You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ibz/20240423-repeated-backup
main
M1nd3r/thp8
ui-t3t1
mmilata/ui-t3t1-buttonrequest
tychovrahe/ui-t3t1/brightness
andrewkozlik/slip39
tychovrahe/ui-t3t1/status_anim
tychovrahe/ui-t3t1/confirm_action
tychovrahe/ui-t3t1/htc-anim
tychovrahe/ui-t3t1/haptic_setting
cepetr/drawlib-overlays
matejcik/repeated-backup-tmp
mmilata/br-rs
cepetr/drawlib-demo
cepetr/drawlib-anim
matejcik/lifetimehell
mmilata/ui-t3t1-preview
ibz/20240423-repeated-backup-rebased-2
M1nd3r/thp7
ibz/20240423-repeated-backup-rebased
ibz/20240510-t3t1-support
tychovrahe/u5/bootloader_unlock
onvej-sl/elligator2-squashed-rebased
onvej-sl/initialize-variables-squashed-rebased
buildgen-update
M1nd3r/thp6
onvej-sl/elligator2_test
mmilata/nixpkgs-bump
cepetr/gfx-alpha
tychovrahe/brightness/setting
mmilata/ui-t3t1-internal-transitions
mmilata/ui-t3t1-verticalmenu
mmilata/ui-test-missing-screens
cepetr/haptic-loader
M1nd3r/thp5
M1nd3r/thp2
cepetr/drawlib-drivers
tychovrahe/t3b1/hw_support
mmilata/ui-t3t1-reset-device-apple-fix
obrusvit/ui-t3t1-reset-device-apple-hotfix
onvej-sl/optiga-debug
tychovrahe/T3W1/devkit1_with_zephyr
cepetr/haptic-test
onvej-sl/initialize-variables-test
obrusvit/3600-unicode-font-uppercasing-issues-by-generating
andrewkozlik/optiga-debug
tychovrahe/bootloader/confirmation
matejcik/queue-overflow
matejcik/global-layout-only3
mmilata/ui-t3t1-swipe
ibz/20240207-format-progress
matejcik/button-fixes
mmilata/feat/solana
cepetr/ui-t3t1/apple-fix
cepetr/drawlib-integration
mmilata/color
onvej-sl/remove-unused-crypto
tychovrahe/tstring/labelbutton
matejcik/ui-test-spam
matejcik/sleep-1000
tychovrahe/u5/basic_support_prepare2
matejcik/flash-area
mmilata/non-mut-paint
tychovrahe/storage/streaming
tychovrahe/u5/basic_support_revE_200ksprod_whitescreen
tychovrahe/u5/basic_support_revE_200ksprod_bluescreen
matejcik/global-layout-only2
tychovrahe/u5/basic_support_revE_200ksprod
release/24.03
grdddj/t3t1_keyboards
mmilata/update-monero-tests
tychovrahe/u5/basic_support_revE_bhk
obrusvit/remove-misc-crypto-func-from-btc-only
mmilata/pubkey-descriptor-legacy
obrusvit/remove-cosi-from-trezorctl
cepetr/new-drawing-api
tychovrahe/sdcard/testing
mmilata/blob-doc
obrusvit/erc20-func-support
hello-world
cepetr/lto-experiment
obrusvit/sd-card-backup
mmilata/ble-rebased
mmilata/ble
tychovrahe/boot_sequence/rust
cepetr/display-if-refactor
andrewkozlik/optiga
matejcik/trezorctl-cert
matejcik/prodtest3
release/23.12
vacuum/feat/solana
grdddj/solana_summary_layout
tychovrahe/T3W1/devkit1_with_ble_crypto3
matejcik/global-layout-only
cepetr/u5/tz-poc
mmilata/tt-ui-properties-same-screen
hw/mmilata/usb
release/23.11
tychovrahe/T3W1/devkit1_with_ble_crypto2
tychovrahe/T3W1/devkit1_with_ble_crypto2b
tychovrahe/fw_translations/mpu
tychovrahe/u5/master
tychovrahe/T3W1/devkit1_with_ble2
vacuum_feat_solana
grdddj/master_to_main_changes
tychovrahe/btconly/cli
cepetr/cmake-experiment
cepetr/saes-experiment
cepetr/u5/tamper-experiment
matejcik/prodtest-23-10
cepetr/cordic-experiment
temp_ci_master
release/23.09
tychovrahe/T3W1/devkit1_with_ble_crypto5
tychovrahe/trdisplay/qr
rust-build-protos
tmp
mmilata/default_homescreen_preview
matejcik/prodtest-no-echo
matejcik/prodtest-nolock
grdddj/mono_font_m_w_width
mmilata/optiga-serial
tychovrahe/T3T1/haptic_test
grdddj/tr_content_centering
grdddj/internal_model_tests
tychovrahe/T3W1/devkit1_with_ble
matejcik/prodtest-tr
mmilata/block-justify
fix-shares-info-btn
solana-poc
grdddj/ruff_linter
andrewkozlik/sha384
issue_69
issue_2923
tychovrahe/u5/flash_qw
mmilata/bluetooth/dbus-next
grdddj/tt_success_screen_redesign
mmilata/set-interruptable-true
mmilata/u5/flash
tychovrahe/core/priviledged3
grdddj/tr_wallet_creation
grdddj/tr_recovery
matejcik/test-greenlets
grdddj/tr_pin
grdddj/tr_coinjoin_design
grdddj/tr_passphrase
matejcik/build-mocks-draft
hw/tmp
matejcik/global-layout-new
grdddj/ci_report_resolver
tychovrahe/T3W1/devkit1_with_ble_sq3
grdddj/tr_pin_entry_4_digits_enter
grdddj/tr_rebase
tychovrahe/trbootloader/main_before
tychovrahe/centering/test
hw/mmilata/ci-fixes
hw/mmilata/tmp
tychovrahe/bluetooth/master
tychovrahe/bluetooth/unification2
grdddj/debuglink_improvements
release/23.04
tychovrahe/bluetooth/cleaner_disc2
grdddj/tr_homescreen_game
display-gamma-wip
mmilata/merge-release-23.03-gitlab-pls
grdddj/different_colors_for_old_display
release/23.03
mmilata/touch-test
andrewkozlik/safari
Hannsek-patch-1
hw/mmilata/upy-1.19.1
andrewkozlik/apple3
andrewkozlik/apple2
tychovrahe/rust_bootloader_/tr
grdddj/R_debug_font_screen
mmilata/homescreen/bg_jpg
tychovrahe/homescreen/bg_jpg_rust3a
tychovrahe/homescreen/bg_jpg_rust2a
zcash-orchard
tychovrahe/homescreen/bg_jpg_rust
tychovrahe/tests/reportfix
mmilata/global-layout-rebased
marnova/ethereum_defs_from_host-tmp
vd/try-new-tenv-image
tychovrahe/jpeg/basic
tychovrahe/homescreen/bg
mmilata/homescreen/bg
mroz/experiments
zcash-rust-primitives
tychovrahe/rust_bootloader_/model_r_b
mmilata/zeroize
tychovrahe/power/pwm
release/22.11
tychovrahe/cpufreq/18mhz
onvej-sl/coinjoin-speed-step-3
omikle/t1_signatures_from_tt_computation
tychovrahe/chip/test
grdddj/trezor_r_passphrase_input
matejcik/auto-paginate-ttv1
tychovrahe/boot_sequence/test
tychovrahe/trezor_r_passphrase_input
matejcik/iter-renderer
mmilata/text-theme-ref
mroz/fix-connect-tests
tychovrahe/dma2d/experiments2
release/22.08
vd/build-1.11.2
vd/build-2.5.2
mmilata/global-layout-notify-after-br
zcash-unified-addresses
tychovrahe/model_r_anim
