1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-22 22:38:08 +00:00

fsm: input messages are no longer confidential

This commit is contained in:
Pavol Rusnak 2019-02-04 14:25:13 +01:00
parent 19c7c8bc3b
commit 11311da48a
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
4 changed files with 15 additions and 10 deletions

View File

@ -73,7 +73,7 @@ void fsm_msgSignMessage(const SignMessage *msg);
void fsm_msgVerifyMessage(const VerifyMessage *msg);
// crypto
void fsm_msgCipherKeyValue(CipherKeyValue *msg); // not const because we mutate msg->iv
void fsm_msgCipherKeyValue(const CipherKeyValue *msg);
void fsm_msgSignIdentity(const SignIdentity *msg);
void fsm_msgGetECDHSessionKey(const GetECDHSessionKey *msg);
void fsm_msgCosiCommit(const CosiCommit *msg);
@ -92,7 +92,7 @@ void fsm_msgDebugLinkFlashErase(const DebugLinkFlashErase *msg);
// ethereum
void fsm_msgEthereumGetAddress(const EthereumGetAddress *msg);
void fsm_msgEthereumGetPublicKey(const EthereumGetPublicKey *msg);
void fsm_msgEthereumSignTx(EthereumSignTx *msg); // not const because we mutate transaction
void fsm_msgEthereumSignTx(EthereumSignTx *msg); // not const because we mutate transaction during validation
void fsm_msgEthereumTxAck(const EthereumTxAck *msg);
void fsm_msgEthereumSignMessage(const EthereumSignMessage *msg);
void fsm_msgEthereumVerifyMessage(const EthereumVerifyMessage *msg);
@ -102,7 +102,7 @@ void fsm_msgLiskGetAddress(const LiskGetAddress *msg);
void fsm_msgLiskGetPublicKey(const LiskGetPublicKey *msg);
void fsm_msgLiskSignMessage(const LiskSignMessage *msg);
void fsm_msgLiskVerifyMessage(const LiskVerifyMessage *msg);
void fsm_msgLiskSignTx(LiskSignTx *msg); // // not const because we mutate transaction
void fsm_msgLiskSignTx(LiskSignTx *msg); // not const because we mutate transaction during validation
// nem
void fsm_msgNEMGetAddress(NEMGetAddress *msg); // not const because we mutate msg->network

View File

@ -17,7 +17,7 @@
* along with this library. If not, see <http://www.gnu.org/licenses/>.
*/
void fsm_msgCipherKeyValue(CipherKeyValue *msg)
void fsm_msgCipherKeyValue(const CipherKeyValue *msg)
{
CHECK_INITIALIZED
@ -49,15 +49,20 @@ void fsm_msgCipherKeyValue(CipherKeyValue *msg)
hmac_sha512(node->private_key, 32, data, strlen((char *)data), data);
if (msg->iv.size == 16) {
// override iv if provided
memcpy(data + 32, msg->iv.bytes, 16);
}
RESP_INIT(CipheredKeyValue);
if (encrypt) {
aes_encrypt_ctx ctx;
aes_encrypt_key256(data, &ctx);
aes_cbc_encrypt(msg->value.bytes, resp->value.bytes, msg->value.size, ((msg->iv.size == 16) ? (msg->iv.bytes) : (data + 32)), &ctx);
aes_cbc_encrypt(msg->value.bytes, resp->value.bytes, msg->value.size, data + 32, &ctx);
} else {
aes_decrypt_ctx ctx;
aes_decrypt_key256(data, &ctx);
aes_cbc_decrypt(msg->value.bytes, resp->value.bytes, msg->value.size, ((msg->iv.size == 16) ? (msg->iv.bytes) : (data + 32)), &ctx);
aes_cbc_decrypt(msg->value.bytes, resp->value.bytes, msg->value.size, data + 32, &ctx);
}
resp->has_value = true;
resp->value.size = msg->value.size;

View File

@ -36,7 +36,7 @@ struct MessagesMap_t {
char dir; // i = in, o = out
uint16_t msg_id;
const pb_field_t *fields;
void (*process_func)(void *ptr);
void (*process_func)(const void *ptr);
};
static const struct MessagesMap_t MessagesMap[] = {
@ -222,7 +222,7 @@ enum {
void msg_process(char type, uint16_t msg_id, const pb_field_t *fields, uint8_t *msg_raw, uint32_t msg_size)
{
static CONFIDENTIAL uint8_t msg_data[MSG_IN_SIZE];
static uint8_t msg_data[MSG_IN_SIZE];
memzero(msg_data, sizeof(msg_data));
pb_istream_t stream = pb_istream_from_buffer(msg_raw, msg_size);
bool status = pb_decode(&stream, fields, msg_data);
@ -236,7 +236,7 @@ void msg_process(char type, uint16_t msg_id, const pb_field_t *fields, uint8_t *
void msg_read_common(char type, const uint8_t *buf, uint32_t len)
{
static char read_state = READSTATE_IDLE;
static CONFIDENTIAL uint8_t msg_in[MSG_IN_SIZE];
static uint8_t msg_in[MSG_IN_SIZE];
static uint16_t msg_id = 0xFFFF;
static uint32_t msg_size = 0;
static uint32_t msg_pos = 0;

View File

@ -48,7 +48,7 @@ def handle_message(fh, fl, skipped, message, extension):
return
if direction == "i":
process_func = "(void (*)(void *)) fsm_msg%s" % short_name
process_func = "(void (*)(const void *))fsm_msg%s" % short_name
else:
process_func = "0"