1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-17 11:58:13 +00:00

seed: pass keychain to workflows, add namespaces

This commit is contained in:
Jan Pochyla 2018-12-07 14:26:59 +01:00
parent 931e549c92
commit e3c0f8e8ad
42 changed files with 177 additions and 174 deletions

View File

@ -1,6 +1,10 @@
from trezor import wire from trezor import wire
from trezor.messages import MessageType from trezor.messages import MessageType
from apps.common import HARDENED
SEED_NAMESPACE = [[HARDENED | 44, HARDENED | 1815]]
def boot(): def boot():
wire.add(MessageType.CardanoGetAddress, __name__, "get_address") wire.add(MessageType.CardanoGetAddress, __name__, "get_address")

View File

@ -1,7 +1,8 @@
from trezor import wire from trezor import wire
from trezor.crypto import bip32 from trezor.crypto import bip32
from apps.common import HARDENED, cache, storage from apps.cardano import SEED_NAMESPACE
from apps.common import cache, storage
from apps.common.request_passphrase import protect_by_passphrase from apps.common.request_passphrase import protect_by_passphrase
@ -34,11 +35,9 @@ async def get_keychain(ctx: wire.Context) -> Keychain:
cache.set_passphrase(passphrase) cache.set_passphrase(passphrase)
root = bip32.from_mnemonic_cardano(storage.get_mnemonic(), passphrase) root = bip32.from_mnemonic_cardano(storage.get_mnemonic(), passphrase)
path = [HARDENED | 44, HARDENED | 1815]
# derive the namespaced root node # derive the namespaced root node
for i in path: for i in SEED_NAMESPACE[0]:
root.derive_cardano(i) root.derive_cardano(i)
keychain = Keychain(path, root) keychain = Keychain(SEED_NAMESPACE[0], root)
return keychain return keychain

View File

@ -34,7 +34,7 @@ class Keychain:
return node return node
async def get_keychain(ctx: wire.Context, paths: list = None) -> Keychain: async def get_keychain(ctx: wire.Context, paths: list) -> Keychain:
if not storage.is_initialized(): if not storage.is_initialized():
raise wire.ProcessError("Device is not initialized") raise wire.ProcessError("Device is not initialized")
@ -48,19 +48,6 @@ async def get_keychain(ctx: wire.Context, paths: list = None) -> Keychain:
seed = bip39.seed(storage.get_mnemonic(), passphrase) seed = bip39.seed(storage.get_mnemonic(), passphrase)
cache.set_seed(seed) cache.set_seed(seed)
if paths is None:
# allow the whole keyspace by default
paths = [
["curve25519"],
["ed25519"],
["ed25519-keccak"],
["nist256p1"],
["secp256k1"],
["secp256k1-decred"],
["secp256k1-groestl"],
["secp256k1-smart"],
]
# derive namespaced root nodes # derive namespaced root nodes
roots = [] roots = []
for curve, *path in paths: for curve, *path in paths:

View File

@ -1,9 +1,12 @@
from trezor import wire from trezor import wire
from trezor.messages import MessageType from trezor.messages import MessageType
from apps.common import HARDENED
def boot(): def boot():
wire.add(MessageType.EthereumGetAddress, __name__, "get_address") ns = [["secp256k1", HARDENED | 44, HARDENED | 60]]
wire.add(MessageType.EthereumSignTx, __name__, "sign_tx") wire.add(MessageType.EthereumGetAddress, __name__, "get_address", ns)
wire.add(MessageType.EthereumSignMessage, __name__, "sign_message") wire.add(MessageType.EthereumSignTx, __name__, "sign_tx", ns)
wire.add(MessageType.EthereumSignMessage, __name__, "sign_message", ns)
wire.add(MessageType.EthereumVerifyMessage, __name__, "verify_message") wire.add(MessageType.EthereumVerifyMessage, __name__, "verify_message")

View File

@ -2,15 +2,13 @@ from trezor.crypto.curve import secp256k1
from trezor.crypto.hashlib import sha3_256 from trezor.crypto.hashlib import sha3_256
from trezor.messages.EthereumAddress import EthereumAddress from trezor.messages.EthereumAddress import EthereumAddress
from apps.common import paths, seed from apps.common import paths
from apps.common.layout import address_n_to_str, show_address, show_qr from apps.common.layout import address_n_to_str, show_address, show_qr
from apps.ethereum import networks from apps.ethereum import networks
from apps.ethereum.address import ethereum_address_hex, validate_full_path from apps.ethereum.address import ethereum_address_hex, validate_full_path
async def get_address(ctx, msg): async def get_address(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, validate_full_path, path=msg.address_n) await paths.validate_path(ctx, validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n) node = keychain.derive(msg.address_n)

