Add SLIP10 derivation support for Ed25519

LedgerHQ · Feb 28, 2024 · 0083834 · 0083834
1 parent 78cbf80
commit 0083834
Showing 1 changed file with 34 additions and 0 deletions.
diff --git a/ledger_device_sdk/src/ecc.rs b/ledger_device_sdk/src/ecc.rs
@@ -523,6 +523,31 @@ impl SeedDerive for Ed25519 {
     }
 }
 
+/// Support SLIP10 derivation for Ed25519
+impl Ed25519 {
+    pub fn derive_from_path_slip10(path: &[u32]) -> ECPrivateKey<32, 'E'> {
+        let mut tmp = Secret::<64>::new();
+        let seed_key: &mut [u8; 12] = &mut [0; 12];
+        seed_key.copy_from_slice(b"ed25519 seed");
+        unsafe {
+            os_perso_derive_node_with_seed_key(
+                HDW_ED25519_SLIP10,
+                CurvesId::Ed25519 as u8,
+                path.as_ptr(),
+                path.len() as u32,
+                tmp.as_mut().as_mut_ptr(),
+                core::ptr::null_mut(),
+                seed_key.as_mut_ptr(),
+                12,
+            );
+        }
+        let mut sk = ECPrivateKey::new(CurvesId::Ed25519);
+        let keylen = sk.key.len();
+        sk.key.copy_from_slice(&tmp.0[..keylen]);
+        sk
+    }
+}
+
 impl SeedDerive for Stark256 {
     type Target = ECPrivateKey<32, 'W'>;
     fn derive_from(path: &[u32]) -> (Self::Target, Option<ChainCode>) {
@@ -825,6 +850,15 @@ mod tests {
         assert_eq!(pk.verify((&s.0, s.1), TEST_HASH, CX_SHA512), true);
     }
 
+    #[test]
+    fn eddsa_ed25519_slip10() {
+        let path: [u32; 5] = make_bip32_path(b"m/44'/535348'/0'/0'/1'");
+        let sk = Ed25519::derive_from_path_slip10(&path);
+        let s = sk.sign(TEST_HASH).map_err(display_error_code)?;
+        let pk = sk.public_key().map_err(display_error_code)?;
+        assert_eq!(pk.verify((&s.0, s.1), TEST_HASH, CX_SHA512), true);
+    }
+
     #[test]
     fn test_make_bip32_path() {
         {