mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-08-04 04:48:48 +00:00
refactor(legacy): check size of integers when hashing
[no changelog]
This commit is contained in:
Martin Milata
parent
569aee4ac1
commit
19f30acfbb
@ -80,4 +80,20 @@ void hasher_Final(Hasher *hasher, uint8_t hash[HASHER_DIGEST_LENGTH]);
|
|||||||
void hasher_Raw(HasherType type, const uint8_t *data, size_t length,
|
void hasher_Raw(HasherType type, const uint8_t *data, size_t length,
|
||||||
uint8_t hash[HASHER_DIGEST_LENGTH]);
|
uint8_t hash[HASHER_DIGEST_LENGTH]);
|
||||||
|
|
||||||
|
// Update the hash with an integer and also (statically) check that it has the
|
||||||
|
// expected size.
|
||||||
|
#define HASHER_UPDATE_INT(ctx, val, expected_type) \
|
||||||
|
do { \
|
||||||
|
hasher_Update((ctx), (const uint8_t *)&(val), sizeof(val)); \
|
||||||
|
_Static_assert(sizeof(val) == sizeof(expected_type), "invalid int size"); \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
|
// Byte array version of the macro above.
|
||||||
|
#define HASHER_UPDATE_BYTES(ctx, val, expected_size) \
|
||||||
|
do { \
|
||||||
|
hasher_Update((ctx), (val), sizeof(val)); \
|
||||||
|
_Static_assert(sizeof(val) == expected_size, "invalid value size"); \
|
||||||
|
_Static_assert(sizeof((val)[0]) == 1, "not a byte array"); \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -82,6 +82,22 @@ char* sha256_End(SHA256_CTX*, char[SHA256_DIGEST_STRING_LENGTH]);
|
|||||||
void sha256_Raw(const uint8_t*, size_t, uint8_t[SHA256_DIGEST_LENGTH]);
|
void sha256_Raw(const uint8_t*, size_t, uint8_t[SHA256_DIGEST_LENGTH]);
|
||||||
char* sha256_Data(const uint8_t*, size_t, char[SHA256_DIGEST_STRING_LENGTH]);
|
char* sha256_Data(const uint8_t*, size_t, char[SHA256_DIGEST_STRING_LENGTH]);
|
||||||
|
|
||||||
|
// Update the hash with an integer and also (statically) check that it has the
|
||||||
|
// expected size.
|
||||||
|
#define SHA256_UPDATE_INT(ctx, val, expected_type) \
|
||||||
|
do { \
|
||||||
|
sha256_Update((ctx), (const uint8_t *)&(val), sizeof(val)); \
|
||||||
|
_Static_assert(sizeof(val) == sizeof(expected_type), "invalid int size"); \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
|
// Byte array version of the macro above.
|
||||||
|
#define SHA256_UPDATE_BYTES(ctx, val, expected_size) \
|
||||||
|
do { \
|
||||||
|
sha256_Update((ctx), (val), sizeof(val)); \
|
||||||
|
_Static_assert(sizeof(val) == expected_size, "invalid value size"); \
|
||||||
|
_Static_assert(sizeof((val)[0]) == 1, "not a byte array"); \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
void sha384_Raw(const uint8_t*, size_t, uint8_t[SHA384_DIGEST_LENGTH]);
|
void sha384_Raw(const uint8_t*, size_t, uint8_t[SHA384_DIGEST_LENGTH]);
|
||||||
|
|
||||||
void sha512_Transform(const uint64_t* state_in, const uint64_t* data, uint64_t* state_out);
|
void sha512_Transform(const uint64_t* state_in, const uint64_t* data, uint64_t* state_out);
|
||||||
|
|||||||
@ -471,19 +471,16 @@ int cryptoMultisigFingerprint(const MultisigRedeemScriptType *multisig,
|
|||||||
|
|
||||||
SHA256_CTX ctx = {0};
|
SHA256_CTX ctx = {0};
|
||||||
sha256_Init(&ctx);
|
sha256_Init(&ctx);
|
||||||
sha256_Update(&ctx, (const uint8_t *)&(multisig->m), sizeof(uint32_t));
|
SHA256_UPDATE_INT(&ctx, multisig->m, uint32_t);
|
||||||
sha256_Update(&ctx, (const uint8_t *)&(pubkeys_order), sizeof(uint32_t));
|
SHA256_UPDATE_INT(&ctx, pubkeys_order, uint32_t);
|
||||||
for (uint32_t i = 0; i < n; i++) {
|
for (uint32_t i = 0; i < n; i++) {
|
||||||