View File

@ -4,11 +4,10 @@ from trezor.messages.EthereumMessageSignature import EthereumMessageSignature
from trezor.ui.text import Text from trezor.ui.text import Text
from trezor.utils import HashWriter from trezor.utils import HashWriter
from .address import validate_full_path from apps.common import paths
from apps.common import paths, seed
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
from apps.common.signverify import split_message from apps.common.signverify import split_message
from apps.ethereum.address import validate_full_path
def message_digest(message): def message_digest(message):
@ -20,9 +19,7 @@ def message_digest(message):
return h.get_digest() return h.get_digest()
async def sign_message(ctx, msg): async def sign_message(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, validate_full_path, path=msg.address_n) await paths.validate_path(ctx, validate_full_path, path=msg.address_n)
await require_confirm_sign_message(ctx, msg.message) await require_confirm_sign_message(ctx, msg.message)

View File

@ -7,10 +7,9 @@ from trezor.messages.EthereumTxRequest import EthereumTxRequest
from trezor.messages.MessageType import EthereumTxAck from trezor.messages.MessageType import EthereumTxAck
from trezor.utils import HashWriter from trezor.utils import HashWriter
from .address import validate_full_path from apps.common import paths
from apps.common import paths, seed
from apps.ethereum import tokens from apps.ethereum import tokens
from apps.ethereum.address import validate_full_path
from apps.ethereum.layout import ( from apps.ethereum.layout import (
require_confirm_data, require_confirm_data,
require_confirm_fee, require_confirm_fee,
@ -21,7 +20,7 @@ from apps.ethereum.layout import (
MAX_CHAIN_ID = 2147483629 MAX_CHAIN_ID = 2147483629
async def sign_tx(ctx, msg): async def sign_tx(ctx, msg, keychain):
msg = sanitize(msg) msg = sanitize(msg)
check(msg) check(msg)
await paths.validate_path(ctx, validate_full_path, path=msg.address_n) await paths.validate_path(ctx, validate_full_path, path=msg.address_n)
@ -91,7 +90,9 @@ async def sign_tx(ctx, msg):
sha.extend(rlp.encode(0)) sha.extend(rlp.encode(0))
digest = sha.get_digest() digest = sha.get_digest()
return await send_signature(ctx, msg, digest) result = sign_digest(msg, keychain, digest)
return result
def get_total_length(msg: EthereumSignTx, data_total: int) -> int: def get_total_length(msg: EthereumSignTx, data_total: int) -> int:
@ -130,9 +131,7 @@ async def send_request_chunk(ctx, data_left: int):
return await ctx.call(req, EthereumTxAck) return await ctx.call(req, EthereumTxAck)
async def send_signature(ctx, msg: EthereumSignTx, digest): def sign_digest(msg: EthereumSignTx, keychain, digest):
keychain = await seed.get_keychain(ctx)
node = keychain.derive(msg.address_n) node = keychain.derive(msg.address_n)
signature = secp256k1.sign( signature = secp256k1.sign(
node.private_key(), digest, False, secp256k1.CANONICAL_SIG_ETHEREUM node.private_key(), digest, False, secp256k1.CANONICAL_SIG_ETHEREUM

View File

@ -1,10 +1,13 @@
from trezor import wire from trezor import wire
from trezor.messages import MessageType from trezor.messages import MessageType
from apps.common import HARDENED
def boot(): def boot():
wire.add(MessageType.LiskGetPublicKey, __name__, "get_public_key") ns = [["ed25519", HARDENED | 44, HARDENED | 134]]
wire.add(MessageType.LiskGetAddress, __name__, "get_address") wire.add(MessageType.LiskGetPublicKey, __name__, "get_public_key", ns)
wire.add(MessageType.LiskSignMessage, __name__, "sign_message") wire.add(MessageType.LiskGetAddress, __name__, "get_address", ns)
wire.add(MessageType.LiskSignTx, __name__, "sign_tx", ns)
wire.add(MessageType.LiskSignMessage, __name__, "sign_message", ns)
wire.add(MessageType.LiskVerifyMessage, __name__, "verify_message") wire.add(MessageType.LiskVerifyMessage, __name__, "verify_message")
wire.add(MessageType.LiskSignTx, __name__, "sign_tx")

View File

@ -2,13 +2,11 @@ from trezor.messages.LiskAddress import LiskAddress
from .helpers import LISK_CURVE, get_address_from_public_key, validate_full_path from .helpers import LISK_CURVE, get_address_from_public_key, validate_full_path
from apps.common import paths, seed from apps.common import paths
from apps.common.layout import address_n_to_str, show_address, show_qr from apps.common.layout import address_n_to_str, show_address, show_qr
async def get_address(ctx, msg): async def get_address(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, validate_full_path, path=msg.address_n) await paths.validate_path(ctx, validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n, LISK_CURVE) node = keychain.derive(msg.address_n, LISK_CURVE)