onvej-sl/fix-base58-monero
tychovrahe/double_btn
mmilata/bitcoin-only-cloudflare
tychovrahe/hold_to_confirm
marnova/coin_def_from_host
tychovrahe/succes_animation_bld
tychovrahe/hold_to_confirm_bld_c5
lnswap
vd/core-build-for-tenv
tychovrahe/r_pin_figma_embed
onvej-sl/poetry2nix
matejcik/rust-cache
release/22.05
grdddj/storage_rust
mmilata/rtb
mmilata/monero-drop-python-test
mmilata/monero-test
matejcik/trezorhal-rs
zcash-v5
andrewkozlik/test_sig_verify
grdddj/storage_recovery_rust_rewrite
grdddj/storage_device_rust_rewrite
vdovhanych/arm-emu-deploy
rust_cache
rust_io
mmilata/dynamic_place
mmilata/nix_shell_rust_vscode_support
grdddj/secure_input
matejcik/buttonrequests
grdddj/tt_enable_usb_by_default
mmilata/update-deps-nodejs14
mmilata/tt-pin-keyboard
mmilata/hwi-test
mmilata/tt-confirm-action-spacing
matejcik/one-of
onvej-sl/fix-rfc6979
macro_obj_module
release/22.01
onvej-sl/trezor_crypto_libfuzzer
mmilata/sanitizer
matejcik/monero-typing
mmilata/blind-eip712
omikle/double_reset_dialog
mmilata/layouts-t1
rust-ui-improvements
release/21.12
rust-codec
python/0.12.x
onvej-sl/gcc-11-legacy-fix
release/21.09
display-nv3030a
grdddj/suite-e2e-tests-in-ci
release/21.07
omikle/intermediate_fw_confirmation_fix_3
vdovhanych/ci-automate-common-deploy
omikle/intermediate_fw_confirmation_fix
display-refactor
release/21.06
release/21.05-inter
andrewkozlik/storage-init-refactor
release/21.05
update-support
snake
rust-extmod
onvej-sl/drbg_rework
ecdh-pubkey
omikle/redesign_bootloader
release/21.02
omikle/tt_stay_in_bootloader
actions
andrewkozlik/fido2-credmgmt
andrewkozlik/t1-keyboard-cyclic
andrewkozlik/t1-keyboard
poc/andrew-t1-keyboard
release/2020-10
release/2020-09
release/2020-08
decode_bytes
profile-memory
slots
release/2020-06
i18n-block
poc/t1-passphrase-on-device
secbytes
matejcik/eventloop
release/2020-04
release/2020-03
ontology
trezorhal-usb
release/2020-01
poc/dualbuttonime
storage-get-nocopy
release/2019-10
memory-fix
release/2019-09
ripple-full
release/2019-08
release/2019-08-t1
andrewkozlik/touchpanel-test
release/2019-07
release/2019-06
release/2019-05
core/v2.7.0
core/v2.6.4
core/v2.6.3
core/v2.6.0
legacy/v1.12.1
v0-working3
v0-broken2
v0-broken1
v0-working2
v0-working1
v0-broken0
v0-working
core/bl2.0.0
core/bl2.0.1
core/bl2.0.2
core/bl2.0.3
core/bl2.1.0
core/bl2.1.1
core/bl2.1.2
core/bl2.1.3
core/bl2.1.4
core/bl2.1.5
core/bl2.1.6
core/boardloader/v2.1.0
core/boardloader/v2.1.1
core/boardloader/v2.1.2
core/br2.0.0
core/br2.0.1
core/v2.0.10
core/v2.0.5
core/v2.0.6
core/v2.0.7
core/v2.0.8
core/v2.0.9
core/v2.1.0
core/v2.1.1
core/v2.1.2
core/v2.1.3
core/v2.1.4
core/v2.1.5
core/v2.1.6
core/v2.1.7
core/v2.1.8
core/v2.2.0
core/v2.3.0
core/v2.3.1
core/v2.3.2
core/v2.3.3
core/v2.3.4
core/v2.3.5
core/v2.3.6
core/v2.4.0
core/v2.4.1
core/v2.4.2
core/v2.4.3
core/v2.5.1
core/v2.5.2
core/v2.5.3
core/v2.6.2
legacy/bl1.11.0
legacy/bl1.12.0
legacy/bl1.12.1
legacy/bl1.3.0
legacy/bl1.3.1
legacy/bl1.3.2
legacy/bl1.3.3
legacy/bl1.4.0
legacy/bl1.5.0
legacy/bl1.5.1
legacy/bl1.6.0
legacy/bl1.6.1
legacy/bl1.8.0
legacy/v1.0.0
legacy/v1.1.0
legacy/v1.10.0
legacy/v1.10.1
legacy/v1.10.2
legacy/v1.10.3
legacy/v1.10.4
legacy/v1.10.5
legacy/v1.11.1
legacy/v1.11.2
legacy/v1.12.0
legacy/v1.2.0
legacy/v1.2.1
legacy/v1.3.0
legacy/v1.3.1
legacy/v1.3.2
legacy/v1.3.3
legacy/v1.3.4
legacy/v1.3.5
legacy/v1.3.6
legacy/v1.4.0
legacy/v1.4.1
legacy/v1.4.2
legacy/v1.5.0
legacy/v1.5.1
legacy/v1.5.2
legacy/v1.6.0
legacy/v1.6.1
legacy/v1.6.2
legacy/v1.6.3
legacy/v1.7.0
legacy/v1.7.1
legacy/v1.7.2
legacy/v1.7.3
legacy/v1.8.0
legacy/v1.8.1
legacy/v1.8.2
legacy/v1.8.3
legacy/v1.9.0
legacy/v1.9.1
legacy/v1.9.2
legacy/v1.9.3
legacy/v1.9.4
prodtest/23-08-07
prodtest/23-08-10
prodtest/23-08-14
prodtest/23-08-31
prodtest/23-10-06
prodtest/23-12-18
prodtest/v0.2.5
prodtest/v0.2.6
prodtest/v23.04
python/v0.10.0
python/v0.10.1
python/v0.10.2
python/v0.11.0
python/v0.11.1
python/v0.11.2
python/v0.11.3
python/v0.11.4
python/v0.11.5
python/v0.11.6
python/v0.12.0
python/v0.12.1
python/v0.12.2
python/v0.12.3
python/v0.12.4
python/v0.13.0
python/v0.13.1
python/v0.13.2
python/v0.13.3
python/v0.13.4
python/v0.13.5
python/v0.13.6
python/v0.13.7
python/v0.13.8
python/v0.5.0
python/v0.5.1
python/v0.5.2
python/v0.5.3
python/v0.5.4
python/v0.6.0
python/v0.6.1
python/v0.6.10
python/v0.6.11
python/v0.6.12
python/v0.6.13
python/v0.6.2
python/v0.6.3
python/v0.6.4
python/v0.6.5
python/v0.6.6
python/v0.6.7
python/v0.6.8
python/v0.6.9
python/v0.7.0
python/v0.7.1
python/v0.7.10
python/v0.7.11
python/v0.7.12
python/v0.7.13
python/v0.7.14
python/v0.7.15
python/v0.7.16
python/v0.7.2
python/v0.7.3
python/v0.7.4
python/v0.7.5
python/v0.7.6
python/v0.7.7
python/v0.7.8
python/v0.7.9
python/v0.7.9.post1
python/v0.9.0
python/v0.9.1
rust/trezor-client/v0.1.1
rust/trezor-client/v0.1.2
rust/trezor-client/v0.1.3
tmp-testing-tag
${ noResults }
1468 lines
52 KiB
1468 lines
52 KiB
/*
|
|||
* This file is part of the TREZOR project, https://trezor.io/
|
|||
*
|
|||
* Copyright (c) SatoshiLabs
|
|||
*
|
|||
* This program is free software: you can redistribute it and/or modify
|
|||
* it under the terms of the GNU General Public License as published by
|
|||
* the Free Software Foundation, either version 3 of the License, or
|
|||
* (at your option) any later version.
|
|||
*
|
|||
* This program is distributed in the hope that it will be useful,
|
|||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
* GNU General Public License for more details.
