pubkey, trezor_privkey);
+
+  ret = lt_session_start(&lt_handle, tropic_pubkey, PKEY_INDEX_BYTE, trezor_privkey, trezor_pubkey);
+  if (ret != LT_OK) {
+    return TROPIC_ERR_SESSION_START;
+  }
+
+  return TROPIC_SUCCESS;
+}

core/embed/upymod/modtrezorcrypto/modtrezorcrypto-tropic.h

@@ -0,0 +1,175 @@
+/*
+ * This file is part of the Trezor project, https://trezor.io/
+ *
+ * Copyright (c) SatoshiLabs
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#if USE_TROPIC
+
+#include <sec/secret.h>
+#include <sec/tropic_transport.h>
+#include "libtropic.h"
+
+#define PKEY_INDEX_BYTE PAIRING_KEY_SLOT_INDEX_0
+
+extern STATIC lt_handle_t lt_handle;
+
+/// package: trezorcrypto.tropic
+
+/// class TropicError(Exception):
+///     """Error returned by the Tropic Square chip."""
+MP_DEFINE_EXCEPTION(TropicError, Exception)
+
+#define PING_MSG_MAX_LEN 64
+#define ECC_SLOT_COUNT 32
+#define SIG_SIZE 64
+
+/// def ping(message: str) -> str:
+///     """
+///     Test the session by pinging the chip.
+///     """
+STATIC mp_obj_t mod_trezorcrypto_tropic_ping(mp_obj_t message) {
+  lt_ret_t ret = LT_FAIL;
+
+  uint8_t msg_in[PING_MSG_MAX_LEN] = {0};
+
+  mp_buffer_info_t message_b = {0};
+  mp_get_buffer_raise(message, &message_b, MP_BUFFER_READ);
+  if (message_b.len > 0) {
+    ret = lt_ping(&lt_handle, (uint8_t *)message_b.buf, (uint8_t *)msg_in,
+                  message_b.len);
+    if (ret != LT_OK) {
+      mp_raise_msg(&mp_type_TropicError, "lt_ping failed.");
+    }
+  } else {
+    return mp_const_none;
+  }
+
+  vstr_t result = {0};
+  vstr_init_len(&result, message_b.len);
+
+  memcpy(result.buf, msg_in, message_b.len);
+  result.len = strlen(result.buf);
+
+  return mp_obj_new_str_from_vstr(&mp_type_str, &result);
+}
+STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_tropic_ping_obj,
+                                 mod_trezorcrypto_tropic_ping);
+
+/// def get_certificate() -> bytes:
+///     """
+///     Return the chip's certificate.
+///     """
+STATIC mp_obj_t mod_trezorcrypto_tropic_get_certificate() {
+  lt_ret_t ret = LT_FAIL;
+
+  uint8_t X509_cert[512] = {0};
+  ret = lt_get_info_cert(&lt_handle, X509_cert, 512);
+  if (ret != LT_OK) {
+    mp_raise_msg(&mp_type_TropicError, "lt_get_info_cert failed.");
+  }
+
+  vstr_t vstr = {0};
+  vstr_init_len(&vstr, 512);
+
+  memcpy(vstr.buf, X509_cert, 512);
+
+  return mp_obj_new_str_from_vstr(&mp_type_bytes, &vstr);
+}
+STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_tropic_get_certificate_obj,
+                                 mod_trezorcrypto_tropic_get_certificate);
+
+/// def key_generate(
+///     key_index: int,
+/// ) -> None:
+///     """
+///     Generate ECC key in the device's ECC key slot.
+///     """
+STATIC mp_obj_t mod_trezorcrypto_tropic_key_generate(mp_obj_t key_index) {
+  mp_int_t idx = mp_obj_get_int(key_index);
+  if (idx < 0 || idx >= ECC_SLOT_COUNT) {
+    mp_raise_ValueError("Invalid index.");
+  }
+
+  lt_ret_t ret = LT_FAIL;
+
+  ret = lt_ecc_key_generate(&lt_handle, idx, CURVE_ED25519);
+  if (ret != LT_OK) {
+    mp_raise_msg(&mp_type_TropicError, "lt_ecc_key_generate failed.");
+  }
+
+  return mp_const_none;
+}
+STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_tropic_key_generate_obj,
+                                 mod_trezorcrypto_tropic_key_generate);
+
+
+/// def sign(
+///     key_index: int,
+///     digest: bytes,
+/// ) -> bytes:
+///     """
+///     Uses the private key at key_index to produce a signature of the digest.
+///     """
+STATIC mp_obj_t mod_trezorcrypto_tropic_sign(mp_obj_t key_index,
+                                             mp_obj_t digest) {
+  mp_int_t idx = mp_obj_get_int(key_index);
+  if (idx < 0 || idx >= ECC_SLOT_COUNT) {
+    mp_raise_ValueError("Invalid index.");
+  }
+
+  mp_buffer_info_t dig = {0};
+  mp_get_buffer_raise(digest, &dig, MP_BUFFER_READ);
+  if (dig.len != 32) {
+    mp_raise_ValueError("Invalid length of digest.");
+  }
+
+  lt_ret_t ret = LT_FAIL;
+
+  vstr_t sig = {0};
+  vstr_init_len(&sig, SIG_SIZE);
+
+  ret = lt_ecc_eddsa_sign(&lt_handle, idx, (const uint8_t *)dig.buf, dig.len,
+                          ((uint8_t *)sig.buf), SIG_SIZE);
+  if (ret != LT_OK) {
+    vstr_clear(&sig);
+    mp_raise_msg(&mp_type_TropicError, "lt_ecc_eddsa_sign failed.");
+  }
+
+  sig.len = SIG_SIZE;
+  return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
+}
+STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_tropic_sign_obj,
+                                 mod_trezorcrypto_tropic_sign);
+
+STATIC const mp_rom_map_elem_t mod_trezorcrypto_tropic_globals_table[] = {
+    {MP_ROM_QSTR(MP_QSTR___name__), MP_ROM_QSTR(MP_QSTR_tropic)},
+    {MP_ROM_QSTR(MP_QSTR_ping), MP_ROM_PTR(&mod_trezorcrypto_tropic_ping_obj)},
+    {MP_ROM_QSTR(MP_QSTR_get_certificate),
+     MP_ROM_PTR(&mod_trezorcrypto_tropic_get_certificate_obj)},
+    {MP_ROM_QSTR(MP_QSTR_key_generate),
+     MP_ROM_PTR(&mod_trezorcrypto_tropic_key_generate_obj)},
+    {MP_ROM_QSTR(MP_QSTR_sign), MP_ROM_PTR(&mod_trezorcrypto_tropic_sign_obj)},
+    {MP_ROM_QSTR(MP_QSTR_TropicError), MP_ROM_PTR(&mp_type_TropicError)}};
+STATIC MP_DEFINE_CONST_DICT(mod_trezorcrypto_tropic_globals,
+                            mod_trezorcrypto_tropic_globals_table);
+
+STATIC const mp_obj_module_t mod_trezorcrypto_tropic_module = {
+    .base = {&mp_type_module},
+    .globals = (mp_obj_dict_t *)&mod_trezorcrypto_tropic_globals,
+};
+
+#endif