View File

@ -2,12 +2,10 @@ from trezor.messages.LiskPublicKey import LiskPublicKey
from .helpers import LISK_CURVE, validate_full_path from .helpers import LISK_CURVE, validate_full_path
from apps.common import layout, paths, seed from apps.common import layout, paths
async def get_public_key(ctx, msg): async def get_public_key(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, validate_full_path, path=msg.address_n) await paths.validate_path(ctx, validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n, LISK_CURVE) node = keychain.derive(msg.address_n, LISK_CURVE)

View File

@ -6,7 +6,7 @@ from trezor.utils import HashWriter
from .helpers import LISK_CURVE, validate_full_path from .helpers import LISK_CURVE, validate_full_path
from apps.common import paths, seed from apps.common import paths
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
from apps.common.signverify import split_message from apps.common.signverify import split_message
from apps.wallet.sign_tx.writers import write_varint from apps.wallet.sign_tx.writers import write_varint
@ -22,9 +22,7 @@ def message_digest(message):
return sha256(h.get_digest()).digest() return sha256(h.get_digest()).digest()
async def sign_message(ctx, msg): async def sign_message(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, validate_full_path, path=msg.address_n) await paths.validate_path(ctx, validate_full_path, path=msg.address_n)
await require_confirm_sign_message(ctx, msg.message) await require_confirm_sign_message(ctx, msg.message)

View File

@ -7,15 +7,16 @@ from trezor.messages import LiskTransactionType
from trezor.messages.LiskSignedTx import LiskSignedTx from trezor.messages.LiskSignedTx import LiskSignedTx
from trezor.utils import HashWriter from trezor.utils import HashWriter
from . import layout from apps.common import paths
from .helpers import LISK_CURVE, get_address_from_public_key, validate_full_path from apps.lisk import layout
from apps.lisk.helpers import (
from apps.common import paths, seed LISK_CURVE,
get_address_from_public_key,
validate_full_path,
)
async def sign_tx(ctx, msg): async def sign_tx(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, validate_full_path, path=msg.address_n) await paths.validate_path(ctx, validate_full_path, path=msg.address_n)
pubkey, seckey = _get_keys(keychain, msg) pubkey, seckey = _get_keys(keychain, msg)

View File

@ -1,12 +1,20 @@
from trezor import wire from trezor import wire
from trezor.messages import MessageType from trezor.messages import MessageType
from apps.common import HARDENED
def boot(): def boot():
wire.add(MessageType.MoneroGetAddress, __name__, "get_address") ns = [
wire.add(MessageType.MoneroGetWatchKey, __name__, "get_watch_only") ["secp256k1", HARDENED | 44, HARDENED | 128],
wire.add(MessageType.MoneroTransactionInitRequest, __name__, "sign_tx") ["ed25519", HARDENED | 44, HARDENED | 128],
wire.add(MessageType.MoneroKeyImageExportInitRequest, __name__, "key_image_sync") ]
wire.add(MessageType.MoneroGetAddress, __name__, "get_address", ns)
wire.add(MessageType.MoneroGetWatchKey, __name__, "get_watch_only", ns)
wire.add(MessageType.MoneroTransactionInitRequest, __name__, "sign_tx", ns)
wire.add(
MessageType.MoneroKeyImageExportInitRequest, __name__, "key_image_sync", ns
)
if __debug__ and hasattr(MessageType, "DebugMoneroDiagRequest"): if __debug__ and hasattr(MessageType, "DebugMoneroDiagRequest"):
wire.add(MessageType.DebugMoneroDiagRequest, __name__, "diag") wire.add(MessageType.DebugMoneroDiagRequest, __name__, "diag")

View File

@ -5,10 +5,10 @@ from apps.common.layout import address_n_to_str, show_address, show_qr
from apps.monero import misc from apps.monero import misc
async def get_address(ctx, msg): async def get_address(ctx, msg, keychain):
await paths.validate_path(ctx, misc.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, misc.validate_full_path, path=msg.address_n)
creds = await misc.get_creds(ctx, msg.address_n, msg.network_type) creds = misc.get_creds(keychain, msg.address_n, msg.network_type)
if msg.show_display: if msg.show_display:
desc = address_n_to_str(msg.address_n) desc = address_n_to_str(msg.address_n)