|
|||
*
|
|||
* You should have received a copy of the GNU General Public License
|
|||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|||
*/
|
|||
|
|||
#include "py/mpz.h"
|
|||
#include "py/objint.h"
|
|||
#include "py/objstr.h"
|
|||
|
|||
#include "bignum.h"
|
|||
#include "memzero.h"
|
|||
#include "monero/monero.h"
|
|||
|
|||
/// package: trezorcrypto.monero
|
|||
|
|||
typedef struct _mp_obj_hasher_t {
|
|||
mp_obj_base_t base;
|
|||
Hasher h;
|
|||
} mp_obj_hasher_t;
|
|||
|
|||
typedef struct _mp_obj_ge25519_t {
|
|||
mp_obj_base_t base;
|
|||
ge25519 p;
|
|||
} mp_obj_ge25519_t;
|
|||
|
|||
typedef struct _mp_obj_bignum256modm_t {
|
|||
mp_obj_base_t base;
|
|||
bignum256modm p;
|
|||
} mp_obj_bignum256modm_t;
|
|||
|
|||
//
|
|||
// Helpers
|
|||
//
|
|||
|
|||
STATIC const mp_obj_type_t mod_trezorcrypto_monero_ge25519_type;
|
|||
STATIC const mp_obj_type_t mod_trezorcrypto_monero_bignum256modm_type;
|
|||
STATIC const mp_obj_type_t mod_trezorcrypto_monero_hasher_type;
|
|||
|
|||
#define MP_OBJ_IS_GE25519(o) \
|
|||
MP_OBJ_IS_TYPE((o), &mod_trezorcrypto_monero_ge25519_type)
|
|||
#define MP_OBJ_IS_SCALAR(o) \
|
|||
MP_OBJ_IS_TYPE((o), &mod_trezorcrypto_monero_bignum256modm_type)
|
|||
#define MP_OBJ_PTR_MPC_GE25519(o) ((const mp_obj_ge25519_t *)(o))
|
|||
#define MP_OBJ_PTR_MPC_SCALAR(o) ((const mp_obj_bignum256modm_t *)(o))
|
|||
#define MP_OBJ_PTR_MP_GE25519(o) ((mp_obj_ge25519_t *)(o))
|
|||
#define MP_OBJ_PTR_MP_SCALAR(o) ((mp_obj_bignum256modm_t *)(o))
|
|||
#define MP_OBJ_C_GE25519(o) (MP_OBJ_PTR_MPC_GE25519(o)->p)
|
|||
#define MP_OBJ_GE25519(o) (MP_OBJ_PTR_MP_GE25519(o)->p)
|
|||
#define MP_OBJ_C_SCALAR(o) (MP_OBJ_PTR_MPC_SCALAR(o)->p)
|
|||
#define MP_OBJ_SCALAR(o) (MP_OBJ_PTR_MP_SCALAR(o)->p)
|
|||
|
|||
STATIC inline void assert_ge25519(const mp_obj_t o) {
|
|||
if (!MP_OBJ_IS_GE25519(o)) {
|
|||
mp_raise_ValueError("ge25519 expected");
|
|||
}
|
|||
}
|
|||
|
|||
STATIC inline void assert_scalar(const mp_obj_t o) {
|
|||
if (!MP_OBJ_IS_SCALAR(o)) {
|
|||
mp_raise_ValueError("scalar expected");
|
|||
}
|
|||
}
|
|||
|
|||
static uint64_t mp_obj_uint64_get_checked(mp_const_obj_t self_in) {
|
|||
#if MICROPY_LONGINT_IMPL != MICROPY_LONGINT_IMPL_MPZ
|
|||
#error "MPZ supported only"
|
|||
#endif
|
|||
|
|||
if (MP_OBJ_IS_SMALL_INT(self_in)) {
|
|||
return MP_OBJ_SMALL_INT_VALUE(self_in);
|
|||
} else {
|
|||
byte buff[8];
|
|||
uint64_t res = 0;
|
|||
mp_obj_t *o = MP_OBJ_TO_PTR(self_in);
|
|||
|
|||
mp_obj_int_to_bytes_impl(o, true, 8, buff);
|
|||
for (int i = 0; i < 8; i++) {
|
|||
res <<= i > 0 ? 8 : 0;
|
|||
res |= (uint64_t)(buff[i] & 0xff);
|
|||
}
|
|||
return res;
|
|||
}
|
|||
}
|
|||
|
|||
static uint64_t mp_obj_get_uint64(mp_const_obj_t arg) {
|
|||
if (arg == mp_const_false) {
|
|||
return 0;
|
|||
} else if (arg == mp_const_true) {
|
|||
return 1;
|
|||
} else if (MP_OBJ_IS_SMALL_INT(arg)) {
|
|||
return MP_OBJ_SMALL_INT_VALUE(arg);
|
|||
} else if (MP_OBJ_IS_TYPE(arg, &mp_type_int)) {
|
|||
return mp_obj_uint64_get_checked(arg);
|
|||
} else {
|
|||
if (MICROPY_ERROR_REPORTING == MICROPY_ERROR_REPORTING_TERSE) {
|
|||
mp_raise_TypeError("can't convert to int");
|
|||
} else {
|
|||
nlr_raise(mp_obj_new_exception_msg_varg(&mp_type_TypeError,
|
|||
"can't convert %s to int",
|
|||
mp_obj_get_type_str(arg)));
|
|||
}
|
|||
}
|
|||
}
|
|||
|
|||
STATIC mp_obj_t mp_obj_new_scalar() {
|
|||
mp_obj_bignum256modm_t *o = m_new_obj(mp_obj_bignum256modm_t);
|
|||
o->base.type = &mod_trezorcrypto_monero_bignum256modm_type;
|
|||
set256_modm(o->p, 0);
|
|||
return MP_OBJ_FROM_PTR(o);
|
|||
}
|
|||
|
|||
STATIC mp_obj_t mp_obj_new_scalar_r(mp_obj_t r) {
|
|||
if (r == mp_const_none) {
|
|||
return mp_obj_new_scalar();
|
|||
}
|
|||
|
|||
assert_scalar(r);
|
|||
return r;
|
|||
}
|
|||
|
|||
STATIC mp_obj_t mp_obj_new_ge25519() {
|
|||
mp_obj_ge25519_t *o = m_new_obj(mp_obj_ge25519_t);
|
|||
o->base.type = &mod_trezorcrypto_monero_ge25519_type;
|
|||
ge25519_set_neutral(&o->p);
|
|||
return MP_OBJ_FROM_PTR(o);
|
|||
}
|
|||
|
|||
STATIC mp_obj_t mp_obj_new_ge25519_r(mp_obj_t r) {
|
|||
if (r == mp_const_none) {
|
|||
return mp_obj_new_ge25519();
|
|||
}
|
|||
|
|||
assert_ge25519(r);
|
|||
return r;
|
|||
}
|
|||
|
|||
STATIC void mp_unpack_ge25519(ge25519 *r, const mp_obj_t arg, mp_int_t offset) {
|
|||
mp_buffer_info_t buff;
|
|||
mp_get_buffer_raise(arg, &buff, MP_BUFFER_READ);
|
|||
if (buff.len < 32 + offset) {
|
|||
mp_raise_ValueError("Invalid length of the EC point");
|
|||
}
|
|||
|
|||
const int res = ge25519_unpack_vartime(r, ((uint8_t *)buff.buf) + offset);
|
|||
if (res != 1) {
|
|||
mp_raise_ValueError("Point decoding error");
|
|||
}
|
|||
}
|
|||
|
|||
STATIC void mp_unpack_scalar(bignum256modm r, const mp_obj_t arg,
|
|||
mp_int_t offset) {
|
|||
mp_buffer_info_t buff;
|
|||
mp_get_buffer_raise(arg, &buff, MP_BUFFER_READ);
|
|||
if (buff.len < 32 + offset) {
|
|||
mp_raise_ValueError("Invalid length of secret key");
|
|||
}
|
|||
expand256_modm(r, ((uint8_t *)buff.buf) + offset, 32);
|
|||
}
|
|||
|
|||
//
|
|||
// Constructors
|
|||
//
|
|||
|
|||
/// class Ge25519:
|
|||
/// '''
|
|||
/// EC point on ED25519
|
|||
/// '''
|
|||
///
|
|||
/// def __init__(x: Optional[Union[Ge25519, bytes]] = None):
|
|||
/// '''
|
|||
/// Constructor
|
|||
/// '''
|
|||
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_make_new(
|
|||
const mp_obj_type_t *type, size_t n_args, size_t n_kw,
|
|||
const mp_obj_t *args) {
|
|||
mp_arg_check_num(n_args, n_kw, 0, 1, false);
|
|||
mp_obj_ge25519_t *o = m_new_obj(mp_obj_ge25519_t);
|
|||
o->base.type = type;
|
|||
|
|||
if (n_args == 0 || args[0] == mp_const_none) {
|
|||
ge25519_set_neutral(&o->p);
|
|||
} else if (n_args == 1 && MP_OBJ_IS_GE25519(args[0])) {
|
|||
ge25519_copy(&o->p, &MP_OBJ_C_GE25519(args[0]));
|
|||
} else if (n_args == 1 && MP_OBJ_IS_STR_OR_BYTES(args[0])) {
|
|||
mp_unpack_ge25519(&o->p, args[0], 0);
|
|||
} else {
|
|||
mp_raise_ValueError("Invalid ge25519 constructor");
|
|||
}
|
|||
|
|||
return MP_OBJ_FROM_PTR(o);
|
|||
}
|
|||
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519___del__(mp_obj_t self) {
|
|||
mp_obj_ge25519_t *o = MP_OBJ_TO_PTR(self);
|
|||
memzero(&(o->p), sizeof(ge25519));
|
|||
return mp_const_none;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_monero_ge25519___del___obj,
|
|||
mod_trezorcrypto_monero_ge25519___del__);
|
|||
|
|||
/// class Sc25519:
|
|||
/// '''
|
|||
/// EC scalar on SC25519
|
|||
/// '''
|
|||
///
|
|||
/// def __init__(x: Optional[Union[Sc25519, bytes, int]] = None):
|
|||
/// '''
|
|||
/// Constructor
|
|||
/// '''
|
|||
///
|
|||
///
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_bignum256modm_make_new(
|
|||
const mp_obj_type_t *type, size_t n_args, size_t n_kw,
|
|||
const mp_obj_t *args) {
|
|||
mp_arg_check_num(n_args, n_kw, 0, 1, false);
|
|||
mp_obj_bignum256modm_t *o = m_new_obj(mp_obj_bignum256modm_t);
|
|||
o->base.type = type;
|
|||
|
|||
if (n_args == 0 || args[0] == mp_const_none) {
|
|||
set256_modm(o->p, 0);
|
|||
} else if (n_args == 1 && MP_OBJ_IS_SCALAR(args[0])) {
|
|||
copy256_modm(o->p, MP_OBJ_C_SCALAR(args[0]));
|
|||
} else if (n_args == 1 && MP_OBJ_IS_STR_OR_BYTES(args[0])) {
|
|||
mp_unpack_scalar(o->p, args[0], 0);
|
|||
} else if (n_args == 1 && mp_obj_is_integer(args[0])) {
|
|||
uint64_t v = mp_obj_get_uint64(args[0]);
|
|||
set256_modm(o->p, v);
|
|||
} else {
|
|||
mp_raise_ValueError("Invalid scalar constructor");
|
|||
}
|
|||
|
|||
return MP_OBJ_FROM_PTR(o);
|
|||
}
|
|||
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_bignum256modm___del__(mp_obj_t self) {
|
|||
mp_obj_bignum256modm_t *o = MP_OBJ_TO_PTR(self);
|
|||
memzero(o->p, sizeof(bignum256modm));
|
|||
return mp_const_none;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(
|
|||
mod_trezorcrypto_monero_bignum256modm___del___obj,
|
|||
mod_trezorcrypto_monero_bignum256modm___del__);
|
|||
|
|||
/// class Hasher:
|
|||
/// '''
|
|||
/// XMR hasher
|
|||
/// '''
|
|||
///
|
|||
/// def __init__(x: Optional[bytes] = None):
|
|||
/// '''
|
|||
/// Constructor
|
|||
/// '''
|
|||
///
|
|||
/// def update(buffer: bytes):
|
|||
/// '''
|
|||
/// Update hasher
|
|||
/// '''
|
|||
///
|
|||
/// def digest() -> bytes:
|
|||
/// '''
|
|||
/// Computes digest
|
|||
/// '''
|
|||
///
|
|||
/// def copy() -> Hasher:
|
|||
/// '''
|
|||
/// Creates copy of the hasher, preserving the state
