1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-11 07:50:57 +00:00

Merge branch 'jhoenicke-master'

This commit is contained in:
Pavol Rusnak 2016-07-04 17:42:54 +02:00
commit 437c5739f1
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
7 changed files with 45 additions and 23 deletions

View File

@ -85,13 +85,13 @@ uint32_t deser_length(const uint8_t *in, uint32_t *out)
return 1 + 8; return 1 + 8;
} }
int sshMessageSign(const HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature) int sshMessageSign(HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature)
{ {
signature[0] = 0; // prefix: pad with zero, so all signatures are 65 bytes signature[0] = 0; // prefix: pad with zero, so all signatures are 65 bytes
return hdnode_sign(node, message, message_len, signature + 1, NULL); return hdnode_sign(node, message, message_len, signature + 1, NULL);
} }
int gpgMessageSign(const HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature) int gpgMessageSign(HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature)
{ {
// GPG should sign a SHA256 digest of the original message. // GPG should sign a SHA256 digest of the original message.
if (message_len != 32) { if (message_len != 32) {
@ -120,7 +120,7 @@ int cryptoGetECDHSessionKey(const HDNode *node, const uint8_t *peer_public_key,
return 0; return 0;
} }
int cryptoMessageSign(const CoinType *coin, const HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature) int cryptoMessageSign(const CoinType *coin, HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature)
{ {
SHA256_CTX ctx; SHA256_CTX ctx;
sha256_Init(&ctx); sha256_Init(&ctx);
@ -294,7 +294,7 @@ uint8_t *cryptoHDNodePathToPubkey(const HDNodePathType *hdnodepath)
{ {
if (!hdnodepath->node.has_public_key || hdnodepath->node.public_key.size != 33) return 0; if (!hdnodepath->node.has_public_key || hdnodepath->node.public_key.size != 33) return 0;
static HDNode node; static HDNode node;
if (hdnode_from_xpub(hdnodepath->node.depth, hdnodepath->node.fingerprint, hdnodepath->node.child_num, hdnodepath->node.chain_code.bytes, hdnodepath->node.public_key.bytes, SECP256K1_NAME, &node) == 0) { if (hdnode_from_xpub(hdnodepath->node.depth, hdnodepath->node.child_num, hdnodepath->node.chain_code.bytes, hdnodepath->node.public_key.bytes, SECP256K1_NAME, &node) == 0) {
return 0; return 0;
} }
layoutProgressUpdate(true); layoutProgressUpdate(true);

View File

@ -33,14 +33,14 @@ uint32_t ser_length(uint32_t len, uint8_t *out);
uint32_t ser_length_hash(SHA256_CTX *ctx, uint32_t len); uint32_t ser_length_hash(SHA256_CTX *ctx, uint32_t len);
int sshMessageSign(const HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature); int sshMessageSign(HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature);
int gpgMessageSign(const HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature); int gpgMessageSign(HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature);
int cryptoGetECDHSessionKey(const HDNode *node, const uint8_t *peer_public_key, uint8_t *session_key); int cryptoGetECDHSessionKey(const HDNode *node, const uint8_t *peer_public_key, uint8_t *session_key);
int cryptoMessageSign(const CoinType *coin, const HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature); int cryptoMessageSign(const CoinType *coin, HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature);
int cryptoMessageVerify(const CoinType *coin, const uint8_t *message, size_t message_len, const uint8_t *address_raw, const uint8_t *signature); int cryptoMessageVerify(const CoinType *coin, const uint8_t *message, size_t message_len, const uint8_t *address_raw, const uint8_t *signature);