View File

@ -7,12 +7,12 @@ from apps.monero.layout import confirms
from apps.monero.xmr import crypto from apps.monero.xmr import crypto
async def get_watch_only(ctx, msg: MoneroGetWatchKey): async def get_watch_only(ctx, msg: MoneroGetWatchKey, keychain):
await paths.validate_path(ctx, misc.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, misc.validate_full_path, path=msg.address_n)
await confirms.require_confirm_watchkey(ctx) await confirms.require_confirm_watchkey(ctx)
creds = await misc.get_creds(ctx, msg.address_n, msg.network_type) creds = misc.get_creds(keychain, msg.address_n, msg.network_type)
address = creds.address address = creds.address
watch_key = crypto.encodeint(creds.view_key_private) watch_key = crypto.encodeint(creds.view_key_private)

View File

@ -14,10 +14,10 @@ from apps.monero.xmr import crypto, key_image, monero
from apps.monero.xmr.crypto import chacha_poly from apps.monero.xmr.crypto import chacha_poly
async def key_image_sync(ctx, msg): async def key_image_sync(ctx, msg, keychain):
state = KeyImageSync() state = KeyImageSync()
res = await _init_step(state, ctx, msg) res = await _init_step(state, ctx, msg, keychain)
while True: while True:
msg = await ctx.call( msg = await ctx.call(
res, res,
@ -46,10 +46,10 @@ class KeyImageSync:
self.hasher = crypto.get_keccak() self.hasher = crypto.get_keccak()
async def _init_step(s, ctx, msg): async def _init_step(s, ctx, msg, keychain):
await paths.validate_path(ctx, misc.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, misc.validate_full_path, path=msg.address_n)
s.creds = await misc.get_creds(ctx, msg.address_n, msg.network_type) s.creds = misc.get_creds(keychain, msg.address_n, msg.network_type)
await confirms.require_confirm_keyimage_sync(ctx) await confirms.require_confirm_keyimage_sync(ctx)

View File

@ -1,8 +1,7 @@
from apps.common import HARDENED from apps.common import HARDENED
async def get_creds(ctx, address_n=None, network_type=None): def get_creds(keychain, address_n=None, network_type=None):
from apps.common import seed
from apps.monero.xmr import crypto, monero from apps.monero.xmr import crypto, monero
from apps.monero.xmr.credentials import AccountCreds from apps.monero.xmr.credentials import AccountCreds
@ -12,8 +11,6 @@ async def get_creds(ctx, address_n=None, network_type=None):
curve = "ed25519" curve = "ed25519"
else: else:
curve = "secp256k1" curve = "secp256k1"
keychain = await seed.get_keychain(ctx)
node = keychain.derive(address_n, curve) node = keychain.derive(address_n, curve)
if use_slip0010: if use_slip0010:

View File

@ -6,7 +6,7 @@ from trezor.messages import MessageType
from apps.monero.signing.state import State from apps.monero.signing.state import State
async def sign_tx(ctx, received_msg): async def sign_tx(ctx, received_msg, keychain):
state = State(ctx) state = State(ctx)
mods = utils.unimport_begin() mods = utils.unimport_begin()
@ -18,7 +18,7 @@ async def sign_tx(ctx, received_msg):
gc.collect() gc.collect()
gc.threshold(gc.mem_free() // 4 + gc.mem_alloc()) gc.threshold(gc.mem_free() // 4 + gc.mem_alloc())
result_msg, accept_msgs = await sign_tx_dispatch(state, received_msg) result_msg, accept_msgs = await sign_tx_dispatch(state, received_msg, keychain)
if accept_msgs is None: if accept_msgs is None:
break break
@ -32,13 +32,13 @@ async def sign_tx(ctx, received_msg):
return result_msg return result_msg
async def sign_tx_dispatch(state, msg): async def sign_tx_dispatch(state, msg, keychain):
if msg.MESSAGE_WIRE_TYPE == MessageType.MoneroTransactionInitRequest: if msg.MESSAGE_WIRE_TYPE == MessageType.MoneroTransactionInitRequest:
from apps.monero.signing import step_01_init_transaction from apps.monero.signing import step_01_init_transaction
return ( return (
await step_01_init_transaction.init_transaction( await step_01_init_transaction.init_transaction(
state, msg.address_n, msg.network_type, msg.tsx_data state, msg.address_n, msg.network_type, msg.tsx_data, keychain
), ),
(MessageType.MoneroTransactionSetInputRequest,), (MessageType.MoneroTransactionSetInputRequest,),
) )

