mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-18 11:21:11 +00:00
apps/common/seed: refactor methods usage
This commit is contained in:
parent
b139e1a7ac
commit
69344f34b6
@ -5,20 +5,22 @@ from trezor.crypto import bip39
|
|||||||
_DEFAULT_CURVE = 'secp256k1'
|
_DEFAULT_CURVE = 'secp256k1'
|
||||||
|
|
||||||
|
|
||||||
async def get_root(ctx: wire.Context, curve_name=_DEFAULT_CURVE):
|
async def derive_node(ctx: wire.Context, path=[], curve_name=_DEFAULT_CURVE):
|
||||||
seed = await get_seed(ctx)
|
seed = await _get_seed(ctx)
|
||||||
root = bip32.from_seed(seed, curve_name)
|
node = bip32.from_seed(seed, curve_name)
|
||||||
return root
|
if len(path) > 0:
|
||||||
|
node.derive_path(path)
|
||||||
|
return node
|
||||||
|
|
||||||
|
|
||||||
async def get_seed(ctx: wire.Context) -> bytes:
|
async def _get_seed(ctx: wire.Context) -> bytes:
|
||||||
from . import cache
|
from . import cache
|
||||||
if cache.seed is None:
|
if cache.seed is None:
|
||||||
cache.seed = await compute_seed(ctx)
|
cache.seed = await _compute_seed(ctx)
|
||||||
return cache.seed
|
return cache.seed
|
||||||
|
|
||||||
|
|
||||||
async def compute_seed(ctx: wire.Context) -> bytes:
|
async def _compute_seed(ctx: wire.Context) -> bytes:
|
||||||
from trezor.messages.FailureType import ProcessError
|
from trezor.messages.FailureType import ProcessError
|
||||||
from .request_passphrase import protect_by_passphrase
|
from .request_passphrase import protect_by_passphrase
|
||||||
from . import storage
|
from . import storage
|
||||||
@ -30,10 +32,11 @@ async def compute_seed(ctx: wire.Context) -> bytes:
|
|||||||
return bip39.seed(storage.get_mnemonic(), passphrase)
|
return bip39.seed(storage.get_mnemonic(), passphrase)
|
||||||
|
|
||||||
|
|
||||||
def get_root_without_passphrase(curve_name=_DEFAULT_CURVE):
|
def derive_node_without_passphrase(path, curve_name=_DEFAULT_CURVE):
|
||||||
from . import storage
|
from . import storage
|
||||||
if not storage.is_initialized():
|
if not storage.is_initialized():
|
||||||
raise Exception('Device is not initialized')
|
raise Exception('Device is not initialized')
|
||||||
seed = bip39.seed(storage.get_mnemonic(), '')
|
seed = bip39.seed(storage.get_mnemonic(), '')
|
||||||
root = bip32.from_seed(seed, curve_name)
|
node = bip32.from_seed(seed, curve_name)
|
||||||
return root
|
node.derive_path(path)
|
||||||
|
return node
|
||||||
|
@ -9,8 +9,7 @@ async def layout_ethereum_get_address(ctx, msg):
|
|||||||
|
|
||||||
address_n = msg.address_n or ()
|
address_n = msg.address_n or ()
|
||||||
|
|
||||||
node = await seed.get_root(ctx)
|
node = await seed.derive_node(ctx, address_n)
|
||||||
node.derive_path(address_n)
|
|
||||||
|
|
||||||
seckey = node.private_key()
|
seckey = node.private_key()
|
||||||
public_key = secp256k1.publickey(seckey, False) # uncompressed
|
public_key = secp256k1.publickey(seckey, False) # uncompressed
|
||||||
|
@ -20,8 +20,7 @@ async def ethereum_sign_message(ctx, msg):
|
|||||||
from ..common import seed
|
from ..common import seed
|
||||||
|
|
||||||
address_n = msg.address_n or ()
|
address_n = msg.address_n or ()
|
||||||
node = await seed.get_root(ctx)
|
node = await seed.derive_node(ctx, address_n)
|
||||||
node.derive_path(address_n)
|
|
||||||
|
|
||||||
signature = secp256k1.sign(node.private_key(), message_digest(msg.message), False)
|
signature = secp256k1.sign(node.private_key(), message_digest(msg.message), False)
|
||||||
|
|
||||||
|
@ -100,8 +100,7 @@ async def send_signature(ctx, msg: EthereumSignTx, digest):
|
|||||||
from ..common import seed
|
from ..common import seed
|
||||||
|
|
||||||
address_n = msg.address_n or ()
|
address_n = msg.address_n or ()
|
||||||
node = await seed.get_root(ctx)
|
node = await seed.derive_node(ctx, address_n)
|
||||||
node.derive_path(address_n)
|
|
||||||
|
|
||||||
signature = secp256k1.sign(node.private_key(), digest, False)
|
signature = secp256k1.sign(node.private_key(), digest, False)
|
||||||
|
|
||||||
|
@ -521,8 +521,7 @@ def msg_register_sign(challenge: bytes, app_id: bytes) -> bytes:
|
|||||||
nodepath = [_U2F_KEY_PATH] + keypath
|
nodepath = [_U2F_KEY_PATH] + keypath
|
||||||
|
|
||||||
# prepare signing key from random path, compute decompressed public key
|
# prepare signing key from random path, compute decompressed public key
|
||||||
node = seed.get_root_without_passphrase('nist256p1')
