mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-02-03 11:20:59 +00:00
core/seed: Ensure ed25519 paths are hardened in Keychain.derive().
This commit is contained in:
parent
5f604b5fea
commit
58e06ba22c
@ -64,6 +64,9 @@ class Keychain:
|
||||
def derive(
|
||||
self, node_path: list, curve_name: str = "secp256k1"
|
||||
) -> Union[bip32.HDNode, Slip21Node]:
|
||||
if "ed25519" in curve_name and not _path_hardened(node_path):
|
||||
raise wire.DataError("Forbidden key path")
|
||||
|
||||
# find the root node index
|
||||
root_index = 0
|
||||
for curve, *path in self.namespaces:
|
||||
@ -85,7 +88,6 @@ class Keychain:
|
||||
root.derive_path(path)
|
||||
self.roots[root_index] = root
|
||||
|
||||
# TODO check for ed25519?
|
||||
# derive child node from the root
|
||||
node = root.clone()
|
||||
node.derive_path(suffix)
|
||||
|
Loading…
Reference in New Issue
Block a user