tests: clean up usage of hardening constants

6 years ago · 4b4469b9f4
parent c0ef1ec535
commit 4b4469b9f4
12 changed files with 57 additions and 48 deletions
--- a/trezorlib/tests/device_tests/test_msg_ethereum_signtx_eip155.py
+++ b/trezorlib/tests/device_tests/test_msg_ethereum_signtx_eip155.py
@ -20,6 +20,7 @@ import pytest
 from .common import TrezorTest
 from trezorlib import messages as proto
 from trezorlib import ethereum
+from trezorlib.tools import H_


@pytest.mark.ethereum
@ -165,7 +166,7 @@ class TestMsgEthereumSigntxChainId(TrezorTest):
        for ci, n, sv, sr, ss, v, gl, d in VECTORS:
            sig_v, sig_r, sig_s = ethereum.sign_tx(
                self.client,
-                n=[0x80000000 | 44, 0x80000000 | 1, 0x80000000, 0, 0],
+                n=[H_(44), H_(1), H_(0), 0, 0],
                nonce=n,
                gas_price=20000000000,
                gas_limit=gl,
--- a/trezorlib/tests/device_tests/test_msg_getpublickey_curve.py
+++ b/trezorlib/tests/device_tests/test_msg_getpublickey_curve.py
@ -18,7 +18,7 @@ from binascii import hexlify
 import pytest

 from .common import TrezorTest
-from trezorlib.tools import CallException
+from trezorlib.tools import CallException, H_
 from trezorlib import btc


@ -26,24 +26,24 @@ class TestMsgGetpublickeyCurve(TrezorTest):

    def test_default_curve(self):
        self.setup_mnemonic_nopin_nopassphrase()
-        assert hexlify(btc.get_public_node(self.client, [0x80000000 | 111, 42]).node.public_key).decode() == '02e7fcec053f0df94d88c86447970743e8a1979d242d09338dcf8687a9966f7fbc'
-        assert hexlify(btc.get_public_node(self.client, [0x80000000 | 111, 0x80000000 | 42]).node.public_key).decode() == '03ce7b690969d773ba9ed212464eb2b534b87b9b8a9383300bddabe1f093f79220'
+        assert hexlify(btc.get_public_node(self.client, [H_(111), 42]).node.public_key).decode() == '02e7fcec053f0df94d88c86447970743e8a1979d242d09338dcf8687a9966f7fbc'
+        assert hexlify(btc.get_public_node(self.client, [H_(111), H_(42)]).node.public_key).decode() == '03ce7b690969d773ba9ed212464eb2b534b87b9b8a9383300bddabe1f093f79220'

    def test_secp256k1_curve(self):
        self.setup_mnemonic_nopin_nopassphrase()
-        assert hexlify(btc.get_public_node(self.client, [0x80000000 | 111, 42], ecdsa_curve_name='secp256k1').node.public_key).decode() == '02e7fcec053f0df94d88c86447970743e8a1979d242d09338dcf8687a9966f7fbc'
-        assert hexlify(btc.get_public_node(self.client, [0x80000000 | 111, 0x80000000 | 42], ecdsa_curve_name='secp256k1').node.public_key).decode() == '03ce7b690969d773ba9ed212464eb2b534b87b9b8a9383300bddabe1f093f79220'
+        assert hexlify(btc.get_public_node(self.client, [H_(111), 42], ecdsa_curve_name='secp256k1').node.public_key).decode() == '02e7fcec053f0df94d88c86447970743e8a1979d242d09338dcf8687a9966f7fbc'
+        assert hexlify(btc.get_public_node(self.client, [H_(111), H_(42)], ecdsa_curve_name='secp256k1').node.public_key).decode() == '03ce7b690969d773ba9ed212464eb2b534b87b9b8a9383300bddabe1f093f79220'

