async def _finish_recovery_dry_run( ctx: wire.Context, secret: bytes, mnemonic_type: int ) -> Success: digest_input = sha256(secret).digest() stored = mnemonic.get_secret() digest_stored = sha256(stored).digest() result = utils.consteq(digest_stored, digest_input) # Check that the identifier and iteration exponent match as well if mnemonic_type == mnemonic.TYPE_SLIP39: result &= ( storage.device.get_slip39_identifier() == storage.recovery.get_slip39_identifier() ) result &= ( storage.device.get_slip39_iteration_exponent() == storage.recovery.get_slip39_iteration_exponent() ) await layout.show_dry_run_result(ctx, result, mnemonic_type) storage.recovery.end_progress() if result: return Success("The seed is valid and matches the one in the device") else: raise wire.ProcessError("The seed does not match the one in the device")
async def _finish_recovery_dry_run(ctx: wire.GenericContext, secret: bytes, backup_type: BackupType) -> Success: if backup_type is None: raise RuntimeError digest_input = sha256(secret).digest() stored = mnemonic.get_secret() digest_stored = sha256(stored).digest() result = utils.consteq(digest_stored, digest_input) is_slip39 = backup_types.is_slip39_backup_type(backup_type) # Check that the identifier and iteration exponent match as well if is_slip39: result &= (storage.device.get_slip39_identifier() == storage.recovery.get_slip39_identifier()) result &= (storage.device.get_slip39_iteration_exponent() == storage.recovery.get_slip39_iteration_exponent()) storage.recovery.end_progress() await layout.show_dry_run_result(ctx, result, is_slip39) if result: return Success( message="The seed is valid and matches the one in the device") else: raise wire.ProcessError( "The seed does not match the one in the device")
async def dispatch_DebugLinkGetState( ctx: wire.Context, msg: DebugLinkGetState) -> DebugLinkState | None: from trezor.messages import DebugLinkState from apps.common import mnemonic, passphrase m = DebugLinkState() m.mnemonic_secret = mnemonic.get_secret() m.mnemonic_type = mnemonic.get_type() m.passphrase_protection = passphrase.is_enabled() m.reset_entropy = storage.reset_internal_entropy if msg.wait_layout: if not storage.watch_layout_changes: raise wire.ProcessError("Layout is not watched") storage.layout_watcher = LAYOUT_WATCHER_STATE loop.schedule(return_layout_change()) return None else: m.layout_lines = storage.current_content if msg.wait_word_pos: m.reset_word_pos = await reset_word_index.take() if msg.wait_word_list: m.reset_word = " ".join(await reset_current_words.take()) return m
async def _get_keychain_bip39(ctx: wire.Context) -> Keychain: if not device.is_initialized(): raise wire.NotInitialized("Device is not initialized") # ask for passphrase, loading from cache if necessary passphrase = await _get_passphrase(ctx) # derive the root node from mnemonic and passphrase via Cardano Icarus algorithm secret_bytes = mnemonic.get_secret() assert secret_bytes is not None root = bip32.from_mnemonic_cardano(secret_bytes.decode(), passphrase.decode()) return Keychain(root)
async def dispatch_DebugLinkGetState( ctx: wire.Context, msg: DebugLinkGetState) -> DebugLinkState: from trezor.messages.DebugLinkState import DebugLinkState from apps.common import storage, mnemonic m = DebugLinkState() m.mnemonic_secret = mnemonic.get_secret() m.mnemonic_type = mnemonic.get_type() m.passphrase_protection = storage.device.has_passphrase() m.reset_word_pos = reset_word_index m.reset_entropy = reset_internal_entropy if reset_current_words: m.reset_word = " ".join(reset_current_words) return m
async def get_keychain(ctx: wire.Context) -> Keychain: if not device.is_initialized(): raise wire.NotInitialized("Device is not initialized") passphrase = await get_passphrase(ctx) if mnemonic.is_bip39(): # derive the root node from mnemonic and passphrase via Cardano Icarus algorithm root = bip32.from_mnemonic_cardano(mnemonic.get_secret().decode(), passphrase) else: # derive the root node via SLIP-0023 seed = mnemonic.get_seed(passphrase) root = bip32.from_seed(seed, "ed25519 cardano seed") keychain = Keychain(root) return keychain
