From 2eab2a152c6a4fb113926aab1ae3bf521ab6351c Mon Sep 17 00:00:00 2001
From: Roman Zeyde <roman.zeyde@gmail.com>
Date: Fri, 4 Nov 2016 19:31:54 +0200
Subject: [PATCH] device: verify keepkey constraints

---
 trezor_agent/device/keepkey.py | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/trezor_agent/device/keepkey.py b/trezor_agent/device/keepkey.py
index 75e3958..f2e96b2 100644
--- a/trezor_agent/device/keepkey.py
+++ b/trezor_agent/device/keepkey.py
@@ -1,6 +1,20 @@
 """KeepKey-related code (see https://www.keepkey.com/)."""
 
-from . import interface, trezor
+from . import trezor
+from .. import formats
+
+
+def _verify_support(identity, ecdh):
+    """Make sure the device supports given configuration."""
+    protocol = identity.identity_dict['proto']
+    if protocol not in {'ssh'}:
+        raise NotImplementedError(
+            'Unsupported protocol: {}'.format(protocol))
+    if ecdh:
+        raise NotImplementedError('No support for ECDH')
+    if identity.curve_name not in {formats.CURVE_NIST256}:
+        raise NotImplementedError(
+            'Unsupported elliptic curve: {}'.format(identity.curve_name))
 
 
 class KeepKey(trezor.Trezor):
@@ -10,7 +24,11 @@ class KeepKey(trezor.Trezor):
 
     required_version = '>=1.0.4'
 
+    def pubkey(self, identity, ecdh=False):
+        """Return public key."""
+        _verify_support(identity, ecdh)
+        return trezor.Trezor.pubkey(self, identity=identity, ecdh=ecdh)
+
     def ecdh(self, identity, pubkey):
         """No support for ECDH in KeepKey firmware."""
-        msg = 'KeepKey does not support ECDH'
-        raise interface.NotFoundError(msg)
+        _verify_support(identity, ecdh=True)