    def test_nist256p1_curve(self):
        self.setup_mnemonic_nopin_nopassphrase()
-        assert hexlify(btc.get_public_node(self.client, [0x80000000 | 111, 42], ecdsa_curve_name='nist256p1').node.public_key).decode() == '02a9ce59b32bd64a70bc52aca96e5d09af65c6b9593ba2a60af8fccfe1437f2129'
-        assert hexlify(btc.get_public_node(self.client, [0x80000000 | 111, 0x80000000 | 42], ecdsa_curve_name='nist256p1').node.public_key).decode() == '026fe35d8afed67dbf0561a1d32922e8ad0cd0d86effbc82be970cbed7d9bab2c2'
+        assert hexlify(btc.get_public_node(self.client, [H_(111), 42], ecdsa_curve_name='nist256p1').node.public_key).decode() == '02a9ce59b32bd64a70bc52aca96e5d09af65c6b9593ba2a60af8fccfe1437f2129'
+        assert hexlify(btc.get_public_node(self.client, [H_(111), H_(42)], ecdsa_curve_name='nist256p1').node.public_key).decode() == '026fe35d8afed67dbf0561a1d32922e8ad0cd0d86effbc82be970cbed7d9bab2c2'

    def test_ed25519_curve(self):
        self.setup_mnemonic_nopin_nopassphrase()
        # ed25519 curve does not support public derivation, so test only private derivation paths
-        assert hexlify(btc.get_public_node(self.client, [0x80000000 | 111, 0x80000000 | 42], ecdsa_curve_name='ed25519').node.public_key).decode() == '0069a14b478e508eab6e93303f4e6f5c50b8136627830f2ed5c3a835fc6c0ea2b7'
-        assert hexlify(btc.get_public_node(self.client, [0x80000000 | 111, 0x80000000 | 65535], ecdsa_curve_name='ed25519').node.public_key).decode() == '00514f73a05184458611b14c348fee4fd988d36cf3aee7207737861bac611de991'
+        assert hexlify(btc.get_public_node(self.client, [H_(111), H_(42)], ecdsa_curve_name='ed25519').node.public_key).decode() == '0069a14b478e508eab6e93303f4e6f5c50b8136627830f2ed5c3a835fc6c0ea2b7'
+        assert hexlify(btc.get_public_node(self.client, [H_(111), H_(65535)], ecdsa_curve_name='ed25519').node.public_key).decode() == '00514f73a05184458611b14c348fee4fd988d36cf3aee7207737861bac611de991'
        # test failure when using public derivation
        with pytest.raises(CallException):
-            btc.get_public_node(self.client, [0x80000000 | 111, 42], ecdsa_curve_name='ed25519')
+            btc.get_public_node(self.client, [H_(111), 42], ecdsa_curve_name='ed25519')
--- a/trezorlib/tests/device_tests/test_msg_lisk_getaddress.py
+++ b/trezorlib/tests/device_tests/test_msg_lisk_getaddress.py
@ -18,7 +18,9 @@ import pytest

 from .common import TrezorTest
 from trezorlib import lisk
+from trezorlib.tools import parse_path

+LISK_PATH = parse_path("m/44h/134h/0h/1h")

@pytest.mark.lisk
@pytest.mark.skip_t1
@ -26,7 +28,7 @@ class TestMsgLiskGetaddress(TrezorTest):

    def test_lisk_getaddress(self):
        self.setup_mnemonic_nopin_nopassphrase()
-        assert lisk.get_address(self.client, [2147483692, 2147483782]) == '1431530009238518937L'
-        assert lisk.get_address(self.client, [2147483692, 2147483782, 2147483648]) == '17563781916205589679L'
-        assert lisk.get_address(self.client, [2147483692, 2147483782, 2147483648, 2147483649]) == '1874186517773691964L'
-        assert lisk.get_address(self.client, [2147483692, 2147483782, 2147484647, 2147484647]) == '16295203558710684671L'
+        assert lisk.get_address(self.client, LISK_PATH[:2]) == '1431530009238518937L'
+        assert lisk.get_address(self.client, LISK_PATH[:3]) == '17563781916205589679L'
+        assert lisk.get_address(self.client, LISK_PATH) == '1874186517773691964L'
+        assert lisk.get_address(self.client, parse_path("m/44h/134h/999h/999h")) == '16295203558710684671L'
--- a/trezorlib/tests/device_tests/test_msg_lisk_getpublickey.py
+++ b/trezorlib/tests/device_tests/test_msg_lisk_getpublickey.py
@ -19,7 +19,9 @@ import pytest

 from .common import TrezorTest
 from trezorlib import lisk
+from trezorlib.tools import parse_path