|
|||
/// '''
|
|||
///
|
|||
///
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_hasher_make_new(
|
|||
const mp_obj_type_t *type, size_t n_args, size_t n_kw,
|
|||
const mp_obj_t *args) {
|
|||
mp_arg_check_num(n_args, n_kw, 0, 1, false);
|
|||
mp_obj_hasher_t *o = m_new_obj(mp_obj_hasher_t);
|
|||
o->base.type = type;
|
|||
xmr_hasher_init(&(o->h));
|
|||
|
|||
if (n_args == 1 && MP_OBJ_IS_STR_OR_BYTES(args[0])) {
|
|||
mp_buffer_info_t buff;
|
|||
mp_get_buffer_raise(args[0], &buff, MP_BUFFER_READ);
|
|||
xmr_hasher_update(&o->h, buff.buf, buff.len);
|
|||
}
|
|||
|
|||
return MP_OBJ_FROM_PTR(o);
|
|||
}
|
|||
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_hasher___del__(mp_obj_t self) {
|
|||
mp_obj_hasher_t *o = MP_OBJ_TO_PTR(self);
|
|||
memzero(&(o->h), sizeof(Hasher));
|
|||
return mp_const_none;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_monero_hasher___del___obj,
|
|||
mod_trezorcrypto_monero_hasher___del__);
|
|||
|
|||
//
|
|||
// Scalar defs
|
|||
//
|
|||
|
|||
/// mock:global
|
|||
|
|||
/// def init256_modm(dst: Optional[Sc25519], val: Union[int, bytes, Sc25519]) ->
|
|||
/// Sc25519:
|
|||
/// '''
|
|||
/// Initializes Sc25519 scalar
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_init256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 2;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
if (n_args == 0 || args[0] == mp_const_none) {
|
|||
set256_modm(MP_OBJ_SCALAR(res), 0);
|
|||
} else if (n_args > 0 && MP_OBJ_IS_SCALAR(args[1 + off])) {
|
|||
copy256_modm(MP_OBJ_SCALAR(res), MP_OBJ_C_SCALAR(args[1 + off]));
|
|||
} else if (n_args > 0 && MP_OBJ_IS_STR_OR_BYTES(args[1 + off])) {
|
|||
mp_unpack_scalar(MP_OBJ_SCALAR(res), args[1 + off], 0);
|
|||
} else if (n_args > 0 && mp_obj_is_integer(args[1 + off])) {
|
|||
uint64_t v = mp_obj_get_uint64(args[1 + off]);
|
|||
set256_modm(MP_OBJ_SCALAR(res), v);
|
|||
} else {
|
|||
mp_raise_ValueError("Invalid scalar def");
|
|||
}
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_init256_modm_obj, 0, 2,
|
|||
mod_trezorcrypto_monero_init256_modm);
|
|||
|
|||
/// def check256_modm(val: Sc25519):
|
|||
/// '''
|
|||
/// Throws exception if scalar is invalid
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_check256_modm(const mp_obj_t arg) {
|
|||
assert_scalar(arg);
|
|||
if (check256_modm(MP_OBJ_C_SCALAR(arg)) != 1) {
|
|||
mp_raise_ValueError("Ed25519 scalar invalid");
|
|||
}
|
|||
return mp_const_none;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_monero_check256_modm_obj,
|
|||
mod_trezorcrypto_monero_check256_modm);
|
|||
|
|||
/// def iszero256_modm(val: Sc25519) -> bool:
|
|||
/// '''
|
|||
/// Returns False if the scalar is zero
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_iszero256_modm(const mp_obj_t arg) {
|
|||
assert_scalar(arg);
|
|||
const int r = iszero256_modm(MP_OBJ_C_SCALAR(arg));
|
|||
return mp_obj_new_int(r);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_monero_iszero256_modm_obj,
|
|||
mod_trezorcrypto_monero_iszero256_modm);
|
|||
|
|||
/// def eq256_modm(a: Sc25519, b: Sc25519) -> int:
|
|||
/// '''
|
|||
/// Compares scalars, returns 1 on the same value
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_eq256_modm(const mp_obj_t a,
|
|||
const mp_obj_t b) {
|
|||
assert_scalar(a);
|
|||
assert_scalar(b);
|
|||
int r = eq256_modm(MP_OBJ_C_SCALAR(a), MP_OBJ_C_SCALAR(b));
|
|||
return MP_OBJ_NEW_SMALL_INT(r);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_monero_eq256_modm_obj,
|
|||
mod_trezorcrypto_monero_eq256_modm);
|
|||
|
|||
/// def get256_modm(a: Sc25519) -> int:
|
|||
/// '''
|
|||
/// Extracts 64bit integer from the scalar. Raises exception if scalar is
|
|||
/// bigger than 2^64
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_get256_modm(const mp_obj_t arg) {
|
|||
assert_scalar(arg);
|
|||
uint64_t v;
|
|||
if (!get256_modm(&v, MP_OBJ_C_SCALAR(arg))) {
|
|||
mp_raise_ValueError("Ed25519 scalar too big");
|
|||
}
|
|||
return mp_obj_new_int_from_ull(v);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_monero_get256_modm_obj,
|
|||
mod_trezorcrypto_monero_get256_modm);
|
|||
|
|||
/// def add256_modm(r: Optional[Sc25519], a: Sc25519, b: Sc25519) -> Sc25519:
|
|||
/// '''
|
|||
/// Scalar addition
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_add256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
add256_modm(MP_OBJ_SCALAR(res), MP_OBJ_C_SCALAR(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_add256_modm_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_add256_modm);
|
|||
|
|||
/// def sub256_modm(r: Optional[Sc25519], a: Sc25519, b: Sc25519) -> Sc25519:
|
|||
/// '''
|
|||
/// Scalar subtraction
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_sub256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
sub256_modm(MP_OBJ_SCALAR(res), MP_OBJ_C_SCALAR(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_sub256_modm_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_sub256_modm);
|
|||
|
|||
/// def mul256_modm(r: Optional[Sc25519], a: Sc25519, b: Sc25519) -> Sc25519:
|
|||
/// '''
|
|||
/// Scalar multiplication
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_mul256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
mul256_modm(MP_OBJ_SCALAR(res), MP_OBJ_C_SCALAR(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_mul256_modm_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_mul256_modm);
|
|||
|
|||
/// def mulsub256_modm(r: Optional[Sc25519], a: Sc25519, b: Sc25519, c: Sc25519)
|
|||
/// -> Sc25519:
|
|||
/// '''
|
|||
/// c - a*b
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_mulsub256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 4;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
assert_scalar(args[3 + off]);
|
|||
mulsub256_modm(MP_OBJ_SCALAR(res), MP_OBJ_C_SCALAR(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]),
|
|||
MP_OBJ_C_SCALAR(args[3 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_mulsub256_modm_obj, 3, 4,
|
|||
mod_trezorcrypto_monero_mulsub256_modm);
|
|||
|
|||
/// def muladd256_modm(r: Optional[Sc25519], a: Sc25519, b: Sc25519, c: Sc25519)
|
|||
/// -> Sc25519:
|
|||
/// '''
|
|||
/// c + a*b
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_muladd256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 4;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
assert_scalar(args[3 + off]);
|
|||
muladd256_modm(MP_OBJ_SCALAR(res), MP_OBJ_C_SCALAR(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]),
|
|||
MP_OBJ_C_SCALAR(args[3 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_muladd256_modm_obj, 3, 4,
|
|||
mod_trezorcrypto_monero_muladd256_modm);
|
|||
|
|||
/// def inv256_modm(r: Optional[Sc25519], a: Sc25519) -> Sc25519:
|
|||
/// '''
|
|||
/// Scalar modular inversion
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_inv256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 2;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_scalar(args[1 + off]);
|
|||
|
|||
// bn_prime = curve order, little endian encoded
|
|||
bignum256 bn_prime = {.val = {0x1cf5d3ed, 0x20498c69, 0x2f79cd65, 0x37be77a8,
|
|||
0x14, 0x0, 0x0, 0x0, 0x1000}};
|
|||
bignum256 bn_x;
|
|||
|
|||
memcpy(&bn_x.val, MP_OBJ_C_SCALAR(args[1 + off]), sizeof(bignum256modm));
|
|||
bn_inverse(&bn_x, &bn_prime);
|
|||
memcpy(MP_OBJ_SCALAR(res), bn_x.val, sizeof(bignum256modm));
|
|||
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_inv256_modm_obj, 1, 2,
|
|||
mod_trezorcrypto_monero_inv256_modm);
|
|||
|
|||
/// def pack256_modm(r: Optional[bytes], a: Sc25519, offset: Optional[int] = 0)
|
|||
/// -> bytes:
|
|||
/// '''
|
|||
/// Scalar compression
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_pack256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
if (n_args == 1 || args[0] == mp_const_none) {
|
|||
assert_scalar(args[0]);
|
|||
uint8_t buff[32];
|
|||
contract256_modm(buff, MP_OBJ_C_SCALAR(args[0]));
|
|||
return mp_obj_new_bytes(buff, 32);
|
|||
|
|||
} else {
|
|||
mp_buffer_info_t bufm;
|
|||
mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE);
|
|||
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
|
|||
if (bufm.len < 32 + offset) {
|
|||
mp_raise_ValueError("Buffer too small");
|
|||
}
|
|||
|
|||
contract256_modm(((uint8_t *)bufm.buf) + offset, MP_OBJ_C_SCALAR(args[1]));
|
|||
return args[0];
|
|||
}