sha256_Update(&ctx, (const uint8_t *)&(pubnodes[i]->depth),
|
SHA256_UPDATE_INT(&ctx, pubnodes[i]->depth, uint32_t);
|
||||||
sizeof(uint32_t));
|
SHA256_UPDATE_INT(&ctx, pubnodes[i]->fingerprint, uint32_t);
|
||||||
sha256_Update(&ctx, (const uint8_t *)&(pubnodes[i]->fingerprint),
|
SHA256_UPDATE_INT(&ctx, pubnodes[i]->child_num, uint32_t);
|
||||||
sizeof(uint32_t));
|
SHA256_UPDATE_BYTES(&ctx, pubnodes[i]->chain_code.bytes, 32);
|
||||||
sha256_Update(&ctx, (const uint8_t *)&(pubnodes[i]->child_num),
|
SHA256_UPDATE_BYTES(&ctx, pubnodes[i]->public_key.bytes, 33);
|
||||||
sizeof(uint32_t));
|
|
||||||
sha256_Update(&ctx, pubnodes[i]->chain_code.bytes, 32);
|
|
||||||
sha256_Update(&ctx, pubnodes[i]->public_key.bytes, 33);
|
|
||||||
}
|
}
|
||||||
sha256_Update(&ctx, (const uint8_t *)&n, sizeof(uint32_t));
|
SHA256_UPDATE_INT(&ctx, n, uint32_t);
|
||||||
sha256_Final(&ctx, hash);
|
sha256_Final(&ctx, hash);
|
||||||
layoutProgressUpdate(true);
|
layoutProgressUpdate(true);
|
||||||
return 1;
|
return 1;
|
||||||
@ -492,7 +489,7 @@ int cryptoMultisigFingerprint(const MultisigRedeemScriptType *multisig,
|
|||||||
int cryptoIdentityFingerprint(const IdentityType *identity, uint8_t *hash) {
|
int cryptoIdentityFingerprint(const IdentityType *identity, uint8_t *hash) {
|
||||||
SHA256_CTX ctx = {0};
|
SHA256_CTX ctx = {0};
|
||||||
sha256_Init(&ctx);
|
sha256_Init(&ctx);
|
||||||
sha256_Update(&ctx, (const uint8_t *)&(identity->index), sizeof(uint32_t));
|
SHA256_UPDATE_INT(&ctx, identity->index, uint32_t);
|
||||||
if (identity->has_proto && identity->proto[0]) {
|
if (identity->has_proto && identity->proto[0]) {
|
||||||
sha256_Update(&ctx, (const uint8_t *)(identity->proto),
|
sha256_Update(&ctx, (const uint8_t *)(identity->proto),
|
||||||
strlen(identity->proto));
|
strlen(identity->proto));
|
||||||
|
|||||||
@ -84,7 +84,7 @@ void reset_entropy(const uint8_t *ext_entropy, uint32_t len) {
|
|||||||
|
|
||||||
SHA256_CTX ctx = {0};
|
SHA256_CTX ctx = {0};
|
||||||
sha256_Init(&ctx);
|
sha256_Init(&ctx);
|
||||||
sha256_Update(&ctx, int_entropy, 32);
|
SHA256_UPDATE_BYTES(&ctx, int_entropy, 32);
|
||||||
sha256_Update(&ctx, ext_entropy, len);
|
sha256_Update(&ctx, ext_entropy, len);
|
||||||
sha256_Final(&ctx, int_entropy);
|
sha256_Final(&ctx, int_entropy);
|
||||||
const char *mnemonic = mnemonic_from_data(int_entropy, strength / 8);
|
const char *mnemonic = mnemonic_from_data(int_entropy, strength / 8);
|
||||||
|
|||||||
@ -1823,15 +1823,15 @@ static void txinfo_fill_zip244_header_hash(TxInfo *tx_info) {
|
|||||||
// T.1a: version (4-byte little-endian version identifier including
|
// T.1a: version (4-byte little-endian version identifier including
|
||||||
// overwintered flag)
|
// overwintered flag)
|
||||||
uint32_t ver = tx_info->version | TX_OVERWINTERED;
|
uint32_t ver = tx_info->version | TX_OVERWINTERED;
|
||||||
hasher_Update(&hasher, (const uint8_t *)&ver, 4);
|
HASHER_UPDATE_INT(&hasher, ver, uint32_t);
|
||||||
// T.1b: version_group_id (4-byte little-endian version group identifier)
|
// T.1b: version_group_id (4-byte little-endian version group identifier)
|
||||||
hasher_Update(&hasher, (const uint8_t *)&tx_info->version_group_id, 4);
|
HASHER_UPDATE_INT(&hasher, tx_info->version_group_id, uint32_t);
|
||||||
// T.1c: consensus_branch_id (4-byte little-endian consensus branch id)
|
// T.1c: consensus_branch_id (4-byte little-endian consensus branch id)
|
||||||
hasher_Update(&hasher, (const uint8_t *)&tx_info->branch_id, 4);
|
HASHER_UPDATE_INT(&hasher, tx_info->branch_id, uint32_t);
