mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-22 22:38:08 +00:00
rework SignIdentity signing
This commit is contained in:
parent
eaf209d999
commit
e4d86a49ab
@ -697,26 +697,18 @@ void fsm_msgSignIdentity(SignIdentity *msg)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
bool sign_ssh = false;
|
bool sign_ssh = msg->identity.has_proto && (strcmp(msg->identity.proto, "ssh") == 0);
|
||||||
if (msg->identity.has_proto) {
|
|
||||||
sign_ssh = (strcmp(msg->identity.proto, "ssh") == 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
uint8_t message_bytes[256 + 256];
|
|
||||||
memcpy(message_bytes, msg->challenge_hidden.bytes, msg->challenge_hidden.size);
|
|
||||||
int message_size = msg->challenge_hidden.size;
|
|
||||||
|
|
||||||
int result = 0;
|
int result = 0;
|
||||||
if (sign_ssh) {
|
if (sign_ssh) { // SSH does not sign visual challenge
|
||||||
// SSH doesn't sign visual challenge.
|
|
||||||
layoutProgressSwipe("Signing SSH", 0);
|
layoutProgressSwipe("Signing SSH", 0);
|
||||||
result = sshMessageSign(message_bytes, message_size, node->private_key, resp->signature.bytes);
|
result = sshMessageSign(msg->challenge_hidden.bytes, msg->challenge_hidden.size, node->private_key, resp->signature.bytes);
|
||||||
} else {
|
} else {
|
||||||
const int len = strlen(msg->challenge_visual);
|
uint8_t digest[64];
|
||||||
memcpy(message_bytes + message_size, msg->challenge_visual, len);
|
sha256_Raw(msg->challenge_hidden.bytes, msg->challenge_hidden.size, digest);
|
||||||
message_size = message_size + len;
|
sha256_Raw((const uint8_t *)msg->challenge_visual, strlen(msg->challenge_visual), digest + 32);
|
||||||
layoutProgressSwipe("Signing", 0);
|
layoutProgressSwipe("Signing", 0);
|
||||||
result = cryptoMessageSign(message_bytes, message_size, node->private_key, resp->signature.bytes);
|
result = cryptoMessageSign(digest, 64, node->private_key, resp->signature.bytes);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (result == 0) {
|
if (result == 0) {
|
||||||
|
Loading…
Reference in New Issue
Block a user