arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-07-03 05:12:34 +00:00
Code Issues Releases Wiki Activity
d0c3a6a2fa
trezor-firmware/core/src/apps/common/address_mac.py
Andrew Kozlik d0c3a6a2fa chore(core): Add mac field to Address message. 
[no changelog]
2022-01-31 18:00:22 +01:00

33 lines
1.1 KiB
Python
Raw Blame History

from typing import TYPE_CHECKING
from trezor import utils, wire
from trezor.crypto import hashlib, hmac
from .writers import write_bitcoin_varint, write_bytes_unchecked, write_uint32_le
if TYPE_CHECKING:
from apps.common.keychain import Keychain
_ADDRESS_MAC_KEY_PATH = [b"SLIP-0024", b"Address MAC key"]
def check_address_mac(
address: str, mac: bytes, slip44: int, keychain: Keychain
) -> None:
expected_mac = get_address_mac(address, slip44, keychain)
if len(mac) != hashlib.sha256.digest_size or not utils.consteq(expected_mac, mac):
raise wire.DataError("Invalid address MAC.")
def get_address_mac(address: str, slip44: int, keychain: Keychain) -> bytes:
# k = Key(m/"SLIP-0024"/"Address MAC key")
node = keychain.derive_slip21(_ADDRESS_MAC_KEY_PATH)
# mac = HMAC-SHA256(key = k, msg = slip44 || address)
mac = utils.HashWriter(hmac(hmac.SHA256, node.key()))
address_bytes = address.encode()
write_uint32_le(mac, slip44)
write_bitcoin_varint(mac, len(address_bytes))
write_bytes_unchecked(mac, address_bytes)
return mac.get_digest()
Reference in New Issue View Git Blame Copy Permalink