+LISK_PATH = parse_path("m/44h/134h/0h/0h")

@pytest.mark.lisk
@pytest.mark.skip_t1
@ -27,5 +29,5 @@ class TestMsgLiskGetPublicKey(TrezorTest):

    def test_lisk_get_public_key(self):
        self.setup_mnemonic_nopin_nopassphrase()
-        sig = lisk.get_public_key(self.client, [2147483692, 2147483782, 2147483648, 2147483648])
+        sig = lisk.get_public_key(self.client, LISK_PATH)
        assert hexlify(sig.public_key) == b'eb56d7bbb5e8ea9269405f7a8527fe126023d1db2c973cfac6f760b60ae27294'
--- a/trezorlib/tests/device_tests/test_msg_lisk_signmessage.py
+++ b/trezorlib/tests/device_tests/test_msg_lisk_signmessage.py
@ -19,6 +19,9 @@ import pytest

 from .common import TrezorTest
 from trezorlib import lisk
+from trezorlib.tools import parse_path
+
+LISK_PATH = parse_path("m/44h/134h/0h/0h")


@pytest.mark.lisk
@ -27,12 +30,12 @@ class TestMsgLiskSignmessage(TrezorTest):

    def test_sign(self):
        self.setup_mnemonic_nopin_nopassphrase()
-        sig = lisk.sign_message(self.client, [2147483692, 2147483782, 2147483648, 2147483648], 'This is an example of a signed message.')
+        sig = lisk.sign_message(self.client, LISK_PATH, 'This is an example of a signed message.')
        assert hexlify(sig.public_key) == b'eb56d7bbb5e8ea9269405f7a8527fe126023d1db2c973cfac6f760b60ae27294'
        assert hexlify(sig.signature) == b'7858ae7cd52ea6d4b17e800ca60144423db5560bfd618b663ffbf26ab66758563df45cbffae8463db22dc285dd94309083b8c807776085b97d05374d79867d05'

    def test_sign_long(self):
        self.setup_mnemonic_nopin_nopassphrase()
-        sig = lisk.sign_message(self.client, [2147483692, 2147483782, 2147483648], 'VeryLongMessage!' * 64)
-        assert hexlify(sig.public_key) == b'8bca6b65a1a877767b746ea0b3c4310d404aa113df99c1b554e1802d70185ab5'
-        assert hexlify(sig.signature) == b'458ca5896d0934866992268f7509b5e954d568b1251e20c19bd3149ee3c86ffb5a44d1c2a0abbb99a3ab4767272dbb0e419b4579e890a24919ebbbe6cc0f970f'
+        sig = lisk.sign_message(self.client, LISK_PATH, 'VeryLongMessage!' * 64)
+        assert hexlify(sig.public_key) == b'eb56d7bbb5e8ea9269405f7a8527fe126023d1db2c973cfac6f760b60ae27294'
+        assert hexlify(sig.signature) == b'19c26f4b6f2ecf2feef57d22237cf97eb7862fdc2fb8c303878843f5dd728191f7837cf8d0ed41f8e470b15181223a3a5131881add9c22b2453b01be4edef104'
--- a/trezorlib/tests/device_tests/test_msg_signidentity.py
+++ b/trezorlib/tests/device_tests/test_msg_signidentity.py
@ -21,6 +21,7 @@ from .common import TrezorTest

 from trezorlib import messages as proto
 from trezorlib import misc
+from trezorlib.tools import H_


 def check_path(identity):
@ -41,7 +42,7 @@ def check_path(identity):
    m.update(uri)
    print('hash:', m.hexdigest())
    (a, b, c, d, _, _, _, _) = struct.unpack('<8I', m.digest())
-    address_n = [0x80000000 | 13, 0x80000000 | a, 0x80000000 | b, 0x80000000 | c, 0x80000000 | d]
+    address_n = [H_(13), H_(a), H_(b), H_(c), H_(d)]
    print('path:', 'm/' + '/'.join([str(x) for x in address_n]))


