1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-18 11:21:11 +00:00

apps/common/seed: refactor methods usage

This commit is contained in:
Pavol Rusnak 2018-02-06 14:28:22 +01:00
parent b139e1a7ac
commit 69344f34b6
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
11 changed files with 25 additions and 31 deletions

View File

@ -5,20 +5,22 @@ from trezor.crypto import bip39
_DEFAULT_CURVE = 'secp256k1' _DEFAULT_CURVE = 'secp256k1'
async def get_root(ctx: wire.Context, curve_name=_DEFAULT_CURVE): async def derive_node(ctx: wire.Context, path=[], curve_name=_DEFAULT_CURVE):
seed = await get_seed(ctx) seed = await _get_seed(ctx)
root = bip32.from_seed(seed, curve_name) node = bip32.from_seed(seed, curve_name)
return root if len(path) > 0:
node.derive_path(path)
return node
async def get_seed(ctx: wire.Context) -> bytes: async def _get_seed(ctx: wire.Context) -> bytes:
from . import cache from . import cache
if cache.seed is None: if cache.seed is None:
cache.seed = await compute_seed(ctx) cache.seed = await _compute_seed(ctx)
return cache.seed return cache.seed
async def compute_seed(ctx: wire.Context) -> bytes: async def _compute_seed(ctx: wire.Context) -> bytes:
from trezor.messages.FailureType import ProcessError from trezor.messages.FailureType import ProcessError
from .request_passphrase import protect_by_passphrase from .request_passphrase import protect_by_passphrase
from . import storage from . import storage
@ -30,10 +32,11 @@ async def compute_seed(ctx: wire.Context) -> bytes:
return bip39.seed(storage.get_mnemonic(), passphrase) return bip39.seed(storage.get_mnemonic(), passphrase)
def get_root_without_passphrase(curve_name=_DEFAULT_CURVE): def derive_node_without_passphrase(path, curve_name=_DEFAULT_CURVE):
from . import storage from . import storage
if not storage.is_initialized(): if not storage.is_initialized():
raise Exception('Device is not initialized') raise Exception('Device is not initialized')
seed = bip39.seed(storage.get_mnemonic(), '') seed = bip39.seed(storage.get_mnemonic(), '')
root = bip32.from_seed(seed, curve_name) node = bip32.from_seed(seed, curve_name)
return root node.derive_path(path)
return node

View File

@ -9,8 +9,7 @@ async def layout_ethereum_get_address(ctx, msg):
address_n = msg.address_n or () address_n = msg.address_n or ()
node = await seed.get_root(ctx) node = await seed.derive_node(ctx, address_n)
node.derive_path(address_n)
seckey = node.private_key() seckey = node.private_key()
public_key = secp256k1.publickey(seckey, False) # uncompressed public_key = secp256k1.publickey(seckey, False) # uncompressed

View File

@ -20,8 +20,7 @@ async def ethereum_sign_message(ctx, msg):
from ..common import seed from ..common import seed
address_n = msg.address_n or () address_n = msg.address_n or ()
node = await seed.get_root(ctx) node = await seed.derive_node(ctx, address_n)
node.derive_path(address_n)
signature = secp256k1.sign(node.private_key(), message_digest(msg.message), False) signature = secp256k1.sign(node.private_key(), message_digest(msg.message), False)

View File

@ -100,8 +100,7 @@ async def send_signature(ctx, msg: EthereumSignTx, digest):
from ..common import seed from ..common import seed
address_n = msg.address_n or () address_n = msg.address_n or ()
node = await seed.get_root(ctx) node = await seed.derive_node(ctx, address_n)
node.derive_path(address_n)
signature = secp256k1.sign(node.private_key(), digest, False) signature = secp256k1.sign(node.private_key(), digest, False)

