1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-02-03 11:20:59 +00:00

core/seed: Ensure ed25519 paths are hardened in Keychain.derive().

This commit is contained in:
Andrew Kozlik 2019-07-01 14:23:06 +02:00
parent 5f604b5fea
commit 58e06ba22c

View File

@ -64,6 +64,9 @@ class Keychain:
def derive(
self, node_path: list, curve_name: str = "secp256k1"
) -> Union[bip32.HDNode, Slip21Node]:
if "ed25519" in curve_name and not _path_hardened(node_path):
raise wire.DataError("Forbidden key path")
# find the root node index
root_index = 0
for curve, *path in self.namespaces:
@ -85,7 +88,6 @@ class Keychain:
root.derive_path(path)
self.roots[root_index] = root
# TODO check for ed25519?
# derive child node from the root
node = root.clone()
node.derive_path(suffix)