core/embed/upymod/modtrezorcrypto/modtrezorcrypto.c

@@ -69,6 +69,9 @@ static void wrapped_ui_wait_callback(uint32_t current, uint32_t total) {
 #ifdef USE_OPTIGA
 #include "modtrezorcrypto-optiga.h"
 #endif
+#ifdef USE_TROPIC
+#include "modtrezorcrypto-tropic.h"
+#endif
 #if !BITCOIN_ONLY
 #include "modtrezorcrypto-cardano.h"
 #include "modtrezorcrypto-monero.h"
@@ -135,6 +138,9 @@ STATIC const mp_rom_map_elem_t mp_module_trezorcrypto_globals_table[] = {
 #if USE_OPTIGA
     {MP_ROM_QSTR(MP_QSTR_optiga), MP_ROM_PTR(&mod_trezorcrypto_optiga_module)},
 #endif
+#if USE_TROPIC
+    {MP_ROM_QSTR(MP_QSTR_tropic), MP_ROM_PTR(&mod_trezorcrypto_tropic_module)},
+#endif
 };
 STATIC MP_DEFINE_CONST_DICT(mp_module_trezorcrypto_globals,
                             mp_module_trezorcrypto_globals_table);

core/embed/upymod/modtrezorutils/modtrezorutils.c

@@ -391,6 +391,8 @@ STATIC mp_obj_tuple_t mod_trezorutils_version_obj = {
 /// """Whether the hardware supports haptic feedback."""
 /// USE_OPTIGA: bool
 /// """Whether the hardware supports Optiga secure element."""
+/// USE_TROPIC: bool
+/// """Whether the hardware supports Tropic Square secure element."""
 /// USE_TOUCH: bool
 /// """Whether the hardware supports touch screen."""
 /// USE_BUTTON: bool
@@ -471,6 +473,11 @@ STATIC const mp_rom_map_elem_t mp_module_trezorutils_globals_table[] = {
 #else
     {MP_ROM_QSTR(MP_QSTR_USE_OPTIGA), mp_const_false},
 #endif
+#ifdef USE_TROPIC
+    {MP_ROM_QSTR(MP_QSTR_USE_TROPIC), mp_const_true},
+#else
+    {MP_ROM_QSTR(MP_QSTR_USE_TROPIC), mp_const_false},
+#endif
 #ifdef USE_TOUCH
     {MP_ROM_QSTR(MP_QSTR_USE_TOUCH), mp_const_true},
 #else

core/mocks/generated/trezorcrypto/tropic.pyi

@@ -0,0 +1,31 @@
+from typing import *
+
+
+# upymod/modtrezorcrypto/modtrezorcrypto-tropic.h
+class TropicError(Exception):
+    """Error returned by the Tropic Square chip."""
+
+    def ping(message: str) -> str:
+        """
+        Test the session by pinging the chip.
+        """
+
+    def get_certificate() -> bytes:
+        """
+        Return the chip's certificate.
+        """
+
+    def key_generate(
+        key_index: int,
+    ) -> None:
+        """
+        Generate ECC key in the device's ECC key slot.
+        """
+
+    def sign(
+        key_index: int,
+        digest: bytes,
+    ) -> bytes:
+        """
+        Uses the private key at key_index to produce a signature of the digest.
+        """

