Trezor API - SignIdentity msg support about multibit-hardware HOT 9 CLOSED

Thanks for getting in touch about this. I've got a lot on at the moment so I'm not sure when I'd be able to get around to it.

In order to get this more attention, could you provide more background information on the messages you're interested in and some more detailed use cases for the API? For example, method signatures that you'd like to use and so on.

from multibit-hardware.

Basically I will do SSH authentication with Trezor's ECDSA. In simple way, it works like this. SSH Server knows user's public key. Server sends some random challenge data to client, client (in our case Trezor) signs incoming data bytes with digital signature (in our case with ECDSA) and sends signature back to SSH Server. Server validates incoming data with public key and if it matches user is authenticated.

For SSH usecase I would rather use SignIdentity than simple SignMessage since its much more suitable for users - notably you can hide challenge data and display custom message. Details here:
https://doc.satoshilabs.com/slips/slip-0013.html

In practise my agent app will utilize two operations currently missing in MB Java API:

1. SignIdentity() uses IdentityType's values to compute a BIP32 derivation path for a specific key-pair
2. GetPublicKey() uses user-specified address_n as its BIP32 derivation path, computes the corresponding key-pair and returns only the public key part.

ecdsa_curve_name parameter should be set to "nist256p1" for SSH auth rather than "secp256k1" - which is used in btc.

One trick remaining to implement is converting IdentityType to BIP32 path. But I can do that in my app, it does not need to be part of MB Java API. Anyway it has been implemented in Python by Roman Zeyde already: https://github.com/romanz/trezor-agent/blob/master/trezor_agent/trezor/client.py#L107

If ever finished, my Windows tray app would allow using Putty, WinSCP or other (e.g. Git) Pageant compatible SSH clients with Trezor :-)

Thank You, Martin Lizner

from multibit-hardware.

Looks like the Trezor guys have removed the slip-0013 link for some reason (paging @prusnak) so I've had to plough on with some guesswork. Take a look at the sign_identity branch and the TrezorV1SignIdentityExample to get a first look at it.

from multibit-hardware.

It was moved to https://github.com/satoshilabs/slips/blob/master/slip-0013.md

from multibit-hardware.

Thanks, @romanz. I think the Trezor Connect documentation needs to be updated (see https://github.com/trezor/connect/blob/gh-pages/README.md).

from multibit-hardware.

Thanks a lot Gary! Could I also ask for PublicKey example? Im aware of requestPublicKey(int account, KeyChain.KeyPurpose keyPurpose, int index) but not sure whether its same.

message GetPublicKey {
repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node
optional string ecdsa_curve_name = 2; // ECDSA curve name to use
optional bool show_display = 3; // optionally show on display before sending the result
}

message PublicKey {
required HDNodeType node = 1; // BIP32 public node
optional string xpub = 2; // serialized form of public node
}

from multibit-hardware.

I suspect there is a trouble in TrezorMessageUtils.addressN(URI, int) or elsewhere. Given the same URI, index and ecdsa_name the PublicKey.HDNodeType.public_key and SignedIdentity.public_key should be equal. Which is not :-(

from multibit-hardware.

I've fixed the inconsistency between the PublicKey and SignedIdentity messages. It was due to a couple of bugs in the addressN structure generation as expected.

Ready for review and close.

from multibit-hardware.

Works like a charm! Thanks again Gary.

from multibit-hardware.