mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-25 23:01:02 +00:00
Add ECDH support
This commit is contained in:
parent
f07556f0db
commit
c86086e2b9
@ -775,6 +775,54 @@ void fsm_msgSignIdentity(SignIdentity *msg)
|
|||||||
layoutHome();
|
layoutHome();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void fsm_msgGetECDHSessionKey(GetECDHSessionKey *msg)
|
||||||
|
{
|
||||||
|
RESP_INIT(ECDHSessionKey);
|
||||||
|
|
||||||
|
if (!storage_isInitialized()) {
|
||||||
|
fsm_sendFailure(FailureType_Failure_NotInitialized, "Device not initialized");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO: consider adding appropriate UI for manual confirmation?
|
||||||
|
|
||||||
|
if (!protectPin(true)) {
|
||||||
|
layoutHome();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
uint8_t hash[32];
|
||||||
|
if (!msg->has_identity || cryptoIdentityFingerprint(&(msg->identity), hash) == 0) {
|
||||||
|
fsm_sendFailure(FailureType_Failure_Other, "Invalid identity");
|
||||||
|
layoutHome();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
uint32_t address_n[5];
|
||||||
|
address_n[0] = 0x80000000 | 17;
|
||||||
|
address_n[1] = 0x80000000 | hash[ 0] | (hash[ 1] << 8) | (hash[ 2] << 16) | (hash[ 3] << 24);
|
||||||
|
address_n[2] = 0x80000000 | hash[ 4] | (hash[ 5] << 8) | (hash[ 6] << 16) | (hash[ 7] << 24);
|
||||||
|
address_n[3] = 0x80000000 | hash[ 8] | (hash[ 9] << 8) | (hash[10] << 16) | (hash[11] << 24);
|
||||||
|
address_n[4] = 0x80000000 | hash[12] | (hash[13] << 8) | (hash[14] << 16) | (hash[15] << 24);
|
||||||
|
|
||||||
|
const char *curve = SECP256K1_NAME;
|
||||||
|
if (msg->has_ecdsa_curve_name) {
|
||||||
|
curve = msg->ecdsa_curve_name;
|
||||||
|
}
|
||||||
|
|
||||||
|
const HDNode *node = fsm_getDerivedNode(curve, address_n, 5);
|
||||||
|
if (!node) return;
|
||||||
|
|
||||||
|
if (cryptoGetECDHSessionKey(node, msg->peer_public_key.bytes, resp->session_key.bytes) == 0) {
|
||||||
|
resp->has_session_key = true;
|
||||||
|
resp->session_key.size = 65;
|
||||||
|
msg_write(MessageType_MessageType_ECDHSessionKey, resp);
|
||||||
|
} else {
|
||||||
|
fsm_sendFailure(FailureType_Failure_Other, "Error getting ECDH session key");
|
||||||
|
}
|
||||||
|
layoutHome();
|
||||||
|
}
|
||||||
|
|
||||||
/* ECIES disabled
|
/* ECIES disabled
|
||||||
void fsm_msgEncryptMessage(EncryptMessage *msg)
|
void fsm_msgEncryptMessage(EncryptMessage *msg)
|
||||||
{
|
{
|
||||||
|
@ -51,6 +51,7 @@ void fsm_msgEntropyAck(EntropyAck *msg);
|
|||||||
void fsm_msgSignMessage(SignMessage *msg);
|
void fsm_msgSignMessage(SignMessage *msg);
|
||||||
void fsm_msgVerifyMessage(VerifyMessage *msg);
|
void fsm_msgVerifyMessage(VerifyMessage *msg);
|
||||||
void fsm_msgSignIdentity(SignIdentity *msg);
|
void fsm_msgSignIdentity(SignIdentity *msg);
|
||||||
|
void fsm_msgGetECDHSessionKey(GetECDHSessionKey *msg);
|
||||||