--- a/trezorlib/tests/device_tests/test_msg_signtx.py
+++ b/trezorlib/tests/device_tests/test_msg_signtx.py
@ -22,7 +22,7 @@ from .conftest import TREZOR_VERSION

 from trezorlib import messages as proto
 from trezorlib.tx_api import TxApiInsight
-from trezorlib.tools import parse_path, CallException
+from trezorlib.tools import parse_path, CallException, H_
 from trezorlib import btc

 TxApiTestnet = TxApiInsight("insight_testnet")
@ -673,7 +673,7 @@ class TestMsgSigntx(TrezorTest):
            if not run_attack:
                return msg

-            msg.inputs[0].address_n[2] = 12345 + 0x80000000
+            msg.inputs[0].address_n[2] = H_(12345)
            run_attack = False
            return msg

--- a/trezorlib/tests/device_tests/test_msg_signtx_bcash.py
+++ b/trezorlib/tests/device_tests/test_msg_signtx_bcash.py
@ -21,7 +21,7 @@ from .common import TrezorTest
 from ..support.ckd_public import deserialize
 from trezorlib import coins
 from trezorlib import messages as proto
-from trezorlib.tools import parse_path, CallException
+from trezorlib.tools import parse_path, CallException, H_
 from trezorlib import btc

 TxApiBcash = coins.tx_api['Bcash']
@ -268,7 +268,7 @@ class TestMsgSigntxBch(TrezorTest):
            if attack_ctr <= 1:
                return msg

-            msg.inputs[0].address_n[2] = 1 + 0x80000000
+            msg.inputs[0].address_n[2] = H_(1)
            return msg

        with self.client:
@ -395,7 +395,7 @@ class TestMsgSigntxBch(TrezorTest):
            prev_index=0,
            script_type=proto.InputScriptType.SPENDMULTISIG,
        )
-        out2.address_n[2] = 1 + 0x80000000
+        out2.address_n[2] = H_(1)

        with self.client:
            self.client.set_expected_responses([
--- a/trezorlib/tests/device_tests/test_msg_signtx_bgold.py
+++ b/trezorlib/tests/device_tests/test_msg_signtx_bgold.py
@ -21,7 +21,7 @@ from .common import TrezorTest
 from ..support.ckd_public import deserialize
 from trezorlib import coins
 from trezorlib import messages as proto
-from trezorlib.tools import parse_path, CallException
+from trezorlib.tools import parse_path, CallException, H_
 from trezorlib import btc

 TxApiBitcoinGold = coins.tx_api["Bgold"]
@ -143,7 +143,7 @@ class TestMsgSigntxBitcoinGold(TrezorTest):
            if attack_ctr <= 1:
                return msg

-            msg.inputs[0].address_n[2] = 1 + 0x80000000
+            msg.inputs[0].address_n[2] = H_(1)
            return msg

        with self.client:
@ -217,7 +217,7 @@ class TestMsgSigntxBitcoinGold(TrezorTest):
            prev_index=0,
            script_type=proto.InputScriptType.SPENDMULTISIG,
        )
-        out2.address_n[2] = 1 + 0x80000000
+        out2.address_n[2] = H_(1)

        with self.client:
            self.client.set_expected_responses([
@ -351,7 +351,7 @@ class TestMsgSigntxBitcoinGold(TrezorTest):
            # store signature
            inp1.multisig.signatures[0] = signatures1[0]
            # sign with third key
-            inp1.address_n[2] = 0x80000003
+            inp1.address_n[2] = H_(3)
            self.client.set_expected_responses([
                proto.TxRequest(request_type=proto.RequestType.TXINPUT, details=proto.TxRequestDetailsType(request_index=0)),
                proto.TxRequest(request_type=proto.RequestType.TXOUTPUT, details=proto.TxRequestDetailsType(request_index=0)),
--- a/trezorlib/tests/device_tests/test_msg_signtx_segwit.py
+++ b/trezorlib/tests/device_tests/test_msg_signtx_segwit.py
@ -23,7 +23,7 @@ from .common import TrezorTest

 from trezorlib import messages as proto
 from trezorlib.tx_api import TxApiInsight
-from trezorlib.tools import parse_path, CallException
+from trezorlib.tools import parse_path, CallException, H_
 from trezorlib import btc