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_pack256_modm_obj, 1, 3,
|
|||
mod_trezorcrypto_monero_pack256_modm);
|
|||
|
|||
/// def unpack256_modm(r: Optional[Sc25519], a: bytes, offset: int = 0) ->
|
|||
/// Sc25519:
|
|||
/// '''
|
|||
/// Scalar decompression
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_unpack256_modm(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args >= 2;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
|
|||
mp_unpack_scalar(MP_OBJ_SCALAR(res), args[1 + off], offset);
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_unpack256_modm_obj, 1, 3,
|
|||
mod_trezorcrypto_monero_unpack256_modm);
|
|||
|
|||
/// def unpack256_modm_noreduce(r: Optional[Sc25519], a: bytes, offset: int = 0)
|
|||
/// -> Sc25519:
|
|||
/// '''
|
|||
/// Scalar decompression, raw, without modular reduction
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_unpack256_modm_noreduce(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args >= 2;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
|
|||
|
|||
mp_buffer_info_t buff;
|
|||
mp_get_buffer_raise(args[1 + off], &buff, MP_BUFFER_READ);
|
|||
if (buff.len != 32 + offset) {
|
|||
mp_raise_ValueError("Invalid length of secret key");
|
|||
}
|
|||
|
|||
expand_raw256_modm(MP_OBJ_SCALAR(res), ((uint8_t *)buff.buf) + offset);
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_unpack256_modm_noreduce_obj, 1, 3,
|
|||
mod_trezorcrypto_monero_unpack256_modm_noreduce);
|
|||
|
|||
//
|
|||
// GE25519 Defs
|
|||
//
|
|||
|
|||
/// def ge25519_set_neutral(r: Optional[Ge25519]) -> Ge25519:
|
|||
/// '''
|
|||
/// Sets neutral point
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_set_neutral(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(n_args == 1 ? args[0] : mp_const_none);
|
|||
ge25519_set_neutral(&MP_OBJ_GE25519(res));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_set_neutral_obj, 0, 1,
|
|||
mod_trezorcrypto_monero_ge25519_set_neutral);
|
|||
|
|||
/// def ge25519_set_xmr_h(r: Optional[Ge25519]) -> Ge25519:
|
|||
/// '''
|
|||
/// Sets H point
|
|||
/// '''
|
|||
STATIC mp_obj_t
|
|||
mod_trezorcrypto_monero_ge25519_set_xmr_h(size_t n_args, const mp_obj_t *args) {
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(n_args == 1 ? args[0] : mp_const_none);
|
|||
ge25519_set_xmr_h(&MP_OBJ_GE25519(res));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_set_xmr_h_obj, 0, 1,
|
|||
mod_trezorcrypto_monero_ge25519_set_xmr_h);
|
|||
|
|||
/// def ge25519_check(r: Ge25519):
|
|||
/// '''
|
|||
/// Checks point, throws if not on curve
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_check(const mp_obj_t arg) {
|
|||
assert_ge25519(arg);
|
|||
if (ge25519_check(&MP_OBJ_C_GE25519(arg)) != 1) {
|
|||
mp_raise_ValueError("Ed25519 point not on curve");
|
|||
}
|
|||
return mp_const_none;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_monero_ge25519_check_obj,
|
|||
mod_trezorcrypto_monero_ge25519_check);
|
|||
|
|||
/// def ge25519_eq(a: Ge25519, b: Ge25519) -> bool:
|
|||
/// '''
|
|||
/// Compares EC points
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_eq(const mp_obj_t a,
|
|||
const mp_obj_t b) {
|
|||
assert_ge25519(a);
|
|||
assert_ge25519(b);
|
|||
int r = ge25519_eq(&MP_OBJ_C_GE25519(a), &MP_OBJ_C_GE25519(b));
|
|||
return MP_OBJ_NEW_SMALL_INT(r);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_monero_ge25519_eq_obj,
|
|||
mod_trezorcrypto_monero_ge25519_eq);
|
|||
|
|||
/// def ge25519_add(r: Optional[Ge25519], a: Ge25519, b: Ge25519) -> Ge25519:
|
|||
/// '''
|
|||
/// Adds EC points
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_add(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
assert_ge25519(args[1 + off]);
|
|||
assert_ge25519(args[2 + off]);
|
|||
ge25519_add(&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
&MP_OBJ_C_GE25519(args[2 + off]), 0);
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_add_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_ge25519_add);
|
|||
|
|||
/// def ge25519_sub(r: Optional[Ge25519], a: Ge25519, b: Ge25519) -> Ge25519:
|
|||
/// '''
|
|||
/// Subtracts EC points
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_sub(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
assert_ge25519(args[1 + off]);
|
|||
assert_ge25519(args[2 + off]);
|
|||
ge25519_add(&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
&MP_OBJ_C_GE25519(args[2 + off]), 1);
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_sub_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_ge25519_sub);
|
|||
|
|||
/// def ge25519_double(r: Optional[Ge25519], p: Ge25519) -> Ge25519:
|
|||
/// '''
|
|||
/// EC point doubling
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_double(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 2;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
mp_obj_t src = res_arg ? args[1] : args[0];
|
|||
assert_ge25519(src);
|
|||
ge25519_double(&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(src));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_double_obj, 1, 2,
|
|||
mod_trezorcrypto_monero_ge25519_double);
|
|||
|
|||
/// def ge25519_mul8(r: Optional[Ge25519], p: Ge25519) -> Ge25519:
|
|||
/// '''
|
|||
/// EC point * 8
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_mul8(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 2;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
mp_obj_t src = res_arg ? args[1] : args[0];
|
|||
assert_ge25519(src);
|
|||
ge25519_mul8(&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(src));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_mul8_obj, 1, 2,
|
|||
mod_trezorcrypto_monero_ge25519_mul8);
|
|||
|
|||
/// def ge25519_double_scalarmult_vartime(r: Optional[Ge25519], p1: Ge25519, s1:
|
|||
/// Sc25519, s2: Sc25519) -> Ge25519:
|
|||
/// '''
|
|||
/// s1 * G + s2 * p1
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_double_scalarmult_vartime(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 4;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_ge25519(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
assert_scalar(args[3 + off]);
|
|||
|
|||
ge25519_double_scalarmult_vartime(
|
|||
&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]), MP_OBJ_C_SCALAR(args[3 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_double_scalarmult_vartime_obj, 3, 4,
|
|||
mod_trezorcrypto_monero_ge25519_double_scalarmult_vartime);
|
|||
|
|||
/// def ge25519_double_scalarmult_vartime2(r: Optional[Ge25519], p1: Ge25519,
|
|||
/// s1: Sc25519, p2: Ge25519, s2: Sc25519) -> Ge25519:
|
|||
/// '''
|
|||
/// s1 * p1 + s2 * p2
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_double_scalarmult_vartime2(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 5;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
assert_ge25519(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
assert_ge25519(args[3 + off]);
|
|||
assert_scalar(args[4 + off]);
|
|||
|
|||
ge25519_double_scalarmult_vartime2(
|
|||
&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]), &MP_OBJ_C_GE25519(args[3 + off]),
|
|||
MP_OBJ_C_SCALAR(args[4 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_double_scalarmult_vartime2_obj, 4, 5,
|
|||
mod_trezorcrypto_monero_ge25519_double_scalarmult_vartime2);
|
|||
|
|||
/// def ge25519_scalarmult_base(r: Optional[Ge25519], s: Union[Sc25519, int]) ->
|
|||
/// Ge25519:
|
|||
/// '''
|
|||
/// s * G
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_scalarmult_base(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 2;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
|
|||
if (MP_OBJ_IS_SCALAR(args[1 + off])) {
|
|||
ge25519_scalarmult_base_wrapper(&MP_OBJ_GE25519(res),
|
|||
MP_OBJ_C_SCALAR(args[1 + off]));
|
|||
} else if (mp_obj_is_integer(args[1 + off])) {
|
|||
bignum256modm mlt;
|
|||
set256_modm(mlt, mp_obj_get_int(args[1 + off]));
|
|||
ge25519_scalarmult_base_wrapper(&MP_OBJ_GE25519(res), mlt);
|
|||
} else {
|
|||
mp_raise_ValueError("unknown base mult type");
|
|||
}
|
|||
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_scalarmult_base_obj, 1, 2,
|
|||
mod_trezorcrypto_monero_ge25519_scalarmult_base);
|
|||
|
|||
/// def ge25519_scalarmult(r: Optional[Ge25519], p: Ge25519, s: Union[Sc25519,
|
|||
/// int]) -> Ge25519:
|
|||
/// '''
|
|||
/// s * p
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_scalarmult(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_ge25519(args[1 + off]);