View File

@ -16,14 +16,18 @@ if False:
async def init_transaction( async def init_transaction(
state: State, address_n: list, network_type: int, tsx_data: MoneroTransactionData state: State,
address_n: list,
network_type: int,
tsx_data: MoneroTransactionData,
keychain,
): ):
from apps.monero.signing import offloading_keys from apps.monero.signing import offloading_keys
from apps.common import paths from apps.common import paths
await paths.validate_path(state.ctx, misc.validate_full_path, path=address_n) await paths.validate_path(state.ctx, misc.validate_full_path, path=address_n)
state.creds = await misc.get_creds(state.ctx, address_n, network_type) state.creds = misc.get_creds(keychain, address_n, network_type)
state.fee = state.fee if state.fee > 0 else 0 state.fee = state.fee if state.fee > 0 else 0
state.tx_priv = crypto.random_scalar() state.tx_priv = crypto.random_scalar()
state.tx_pub = crypto.scalarmult_base(state.tx_priv) state.tx_pub = crypto.scalarmult_base(state.tx_priv)

View File

@ -1,7 +1,13 @@
from trezor import wire from trezor import wire
from trezor.messages import MessageType from trezor.messages import MessageType
from apps.common import HARDENED
def boot(): def boot():
wire.add(MessageType.NEMGetAddress, __name__, "get_address") ns = [
wire.add(MessageType.NEMSignTx, __name__, "sign_tx") ["ed25519-keccak", HARDENED | 44, HARDENED | 43],
["ed25519-keccak", HARDENED | 44, HARDENED | 1],
]
wire.add(MessageType.NEMGetAddress, __name__, "get_address", ns)
wire.add(MessageType.NEMSignTx, __name__, "sign_tx", ns)

View File

@ -3,14 +3,11 @@ from trezor.messages.NEMAddress import NEMAddress
from .helpers import NEM_CURVE, check_path, get_network_str from .helpers import NEM_CURVE, check_path, get_network_str
from .validators import validate_network from .validators import validate_network
from apps.common import seed
from apps.common.layout import address_n_to_str, show_address, show_qr from apps.common.layout import address_n_to_str, show_address, show_qr
from apps.common.paths import validate_path from apps.common.paths import validate_path
async def get_address(ctx, msg): async def get_address(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
network = validate_network(msg.network) network = validate_network(msg.network)
await validate_path(ctx, check_path, path=msg.address_n, network=network) await validate_path(ctx, check_path, path=msg.address_n, network=network)

View File

@ -2,17 +2,14 @@ from trezor.crypto.curve import ed25519
from trezor.messages.NEMSignedTx import NEMSignedTx from trezor.messages.NEMSignedTx import NEMSignedTx
from trezor.messages.NEMSignTx import NEMSignTx from trezor.messages.NEMSignTx import NEMSignTx
from . import mosaic, multisig, namespace, transfer
from .helpers import NEM_CURVE, NEM_HASH_ALG, check_path
from .validators import validate
from apps.common import seed from apps.common import seed
from apps.common.paths import validate_path from apps.common.paths import validate_path
from apps.nem import mosaic, multisig, namespace, transfer
from apps.nem.helpers import NEM_CURVE, NEM_HASH_ALG, check_path
from apps.nem.validators import validate
async def sign_tx(ctx, msg: NEMSignTx): async def sign_tx(ctx, msg: NEMSignTx, keychain):
keychain = await seed.get_keychain(ctx)
validate(msg) validate(msg)
await validate_path( await validate_path(

View File

@ -1,7 +1,10 @@
from trezor import wire from trezor import wire
from trezor.messages import MessageType from trezor.messages import MessageType
from apps.common import HARDENED
def boot(): def boot():
wire.add(MessageType.RippleGetAddress, __name__, "get_address") ns = [["secp256k1", HARDENED | 44, HARDENED | 144]]
wire.add(MessageType.RippleSignTx, __name__, "sign_tx") wire.add(MessageType.RippleGetAddress, __name__, "get_address", ns)
wire.add(MessageType.RippleSignTx, __name__, "sign_tx", ns)

View File

@ -1,15 +1,12 @@
from trezor.messages.RippleAddress import RippleAddress from trezor.messages.RippleAddress import RippleAddress
from trezor.messages.RippleGetAddress import RippleGetAddress from trezor.messages.RippleGetAddress import RippleGetAddress
from . import helpers from apps.common import paths
from apps.common import paths, seed
from apps.common.layout import address_n_to_str, show_address, show_qr from apps.common.layout import address_n_to_str, show_address, show_qr
from apps.ripple import helpers
async def get_address(ctx, msg: RippleGetAddress): async def get_address(ctx, msg: RippleGetAddress, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n) node = keychain.derive(msg.address_n)

View File

@ -5,15 +5,12 @@ from trezor.messages.RippleSignedTx import RippleSignedTx
from trezor.messages.RippleSignTx import RippleSignTx from trezor.messages.RippleSignTx import RippleSignTx
from trezor.wire import ProcessError from trezor.wire import ProcessError
from . import helpers, layout from apps.common import paths
from .serialize import serialize from apps.ripple import helpers, layout
from apps.ripple.serialize import serialize
from apps.common import paths, seed
async def sign_tx(ctx, msg: RippleSignTx): async def sign_tx(ctx, msg: RippleSignTx, keychain):
keychain = await seed.get_keychain(ctx)
validate(msg) validate(msg)
await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n)

