mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-26 01:18:28 +00:00
tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state
This commit is contained in:
parent
8a9e31382e
commit
a7e17f07ee
@ -7,7 +7,7 @@ COINS = [
|
|||||||
coin_name='Bitcoin',
|
coin_name='Bitcoin',
|
||||||
coin_shortcut='BTC',
|
coin_shortcut='BTC',
|
||||||
address_type=0,
|
address_type=0,
|
||||||
maxfee_kb=300000,
|
maxfee_kb=100000,
|
||||||
address_type_p2sh=5,
|
address_type_p2sh=5,
|
||||||
address_type_p2wpkh=6,
|
address_type_p2wpkh=6,
|
||||||
address_type_p2wsh=10,
|
address_type_p2wsh=10,
|
||||||
|
@ -42,15 +42,44 @@ def get_identity_path(identity: str, index: int) -> List[int]:
|
|||||||
def sign_challenge(seckey: bytes,
|
def sign_challenge(seckey: bytes,
|
||||||
challenge_hidden: bytes,
|
challenge_hidden: bytes,
|
||||||
challenge_visual: str,
|
challenge_visual: str,
|
||||||
coin) -> bytes:
|
sigtype,
|
||||||
|
curve: str) -> bytes:
|
||||||
from trezor.crypto.hashlib import sha256
|
from trezor.crypto.hashlib import sha256
|
||||||
|
if curve == 'secp256k1':
|
||||||
from trezor.crypto.curve import secp256k1
|
from trezor.crypto.curve import secp256k1
|
||||||
|
elif curve == 'nist256p1':
|
||||||
|
from trezor.crypto.curve import nist256p1
|
||||||
|
elif curve == 'ed25519':
|
||||||
|
from trezor.crypto.curve import ed25519
|
||||||
from ..common.signverify import message_digest
|
from ..common.signverify import message_digest
|
||||||
|
|
||||||
|
|
||||||
|
if sigtype == 'gpg':
|
||||||
|
data = challenge_hidden
|
||||||
|
elif sigtype == 'ssh':
|
||||||
|
if curve != 'ed25519':
|
||||||
|
data = sha256(challenge_hidden).digest()
|
||||||
|
else:
|
||||||
|
data = challenge_hidden
|
||||||
|
else:
|
||||||
|
# sigtype is coin
|
||||||
challenge = sha256(challenge_hidden).digest() + \
|
challenge = sha256(challenge_hidden).digest() + \
|
||||||
sha256(challenge_visual).digest()
|
sha256(challenge_visual).digest()
|
||||||
digest = message_digest(coin, challenge)
|
data = message_digest(sigtype, challenge)
|
||||||
signature = secp256k1.sign(seckey, digest)
|
|
||||||
|
if curve == 'secp256k1':
|
||||||
|
signature = secp256k1.sign(seckey, data)
|
||||||
|
elif curve == 'nist256p1':
|
||||||
|
signature = nist256p1.sign(seckey, data)
|
||||||
|
elif curve == 'ed25519':
|
||||||
|
signature = ed25519.sign(seckey, data)
|
||||||
|
else:
|
||||||
|
raise ValueError('Unknown curve')
|
||||||
|
|
||||||
|
if curve == 'ed25519':
|
||||||
|
signature = b'\x00' + signature
|
||||||
|
elif sigtype == 'gpg' or sigtype == 'ssh':
|
||||||
|
signature = b'\x00' + signature[1:]
|
||||||
|
|
||||||
return signature
|
return signature
|
||||||
|
|
||||||
@ -69,11 +98,21 @@ async def layout_sign_identity(session_id, msg):
|
|||||||
node.derive_path(address_n)
|
node.derive_path(address_n)
|
||||||
|
|
||||||
coin = coins.by_name('Bitcoin')
|
coin = coins.by_name('Bitcoin')
|
||||||
|
