arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-10 15:30:55 +00:00
Code Issues Releases Wiki Activity

fsm: input messages are no longer confidential

Browse Source
This commit is contained in:
Pavol Rusnak 2019-02-04 14:25:13 +01:00
parent 19c7c8bc3b
commit 11311da48a
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
4 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
firmware/fsm.h
View File

@ -73,7 +73,7 @@ void fsm_msgSignMessage(const SignMessage *msg);
void fsm_msgVerifyMessage(const VerifyMessage *msg); void fsm_msgVerifyMessage(const VerifyMessage *msg);
// crypto // crypto
void fsm_msgCipherKeyValue(CipherKeyValue *msg); // not const because we mutate msg->iv void fsm_msgCipherKeyValue(const CipherKeyValue *msg);
void fsm_msgSignIdentity(const SignIdentity *msg); void fsm_msgSignIdentity(const SignIdentity *msg);
void fsm_msgGetECDHSessionKey(const GetECDHSessionKey *msg); void fsm_msgGetECDHSessionKey(const GetECDHSessionKey *msg);
void fsm_msgCosiCommit(const CosiCommit *msg); void fsm_msgCosiCommit(const CosiCommit *msg);
@ -92,7 +92,7 @@ void fsm_msgDebugLinkFlashErase(const DebugLinkFlashErase *msg);
// ethereum // ethereum
void fsm_msgEthereumGetAddress(const EthereumGetAddress *msg); void fsm_msgEthereumGetAddress(const EthereumGetAddress *msg);
void fsm_msgEthereumGetPublicKey(const EthereumGetPublicKey *msg); void fsm_msgEthereumGetPublicKey(const EthereumGetPublicKey *msg);
void fsm_msgEthereumSignTx(EthereumSignTx *msg); // not const because we mutate transaction void fsm_msgEthereumSignTx(EthereumSignTx *msg); // not const because we mutate transaction during validation
void fsm_msgEthereumTxAck(const EthereumTxAck *msg); void fsm_msgEthereumTxAck(const EthereumTxAck *msg);
void fsm_msgEthereumSignMessage(const EthereumSignMessage *msg); void fsm_msgEthereumSignMessage(const EthereumSignMessage *msg);
void fsm_msgEthereumVerifyMessage(const EthereumVerifyMessage *msg); void fsm_msgEthereumVerifyMessage(const EthereumVerifyMessage *msg);
@ -102,7 +102,7 @@ void fsm_msgLiskGetAddress(const LiskGetAddress *msg);
void fsm_msgLiskGetPublicKey(const LiskGetPublicKey *msg); void fsm_msgLiskGetPublicKey(const LiskGetPublicKey *msg);
void fsm_msgLiskSignMessage(const LiskSignMessage *msg); void fsm_msgLiskSignMessage(const LiskSignMessage *msg);
void fsm_msgLiskVerifyMessage(const LiskVerifyMessage *msg); void fsm_msgLiskVerifyMessage(const LiskVerifyMessage *msg);
void fsm_msgLiskSignTx(LiskSignTx *msg); // // not const because we mutate transaction void fsm_msgLiskSignTx(LiskSignTx *msg); // not const because we mutate transaction during validation
// nem // nem
void fsm_msgNEMGetAddress(NEMGetAddress *msg); // not const because we mutate msg->network void fsm_msgNEMGetAddress(NEMGetAddress *msg); // not const because we mutate msg->network