|
node = seed.derive_node_without_passphrase(nodepath, 'nist256p1')
|
||||||
node.derive_path(nodepath)
|
|
||||||
pubkey = nist256p1.publickey(node.private_key(), False)
|
pubkey = nist256p1.publickey(node.private_key(), False)
|
||||||
|
|
||||||
# first half of keyhandle is keypath
|
# first half of keyhandle is keypath
|
||||||
@ -642,8 +641,7 @@ def msg_authenticate_genkey(app_id: bytes, keyhandle: bytes):
|
|||||||
|
|
||||||
# derive the signing key
|
# derive the signing key
|
||||||
nodepath = [_U2F_KEY_PATH] + list(keypath)
|
nodepath = [_U2F_KEY_PATH] + list(keypath)
|
||||||
node = seed.get_root_without_passphrase('nist256p1')
|
node = seed.derive_node_without_passphrase(nodepath, 'nist256p1')
|
||||||
node.derive_path(nodepath)
|
|
||||||
|
|
||||||
# second half of keyhandle is a hmac of app_id and keypath
|
# second half of keyhandle is a hmac of app_id and keypath
|
||||||
keybase = hmac.Hmac(node.private_key(), app_id, hashlib.sha256)
|
keybase = hmac.Hmac(node.private_key(), app_id, hashlib.sha256)
|
||||||
|
@ -36,8 +36,7 @@ async def layout_cipher_key_value(ctx, msg):
|
|||||||
ui.BOLD, ui.LIGHT_GREEN, ui.BG)
|
ui.BOLD, ui.LIGHT_GREEN, ui.BG)
|
||||||
ui.display.text(10, 60, msg.key, ui.MONO, ui.FG, ui.BG)
|
ui.display.text(10, 60, msg.key, ui.MONO, ui.FG, ui.BG)
|
||||||
|
|
||||||
node = await seed.get_root(ctx)
|
node = await seed.derive_node(ctx, msg.address_n)
|
||||||
node.derive_path(msg.address_n)
|
|
||||||
|
|
||||||
value = cipher_key_value(msg, node.private_key())
|
value = cipher_key_value(msg, node.private_key())
|
||||||
|
|
||||||
|
@ -15,8 +15,7 @@ async def layout_get_address(ctx, msg):
|
|||||||
coin_name = msg.coin_name or 'Bitcoin'
|
coin_name = msg.coin_name or 'Bitcoin'
|
||||||
coin = coins.by_name(coin_name)
|
coin = coins.by_name(coin_name)
|
||||||
|
|
||||||
node = await seed.get_root(ctx)
|
node = await seed.derive_node(ctx, address_n)
|
||||||
node.derive_path(address_n)
|
|
||||||
|
|
||||||
address = addresses.get_address(msg.script_type, coin, node)
|
address = addresses.get_address(msg.script_type, coin, node)
|
||||||
|
|
||||||
|
@ -8,8 +8,7 @@ async def layout_get_public_key(ctx, msg):
|
|||||||
address_n = msg.address_n or ()
|
address_n = msg.address_n or ()
|
||||||
coin_name = msg.coin_name or 'Bitcoin'
|
coin_name = msg.coin_name or 'Bitcoin'
|
||||||
|
|
||||||
node = await seed.get_root(ctx)
|
node = await seed.derive_node(ctx, address_n)
|
||||||
node.derive_path(address_n)
|
|
||||||
coin = coins.by_name(coin_name)
|
coin = coins.by_name(coin_name)
|
||||||
|
|
||||||
node_xpub = node.serialize_public(coin.xpub_magic)
|
node_xpub = node.serialize_public(coin.xpub_magic)
|
||||||
|
@ -91,8 +91,7 @@ async def layout_sign_identity(ctx, msg):
|
|||||||
display_identity(identity, msg.challenge_visual)
|
display_identity(identity, msg.challenge_visual)
|
||||||
|
|
||||||
address_n = get_identity_path(identity, msg.identity.index or 0)
|
address_n = get_identity_path(identity, msg.identity.index or 0)
|
||||||
node = await seed.get_root(ctx, msg.ecdsa_curve_name)
|
node = await seed.derive_node(ctx, address_n, msg.ecdsa_curve_name)
|
||||||
node.derive_path(address_n)
|
|
||||||
|
|
||||||
coin = coins.by_name('Bitcoin')
|
coin = coins.by_name('Bitcoin')
|
||||||
if msg.ecdsa_curve_name == 'secp256k1':
|
if msg.ecdsa_curve_name == 'secp256k1':
|
||||||
|
@ -15,8 +15,7 @@ async def sign_message(ctx, msg):
|
|||||||
|
|
||||||
await confirm_sign_message(ctx, message)
|
await confirm_sign_message(ctx, message)
|
||||||
|
|
||||||
node = await seed.get_root(ctx)
|
node = await seed.derive_node(ctx, address_n)
|
||||||
node.derive_path(address_n)
|
|
||||||
seckey = node.private_key()
|
seckey = node.private_key()
|
||||||
|
|
||||||
address = node.address(coin.address_type)
|
address = node.address(coin.address_type)
|
||||||
|
@ -9,7 +9,8 @@ async def sign_tx(ctx, msg):
|
|||||||
from . import signing
|
from . import signing
|
||||||
from . import layout
|
from . import layout
|
||||||
|
|
||||||
root = await seed.get_root(ctx)
|
# TODO: rework this so we don't have to pass root to signing.sign_tx
|
||||||
|
root = await seed.derive_node(ctx, [])
|
||||||
|
|
||||||
signer = signing.sign_tx(msg, root)
|
signer = signing.sign_tx(msg, root)
|
||||||
res = None
|
res = None
|
||||||
|
Loading…
Reference in New Issue
Block a user