apps/wallet/ecdh: support decryption (for GnuPG)

6 years ago · e925baaf08
parent de217f75df
commit e925baaf08
2 changed files with 66 additions and 0 deletions
--- a/src/apps/wallet/init.py
+++ b/src/apps/wallet/init.py
@ -6,6 +6,7 @@ from trezor.messages.wire_types import \
    SignTx, \
    SignMessage, VerifyMessage, \
    SignIdentity, \
+    GetECDHSessionKey, \
    CipherKeyValue


@ -51,6 +52,12 @@ def dispatch_SignIdentity(*args, **kwargs):
    return sign_identity(*args, **kwargs)


+@unimport
+def dispatch_GetECDHSessionKey(*args, **kwargs):
+    from .ecdh import get_ecdh_session_key
+    return get_ecdh_session_key(*args, **kwargs)
+
+
@unimport
 def dispatch_CipherKeyValue(*args, **kwargs):
    from .cipher_key_value import cipher_key_value
@ -65,4 +72,5 @@ def boot():
    register(SignMessage, protobuf_workflow, dispatch_SignMessage)
    register(VerifyMessage, protobuf_workflow, dispatch_VerifyMessage)
    register(SignIdentity, protobuf_workflow, dispatch_SignIdentity)
+    register(GetECDHSessionKey, protobuf_workflow, dispatch_GetECDHSessionKey)
    register(CipherKeyValue, protobuf_workflow, dispatch_CipherKeyValue)
--- a/src/apps/wallet/ecdh.py
+++ b/src/apps/wallet/ecdh.py
@ -0,0 +1,58 @@
+from trezor import ui
+from trezor.crypto.hashlib import sha256
+from trezor.messages.ECDHSessionKey import ECDHSessionKey
+from ustruct import pack, unpack
+from trezor.utils import chunks, serialize_identity
+from apps.common.confirm import require_confirm
+from trezor.ui.text import Text
+
+from ..common import seed
+
+
+async def get_ecdh_session_key(ctx, msg):
+    if msg.ecdsa_curve_name is None:
+        msg.ecdsa_curve_name = 'secp256k1'
+
+    identity = serialize_identity(msg.identity)
+
+    await require_confirm_ecdh_session_key(ctx, identity)
+
+    address_n = get_ecdh_path(identity, msg.identity.index or 0)
+    node = await seed.derive_node(ctx, address_n, msg.ecdsa_curve_name)
+
+    session_key = ecdh(seckey=node.private_key(),
+                       peer_public_key=msg.peer_public_key,
+                       curve=msg.ecdsa_curve_name)
+    return ECDHSessionKey(session_key=session_key)
+
+
+async def require_confirm_ecdh_session_key(ctx, identity):
+    lines = chunks(identity, 18)
+    content = Text('Decrypt', ui.ICON_DEFAULT, ui.MONO, *lines, max_lines=5)
+    await require_confirm(ctx, content)
+
+
+def get_ecdh_path(identity: str, index: int):
+    identity_hash = sha256(pack('<I', index) + identity).digest()
+
+    address_n = (17, ) + unpack('<IIII', identity_hash[:16])
+    address_n = [0x80000000 | x for x in address_n]
+
+    return address_n
+
+def ecdh(seckey: bytes, peer_public_key: bytes, curve: str) -> bytes:
+    if curve == 'secp256k1':
+        from trezor.crypto.curve import secp256k1
+        session_key = secp256k1.multiply(seckey, peer_public_key)
+    elif curve == 'nist256p1':
+        from trezor.crypto.curve import nist256p1
+        session_key = nist256p1.multiply(seckey, peer_public_key)
+    elif curve == 'curve25519':
+        from trezor.crypto.curve import curve25519
+        if peer_public_key[0] != 0x40:
+            raise ValueError('Curve25519 public key should start with 0x40')
+        session_key = b'\x04' + curve25519.multiply(seckey, peer_public_key[1:])
+    else:
+        raise ValueError('Unsupported curve for ECDH: ' + curve)
+
+    return session_key