View File

@ -1,7 +1,10 @@
from trezor import wire from trezor import wire
from trezor.messages import MessageType from trezor.messages import MessageType
from apps.common import HARDENED
def boot(): def boot():
wire.add(MessageType.StellarGetAddress, __name__, "get_address") ns = [["ed25519", HARDENED | 44, HARDENED | 148]]
wire.add(MessageType.StellarSignTx, __name__, "sign_tx") wire.add(MessageType.StellarGetAddress, __name__, "get_address", ns)
wire.add(MessageType.StellarSignTx, __name__, "sign_tx", ns)

View File

@ -6,9 +6,7 @@ from apps.common.layout import address_n_to_str, show_address, show_qr
from apps.stellar import helpers from apps.stellar import helpers
async def get_address(ctx, msg: StellarGetAddress): async def get_address(ctx, msg: StellarGetAddress, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n, helpers.STELLAR_CURVE) node = keychain.derive(msg.address_n, helpers.STELLAR_CURVE)

View File

@ -12,9 +12,7 @@ from apps.stellar import consts, helpers, layout, writers
from apps.stellar.operations import process_operation from apps.stellar.operations import process_operation
async def sign_tx(ctx, msg: StellarSignTx): async def sign_tx(ctx, msg: StellarSignTx, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n, consts.STELLAR_CURVE) node = keychain.derive(msg.address_n, consts.STELLAR_CURVE)

View File

@ -1,8 +1,11 @@
from trezor import wire from trezor import wire
from trezor.messages import MessageType from trezor.messages import MessageType
from apps.common import HARDENED
def boot(): def boot():
wire.add(MessageType.TezosGetAddress, __name__, "get_address") ns = [["ed25519", HARDENED | 44, HARDENED | 1729]]
wire.add(MessageType.TezosSignTx, __name__, "sign_tx") wire.add(MessageType.TezosGetAddress, __name__, "get_address", ns)
wire.add(MessageType.TezosGetPublicKey, __name__, "get_public_key") wire.add(MessageType.TezosSignTx, __name__, "sign_tx", ns)
wire.add(MessageType.TezosGetPublicKey, __name__, "get_public_key", ns)

View File

@ -6,9 +6,7 @@ from apps.common.layout import address_n_to_str, show_address, show_qr
from apps.tezos import helpers from apps.tezos import helpers
async def get_address(ctx, msg): async def get_address(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n, helpers.TEZOS_CURVE) node = keychain.derive(msg.address_n, helpers.TEZOS_CURVE)

View File

@ -9,9 +9,7 @@ from apps.common.confirm import require_confirm
from apps.tezos import helpers from apps.tezos import helpers
async def get_public_key(ctx, msg): async def get_public_key(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n, helpers.TEZOS_CURVE) node = keychain.derive(msg.address_n, helpers.TEZOS_CURVE)

View File

@ -4,14 +4,12 @@ from trezor.crypto.curve import ed25519
from trezor.messages import TezosContractType from trezor.messages import TezosContractType
from trezor.messages.TezosSignedTx import TezosSignedTx from trezor.messages.TezosSignedTx import TezosSignedTx
from apps.common import paths, seed from apps.common import paths
from apps.common.writers import write_bytes, write_uint8 from apps.common.writers import write_bytes, write_uint8
from apps.tezos import helpers, layout from apps.tezos import helpers, layout
async def sign_tx(ctx, msg): async def sign_tx(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n) await paths.validate_path(ctx, helpers.validate_full_path, path=msg.address_n)
node = keychain.derive(msg.address_n, helpers.TEZOS_CURVE) node = keychain.derive(msg.address_n, helpers.TEZOS_CURVE)