 TxApiTestnet = TxApiInsight("insight_testnet")
@ -146,7 +146,7 @@ class TestMsgSigntxSegwit(TrezorTest):
            # store signature
            inp1.multisig.signatures[0] = signatures1[0]
            # sign with third key
-            inp1.address_n[2] = 0x80000003
+            inp1.address_n[2] = H_(3)
            self.client.set_expected_responses([
                proto.TxRequest(request_type=proto.RequestType.TXINPUT, details=proto.TxRequestDetailsType(request_index=0)),
                proto.TxRequest(request_type=proto.RequestType.TXOUTPUT, details=proto.TxRequestDetailsType(request_index=0)),
@ -204,7 +204,7 @@ class TestMsgSigntxSegwit(TrezorTest):
            if not run_attack:
                return msg

-            msg.inputs[0].address_n[2] = 12345 + 0x80000000
+            msg.inputs[0].address_n[2] = H_(12345)
            run_attack = False
            return msg

--- a/trezorlib/tests/device_tests/test_msg_signtx_segwit_native.py
+++ b/trezorlib/tests/device_tests/test_msg_signtx_segwit_native.py
@ -19,7 +19,7 @@ from binascii import hexlify, unhexlify
 from .common import TrezorTest
 from ..support.ckd_public import deserialize
 from trezorlib import messages as proto
-from trezorlib.tools import parse_path
+from trezorlib.tools import parse_path, H_
 from trezorlib.tx_api import TxApiInsight
 from trezorlib import btc

@ -284,7 +284,7 @@ class TestMsgSigntxSegwitNative(TrezorTest):
            # store signature
            inp1.multisig.signatures[0] = signatures1[0]
            # sign with third key
-            inp1.address_n[2] = 0x80000003
+            inp1.address_n[2] = H_(3)
            self.client.set_expected_responses([
                proto.TxRequest(request_type=proto.RequestType.TXINPUT, details=proto.TxRequestDetailsType(request_index=0)),
                proto.TxRequest(request_type=proto.RequestType.TXOUTPUT, details=proto.TxRequestDetailsType(request_index=0)),
@ -340,7 +340,7 @@ class TestMsgSigntxSegwitNative(TrezorTest):
            # store signature
            inp1.multisig.signatures[1] = signatures1[0]
            # sign with first key
-            inp1.address_n[2] = 0x80000001
+            inp1.address_n[2] = H_(1)
            self.client.set_expected_responses([
                proto.TxRequest(request_type=proto.RequestType.TXINPUT, details=proto.TxRequestDetailsType(request_index=0)),
                proto.TxRequest(request_type=proto.RequestType.TXOUTPUT, details=proto.TxRequestDetailsType(request_index=0)),
@ -401,8 +401,8 @@ class TestMsgSigntxSegwitNative(TrezorTest):
            # store signature
            inp1.multisig.signatures[0] = signatures1[0]
            # sign with third key
-            inp1.address_n[2] = 0x80000003
-            out1.address_n[2] = 0x80000003
+            inp1.address_n[2] = H_(3)
+            out1.address_n[2] = H_(3)
            self.client.set_expected_responses([
                proto.TxRequest(request_type=proto.RequestType.TXINPUT, details=proto.TxRequestDetailsType(request_index=0)),
                proto.TxRequest(request_type=proto.RequestType.TXOUTPUT, details=proto.TxRequestDetailsType(request_index=0)),
@ -462,8 +462,8 @@ class TestMsgSigntxSegwitNative(TrezorTest):
            # store signature
            inp1.multisig.signatures[0] = signatures1[0]
            # sign with third key
-            inp1.address_n[2] = 0x80000003
-            out1.address_n[2] = 0x80000003
+            inp1.address_n[2] = H_(3)
+            out1.address_n[2] = H_(3)
            self.client.set_expected_responses([
                proto.TxRequest(request_type=proto.RequestType.TXINPUT, details=proto.TxRequestDetailsType(request_index=0)),
                proto.TxRequest(request_type=proto.RequestType.TXOUTPUT, details=proto.TxRequestDetailsType(request_index=0)),
--- a/trezorlib/tests/device_tests/test_multisig_change.py
+++ b/trezorlib/tests/device_tests/test_multisig_change.py
@ -19,7 +19,7 @@ from binascii import hexlify, unhexlify
 from .common import TrezorTest
 from ..support import ckd_public as bip32
 from trezorlib import messages as proto
-from trezorlib.tools import parse_path
+from trezorlib.tools import parse_path, H_
 from trezorlib.tx_api import TxApiInsight
 from trezorlib import btc