|
|||
|
|||
if (MP_OBJ_IS_SCALAR(args[2 + off])) {
|
|||
ge25519_scalarmult(&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]));
|
|||
} else if (mp_obj_is_integer(args[2 + off])) {
|
|||
bignum256modm mlt;
|
|||
set256_modm(mlt, mp_obj_get_int(args[2 + off]));
|
|||
ge25519_scalarmult(&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
mlt);
|
|||
} else {
|
|||
mp_raise_ValueError("unknown mult type");
|
|||
}
|
|||
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_scalarmult_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_ge25519_scalarmult);
|
|||
|
|||
/// def ge25519_pack(r: bytes, p: Ge25519, offset: int = 0) -> bytes:
|
|||
/// '''
|
|||
/// Point compression
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_pack(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
if (n_args == 1 || args[0] == mp_const_none) {
|
|||
assert_ge25519(args[0]);
|
|||
uint8_t buff[32];
|
|||
ge25519_pack(buff, &MP_OBJ_C_GE25519(args[0]));
|
|||
return mp_obj_new_bytes(buff, 32);
|
|||
|
|||
} else {
|
|||
mp_buffer_info_t bufm;
|
|||
mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE);
|
|||
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
|
|||
if (bufm.len < 32 + offset) {
|
|||
mp_raise_ValueError("Buffer too small");
|
|||
}
|
|||
|
|||
ge25519_pack(((uint8_t *)bufm.buf) + offset, &MP_OBJ_C_GE25519(args[1]));
|
|||
return args[0];
|
|||
}
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_pack_obj, 1, 3,
|
|||
mod_trezorcrypto_monero_ge25519_pack);
|
|||
|
|||
/// def ge25519_unpack_vartime(r: Optional[Ge25519], buff: bytes, offset: int =
|
|||
/// 0) -> Ge25519:
|
|||
/// '''
|
|||
/// Point decompression
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_unpack_vartime(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args >= 2;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
|
|||
mp_unpack_ge25519(&MP_OBJ_GE25519(res), args[1 + off], offset);
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_ge25519_unpack_vartime_obj, 1, 3,
|
|||
mod_trezorcrypto_monero_ge25519_unpack_vartime);
|
|||
|
|||
//
|
|||
// XMR defs
|
|||
//
|
|||
|
|||
/// def base58_addr_encode_check(tag: int, buff: bytes) -> bytes:
|
|||
/// '''
|
|||
/// Monero block base 58 encoding
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_encode_check(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
uint8_t out[128];
|
|||
mp_buffer_info_t data;
|
|||
mp_get_buffer_raise(args[1], &data, MP_BUFFER_READ);
|
|||
|
|||
int sz = xmr_base58_addr_encode_check(mp_obj_get_int(args[0]), data.buf,
|
|||
data.len, (char *)out, sizeof(out));
|
|||
if (sz == 0) {
|
|||
mp_raise_ValueError("b58 encoding error");
|
|||
}
|
|||
|
|||
return mp_obj_new_bytes(out, sz);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_base58_addr_encode_check_obj, 2, 2,
|
|||
mod_trezorcrypto_monero_xmr_base58_addr_encode_check);
|
|||
|
|||
/// def base58_addr_decode_check(buff: bytes) -> Tuple[bytes, int]:
|
|||
/// '''
|
|||
/// Monero block base 58 decoding, returning (decoded, tag) or raising on
|
|||
/// error.
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_decode_check(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
uint8_t out[128];
|
|||
uint64_t tag;
|
|||
|
|||
mp_buffer_info_t data;
|
|||
mp_get_buffer_raise(args[0], &data, MP_BUFFER_READ);
|
|||
|
|||
int sz =
|
|||
xmr_base58_addr_decode_check(data.buf, data.len, &tag, out, sizeof(out));
|
|||
if (sz == 0) {
|
|||
mp_raise_ValueError("b58 decoding error");
|
|||
}
|
|||
|
|||
mp_obj_tuple_t *tuple = MP_OBJ_TO_PTR(mp_obj_new_tuple(2, NULL));
|
|||
tuple->items[0] = mp_obj_new_bytes(out, sz);
|
|||
tuple->items[1] = mp_obj_new_int_from_ull(tag);
|
|||
return MP_OBJ_FROM_PTR(tuple);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_base58_addr_decode_check_obj, 1, 1,
|
|||
mod_trezorcrypto_monero_xmr_base58_addr_decode_check);
|
|||
|
|||
/// def xmr_random_scalar(r: Optional[Sc25519] = None) -> Sc25519:
|
|||
/// '''
|
|||
/// Generates a random scalar
|
|||
/// '''
|
|||
STATIC mp_obj_t
|
|||
mod_trezorcrypto_monero_xmr_random_scalar(size_t n_args, const mp_obj_t *args) {
|
|||
mp_obj_t res = mp_obj_new_scalar_r(n_args == 1 ? args[0] : mp_const_none);
|
|||
xmr_random_scalar(MP_OBJ_SCALAR(res));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_random_scalar_obj, 0, 1,
|
|||
mod_trezorcrypto_monero_xmr_random_scalar);
|
|||
|
|||
/// def xmr_fast_hash(r: Optional[bytes], buff: bytes) -> bytes:
|
|||
/// '''
|
|||
/// XMR fast hash
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_fast_hash(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const int off = n_args == 2 ? 0 : -1;
|
|||
uint8_t buff[32];
|
|||
uint8_t *buff_use = buff;
|
|||
if (n_args > 1) {
|
|||
mp_buffer_info_t odata;
|
|||
mp_get_buffer_raise(args[0], &odata, MP_BUFFER_WRITE);
|
|||
if (odata.len < 32) {
|
|||
mp_raise_ValueError("Output buffer too small");
|
|||
}
|
|||
buff_use = odata.buf;
|
|||
}
|
|||
|
|||
mp_buffer_info_t data;
|
|||
mp_get_buffer_raise(args[1 + off], &data, MP_BUFFER_READ);
|
|||
xmr_fast_hash(buff_use, data.buf, data.len);
|
|||
return n_args == 2 ? args[0] : mp_obj_new_bytes(buff, 32);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_fast_hash_obj, 1, 2,
|
|||
mod_trezorcrypto_monero_xmr_fast_hash);
|
|||
|
|||
/// def xmr_hash_to_ec(r: Optional[Ge25519], buff: bytes) -> Ge25519:
|
|||
/// '''
|
|||
/// XMR hashing to EC point
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_hash_to_ec(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 2;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
mp_buffer_info_t data;
|
|||
mp_get_buffer_raise(args[1 + off], &data, MP_BUFFER_READ);
|
|||
xmr_hash_to_ec(&MP_OBJ_GE25519(res), data.buf, data.len);
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_hash_to_ec_obj, 1, 2,
|
|||
mod_trezorcrypto_monero_xmr_hash_to_ec);
|
|||
|
|||
/// def xmr_hash_to_scalar(r: Optional[Sc25519], buff: bytes) -> Sc25519:
|
|||
/// '''
|
|||
/// XMR hashing to EC scalar
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_hash_to_scalar(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 2;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
mp_buffer_info_t data;
|
|||
mp_get_buffer_raise(args[1 + off], &data, MP_BUFFER_READ);
|
|||
xmr_hash_to_scalar(MP_OBJ_SCALAR(res), data.buf, data.len);
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_hash_to_scalar_obj, 1, 2,
|
|||
mod_trezorcrypto_monero_xmr_hash_to_scalar);
|
|||
|
|||
/// def xmr_derivation_to_scalar(r: Optional[Sc25519], p: Ge25519, output_index:
|
|||
/// int) -> Sc25519:
|
|||
/// '''
|
|||
/// H_s(derivation || varint(output_index))
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_derivation_to_scalar(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_ge25519(args[1 + off]);
|
|||
xmr_derivation_to_scalar(MP_OBJ_SCALAR(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
mp_obj_get_int(args[2 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_derivation_to_scalar_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_xmr_derivation_to_scalar);
|
|||
|
|||
/// def xmr_generate_key_derivation(r: Optional[Ge25519], A: Ge25519, b:
|
|||
/// Sc25519) -> Ge25519:
|
|||
/// '''
|
|||
/// 8*(key2*key1)
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_generate_key_derivation(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_ge25519(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
xmr_generate_key_derivation(&MP_OBJ_GE25519(res),
|
|||
&MP_OBJ_C_GE25519(args[1 + off]),
|
|||
MP_OBJ_C_SCALAR(args[2 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_generate_key_derivation_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_xmr_generate_key_derivation);
|
|||
|
|||
/// def xmr_derive_private_key(r: Optional[Sc25519], deriv: Ge25519, idx: int,
|
|||
/// base: Sc25519) -> Sc25519:
|
|||
/// '''
|
|||
/// base + H_s(derivation || varint(output_index))
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_derive_private_key(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 4;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_ge25519(args[1 + off]);
|
|||
assert_scalar(args[3 + off]);
|
|||
xmr_derive_private_key(MP_OBJ_SCALAR(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
mp_obj_get_int(args[2 + off]),
|
|||
MP_OBJ_C_SCALAR(args[3 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_derive_private_key_obj, 3, 4,