View File

@ -3,12 +3,22 @@ from trezor.messages import MessageType
def boot(): def boot():
wire.add(MessageType.GetPublicKey, __name__, "get_public_key") ns = [
wire.add(MessageType.GetAddress, __name__, "get_address") ["curve25519"],
["ed25519"],
["ed25519-keccak"],
["nist256p1"],
["secp256k1"],
["secp256k1-decred"],
["secp256k1-groestl"],
["secp256k1-smart"],
]
wire.add(MessageType.GetPublicKey, __name__, "get_public_key", ns)
wire.add(MessageType.GetAddress, __name__, "get_address", ns)
wire.add(MessageType.GetEntropy, __name__, "get_entropy") wire.add(MessageType.GetEntropy, __name__, "get_entropy")
wire.add(MessageType.SignTx, __name__, "sign_tx") wire.add(MessageType.SignTx, __name__, "sign_tx", ns)
wire.add(MessageType.SignMessage, __name__, "sign_message") wire.add(MessageType.SignMessage, __name__, "sign_message", ns)
wire.add(MessageType.VerifyMessage, __name__, "verify_message") wire.add(MessageType.VerifyMessage, __name__, "verify_message")
wire.add(MessageType.SignIdentity, __name__, "sign_identity") wire.add(MessageType.SignIdentity, __name__, "sign_identity", ns)
wire.add(MessageType.GetECDHSessionKey, __name__, "get_ecdh_session_key") wire.add(MessageType.GetECDHSessionKey, __name__, "get_ecdh_session_key", ns)
wire.add(MessageType.CipherKeyValue, __name__, "cipher_key_value") wire.add(MessageType.CipherKeyValue, __name__, "cipher_key_value", ns)

View File

@ -4,13 +4,10 @@ from trezor.crypto.hashlib import sha512
from trezor.messages.CipheredKeyValue import CipheredKeyValue from trezor.messages.CipheredKeyValue import CipheredKeyValue
from trezor.ui.text import Text from trezor.ui.text import Text
from apps.common import seed
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
async def cipher_key_value(ctx, msg): async def cipher_key_value(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
if len(msg.value) % 16 > 0: if len(msg.value) % 16 > 0:
raise wire.DataError("Value length must be a multiple of 16") raise wire.DataError("Value length must be a multiple of 16")

View File

@ -1,15 +1,13 @@
from trezor.messages import InputScriptType from trezor.messages import InputScriptType
from trezor.messages.Address import Address from trezor.messages.Address import Address
from apps.common import coins, seed from apps.common import coins
from apps.common.layout import address_n_to_str, show_address, show_qr from apps.common.layout import address_n_to_str, show_address, show_qr
from apps.common.paths import validate_path from apps.common.paths import validate_path
from apps.wallet.sign_tx import addresses from apps.wallet.sign_tx import addresses
async def get_address(ctx, msg): async def get_address(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
coin_name = msg.coin_name or "Bitcoin" coin_name = msg.coin_name or "Bitcoin"
coin = coins.by_name(coin_name) coin = coins.by_name(coin_name)

View File

@ -5,7 +5,7 @@ from trezor.messages.ECDHSessionKey import ECDHSessionKey
from trezor.ui.text import Text from trezor.ui.text import Text
from trezor.utils import chunks from trezor.utils import chunks
from apps.common import HARDENED, seed from apps.common import HARDENED
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
from apps.wallet.sign_identity import ( from apps.wallet.sign_identity import (
serialize_identity, serialize_identity,
@ -13,9 +13,7 @@ from apps.wallet.sign_identity import (
) )
async def get_ecdh_session_key(ctx, msg): async def get_ecdh_session_key(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
if msg.ecdsa_curve_name is None: if msg.ecdsa_curve_name is None:
msg.ecdsa_curve_name = "secp256k1" msg.ecdsa_curve_name = "secp256k1"

View File

@ -7,7 +7,6 @@ from apps.common.confirm import require_confirm
async def get_entropy(ctx, msg): async def get_entropy(ctx, msg):
text = Text("Confirm entropy") text = Text("Confirm entropy")
text.bold("Do you really want", "to send entropy?") text.bold("Do you really want", "to send entropy?")
text.normal("Continue only if you", "know what you are doing!") text.normal("Continue only if you", "know what you are doing!")

View File

@ -3,12 +3,10 @@ from trezor.messages import InputScriptType
from trezor.messages.HDNodeType import HDNodeType from trezor.messages.HDNodeType import HDNodeType
from trezor.messages.PublicKey import PublicKey from trezor.messages.PublicKey import PublicKey
from apps.common import coins, layout, seed from apps.common import coins, layout
async def get_public_key(ctx, msg): async def get_public_key(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
coin_name = msg.coin_name or "Bitcoin" coin_name = msg.coin_name or "Bitcoin"
coin = coins.by_name(coin_name) coin = coins.by_name(coin_name)
curve_name = msg.ecdsa_curve_name or coin.curve_name curve_name = msg.ecdsa_curve_name or coin.curve_name

View File

@ -6,13 +6,11 @@ from trezor.messages.SignedIdentity import SignedIdentity
from trezor.ui.text import Text from trezor.ui.text import Text
from trezor.utils import chunks from trezor.utils import chunks
from apps.common import HARDENED, coins, seed from apps.common import HARDENED, coins
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
async def sign_identity(ctx, msg): async def sign_identity(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
if msg.ecdsa_curve_name is None: if msg.ecdsa_curve_name is None:
msg.ecdsa_curve_name = "secp256k1" msg.ecdsa_curve_name = "secp256k1"