11
firmware/fsm_msg_crypto.h
View File

@ -17,7 +17,7 @@
* along with this library. If not, see <http://www.gnu.org/licenses/>. * along with this library. If not, see <http://www.gnu.org/licenses/>.
*/ */
void fsm_msgCipherKeyValue(CipherKeyValue *msg) void fsm_msgCipherKeyValue(const CipherKeyValue *msg)
{ {
CHECK_INITIALIZED CHECK_INITIALIZED
@ -49,15 +49,20 @@ void fsm_msgCipherKeyValue(CipherKeyValue *msg)
hmac_sha512(node->private_key, 32, data, strlen((char *)data), data); hmac_sha512(node->private_key, 32, data, strlen((char *)data), data);
if (msg->iv.size == 16) {
// override iv if provided
memcpy(data + 32, msg->iv.bytes, 16);
}
RESP_INIT(CipheredKeyValue); RESP_INIT(CipheredKeyValue);
if (encrypt) { if (encrypt) {
aes_encrypt_ctx ctx; aes_encrypt_ctx ctx;
aes_encrypt_key256(data, &ctx); aes_encrypt_key256(data, &ctx);
aes_cbc_encrypt(msg->value.bytes, resp->value.bytes, msg->value.size, ((msg->iv.size == 16) ? (msg->iv.bytes) : (data + 32)), &ctx); aes_cbc_encrypt(msg->value.bytes, resp->value.bytes, msg->value.size, data + 32, &ctx);
} else { } else {
aes_decrypt_ctx ctx; aes_decrypt_ctx ctx;
aes_decrypt_key256(data, &ctx); aes_decrypt_key256(data, &ctx);
aes_cbc_decrypt(msg->value.bytes, resp->value.bytes, msg->value.size, ((msg->iv.size == 16) ? (msg->iv.bytes) : (data + 32)), &ctx); aes_cbc_decrypt(msg->value.bytes, resp->value.bytes, msg->value.size, data + 32, &ctx);
} }
resp->has_value = true; resp->has_value = true;
resp->value.size = msg->value.size; resp->value.size = msg->value.size;

6
firmware/messages.c
View File

@ -36,7 +36,7 @@ struct MessagesMap_t {
char dir; // i = in, o = out char dir; // i = in, o = out
uint16_t msg_id; uint16_t msg_id;
const pb_field_t *fields; const pb_field_t *fields;
void (*process_func)(void *ptr); void (*process_func)(const void *ptr);
}; };
static const struct MessagesMap_t MessagesMap[] = { static const struct MessagesMap_t MessagesMap[] = {
@ -222,7 +222,7 @@ enum {
void msg_process(char type, uint16_t msg_id, const pb_field_t *fields, uint8_t *msg_raw, uint32_t msg_size) void msg_process(char type, uint16_t msg_id, const pb_field_t *fields, uint8_t *msg_raw, uint32_t msg_size)
{ {
static CONFIDENTIAL uint8_t msg_data[MSG_IN_SIZE]; static uint8_t msg_data[MSG_IN_SIZE];
memzero(msg_data, sizeof(msg_data)); memzero(msg_data, sizeof(msg_data));
pb_istream_t stream = pb_istream_from_buffer(msg_raw, msg_size); pb_istream_t stream = pb_istream_from_buffer(msg_raw, msg_size);
bool status = pb_decode(&stream, fields, msg_data); bool status = pb_decode(&stream, fields, msg_data);
@ -236,7 +236,7 @@ void msg_process(char type, uint16_t msg_id, const pb_field_t *fields, uint8_t *
void msg_read_common(char type, const uint8_t *buf, uint32_t len) void msg_read_common(char type, const uint8_t *buf, uint32_t len)
{ {
static char read_state = READSTATE_IDLE; static char read_state = READSTATE_IDLE;
static CONFIDENTIAL uint8_t msg_in[MSG_IN_SIZE]; static uint8_t msg_in[MSG_IN_SIZE];
static uint16_t msg_id = 0xFFFF; static uint16_t msg_id = 0xFFFF;
static uint32_t msg_size = 0; static uint32_t msg_size = 0;
static uint32_t msg_pos = 0; static uint32_t msg_pos = 0;

2
firmware/protob/messages_map.py
View File

@ -48,7 +48,7 @@ def handle_message(fh, fl, skipped, message, extension):
return return
if direction == "i": if direction == "i":
process_func = "(void (*)(void *)) fsm_msg%s" % short_name process_func = "(void (*)(const void *))fsm_msg%s" % short_name
else: else:
process_func = "0" process_func = "0"