core/mocks/generated/trezorutils.pyi

@@ -132,6 +132,8 @@ USE_HAPTIC: bool
 """Whether the hardware supports haptic feedback."""
 USE_OPTIGA: bool
 """Whether the hardware supports Optiga secure element."""
+USE_TROPIC: bool
+"""Whether the hardware supports Tropic Square secure element."""
 USE_TOUCH: bool
 """Whether the hardware supports touch screen."""
 USE_BUTTON: bool

core/site_scons/models/T3W1/emulator.py

@@ -52,6 +52,30 @@ def configure(
         features_available.append("optiga")
         defines += [("USE_OPTIGA", "1")]
 
+    if "tropic" in features_wanted:
+        sources += [
+            "embed/sec/secret/unix/secret.c",
+            "embed/sec/tropic/tropic_transport.c",
+            "vendor/libtropic/src/libtropic.c",
+            "vendor/libtropic/src/lt_crc16.c",
+            "vendor/libtropic/src/lt_hkdf.c",
+            "vendor/libtropic/src/lt_l1.c",
+            "vendor/libtropic/src/lt_l1_port_wrap.c",
+            "vendor/libtropic/src/lt_l2.c",
+            "vendor/libtropic/src/lt_l2_frame_check.c",
+            "vendor/libtropic/src/lt_l3.c",
+            "vendor/libtropic/src/lt_random.c",
+            "vendor/libtropic/hal/port/unix/lt_port_unix.c",
+            "vendor/libtropic/hal/crypto/trezor_crypto/lt_crypto_trezor_aesgcm.c",
+            "vendor/libtropic/hal/crypto/trezor_crypto/lt_crypto_trezor_ed25519.c",
+            "vendor/libtropic/hal/crypto/trezor_crypto/lt_crypto_trezor_sha256.c",
+            "vendor/libtropic/hal/crypto/trezor_crypto/lt_crypto_trezor_x25519.c",
+        ]
+        paths += ["embed/sec/tropic/inc"]
+        defines += ["USE_TREZOR_CRYPTO"]
+        features_available.append("tropic")
+        defines += ["USE_TROPIC=1"]
+
     if "input" in features_wanted:
         sources += ["embed/io/touch/unix/touch.c"]
         paths += ["embed/io/touch/inc"]

core/site_scons/site_tools/micropython/__init__.py

@@ -44,6 +44,7 @@ def generate(env):
         btc_only = env["bitcoin_only"] == "1"
         backlight = env["backlight"]
         optiga = env["optiga"]
+        tropic = env["tropic"]
         touch = env["use_touch"]
         button = env["use_button"]
         layout_bolt = env["ui_layout"] == "UI_LAYOUT_BOLT"
@@ -55,6 +56,7 @@ def generate(env):
             rf"-e 's/utils\.BITCOIN_ONLY/{btc_only}/g'",
             rf"-e 's/utils\.USE_BACKLIGHT/{backlight}/g'",
             rf"-e 's/utils\.USE_OPTIGA/{optiga}/g'",
+            rf"-e 's/utils\.USE_TROPIC/{tropic}/g'",
             rf"-e 's/utils\.UI_LAYOUT == \"BOLT\"/{layout_bolt}/g'",
             rf"-e 's/utils\.UI_LAYOUT == \"CAESAR\"/{layout_caesar}/g'",
             rf"-e 's/utils\.UI_LAYOUT == \"DELIZIA\"/{layout_delizia}/g'",

core/src/trezor/crypto/__init__.py

@@ -22,5 +22,8 @@ if not utils.BITCOIN_ONLY:
 if utils.USE_OPTIGA:
     from trezorcrypto import optiga  # noqa: F401
 
+if utils.USE_TROPIC:
+    from trezorcrypto import tropic  # noqa: F401
+
 if utils.USE_THP:
     from trezorcrypto import elligator2  # noqa: F401

core/src/trezor/utils.py

@@ -16,6 +16,7 @@ from trezorutils import (  # noqa: F401
     USE_BUTTON,
     USE_HAPTIC,
     USE_OPTIGA,
+    USE_TROPIC,
     USE_SD_CARD,
     USE_THP,
     USE_TOUCH,

legacy/firmware/Makefile

@@ -165,6 +165,7 @@ CFLAGS += -I../vendor/nanopb -Iprotob -DPB_FIELD_16BIT=1 -DPB_ENCODE_ARRAYS_UNPA
 CFLAGS += -DSCM_REVISION='"$(shell git rev-parse HEAD | sed 's:\(..\):\\x\1:g')"'
 CFLAGS += -DUSE_MONERO=0
 CFLAGS += -DUSE_OPTIGA=0
+CFLAGS += -DUSE_TROPIC=0
 ifneq ($(BITCOIN_ONLY),1)
 CFLAGS += -DUSE_ETHEREUM=1
 CFLAGS += -DUSE_NEM=1