async def get_keychain(ctx: wire.Context) -> Keychain: if not device.is_initialized(): raise wire.NotInitialized("Device is not initialized") if mnemonic.is_bip39(): passphrase = await get_passphrase(ctx) # derive the root node from mnemonic and passphrase via Cardano Icarus algorithm secret_bytes = mnemonic.get_secret() assert secret_bytes is not None root = bip32.from_mnemonic_cardano(secret_bytes.decode(), passphrase) else: # derive the root node via SLIP-0023 https://github.com/satoshilabs/slips/blob/master/slip-0022.md seed = await get_seed(ctx) root = bip32.from_seed(seed, "ed25519 cardano seed") keychain = Keychain(root) return keychain
async def dispatch_DebugLinkGetState( ctx: wire.Context, msg: DebugLinkGetState ) -> DebugLinkState: from trezor.messages.DebugLinkState import DebugLinkState from apps.common import mnemonic from apps.common.storage.device import has_passphrase m = DebugLinkState() m.mnemonic_secret = mnemonic.get_secret() m.mnemonic_type = mnemonic.get_type() m.passphrase_protection = has_passphrase() m.reset_entropy = reset_internal_entropy if msg.wait_word_pos: m.reset_word_pos = await reset_word_index.take() if msg.wait_word_list: m.reset_word = " ".join(await reset_current_words.take()) return m
async def dispatch_DebugLinkGetState( ctx: wire.Context, msg: DebugLinkGetState) -> DebugLinkState: from trezor.messages.DebugLinkState import DebugLinkState from apps.common import mnemonic, passphrase m = DebugLinkState() m.mnemonic_secret = mnemonic.get_secret() m.mnemonic_type = mnemonic.get_type() m.passphrase_protection = passphrase.is_enabled() m.reset_entropy = reset_internal_entropy if msg.wait_layout or current_content is None: m.layout_lines = await layout_change_chan.take() else: m.layout_lines = current_content if msg.wait_word_pos: m.reset_word_pos = await reset_word_index.take() if msg.wait_word_list: m.reset_word = " ".join(await reset_current_words.take()) return m
async def get_keychain(ctx: wire.Context) -> Keychain: if not storage.is_initialized(): raise wire.NotInitialized("Device is not initialized") if mnemonic.is_bip39(): # derive the root node from mnemonic and passphrase passphrase = await _get_passphrase(ctx) root = bip32.from_mnemonic_cardano(mnemonic.get_secret().decode(), passphrase) else: seed = storage.cache.get_seed() if seed is None: passphrase = await _get_passphrase(ctx) seed = mnemonic.get_seed(passphrase) storage.cache.set_seed(seed) root = bip32.from_seed(seed, "ed25519 cardano seed") # derive the namespaced root node for i in SEED_NAMESPACE: root.derive_cardano(i) keychain = Keychain(SEED_NAMESPACE, root) return keychain
def derive_and_store_secrets(passphrase: str) -> None: assert device.is_initialized() assert cache.get(cache.APP_COMMON_DERIVE_CARDANO) if not mnemonic.is_bip39(): # nothing to do for SLIP-39, where we can derive the root from the main seed return icarus_secret = mnemonic.derive_cardano_icarus(passphrase, trezor_derivation=False) words = mnemonic.get_secret() assert words is not None, "Mnemonic is not set" # count ASCII spaces, add 1 to get number of words words_count = sum(c == 0x20 for c in words) + 1 if words_count == 24: icarus_trezor_secret = mnemonic.derive_cardano_icarus( passphrase, trezor_derivation=True) else: icarus_trezor_secret = icarus_secret cache.set(cache.APP_CARDANO_ICARUS_SECRET, icarus_secret) cache.set(cache.APP_CARDANO_ICARUS_TREZOR_SECRET, icarus_trezor_secret)
async def get_keychain(ctx: wire.Context) -> Keychain: if not storage.is_initialized(): raise wire.ProcessError("Device is not initialized") if (mnemonic.get_type() == mnemonic.TYPE_SLIP39 or mnemonic.get_type() == mnemonic.TYPE_SLIP39_GROUP): seed = cache.get_seed() if seed is None: passphrase = await _get_passphrase(ctx) seed = mnemonic.get_seed(passphrase) cache.set_seed(seed) root = bip32.from_seed(seed, "ed25519 cardano seed") else: # derive the root node from mnemonic and passphrase passphrase = await _get_passphrase(ctx) root = bip32.from_mnemonic_cardano(mnemonic.get_secret().decode(), passphrase) # derive the namespaced root node for i in SEED_NAMESPACE: root.derive_cardano(i) keychain = Keychain(SEED_NAMESPACE, root) return keychain