void fsm_msgEncryptMessage(EncryptMessage *msg);
|
void fsm_msgEncryptMessage(EncryptMessage *msg);
|
||||||
void fsm_msgDecryptMessage(DecryptMessage *msg);
|
void fsm_msgDecryptMessage(DecryptMessage *msg);
|
||||||
//void fsm_msgPassphraseAck(PassphraseAck *msg);
|
//void fsm_msgPassphraseAck(PassphraseAck *msg);
|
||||||
|
@ -63,6 +63,7 @@ static const struct MessagesMap_t MessagesMap[] = {
|
|||||||
{'n', 'i', MessageType_MessageType_SignMessage, SignMessage_fields, (void (*)(void *))fsm_msgSignMessage},
|
{'n', 'i', MessageType_MessageType_SignMessage, SignMessage_fields, (void (*)(void *))fsm_msgSignMessage},
|
||||||
{'n', 'i', MessageType_MessageType_SignIdentity, SignIdentity_fields, (void (*)(void *))fsm_msgSignIdentity},
|
{'n', 'i', MessageType_MessageType_SignIdentity, SignIdentity_fields, (void (*)(void *))fsm_msgSignIdentity},
|
||||||
{'n', 'i', MessageType_MessageType_VerifyMessage, VerifyMessage_fields, (void (*)(void *))fsm_msgVerifyMessage},
|
{'n', 'i', MessageType_MessageType_VerifyMessage, VerifyMessage_fields, (void (*)(void *))fsm_msgVerifyMessage},
|
||||||
|
{'n', 'i', MessageType_MessageType_GetECDHSessionKey, GetECDHSessionKey_fields, (void (*)(void *))fsm_msgGetECDHSessionKey},
|
||||||
/* ECIES disabled
|
/* ECIES disabled
|
||||||
{'n', 'i', MessageType_MessageType_EncryptMessage, EncryptMessage_fields, (void (*)(void *))fsm_msgEncryptMessage},
|
{'n', 'i', MessageType_MessageType_EncryptMessage, EncryptMessage_fields, (void (*)(void *))fsm_msgEncryptMessage},
|
||||||
{'n', 'i', MessageType_MessageType_DecryptMessage, DecryptMessage_fields, (void (*)(void *))fsm_msgDecryptMessage},
|
{'n', 'i', MessageType_MessageType_DecryptMessage, DecryptMessage_fields, (void (*)(void *))fsm_msgDecryptMessage},
|
||||||
@ -86,6 +87,7 @@ static const struct MessagesMap_t MessagesMap[] = {
|
|||||||
{'n', 'o', MessageType_MessageType_EntropyRequest, EntropyRequest_fields, 0},
|
{'n', 'o', MessageType_MessageType_EntropyRequest, EntropyRequest_fields, 0},
|
||||||
{'n', 'o', MessageType_MessageType_MessageSignature, MessageSignature_fields, 0},
|
{'n', 'o', MessageType_MessageType_MessageSignature, MessageSignature_fields, 0},
|
||||||
{'n', 'o', MessageType_MessageType_SignedIdentity, SignedIdentity_fields, 0},
|
{'n', 'o', MessageType_MessageType_SignedIdentity, SignedIdentity_fields, 0},
|
||||||
|
{'n', 'o', MessageType_MessageType_ECDHSessionKey, ECDHSessionKey_fields, 0},
|
||||||
/* ECIES disabled
|
/* ECIES disabled
|
||||||
{'n', 'o', MessageType_MessageType_EncryptedMessage, EncryptedMessage_fields, 0},
|
{'n', 'o', MessageType_MessageType_EncryptedMessage, EncryptedMessage_fields, 0},
|
||||||
{'n', 'o', MessageType_MessageType_DecryptedMessage, DecryptedMessage_fields, 0},
|
{'n', 'o', MessageType_MessageType_DecryptedMessage, DecryptedMessage_fields, 0},
|
||||||
|
Loading…
Reference in New Issue
Block a user