1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-24 15:28:10 +00:00

fix(crypto): forbid public key derivation for curve25519, ed25519 and

cardano

[no changelog]
This commit is contained in:
Ondřej Vejpustek 2024-08-06 17:07:05 +02:00
parent 59a005bf99
commit 3da9c6bbb9

View File

@ -209,6 +209,8 @@ int hdnode_private_ckd_bip32(HDNode *inout, uint32_t i) {
memcpy(data + 1, inout->private_key, 32); memcpy(data + 1, inout->private_key, 32);
} else { // public derivation } else { // public derivation
if (!inout->curve->params) { if (!inout->curve->params) {
// SLIP-10 doesn't support private key to private key non-hardened
// derivation for curve25519 and ed25519
return 0; return 0;
} }
if (hdnode_fill_public_key(inout) != 0) { if (hdnode_fill_public_key(inout) != 0) {
@ -321,6 +323,13 @@ int hdnode_public_ckd_cp(const ecdsa_curve *curve, const curve_point *parent,
int hdnode_public_ckd(HDNode *inout, uint32_t i) { int hdnode_public_ckd(HDNode *inout, uint32_t i) {
curve_point parent = {0}, child = {0}; curve_point parent = {0}, child = {0};
if (!inout->curve->params) {
// SLIP-10 doesn't support public key to public key derivation for
// curve25519 and ed25519, Cardano BIP32-ed22519 public key to public key
// derivation is not implemented
return 0;
}
if (!ecdsa_read_pubkey(inout->curve->params, inout->public_key, &parent)) { if (!ecdsa_read_pubkey(inout->curve->params, inout->public_key, &parent)) {
return 0; return 0;
} }