if msg.ecdsa_curve_name == 'secp256k1':
|
||||||
address = node.address(coin.address_type) # hardcoded bitcoin address type
|
address = node.address(coin.address_type) # hardcoded bitcoin address type
|
||||||
|
else:
|
||||||
|
address = None
|
||||||
pubkey = node.public_key()
|
pubkey = node.public_key()
|
||||||
seckey = node.private_key()
|
seckey = node.private_key()
|
||||||
|
|
||||||
|
if msg.identity.proto == 'gpg':
|
||||||
signature = sign_challenge(
|
signature = sign_challenge(
|
||||||
seckey, msg.challenge_hidden, msg.challenge_visual, coin)
|
seckey, msg.challenge_hidden, msg.challenge_visual, 'gpg', msg.ecdsa_curve_name)
|
||||||
|
elif msg.identity.proto == 'ssh':
|
||||||
|
signature = sign_challenge(
|
||||||
|
seckey, msg.challenge_hidden, msg.challenge_visual, 'ssh', msg.ecdsa_curve_name)
|
||||||
|
else:
|
||||||
|
signature = sign_challenge(
|
||||||
|
seckey, msg.challenge_hidden, msg.challenge_visual, coin, msg.ecdsa_curve_name)
|
||||||
|
|
||||||
return SignedIdentity(address=address, public_key=pubkey, signature=signature)
|
return SignedIdentity(address=address, public_key=pubkey, signature=signature)
|
||||||
|
@ -21,18 +21,43 @@ error=0
|
|||||||
|
|
||||||
PYTHON="${PYTHON:-python2}"
|
PYTHON="${PYTHON:-python2}"
|
||||||
|
|
||||||
|
'''
|
||||||
|
not passing:
|
||||||
|
|
||||||
|
test_bip32_speed.py
|
||||||
|
test_debuglink.py
|
||||||
|
test_msg_applysettings.py
|
||||||
|
test_msg_clearsession.py
|
||||||
|
test_msg_changepin.py \
|
||||||
|
test_msg_ethereum_signtx.py
|
||||||
|
test_msg_getaddress_show.py
|
||||||
|
test_msg_getentropy.py
|
||||||
|
test_msg_loaddevice.py
|
||||||
|
test_msg_ping.py
|
||||||
|
test_msg_resetdevice.py
|
||||||
|
test_msg_recoverydevice.py
|
||||||
|
test_msg_signtx_segwit.py
|
||||||
|
test_msg_signtx_zcash.py
|
||||||
|
test_multisig_change.py
|
||||||
|
test_multisig.py
|
||||||
|
test_protect_call.py
|
||||||
|
test_protection_levels.py
|
||||||
|
'''
|
||||||
|
|
||||||
for i in \
|
for i in \
|
||||||
|
test_basic.py \
|
||||||
test_msg_cipherkeyvalue.py \
|
test_msg_cipherkeyvalue.py \
|
||||||
test_msg_estimatetxsize.py \
|
test_msg_estimatetxsize.py \
|
||||||
test_msg_ethereum_getaddress.py \
|
test_msg_ethereum_getaddress.py \
|
||||||
test_msg_getaddress.py \
|
test_msg_getaddress.py \
|
||||||
test_msg_getpublickey.py \
|
test_msg_getpublickey.py \
|
||||||
|
test_msg_signidentity.py \
|
||||||
test_msg_signmessage.py \
|
test_msg_signmessage.py \
|
||||||
test_msg_signtx.py \
|
test_msg_signtx.py \
|
||||||
test_msg_verifymessage.py \
|
test_msg_verifymessage.py \
|
||||||
test_msg_wipedevice.py \
|
test_msg_wipedevice.py \
|
||||||
test_msg_reset_device.py \
|
test_op_return.py \
|
||||||
test_msg_changepin.py \
|
test_zerosig.py \
|
||||||
; do
|
; do
|
||||||
if ! $PYTHON $i ; then
|
if ! $PYTHON $i ; then
|
||||||
error=1
|
error=1
|
||||||
|
Loading…
Reference in New Issue
Block a user