From 69344f34b6b1f4f805854a6f96a9e81899de67ea Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Tue, 6 Feb 2018 14:28:22 +0100 Subject: [PATCH] apps/common/seed: refactor methods usage --- src/apps/common/seed.py | 23 +++++++++++++---------- src/apps/ethereum/get_address.py | 3 +-- src/apps/ethereum/sign_message.py | 3 +-- src/apps/ethereum/sign_tx.py | 3 +-- src/apps/fido_u2f/__init__.py | 6 ++---- src/apps/wallet/cipher_key_value.py | 3 +-- src/apps/wallet/get_address.py | 3 +-- src/apps/wallet/get_public_key.py | 3 +-- src/apps/wallet/sign_identity.py | 3 +-- src/apps/wallet/sign_message.py | 3 +-- src/apps/wallet/sign_tx/__init__.py | 3 ++- 11 files changed, 25 insertions(+), 31 deletions(-) diff --git a/src/apps/common/seed.py b/src/apps/common/seed.py index 8acf953e12..c4bee1b0e5 100644 --- a/src/apps/common/seed.py +++ b/src/apps/common/seed.py @@ -5,20 +5,22 @@ from trezor.crypto import bip39 _DEFAULT_CURVE = 'secp256k1' -async def get_root(ctx: wire.Context, curve_name=_DEFAULT_CURVE): - seed = await get_seed(ctx) - root = bip32.from_seed(seed, curve_name) - return root +async def derive_node(ctx: wire.Context, path=[], curve_name=_DEFAULT_CURVE): + seed = await _get_seed(ctx) + node = bip32.from_seed(seed, curve_name) + if len(path) > 0: + node.derive_path(path) + return node -async def get_seed(ctx: wire.Context) -> bytes: +async def _get_seed(ctx: wire.Context) -> bytes: from . import cache if cache.seed is None: - cache.seed = await compute_seed(ctx) + cache.seed = await _compute_seed(ctx) return cache.seed -async def compute_seed(ctx: wire.Context) -> bytes: +async def _compute_seed(ctx: wire.Context) -> bytes: from trezor.messages.FailureType import ProcessError from .request_passphrase import protect_by_passphrase from . import storage @@ -30,10 +32,11 @@ async def compute_seed(ctx: wire.Context) -> bytes: return bip39.seed(storage.get_mnemonic(), passphrase) -def get_root_without_passphrase(curve_name=_DEFAULT_CURVE): +def derive_node_without_passphrase(path, curve_name=_DEFAULT_CURVE): from . import storage if not storage.is_initialized(): raise Exception('Device is not initialized') seed = bip39.seed(storage.get_mnemonic(), '') - root = bip32.from_seed(seed, curve_name) - return root + node = bip32.from_seed(seed, curve_name) + node.derive_path(path) + return node diff --git a/src/apps/ethereum/get_address.py b/src/apps/ethereum/get_address.py index e2e7a162f1..efcab8c5d6 100644 --- a/src/apps/ethereum/get_address.py +++ b/src/apps/ethereum/get_address.py @@ -9,8 +9,7 @@ async def layout_ethereum_get_address(ctx, msg): address_n = msg.address_n or () - node = await seed.get_root(ctx) - node.derive_path(address_n) + node = await seed.derive_node(ctx, address_n) seckey = node.private_key() public_key = secp256k1.publickey(seckey, False) # uncompressed diff --git a/src/apps/ethereum/sign_message.py b/src/apps/ethereum/sign_message.py index f494628f10..b35ac4d6d1 100644 --- a/src/apps/ethereum/sign_message.py +++ b/src/apps/ethereum/sign_message.py @@ -20,8 +20,7 @@ async def ethereum_sign_message(ctx, msg): from ..common import seed address_n = msg.address_n or () - node = await seed.get_root(ctx) - node.derive_path(address_n) + node = await seed.derive_node(ctx, address_n) signature = secp256k1.sign(node.private_key(), message_digest(msg.message), False) diff --git a/src/apps/ethereum/sign_tx.py b/src/apps/ethereum/sign_tx.py index 2582529e15..4eb5d0cf4d 100644 --- a/src/apps/ethereum/sign_tx.py +++ b/src/apps/ethereum/sign_tx.py @@ -100,8 +100,7 @@ async def send_signature(ctx, msg: EthereumSignTx, digest): from ..common import seed address_n = msg.address_n or () - node = await seed.get_root(ctx) - node.derive_path(address_n) + node = await seed.derive_node(ctx, address_n) signature = secp256k1.sign(node.private_key(), digest, False) diff --git a/src/apps/fido_u2f/__init__.py b/src/apps/fido_u2f/__init__.py index d2a0939bf2..f35dde955d 100644 --- a/src/apps/fido_u2f/__init__.py +++ b/src/apps/fido_u2f/__init__.py @@ -521,8 +521,7 @@ def msg_register_sign(challenge: bytes, app_id: bytes) -> bytes: nodepath = [_U2F_KEY_PATH] + keypath # prepare signing key from random path, compute decompressed public key - node = seed.get_root_without_passphrase('nist256p1') - node.derive_path(nodepath) + node = seed.derive_node_without_passphrase(nodepath, 'nist256p1') pubkey = nist256p1.publickey(node.private_key(), False) # first half of keyhandle is keypath @@ -642,8 +641,7 @@ def msg_authenticate_genkey(app_id: bytes, keyhandle: bytes): # derive the signing key nodepath = [_U2F_KEY_PATH] + list(keypath) - node = seed.get_root_without_passphrase('nist256p1') - node.derive_path(nodepath) + node = seed.derive_node_without_passphrase(nodepath, 'nist256p1') # second half of keyhandle is a hmac of app_id and keypath keybase = hmac.Hmac(node.private_key(), app_id, hashlib.sha256) diff --git a/src/apps/wallet/cipher_key_value.py b/src/apps/wallet/cipher_key_value.py index d66a5706f8..f170ccb8ba 100644 --- a/src/apps/wallet/cipher_key_value.py +++ b/src/apps/wallet/cipher_key_value.py @@ -36,8 +36,7 @@ async def layout_cipher_key_value(ctx, msg): ui.BOLD, ui.LIGHT_GREEN, ui.BG) ui.display.text(10, 60, msg.key, ui.MONO, ui.FG, ui.BG) - node = await seed.get_root(ctx) - node.derive_path(msg.address_n) + node = await seed.derive_node(ctx, msg.address_n) value = cipher_key_value(msg, node.private_key()) diff --git a/src/apps/wallet/get_address.py b/src/apps/wallet/get_address.py index 28601cbbaa..f95a6607ad 100644 --- a/src/apps/wallet/get_address.py +++ b/src/apps/wallet/get_address.py @@ -15,8 +15,7 @@ async def layout_get_address(ctx, msg): coin_name = msg.coin_name or 'Bitcoin' coin = coins.by_name(coin_name) - node = await seed.get_root(ctx) - node.derive_path(address_n) + node = await seed.derive_node(ctx, address_n) address = addresses.get_address(msg.script_type, coin, node) diff --git a/src/apps/wallet/get_public_key.py b/src/apps/wallet/get_public_key.py index 5877472710..5917ab4cab 100644 --- a/src/apps/wallet/get_public_key.py +++ b/src/apps/wallet/get_public_key.py @@ -8,8 +8,7 @@ async def layout_get_public_key(ctx, msg): address_n = msg.address_n or () coin_name = msg.coin_name or 'Bitcoin' - node = await seed.get_root(ctx) - node.derive_path(address_n) + node = await seed.derive_node(ctx, address_n) coin = coins.by_name(coin_name) node_xpub = node.serialize_public(coin.xpub_magic) diff --git a/src/apps/wallet/sign_identity.py b/src/apps/wallet/sign_identity.py index 7a439b3017..acd9255fbf 100644 --- a/src/apps/wallet/sign_identity.py +++ b/src/apps/wallet/sign_identity.py @@ -91,8 +91,7 @@ async def layout_sign_identity(ctx, msg): display_identity(identity, msg.challenge_visual) address_n = get_identity_path(identity, msg.identity.index or 0) - node = await seed.get_root(ctx, msg.ecdsa_curve_name) - node.derive_path(address_n) + node = await seed.derive_node(ctx, address_n, msg.ecdsa_curve_name) coin = coins.by_name('Bitcoin') if msg.ecdsa_curve_name == 'secp256k1': diff --git a/src/apps/wallet/sign_message.py b/src/apps/wallet/sign_message.py index 49add9431d..63eb14d7c9 100644 --- a/src/apps/wallet/sign_message.py +++ b/src/apps/wallet/sign_message.py @@ -15,8 +15,7 @@ async def sign_message(ctx, msg): await confirm_sign_message(ctx, message) - node = await seed.get_root(ctx) - node.derive_path(address_n) + node = await seed.derive_node(ctx, address_n) seckey = node.private_key() address = node.address(coin.address_type) diff --git a/src/apps/wallet/sign_tx/__init__.py b/src/apps/wallet/sign_tx/__init__.py index de3871a4ff..31407610fd 100644 --- a/src/apps/wallet/sign_tx/__init__.py +++ b/src/apps/wallet/sign_tx/__init__.py @@ -9,7 +9,8 @@ async def sign_tx(ctx, msg): from . import signing from . import layout - root = await seed.get_root(ctx) + # TODO: rework this so we don't have to pass root to signing.sign_tx + root = await seed.derive_node(ctx, []) signer = signing.sign_tx(msg, root) res = None