|
|||
mod_trezorcrypto_monero_xmr_derive_private_key);
|
|||
|
|||
/// def xmr_derive_public_key(r: Optional[Ge25519], deriv: Ge25519, idx: int,
|
|||
/// base: Ge25519) -> Ge25519:
|
|||
/// '''
|
|||
/// H_s(derivation || varint(output_index))G + base
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_derive_public_key(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 4;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_ge25519(args[1 + off]);
|
|||
assert_ge25519(args[3 + off]);
|
|||
xmr_derive_public_key(&MP_OBJ_GE25519(res), &MP_OBJ_C_GE25519(args[1 + off]),
|
|||
mp_obj_get_int(args[2 + off]),
|
|||
&MP_OBJ_C_GE25519(args[3 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_derive_public_key_obj, 3, 4,
|
|||
mod_trezorcrypto_monero_xmr_derive_public_key);
|
|||
|
|||
/// def xmr_add_keys2(r: Optional[Ge25519], a: Sc25519, b: Sc25519, B: Ge25519)
|
|||
/// -> Ge25519:
|
|||
/// '''
|
|||
/// aG + bB, G is basepoint
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_add_keys2(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 4;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
assert_ge25519(args[3 + off]);
|
|||
xmr_add_keys2(&MP_OBJ_GE25519(res), MP_OBJ_SCALAR(args[1 + off]),
|
|||
MP_OBJ_SCALAR(args[2 + off]), &MP_OBJ_C_GE25519(args[3 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_add_keys2_obj, 3, 4,
|
|||
mod_trezorcrypto_monero_xmr_add_keys2);
|
|||
|
|||
/// def xmr_add_keys2_vartime(r: Optional[Ge25519], a: Sc25519, b: Sc25519, B:
|
|||
/// Ge25519) -> Ge25519:
|
|||
/// '''
|
|||
/// aG + bB, G is basepoint
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_add_keys2_vartime(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 4;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_scalar(args[2 + off]);
|
|||
assert_ge25519(args[3 + off]);
|
|||
xmr_add_keys2_vartime(&MP_OBJ_GE25519(res), MP_OBJ_SCALAR(args[1 + off]),
|
|||
MP_OBJ_SCALAR(args[2 + off]),
|
|||
&MP_OBJ_C_GE25519(args[3 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_add_keys2_vartime_obj, 3, 4,
|
|||
mod_trezorcrypto_monero_xmr_add_keys2_vartime);
|
|||
|
|||
/// def xmr_add_keys3(r: Optional[Ge25519], a: Sc25519, A: Ge25519, b: Sc25519,
|
|||
/// B: Ge25519) -> Ge25519:
|
|||
/// '''
|
|||
/// aA + bB
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_add_keys3(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 5;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_ge25519(args[2 + off]);
|
|||
assert_scalar(args[3 + off]);
|
|||
assert_ge25519(args[4 + off]);
|
|||
xmr_add_keys3(&MP_OBJ_GE25519(res), MP_OBJ_SCALAR(args[1 + off]),
|
|||
&MP_OBJ_C_GE25519(args[2 + off]), MP_OBJ_SCALAR(args[3 + off]),
|
|||
&MP_OBJ_C_GE25519(args[4 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_add_keys3_obj, 4, 5,
|
|||
mod_trezorcrypto_monero_xmr_add_keys3);
|
|||
|
|||
/// def xmr_add_keys3_vartime(r: Optional[Ge25519], a: Sc25519, A: Ge25519, b:
|
|||
/// Sc25519, B: Ge25519) -> Ge25519:
|
|||
/// '''
|
|||
/// aA + bB
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_add_keys3_vartime(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 5;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_scalar(args[1 + off]);
|
|||
assert_ge25519(args[2 + off]);
|
|||
assert_scalar(args[3 + off]);
|
|||
assert_ge25519(args[4 + off]);
|
|||
xmr_add_keys3_vartime(&MP_OBJ_GE25519(res), MP_OBJ_SCALAR(args[1 + off]),
|
|||
&MP_OBJ_C_GE25519(args[2 + off]),
|
|||
MP_OBJ_SCALAR(args[3 + off]),
|
|||
&MP_OBJ_C_GE25519(args[4 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_add_keys3_vartime_obj, 4, 5,
|
|||
mod_trezorcrypto_monero_xmr_add_keys3_vartime);
|
|||
|
|||
/// def xmr_get_subaddress_secret_key(r: Optional[Sc25519], major: int, minor:
|
|||
/// int, m: Sc25519) -> Sc25519:
|
|||
/// '''
|
|||
/// Hs(SubAddr || a || index_major || index_minor)
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_get_subaddress_secret_key(
|
|||
size_t n_args, const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 4;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_scalar_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_scalar(args[3 + off]);
|
|||
xmr_get_subaddress_secret_key(
|
|||
MP_OBJ_SCALAR(res), mp_obj_get_int(args[1 + off]),
|
|||
mp_obj_get_int(args[2 + off]), MP_OBJ_C_SCALAR(args[3 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_get_subaddress_secret_key_obj, 3, 4,
|
|||
mod_trezorcrypto_monero_xmr_get_subaddress_secret_key);
|
|||
|
|||
/// def xmr_gen_c(r: Optional[Ge25519], a: Sc25519, amount: int) -> Ge25519:
|
|||
/// '''
|
|||
/// aG + amount * H
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_gen_c(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
const bool res_arg = n_args == 3;
|
|||
const int off = res_arg ? 0 : -1;
|
|||
mp_obj_t res = mp_obj_new_ge25519_r(res_arg ? args[0] : mp_const_none);
|
|||
assert_scalar(args[1 + off]);
|
|||
xmr_gen_c(&MP_OBJ_GE25519(res), MP_OBJ_C_SCALAR(args[1 + off]),
|
|||
mp_obj_get_uint64(args[2 + off]));
|
|||
return res;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_xmr_gen_c_obj, 2, 3,
|
|||
mod_trezorcrypto_monero_xmr_gen_c);
|
|||
|
|||
/// def ct_equals(a: bytes, b: bytes) -> bool:
|
|||
/// '''
|
|||
/// Constant time buffer comparison
|
|||
/// '''
|
|||
STATIC mp_obj_t mod_trezorcrypto_ct_equals(const mp_obj_t a, const mp_obj_t b) {
|
|||
mp_buffer_info_t buff_a, buff_b;
|
|||
mp_get_buffer_raise(a, &buff_a, MP_BUFFER_READ);
|
|||
mp_get_buffer_raise(b, &buff_b, MP_BUFFER_READ);
|
|||
|
|||
if (buff_a.len != buff_b.len) {
|
|||
return MP_OBJ_NEW_SMALL_INT(0);
|
|||
}
|
|||
|
|||
int r = ed25519_verify(buff_a.buf, buff_b.buf, buff_a.len);
|
|||
return MP_OBJ_NEW_SMALL_INT(r);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_ct_equals_obj,
|
|||
mod_trezorcrypto_ct_equals);
|
|||
|
|||
// Hasher
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_hasher_update(mp_obj_t self,
|
|||
const mp_obj_t arg) {
|
|||
mp_obj_hasher_t *o = MP_OBJ_TO_PTR(self);
|
|||
mp_buffer_info_t buff;
|
|||
mp_get_buffer_raise(arg, &buff, MP_BUFFER_READ);
|
|||
if (buff.len > 0) {
|
|||
xmr_hasher_update(&o->h, buff.buf, buff.len);
|
|||
}
|
|||
return mp_const_none;
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_monero_hasher_update_obj,
|
|||
mod_trezorcrypto_monero_hasher_update);
|
|||
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_hasher_digest(size_t n_args,
|
|||
const mp_obj_t *args) {
|
|||
mp_obj_hasher_t *o = MP_OBJ_TO_PTR(args[0]);
|
|||
|
|||
Hasher ctx;
|
|||
memcpy(&ctx, &(o->h), sizeof(Hasher));
|
|||
|
|||
uint8_t out[SHA3_256_DIGEST_LENGTH];
|
|||
xmr_hasher_final(&ctx, out);
|
|||
memzero(&ctx, sizeof(SHA3_CTX));
|
|||
|
|||
if (n_args == 1 || args[1] == mp_const_none) {
|
|||
return mp_obj_new_bytes(out, sizeof(out));
|
|||
|
|||
} else {
|
|||
mp_buffer_info_t bufm;
|
|||
mp_get_buffer_raise(args[1], &bufm, MP_BUFFER_WRITE);
|
|||
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
|
|||
if (bufm.len < 32 + offset) {
|
|||
mp_raise_ValueError("Buffer too small");
|
|||
}
|
|||
|
|||
memcpy((uint8_t *)bufm.buf + offset, out, SHA3_256_DIGEST_LENGTH);
|
|||
return args[1];
|
|||
}
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
|
|||
mod_trezorcrypto_monero_hasher_digest_obj, 1, 3,
|
|||
mod_trezorcrypto_monero_hasher_digest);
|
|||
|
|||
STATIC mp_obj_t mod_trezorcrypto_monero_hasher_copy(mp_obj_t self) {
|
|||
mp_obj_hasher_t *o = MP_OBJ_TO_PTR(self);
|
|||
mp_obj_hasher_t *cp = m_new_obj(mp_obj_hasher_t);
|
|||
cp->base.type = o->base.type;
|
|||
memcpy(&(cp->h), &(o->h), sizeof(Hasher));
|
|||
return MP_OBJ_FROM_PTR(o);
|
|||
}
|
|||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_monero_hasher_copy_obj,
|
|||
mod_trezorcrypto_monero_hasher_copy);
|
|||
|
|||
//
|
|||
// Type defs
|
|||
//
|
|||
|
|||
STATIC const mp_rom_map_elem_t
|
|||
mod_trezorcrypto_monero_ge25519_locals_dict_table[] = {
|
|||
{MP_ROM_QSTR(MP_QSTR___del__),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519___del___obj)},
|
|||
};
|
|||
STATIC MP_DEFINE_CONST_DICT(mod_trezorcrypto_monero_ge25519_locals_dict,
|
|||
mod_trezorcrypto_monero_ge25519_locals_dict_table);
|
|||
|
|||
STATIC const mp_obj_type_t mod_trezorcrypto_monero_ge25519_type = {
|
|||
{&mp_type_type},
|
|||
.name = MP_QSTR_Ge25519,
|
|||
.make_new = mod_trezorcrypto_monero_ge25519_make_new,
|
|||
.locals_dict = (void *)&mod_trezorcrypto_monero_ge25519_locals_dict,
