apps.wallet: add partial support for SignIdentity (secp256k1 curve only)

8 years ago · 8618248504
parent 084f1205f1
commit 8618248504
2 changed files with 62 additions and 1 deletions
--- a/src/apps/wallet/init.py
+++ b/src/apps/wallet/init.py
@ -1,7 +1,9 @@
 from trezor.wire import register_type, protobuf_handler
 from trezor.utils import unimport
 from trezor.messages.wire_types import \
-    GetPublicKey, GetAddress, SignTx, EstimateTxSize, SignMessage, VerifyMessage
+    GetPublicKey, GetAddress, SignTx, EstimateTxSize, \
+    SignMessage, VerifyMessage, \
+    SignIdentity


@unimport
@ -43,6 +45,12 @@ def dispatch_VerifyMessage(*args, **kwargs):
    return layout_verify_message(*args, **kwargs)


+@unimport
+def dispatch_SignIdentity(*args, **kwargs):
+    from .layout_sign_identity import layout_sign_identity
+    return layout_sign_identity(*args, **kwargs)
+
+
 def boot():
    register_type(GetPublicKey, protobuf_handler, dispatch_GetPublicKey)
    register_type(GetAddress, protobuf_handler, dispatch_GetAddress)
@ -50,3 +58,4 @@ def boot():
    register_type(EstimateTxSize, protobuf_handler, dispatch_EstimateTxSize)
    register_type(SignMessage, protobuf_handler, dispatch_SignMessage)
    register_type(VerifyMessage, protobuf_handler, dispatch_VerifyMessage)
+    register_type(SignIdentity, protobuf_handler, dispatch_SignIdentity)
--- a/src/apps/wallet/layout_sign_identity.py
+++ b/src/apps/wallet/layout_sign_identity.py
@ -0,0 +1,52 @@
+from trezor import wire, ui
+from trezor.utils import unimport
+
+@unimport
+async def layout_sign_identity(msg, session_id):
+    from trezor.messages.SignedIdentity import SignedIdentity
+    from trezor.crypto.curve import secp256k1
+    from trezor.crypto.hashlib import sha256
+    from ustruct import pack, unpack
+    from ..common.seed import get_node
+    from ..common import coins
+    from ..common.signverify import message_digest
+
+    identity = ''
+    if hasattr(msg.identity, 'proto') and msg.identity.proto:
+        identity += msg.identity.proto + '://'
+    if hasattr(msg.identity, 'user') and msg.identity.user:
+        identity += msg.identity.user + '@'
+    if hasattr(msg.identity, 'host') and msg.identity.host:
+        identity += msg.identity.host
+    if hasattr(msg.identity, 'port') and msg.identity.port:
+        identity += ':' + msg.identity.port
+    if hasattr(msg.identity, 'path') and msg.identity.path:
+        identity += msg.identity.path
+
+    index = getattr(msg.identity, 'index', 0)
+    identity_hash = sha256(pack('<I', index) + identity).digest()
+
+    address_n = (13, ) + unpack('<IIII', identity_hash[:16])
+    address_n = [0x80000000 | x for x in address_n]
+
+    # TODO: proper handling of non-secp256k1 curves
+    #       this would need the change of common.seed.get_node function
+
+    ui.display.clear()
+    ui.display.text(10, 30, 'Identity:',
+                    ui.BOLD, ui.LIGHT_GREEN, ui.BLACK)
+    ui.display.text(10, 60, msg.challenge_visual, ui.MONO, ui.WHITE, ui.BLACK)
+    ui.display.text(10, 80, identity, ui.MONO, ui.WHITE, ui.BLACK)
+
+    node = await get_node(session_id, address_n)
+
+    coin = coins.by_name('Bitcoin')
+    address = node.address(coin.address_type) # hardcoded Bitcoin address type
+    pubkey = node.public_key()
+    seckey = node.private_key()
+    challenge = sha256(msg.challenge_hidden).digest() + sha256(msg.challenge_visual).digest()
+    digest = message_digest(coin, challenge)
+
+    signature = secp256k1.sign(seckey, digest)
+
+    return SignedIdentity(address=address, public_key=pubkey, signature=signature)