View File

@ -4,16 +4,14 @@ from trezor.messages.InputScriptType import SPENDADDRESS, SPENDP2SHWITNESS, SPEN
from trezor.messages.MessageSignature import MessageSignature from trezor.messages.MessageSignature import MessageSignature
from trezor.ui.text import Text from trezor.ui.text import Text
from apps.common import coins, seed from apps.common import coins
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
from apps.common.paths import validate_path from apps.common.paths import validate_path
from apps.common.signverify import message_digest, split_message from apps.common.signverify import message_digest, split_message
from apps.wallet.sign_tx.addresses import get_address, validate_full_path from apps.wallet.sign_tx.addresses import get_address, validate_full_path
async def sign_message(ctx, msg): async def sign_message(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
message = msg.message message = msg.message
address_n = msg.address_n address_n = msg.address_n
coin_name = msg.coin_name or "Bitcoin" coin_name = msg.coin_name or "Bitcoin"

View File

@ -3,7 +3,7 @@ from trezor.messages.MessageType import TxAck
from trezor.messages.RequestType import TXFINISHED from trezor.messages.RequestType import TXFINISHED
from trezor.messages.TxRequest import TxRequest from trezor.messages.TxRequest import TxRequest
from apps.common import paths, seed from apps.common import paths
from apps.wallet.sign_tx import ( from apps.wallet.sign_tx import (
addresses, addresses,
helpers, helpers,
@ -17,8 +17,7 @@ from apps.wallet.sign_tx import (
@ui.layout @ui.layout
async def sign_tx(ctx, msg): async def sign_tx(ctx, msg, keychain):
keychain = await seed.get_keychain(ctx)
signer = signing.sign_tx(msg, keychain) signer = signing.sign_tx(msg, keychain)
res = None res = None

View File

@ -3,12 +3,25 @@ from trezor import log, loop, messages, utils, workflow
from trezor.wire import codec_v1 from trezor.wire import codec_v1
from trezor.wire.errors import * from trezor.wire.errors import *
from apps.common import seed
workflow_handlers = {} workflow_handlers = {}
def add(mtype, pkgname, modname, *args): def add(mtype, pkgname, modname, namespace=None):
"""Shortcut for registering a dynamically-imported Protobuf workflow.""" """Shortcut for registering a dynamically-imported Protobuf workflow."""
register(mtype, protobuf_workflow, import_workflow, pkgname, modname, *args) if namespace is not None:
register(
mtype,
protobuf_workflow,
keychain_workflow,
namespace,
import_workflow,
pkgname,
modname,
)
else:
register(mtype, protobuf_workflow, import_workflow, pkgname, modname)
def register(mtype, handler, *args): def register(mtype, handler, *args):
@ -133,9 +146,11 @@ async def session_handler(iface, sid):
continue continue
except Error as exc: except Error as exc:
# we log wire.Error as warning, not as exception # we log wire.Error as warning, not as exception
if __debug__:
log.warning(__name__, "failure: %s", exc.message) log.warning(__name__, "failure: %s", exc.message)
except Exception as exc: except Exception as exc:
# sessions are never closed by raised exceptions # sessions are never closed by raised exceptions
if __debug__:
log.exception(__name__, exc) log.exception(__name__, exc)
# read new message in next iteration # read new message in next iteration
@ -155,7 +170,7 @@ async def protobuf_workflow(ctx, reader, handler, *args):
# respond with specific code and message # respond with specific code and message
await ctx.write(Failure(code=exc.code, message=exc.message)) await ctx.write(Failure(code=exc.code, message=exc.message))
raise raise
except Exception: # as exc: except Exception:
# respond with a generic code and message # respond with a generic code and message
await ctx.write( await ctx.write(
Failure(code=FailureType.FirmwareError, message="Firmware error") Failure(code=FailureType.FirmwareError, message="Firmware error")
@ -166,6 +181,12 @@ async def protobuf_workflow(ctx, reader, handler, *args):
await ctx.write(res) await ctx.write(res)
async def keychain_workflow(ctx, req, namespace, handler, *args):
keychain = await seed.get_keychain(ctx, namespace)
args += (keychain,)
return await handler(ctx, req, *args)
def import_workflow(ctx, req, pkgname, modname, *args): def import_workflow(ctx, req, pkgname, modname, *args):
modpath = "%s.%s" % (pkgname, modname) modpath = "%s.%s" % (pkgname, modname)
module = __import__(modpath, None, None, (modname,), 0) module = __import__(modpath, None, None, (modname,), 0)