1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-15 09:50:57 +00:00
trezor-firmware/core/tests/test_apps.bitcoin.keychain.py
Andrew Kozlik 3e9f8a32ac fix(core): Fix insufficient BIP-32 path checks.
- Disable testnet coins from accessing Bitcoin paths.

- Restrict BIP-45 paths to Bitcoin and coins with strong replay protection.
2021-06-30 18:25:58 +02:00

175 lines
5.4 KiB
Python

from common import *
from storage import cache
from trezor import wire
from trezor.crypto import bip39
from apps.common.paths import HARDENED
from apps.bitcoin.keychain import get_keychain_for_coin
class TestBitcoinKeychain(unittest.TestCase):
def setUp(self):
cache.start_session()
seed = bip39.seed(" ".join(["all"] * 12), "")
cache.set(cache.APP_COMMON_SEED, seed)
def test_bitcoin(self):
keychain, coin = await_result(
get_keychain_for_coin(wire.DUMMY_CONTEXT, "Bitcoin")
)
self.assertEqual(coin.coin_name, "Bitcoin")
valid_addresses = (
[H_(44), H_(0), H_(0), 0, 0],
[H_(45), 99, 1, 1000],
[H_(48), H_(0), H_(0), H_(2), 1, 1000],
[H_(49), H_(0), H_(0), 0, 10],
[H_(84), H_(0), H_(0), 0, 10],
# Casa:
[49, 0, 0, 0, 10],
# Green:
[1, 1000],
[H_(3), H_(10), 4, 1000],
)
invalid_addresses = (
[H_(43), H_(0), H_(0), 0, 0],
[H_(44), H_(1), H_(0), 0, 0],
[44, 0, 0, 0, 0],
[H_(44), H_(0), H_(0)],
[H_(44), H_(0), H_(0), 0, 0, 0],
)
for addr in valid_addresses:
keychain.derive(addr)
for addr in invalid_addresses:
self.assertRaises(wire.DataError, keychain.derive, addr)
def test_testnet(self):
keychain, coin = await_result(
get_keychain_for_coin(wire.DUMMY_CONTEXT, "Testnet")
)
self.assertEqual(coin.coin_name, "Testnet")
valid_addresses = (
[H_(44), H_(1), H_(0), 0, 0],
[H_(48), H_(1), H_(0), H_(2), 1, 1000],
[H_(49), H_(1), H_(0), 0, 10],
[H_(84), H_(1), H_(0), 0, 10],
# Casa:
[49, 1, 0, 0, 10],
)
invalid_addresses = (
[H_(43), H_(1), H_(0), 0, 0],
[H_(44), H_(0), H_(0), 0, 0],
[44, 1, 0, 0, 0],
[H_(44), H_(1), H_(0)],
[H_(44), H_(1), H_(0), 0, 0, 0],
[H_(45), 99, 1, 1000],
# Green:
[1, 1000],
[H_(3), H_(10), 4, 1000],
)
for addr in valid_addresses:
keychain.derive(addr)
for addr in invalid_addresses:
self.assertRaises(wire.DataError, keychain.derive, addr)
def test_unspecified(self):
keychain, coin = await_result(get_keychain_for_coin(wire.DUMMY_CONTEXT, None))
self.assertEqual(coin.coin_name, "Bitcoin")
keychain.derive([H_(44), H_(0), H_(0), 0, 0])
def test_unknown(self):
with self.assertRaises(wire.DataError):
await_result(get_keychain_for_coin(wire.DUMMY_CONTEXT, "MadeUpCoin2020"))
@unittest.skipUnless(not utils.BITCOIN_ONLY, "altcoin")
class TestAltcoinKeychains(unittest.TestCase):
def setUp(self):
cache.start_session()
seed = bip39.seed(" ".join(["all"] * 12), "")
cache.set(cache.APP_COMMON_SEED, seed)
def test_bcash(self):
keychain, coin = await_result(
get_keychain_for_coin(wire.DUMMY_CONTEXT, "Bcash")
)
self.assertEqual(coin.coin_name, "Bcash")
self.assertFalse(coin.segwit)
self.assertIsNotNone(coin.fork_id)
valid_addresses = (
[H_(44), H_(145), H_(0), 0, 0],
# Bitcoin paths should be allowed, as Bcash has strong replay protection
[H_(44), H_(0), H_(0), 0, 0],
[H_(45), 99, 1, 1000],
[H_(48), H_(145), H_(0), H_(0), 1, 1000],
[H_(48), H_(0), H_(0), H_(0), 1, 1000],
)
invalid_addresses = (
[H_(43), H_(145), H_(0), 0, 0],
[44, 145, 0, 0, 0],
[H_(44), H_(145), H_(0)],
[H_(44), H_(145), H_(0), 0, 0, 0],
# segwit:
[H_(49), H_(145), H_(0), 0, 10],
[H_(84), H_(145), H_(0), 0, 10],
# Casa:
[49, 145, 0, 0, 10],
# Green:
[1, 1000],
[H_(3), 10, 4, 1000],
)
for addr in valid_addresses:
keychain.derive(addr)
for addr in invalid_addresses:
self.assertRaises(wire.DataError, keychain.derive, addr)
def test_litecoin(self):
keychain, coin = await_result(
get_keychain_for_coin(wire.DUMMY_CONTEXT, "Litecoin")
)
self.assertEqual(coin.coin_name, "Litecoin")
self.assertTrue(coin.segwit)
valid_addresses = (
[H_(44), H_(2), H_(0), 0, 0],
[H_(48), H_(2), H_(0), H_(2), 1, 1000],
[H_(49), H_(2), H_(0), 0, 10],
[H_(84), H_(2), H_(0), 0, 10],
)
invalid_addresses = (
[H_(43), H_(2), H_(0), 0, 0],
# Bitcoin paths:
[H_(44), H_(0), H_(0), 0, 0],
[H_(45), 99, 1, 1000],
[H_(49), H_(0), H_(0), 0, 0],
[H_(84), H_(0), H_(0), 0, 0],
[44, 2, 0, 0, 0],
[H_(44), H_(2), H_(0)],
[H_(44), H_(2), H_(0), 0, 0, 0],
# Casa:
[49, 2, 0, 0, 10],
# Green:
[1, 1000],
[H_(3), 10, 4, 1000],
)
for addr in valid_addresses:
keychain.derive(addr)
for addr in invalid_addresses:
self.assertRaises(wire.DataError, keychain.derive, addr)
if __name__ == "__main__":
unittest.main()