|
|||
};
|
|||
|
|||
STATIC const mp_rom_map_elem_t
|
|||
mod_trezorcrypto_monero_bignum256modm_locals_dict_table[] = {
|
|||
{MP_ROM_QSTR(MP_QSTR___del__),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_bignum256modm___del___obj)},
|
|||
};
|
|||
STATIC MP_DEFINE_CONST_DICT(
|
|||
mod_trezorcrypto_monero_bignum256modm_locals_dict,
|
|||
mod_trezorcrypto_monero_bignum256modm_locals_dict_table);
|
|||
|
|||
STATIC const mp_obj_type_t mod_trezorcrypto_monero_bignum256modm_type = {
|
|||
{&mp_type_type},
|
|||
.name = MP_QSTR_Sc25519,
|
|||
.make_new = mod_trezorcrypto_monero_bignum256modm_make_new,
|
|||
.locals_dict = (void *)&mod_trezorcrypto_monero_bignum256modm_locals_dict,
|
|||
};
|
|||
|
|||
STATIC const mp_rom_map_elem_t
|
|||
mod_trezorcrypto_monero_hasher_locals_dict_table[] = {
|
|||
{MP_ROM_QSTR(MP_QSTR_update),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_hasher_update_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_digest),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_hasher_digest_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_copy),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_hasher_copy_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR___del__),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_hasher___del___obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_block_size),
|
|||
MP_OBJ_NEW_SMALL_INT(SHA3_256_BLOCK_LENGTH)},
|
|||
{MP_ROM_QSTR(MP_QSTR_digest_size),
|
|||
MP_OBJ_NEW_SMALL_INT(SHA3_256_DIGEST_LENGTH)},
|
|||
};
|
|||
STATIC MP_DEFINE_CONST_DICT(mod_trezorcrypto_monero_hasher_locals_dict,
|
|||
mod_trezorcrypto_monero_hasher_locals_dict_table);
|
|||
|
|||
STATIC const mp_obj_type_t mod_trezorcrypto_monero_hasher_type = {
|
|||
{&mp_type_type},
|
|||
.name = MP_QSTR_hasher,
|
|||
.make_new = mod_trezorcrypto_monero_hasher_make_new,
|
|||
.locals_dict = (void *)&mod_trezorcrypto_monero_hasher_locals_dict,
|
|||
};
|
|||
|
|||
STATIC const mp_rom_map_elem_t mod_trezorcrypto_monero_globals_table[] = {
|
|||
{MP_ROM_QSTR(MP_QSTR___name__), MP_ROM_QSTR(MP_QSTR_monero)},
|
|||
{MP_ROM_QSTR(MP_QSTR_init256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_init256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_check256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_check256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_iszero256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_iszero256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_eq256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_eq256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_get256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_get256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_add256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_add256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_sub256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_sub256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_mul256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_mul256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_mulsub256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_mulsub256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_muladd256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_muladd256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_inv256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_inv256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_pack256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_pack256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_unpack256_modm),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_unpack256_modm_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_unpack256_modm_noreduce),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_unpack256_modm_noreduce_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_set_neutral),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_set_neutral_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_set_h),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_set_xmr_h_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_pack),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_pack_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_unpack_vartime),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_unpack_vartime_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_check),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_check_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_eq),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_eq_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_add),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_add_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_sub),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_sub_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_double),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_double_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_mul8),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_mul8_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_double_scalarmult_vartime),
|
|||
MP_ROM_PTR(
|
|||
&mod_trezorcrypto_monero_ge25519_double_scalarmult_vartime_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_double_scalarmult_vartime2),
|
|||
MP_ROM_PTR(
|
|||
&mod_trezorcrypto_monero_ge25519_double_scalarmult_vartime2_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_scalarmult_base),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_scalarmult_base_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ge25519_scalarmult),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_ge25519_scalarmult_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_base58_addr_encode_check),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_base58_addr_encode_check_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_base58_addr_decode_check),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_base58_addr_decode_check_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_random_scalar),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_random_scalar_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_fast_hash),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_fast_hash_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_hash_to_ec),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_hash_to_ec_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_hash_to_scalar),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_hash_to_scalar_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_derivation_to_scalar),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_derivation_to_scalar_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_generate_key_derivation),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_generate_key_derivation_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_derive_private_key),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_derive_private_key_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_derive_public_key),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_derive_public_key_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_add_keys2),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_add_keys2_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_add_keys2_vartime),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_add_keys2_vartime_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_add_keys3),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_add_keys3_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_add_keys3_vartime),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_add_keys3_vartime_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_get_subaddress_secret_key),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_get_subaddress_secret_key_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_xmr_gen_c),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_monero_xmr_gen_c_obj)},
|
|||
{MP_ROM_QSTR(MP_QSTR_ct_equals),
|
|||
MP_ROM_PTR(&mod_trezorcrypto_ct_equals_obj)},
|
|||
};
|
|||
STATIC MP_DEFINE_CONST_DICT(mod_trezorcrypto_monero_globals,
|
|||
mod_trezorcrypto_monero_globals_table);
|
|||
|
|||
STATIC const mp_obj_module_t mod_trezorcrypto_monero_module = {
|
|||
.base = {&mp_type_module},
|
|||
.globals = (mp_obj_dict_t *)&mod_trezorcrypto_monero_globals,
|
|||
};
|