View File

@ -521,8 +521,7 @@ def msg_register_sign(challenge: bytes, app_id: bytes) -> bytes:
nodepath = [_U2F_KEY_PATH] + keypath nodepath = [_U2F_KEY_PATH] + keypath
# prepare signing key from random path, compute decompressed public key # prepare signing key from random path, compute decompressed public key
node = seed.get_root_without_passphrase('nist256p1') node = seed.derive_node_without_passphrase(nodepath, 'nist256p1')
node.derive_path(nodepath)
pubkey = nist256p1.publickey(node.private_key(), False) pubkey = nist256p1.publickey(node.private_key(), False)
# first half of keyhandle is keypath # first half of keyhandle is keypath
@ -642,8 +641,7 @@ def msg_authenticate_genkey(app_id: bytes, keyhandle: bytes):
# derive the signing key # derive the signing key
nodepath = [_U2F_KEY_PATH] + list(keypath) nodepath = [_U2F_KEY_PATH] + list(keypath)
node = seed.get_root_without_passphrase('nist256p1') node = seed.derive_node_without_passphrase(nodepath, 'nist256p1')
node.derive_path(nodepath)
# second half of keyhandle is a hmac of app_id and keypath # second half of keyhandle is a hmac of app_id and keypath
keybase = hmac.Hmac(node.private_key(), app_id, hashlib.sha256) keybase = hmac.Hmac(node.private_key(), app_id, hashlib.sha256)

View File

@ -36,8 +36,7 @@ async def layout_cipher_key_value(ctx, msg):
ui.BOLD, ui.LIGHT_GREEN, ui.BG) ui.BOLD, ui.LIGHT_GREEN, ui.BG)
ui.display.text(10, 60, msg.key, ui.MONO, ui.FG, ui.BG) ui.display.text(10, 60, msg.key, ui.MONO, ui.FG, ui.BG)
node = await seed.get_root(ctx) node = await seed.derive_node(ctx, msg.address_n)
node.derive_path(msg.address_n)
value = cipher_key_value(msg, node.private_key()) value = cipher_key_value(msg, node.private_key())

View File

@ -15,8 +15,7 @@ async def layout_get_address(ctx, msg):
coin_name = msg.coin_name or 'Bitcoin' coin_name = msg.coin_name or 'Bitcoin'
coin = coins.by_name(coin_name) coin = coins.by_name(coin_name)
node = await seed.get_root(ctx) node = await seed.derive_node(ctx, address_n)
node.derive_path(address_n)
address = addresses.get_address(msg.script_type, coin, node) address = addresses.get_address(msg.script_type, coin, node)

View File

@ -8,8 +8,7 @@ async def layout_get_public_key(ctx, msg):
address_n = msg.address_n or () address_n = msg.address_n or ()
coin_name = msg.coin_name or 'Bitcoin' coin_name = msg.coin_name or 'Bitcoin'
node = await seed.get_root(ctx) node = await seed.derive_node(ctx, address_n)
node.derive_path(address_n)
coin = coins.by_name(coin_name) coin = coins.by_name(coin_name)
node_xpub = node.serialize_public(coin.xpub_magic) node_xpub = node.serialize_public(coin.xpub_magic)

View File

@ -91,8 +91,7 @@ async def layout_sign_identity(ctx, msg):
display_identity(identity, msg.challenge_visual) display_identity(identity, msg.challenge_visual)
address_n = get_identity_path(identity, msg.identity.index or 0) address_n = get_identity_path(identity, msg.identity.index or 0)
node = await seed.get_root(ctx, msg.ecdsa_curve_name) node = await seed.derive_node(ctx, address_n, msg.ecdsa_curve_name)
node.derive_path(address_n)
coin = coins.by_name('Bitcoin') coin = coins.by_name('Bitcoin')
if msg.ecdsa_curve_name == 'secp256k1': if msg.ecdsa_curve_name == 'secp256k1':

View File

@ -15,8 +15,7 @@ async def sign_message(ctx, msg):
await confirm_sign_message(ctx, message) await confirm_sign_message(ctx, message)
node = await seed.get_root(ctx) node = await seed.derive_node(ctx, address_n)
node.derive_path(address_n)
seckey = node.private_key() seckey = node.private_key()
address = node.address(coin.address_type) address = node.address(coin.address_type)

View File

@ -9,7 +9,8 @@ async def sign_tx(ctx, msg):
from . import signing from . import signing
from . import layout from . import layout
root = await seed.get_root(ctx) # TODO: rework this so we don't have to pass root to signing.sign_tx
root = await seed.derive_node(ctx, [])
signer = signing.sign_tx(msg, root) signer = signing.sign_tx(msg, root)
res = None res = None