From f7c7b0f32827fcc73936b93f850f033b14bba129 Mon Sep 17 00:00:00 2001
From: Andrew Kozlik <andrew.kozlik@gmail.com>
Date: Fri, 3 Jun 2022 14:50:11 +0200
Subject: [PATCH] chore(legacy): Do not allow access to SLIP25 paths.

---
 legacy/firmware/.changelog.d/2289.changed | 1 +
 legacy/firmware/crypto.h                  | 1 +
 legacy/firmware/fsm_msg_coin.h            | 8 ++++++++
 3 files changed, 10 insertions(+)
 create mode 100644 legacy/firmware/.changelog.d/2289.changed

diff --git a/legacy/firmware/.changelog.d/2289.changed b/legacy/firmware/.changelog.d/2289.changed
new file mode 100644
index 000000000..245836460
--- /dev/null
+++ b/legacy/firmware/.changelog.d/2289.changed
@@ -0,0 +1 @@
+Do not allow access to SLIP25 paths.
diff --git a/legacy/firmware/crypto.h b/legacy/firmware/crypto.h
index 04e98d374..2ecb1acef 100644
--- a/legacy/firmware/crypto.h
+++ b/legacy/firmware/crypto.h
@@ -37,6 +37,7 @@
 #define PATH_MAX_ACCOUNT 100
 #define PATH_MAX_CHANGE 1
 #define PATH_MAX_ADDRESS_INDEX 1000000
+#define PATH_SLIP25_PURPOSE (PATH_HARDENED | 10025)
 
 #define ser_length_size(len) ((len) < 253 ? 1 : (len) < 0x10000 ? 3 : 5)
 
diff --git a/legacy/firmware/fsm_msg_coin.h b/legacy/firmware/fsm_msg_coin.h
index 529b657b2..8f02e3472 100644
--- a/legacy/firmware/fsm_msg_coin.h
+++ b/legacy/firmware/fsm_msg_coin.h
@@ -35,6 +35,14 @@ void fsm_msgGetPublicKey(const GetPublicKey *msg) {
     curve = msg->ecdsa_curve_name;
   }
 
+  // Do not allow access to SLIP25 paths.
+  if (msg->address_n_count > 0 && msg->address_n[0] == PATH_SLIP25_PURPOSE &&
+      config_getSafetyCheckLevel() == SafetyCheckLevel_Strict) {
+    fsm_sendFailure(FailureType_Failure_DataError, _("Forbidden key path"));
+    layoutHome();
+    return;
+  }
+
   // derive m/0' to obtain root_fingerprint
   uint32_t root_fingerprint;
   uint32_t path[1] = {PATH_HARDENED | 0};