arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-02-09 06:02:40 +00:00
Code Issues Releases Wiki Activity

core/seed: Ensure ed25519 paths are hardened in Keychain.derive().

Browse Source
This commit is contained in:
Andrew Kozlik 2019-07-01 14:23:06 +02:00
parent 5f604b5fea
commit 58e06ba22c
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/src/apps/common/seed.py
View File

@ -64,6 +64,9 @@ class Keychain:
def derive( def derive(
self, node_path: list, curve_name: str = "secp256k1" self, node_path: list, curve_name: str = "secp256k1"
) -> Union[bip32.HDNode, Slip21Node]: ) -> Union[bip32.HDNode, Slip21Node]:
if "ed25519" in curve_name and not _path_hardened(node_path):
raise wire.DataError("Forbidden key path")
# find the root node index # find the root node index
root_index = 0 root_index = 0
for curve, *path in self.namespaces: for curve, *path in self.namespaces:
@ -85,7 +88,6 @@ class Keychain:
root.derive_path(path) root.derive_path(path)
self.roots[root_index] = root self.roots[root_index] = root
# TODO check for ed25519?
# derive child node from the root # derive child node from the root
node = root.clone() node = root.clone()
node.derive_path(suffix) node.derive_path(suffix)