@ -98,7 +98,7 @@ class TestMultisigChange(TrezorTest):

    # 2N9W4z9AhAPaHghtqVQPbaTAGHdbrhKeBQw
    inp1 = proto.TxInputType(
-        address_n=[45 | 0x80000000, 0, 0, 0],
+        address_n=[H_(45), 0, 0, 0],
        prev_hash=unhexlify('16c6c8471b8db7a628f2b2bb86bfeefae1766463ce8692438c7fd3fce3f43ce5'),
        prev_index=1,
        script_type=proto.InputScriptType.SPENDMULTISIG,
@ -107,7 +107,7 @@ class TestMultisigChange(TrezorTest):

    # 2NDBG6QXQLtnQ3jRGkrqo53BiCeXfQXLdj4
    inp2 = proto.TxInputType(
-        address_n=[45 | 0x80000000, 0, 0, 1],
+        address_n=[H_(45), 0, 0, 1],
        prev_hash=unhexlify('d80c34ee14143a8bf61125102b7ef594118a3796cad670fa8ee15080ae155318'),
        prev_index=0,
        script_type=proto.InputScriptType.SPENDMULTISIG,
@ -116,7 +116,7 @@ class TestMultisigChange(TrezorTest):

    # 2MvwPWfp2XPU3S1cMwgEMKBPUw38VP5SBE4
    inp3 = proto.TxInputType(
-        address_n=[45 | 0x80000000, 0, 0, 1],
+        address_n=[H_(45), 0, 0, 1],
        prev_hash=unhexlify('b0946dc27ba308a749b11afecc2018980af18f79e89ad6b080b58220d856f739'),
        prev_index=0,
        script_type=proto.InputScriptType.SPENDMULTISIG,
@ -267,7 +267,7 @@ class TestMultisigChange(TrezorTest):
        )

        out1 = proto.TxOutputType(
-            address_n=[0x80000000 | 45, 0, 1, 0],
+            address_n=[H_(45), 0, 1, 0],
            multisig=multisig_out1,
            amount=40000000,
            script_type=proto.OutputScriptType.PAYTOMULTISIG
@ -306,7 +306,7 @@ class TestMultisigChange(TrezorTest):
        )

        out2 = proto.TxOutputType(
-            address_n=[0x80000000 | 45, 0, 1, 1],
+            address_n=[H_(45), 0, 1, 1],
            multisig=multisig_out2,
            amount=44000000,
            script_type=proto.OutputScriptType.PAYTOMULTISIG
@ -339,7 +339,7 @@ class TestMultisigChange(TrezorTest):
        )

        out2 = proto.TxOutputType(
-            address_n=[0x80000000 | 45, 0, 1, 0],
+            address_n=[H_(45), 0, 1, 0],
            multisig=multisig_out2,
            amount=44000000,
            script_type=proto.OutputScriptType.PAYTOMULTISIG
@ -366,7 +366,7 @@ class TestMultisigChange(TrezorTest):
        )

        out1 = proto.TxOutputType(
-            address_n=[0x80000000 | 45, 0, 1, 0],
+            address_n=[H_(45), 0, 1, 0],
            multisig=multisig_out1,
            amount=40000000,
            script_type=proto.OutputScriptType.PAYTOMULTISIG