View File

@ -94,7 +94,7 @@ const CoinType *fsm_getCoin(const char *name)
return coin; return coin;
} }
const HDNode *fsm_getDerivedNode(const char *curve, uint32_t *address_n, size_t address_n_count) HDNode *fsm_getDerivedNode(const char *curve, uint32_t *address_n, size_t address_n_count)
{ {
static HDNode node; static HDNode node;
if (!storage_getRootNode(&node, curve, true)) { if (!storage_getRootNode(&node, curve, true)) {
@ -298,8 +298,21 @@ void fsm_msgGetPublicKey(GetPublicKey *msg)
if (msg->has_ecdsa_curve_name) { if (msg->has_ecdsa_curve_name) {
curve = msg->ecdsa_curve_name; curve = msg->ecdsa_curve_name;
} }
const HDNode *node = fsm_getDerivedNode(curve, msg->address_n, msg->address_n_count); uint32_t fingerprint;
if (!node) return; HDNode *node;
if (msg->address_n_count == 0) {
/* get master node */
fingerprint = 0;
node = fsm_getDerivedNode(curve, msg->address_n, 0);
} else {
/* get parent node */
node = fsm_getDerivedNode(curve, msg->address_n, msg->address_n_count - 1);
if (!node) return;
fingerprint = hdnode_fingerprint(node);
/* get child */
hdnode_private_ckd(node, msg->address_n[msg->address_n_count - 1]);
}
hdnode_fill_public_key(node);
if (msg->has_show_display && msg->show_display) { if (msg->has_show_display && msg->show_display) {
layoutPublicKey(node->public_key); layoutPublicKey(node->public_key);
@ -311,7 +324,7 @@ void fsm_msgGetPublicKey(GetPublicKey *msg)
} }
resp->node.depth = node->depth; resp->node.depth = node->depth;
resp->node.fingerprint = node->fingerprint; resp->node.fingerprint = fingerprint;
resp->node.child_num = node->child_num; resp->node.child_num = node->child_num;
resp->node.chain_code.size = 32; resp->node.chain_code.size = 32;
memcpy(resp->node.chain_code.bytes, node->chain_code, 32); memcpy(resp->node.chain_code.bytes, node->chain_code, 32);
@ -319,8 +332,12 @@ void fsm_msgGetPublicKey(GetPublicKey *msg)
resp->node.has_public_key = true; resp->node.has_public_key = true;
resp->node.public_key.size = 33; resp->node.public_key.size = 33;
memcpy(resp->node.public_key.bytes, node->public_key, 33); memcpy(resp->node.public_key.bytes, node->public_key, 33);
if (node->public_key[0] == 1) {
/* ed25519 public key */
resp->node.public_key.bytes[0] = 0;
}
resp->has_xpub = true; resp->has_xpub = true;
hdnode_serialize_public(node, resp->xpub, sizeof(resp->xpub)); hdnode_serialize_public(node, fingerprint, resp->xpub, sizeof(resp->xpub));
msg_write(MessageType_MessageType_PublicKey, resp); msg_write(MessageType_MessageType_PublicKey, resp);
layoutHome(); layoutHome();
} }
@ -561,8 +578,9 @@ void fsm_msgGetAddress(GetAddress *msg)
const CoinType *coin = fsm_getCoin(msg->coin_name); const CoinType *coin = fsm_getCoin(msg->coin_name);
if (!coin) return; if (!coin) return;
const HDNode *node = fsm_getDerivedNode(SECP256K1_NAME, msg->address_n, msg->address_n_count); HDNode *node = fsm_getDerivedNode(SECP256K1_NAME, msg->address_n, msg->address_n_count);
if (!node) return; if (!node) return;
hdnode_fill_public_key(node);
if (msg->has_multisig) { if (msg->has_multisig) {
layoutProgressSwipe("Preparing", 0); layoutProgressSwipe("Preparing", 0);
@ -641,14 +659,14 @@ void fsm_msgSignMessage(SignMessage *msg)
const CoinType *coin = fsm_getCoin(msg->coin_name); const CoinType *coin = fsm_getCoin(msg->coin_name);
if (!coin) return; if (!coin) return;
const HDNode *node = fsm_getDerivedNode(SECP256K1_NAME, msg->address_n, msg->address_n_count); HDNode *node = fsm_getDerivedNode(SECP256K1_NAME, msg->address_n, msg->address_n_count);
if (!node) return; if (!node) return;
layoutProgressSwipe("Signing", 0); layoutProgressSwipe("Signing", 0);
if (cryptoMessageSign(coin, node, msg->message.bytes, msg->message.size, resp->signature.bytes) == 0) { if (cryptoMessageSign(coin, node, msg->message.bytes, msg->message.size, resp->signature.bytes) == 0) {
resp->has_address = true; resp->has_address = true;
uint8_t addr_raw[21]; uint8_t addr_raw[21];
ecdsa_get_address_raw(node->public_key, coin->address_type, addr_raw); hdnode_get_address_raw(node, coin->address_type, addr_raw);
base58_encode_check(addr_raw, 21, resp->address, sizeof(resp->address)); base58_encode_check(addr_raw, 21, resp->address, sizeof(resp->address));
resp->has_signature = true; resp->has_signature = true;
resp->signature.size = 65; resp->signature.size = 65;
@ -735,7 +753,7 @@ void fsm_msgSignIdentity(SignIdentity *msg)
if (msg->has_ecdsa_curve_name) { if (msg->has_ecdsa_curve_name) {
curve = msg->ecdsa_curve_name; curve = msg->ecdsa_curve_name;
} }
const HDNode *node = fsm_getDerivedNode(curve, address_n, 5); HDNode *node = fsm_getDerivedNode(curve, address_n, 5);
if (!node) return; if (!node) return;
bool sign_ssh = msg->identity.has_proto && (strcmp(msg->identity.proto, "ssh") == 0); bool sign_ssh = msg->identity.has_proto && (strcmp(msg->identity.proto, "ssh") == 0);
@ -755,17 +773,22 @@ void fsm_msgSignIdentity(SignIdentity *msg)
} }
if (result == 0) { if (result == 0) {
hdnode_fill_public_key(node);
if (strcmp(curve, SECP256K1_NAME) != 0) { if (strcmp(curve, SECP256K1_NAME) != 0) {
resp->has_address = false; resp->has_address = false;
} else { } else {
resp->has_address = true; resp->has_address = true;
uint8_t addr_raw[21]; uint8_t addr_raw[21];
ecdsa_get_address_raw(node->public_key, 0x00, addr_raw); // hardcoded Bitcoin address type hdnode_get_address_raw(node, 0x00, addr_raw); // hardcoded Bitcoin address type
base58_encode_check(addr_raw, 21, resp->address, sizeof(resp->address)); base58_encode_check(addr_raw, 21, resp->address, sizeof(resp->address));
} }
resp->has_public_key = true; resp->has_public_key = true;
resp->public_key.size = 33; resp->public_key.size = 33;
memcpy(resp->public_key.bytes, node->public_key, 33); memcpy(resp->public_key.bytes, node->public_key, 33);
if (node->public_key[0] == 1) {
/* ed25519 public key */
resp->public_key.bytes[0] = 0;
}
resp->has_signature = true; resp->has_signature = true;
resp->signature.size = 65; resp->signature.size = 65;
msg_write(MessageType_MessageType_SignedIdentity, resp); msg_write(MessageType_MessageType_SignedIdentity, resp);
@ -859,9 +882,7 @@ void fsm_msgEncryptMessage(EncryptMessage *msg)
} }
node = fsm_getDerivedNode(SECP256K1_NAME, msg->address_n, msg->address_n_count); node = fsm_getDerivedNode(SECP256K1_NAME, msg->address_n, msg->address_n_count);
if (!node) return; if (!node) return;
uint8_t public_key[33]; hdnode_get_address_raw(node, coin->address_type, address_raw);
ecdsa_get_public_key33(&secp256k1, node->private_key, public_key);
ecdsa_get_address_raw(public_key, coin->address_type, address_raw);
} }
layoutEncryptMessage(msg->message.bytes, msg->message.size, signing); layoutEncryptMessage(msg->message.bytes, msg->message.size, signing);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) { if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {

View File

@ -471,6 +471,7 @@ void signing_txack(TransactionType *tx)
signing_abort(); signing_abort();
return; return;
} }
hdnode_fill_public_key(&node);
if (tx->inputs[0].script_type == InputScriptType_SPENDMULTISIG) { if (tx->inputs[0].script_type == InputScriptType_SPENDMULTISIG) {
if (!tx->inputs[0].has_multisig) { if (!tx->inputs[0].has_multisig) {
fsm_sendFailure(FailureType_Failure_Other, "Multisig info not provided"); fsm_sendFailure(FailureType_Failure_Other, "Multisig info not provided");

View File

@ -361,7 +361,7 @@ bool storage_getRootNode(HDNode *node, const char *curve, bool usePassphrase)
if (!protectPassphrase()) { if (!protectPassphrase()) {
return false; return false;
} }
if (hdnode_from_xprv(storage.node.depth, storage.node.fingerprint, storage.node.child_num, storage.node.chain_code.bytes, storage.node.private_key.bytes, curve, node) == 0) { if (hdnode_from_xprv(storage.node.depth, storage.node.child_num, storage.node.chain_code.bytes, storage.node.private_key.bytes, curve, node) == 0) {
return false; return false;
} }
if (storage.has_passphrase_protection && storage.passphrase_protection && sessionPassphraseCached && strlen(sessionPassphrase) > 0) { if (storage.has_passphrase_protection && storage.passphrase_protection && sessionPassphraseCached && strlen(sessionPassphrase) > 0) {

View File

@ -71,7 +71,7 @@ int compile_output(const CoinType *coin, const HDNode *root, TxOutputType *in, T
return 0; return 0;
} }
layoutProgressUpdate(true); layoutProgressUpdate(true);
ecdsa_get_address_raw(node.public_key, coin->address_type, addr_raw); hdnode_get_address_raw(&node, coin->address_type, addr_raw);
} else } else
if (in->has_address) { // address provided -> regular output if (in->has_address) { // address provided -> regular output
if (needs_confirm) { if (needs_confirm) {

@ -1 +1 @@
Subproject commit d61a151900a08022f2243808fd28b8b076979d3e Subproject commit 9a8df5a4bb5de3b1ebaa28591c2ae0a5bb39348e