1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-29 10:58:21 +00:00

tests: finish sign_identity workflow, update run_tests_python_trezor.sh to reflect current state

This commit is contained in:
Pavol Rusnak 2017-04-16 22:21:21 +02:00
parent 8a9e31382e
commit a7e17f07ee
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
3 changed files with 76 additions and 12 deletions

View File

@ -7,7 +7,7 @@ COINS = [
coin_name='Bitcoin',
coin_shortcut='BTC',
address_type=0,
maxfee_kb=300000,
maxfee_kb=100000,
address_type_p2sh=5,
address_type_p2wpkh=6,
address_type_p2wsh=10,

View File

@ -42,15 +42,44 @@ def get_identity_path(identity: str, index: int) -> List[int]:
def sign_challenge(seckey: bytes,
challenge_hidden: bytes,
challenge_visual: str,
coin) -> bytes:
sigtype,
curve: str) -> bytes:
from trezor.crypto.hashlib import sha256
if curve == 'secp256k1':
from trezor.crypto.curve import secp256k1
elif curve == 'nist256p1':
from trezor.crypto.curve import nist256p1
elif curve == 'ed25519':
from trezor.crypto.curve import ed25519
from ..common.signverify import message_digest
if sigtype == 'gpg':
data = challenge_hidden
elif sigtype == 'ssh':
if curve != 'ed25519':
data = sha256(challenge_hidden).digest()
else:
data = challenge_hidden
else:
# sigtype is coin
challenge = sha256(challenge_hidden).digest() + \
sha256(challenge_visual).digest()
digest = message_digest(coin, challenge)
signature = secp256k1.sign(seckey, digest)
data = message_digest(sigtype, challenge)
if curve == 'secp256k1':
signature = secp256k1.sign(seckey, data)
elif curve == 'nist256p1':
signature = nist256p1.sign(seckey, data)
elif curve == 'ed25519':
signature = ed25519.sign(seckey, data)
else:
raise ValueError('Unknown curve')
if curve == 'ed25519':
signature = b'\x00' + signature
elif sigtype == 'gpg' or sigtype == 'ssh':
signature = b'\x00' + signature[1:]
return signature
@ -69,11 +98,21 @@ async def layout_sign_identity(session_id, msg):
node.derive_path(address_n)
coin = coins.by_name('Bitcoin')
if msg.ecdsa_curve_name == 'secp256k1':
address = node.address(coin.address_type) # hardcoded bitcoin address type
else:
address = None
pubkey = node.public_key()
seckey = node.private_key()
if msg.identity.proto == 'gpg':
signature = sign_challenge(
seckey, msg.challenge_hidden, msg.challenge_visual, coin)
seckey, msg.challenge_hidden, msg.challenge_visual, 'gpg', msg.ecdsa_curve_name)
elif msg.identity.proto == 'ssh':
signature = sign_challenge(
seckey, msg.challenge_hidden, msg.challenge_visual, 'ssh', msg.ecdsa_curve_name)
else:
signature = sign_challenge(
seckey, msg.challenge_hidden, msg.challenge_visual, coin, msg.ecdsa_curve_name)
return SignedIdentity(address=address, public_key=pubkey, signature=signature)

View File

@ -21,18 +21,43 @@ error=0
PYTHON="${PYTHON:-python2}"
'''
not passing:
test_bip32_speed.py
test_debuglink.py
test_msg_applysettings.py
test_msg_clearsession.py
test_msg_changepin.py \
test_msg_ethereum_signtx.py
test_msg_getaddress_show.py
test_msg_getentropy.py
test_msg_loaddevice.py
test_msg_ping.py
test_msg_resetdevice.py
test_msg_recoverydevice.py
test_msg_signtx_segwit.py
test_msg_signtx_zcash.py
test_multisig_change.py
test_multisig.py
test_protect_call.py
test_protection_levels.py
'''
for i in \
test_basic.py \
test_msg_cipherkeyvalue.py \
test_msg_estimatetxsize.py \
test_msg_ethereum_getaddress.py \
test_msg_getaddress.py \
test_msg_getpublickey.py \
test_msg_signidentity.py \
test_msg_signmessage.py \
test_msg_signtx.py \
test_msg_verifymessage.py \
test_msg_wipedevice.py \
test_msg_reset_device.py \
test_msg_changepin.py \
test_op_return.py \
test_zerosig.py \
; do
if ! $PYTHON $i ; then
error=1