|
||||||
// T.1d: lock_time (4-byte little-endian nLockTime value)
|
// T.1d: lock_time (4-byte little-endian nLockTime value)
|
||||||
hasher_Update(&hasher, (const uint8_t *)&tx_info->lock_time, 4);
|
HASHER_UPDATE_INT(&hasher, tx_info->lock_time, uint32_t);
|
||||||
// T.1e: expiry_height (4-byte little-endian block height)
|
// T.1e: expiry_height (4-byte little-endian block height)
|
||||||
hasher_Update(&hasher, (const uint8_t *)&tx_info->expiry, 4);
|
HASHER_UPDATE_INT(&hasher, tx_info->expiry, uint32_t);
|
||||||
hasher_Final(&hasher, tx_info->hash_header);
|
hasher_Final(&hasher, tx_info->hash_header);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@ -2666,26 +2666,26 @@ static void signing_hash_bip143(const TxInfo *tx_info,
|
|||||||
hasher_Init(&hasher_preimage, coin->curve->hasher_sign);
|
hasher_Init(&hasher_preimage, coin->curve->hasher_sign);
|
||||||
|
|
||||||
// nVersion
|
// nVersion
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&tx_info->version, 4);
|
HASHER_UPDATE_INT(&hasher_preimage, tx_info->version, uint32_t);
|
||||||
// hashPrevouts
|
// hashPrevouts
|
||||||
hasher_Update(&hasher_preimage, tx_info->hash_prevouts143, 32);
|
HASHER_UPDATE_BYTES(&hasher_preimage, tx_info->hash_prevouts143, 32);
|
||||||
// hashSequence
|
// hashSequence
|
||||||
hasher_Update(&hasher_preimage, tx_info->hash_sequence143, 32);
|
HASHER_UPDATE_BYTES(&hasher_preimage, tx_info->hash_sequence143, 32);
|
||||||
// outpoint
|
// outpoint
|
||||||
tx_prevout_hash(&hasher_preimage, txinput);
|
tx_prevout_hash(&hasher_preimage, txinput);
|
||||||
// scriptCode
|
// scriptCode
|
||||||
tx_script_hash(&hasher_preimage, txinput->script_sig.size,
|
tx_script_hash(&hasher_preimage, txinput->script_sig.size,
|
||||||
txinput->script_sig.bytes);
|
txinput->script_sig.bytes);
|
||||||
// amount
|
// amount
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&txinput->amount, 8);
|
HASHER_UPDATE_INT(&hasher_preimage, txinput->amount, uint64_t);
|
||||||
// nSequence
|
// nSequence
|
||||||
tx_sequence_hash(&hasher_preimage, txinput);
|
tx_sequence_hash(&hasher_preimage, txinput);
|
||||||
// hashOutputs
|
// hashOutputs
|
||||||
hasher_Update(&hasher_preimage, tx_info->hash_outputs143, 32);
|
HASHER_UPDATE_BYTES(&hasher_preimage, tx_info->hash_outputs143, 32);
|
||||||
// nLockTime
|
// nLockTime
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&tx_info->lock_time, 4);
|
HASHER_UPDATE_INT(&hasher_preimage, tx_info->lock_time, uint32_t);
|
||||||
// nHashType
|
// nHashType
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&hash_type, 4);
|
HASHER_UPDATE_INT(&hasher_preimage, hash_type, uint32_t);
|
||||||
|
|
||||||
hasher_Final(&hasher_preimage, hash);
|
hasher_Final(&hasher_preimage, hash);
|
||||||
}
|
}
|
||||||
@ -2700,23 +2700,23 @@ static void signing_hash_bip341(const TxInfo *tx_info, uint32_t i,
|
|||||||
// nHashType
|
// nHashType
|
||||||
hasher_Update(&sigmsg_hasher, &sighash_type, 1);
|
hasher_Update(&sigmsg_hasher, &sighash_type, 1);
|
||||||
// nVersion
|
// nVersion
|
||||||
hasher_Update(&sigmsg_hasher, (const uint8_t *)&tx_info->version, 4);
|
HASHER_UPDATE_INT(&sigmsg_hasher, tx_info->version, uint32_t);
|
||||||
// nLockTime
|
// nLockTime
|
||||||
hasher_Update(&sigmsg_hasher, (const uint8_t *)&tx_info->lock_time, 4);
|
HASHER_UPDATE_INT(&sigmsg_hasher, tx_info->lock_time, uint32_t);
|
||||||
// sha_prevouts
|
// sha_prevouts
|
||||||
hasher_Update(&sigmsg_hasher, tx_info->hash_prevouts, 32);
|
HASHER_UPDATE_BYTES(&sigmsg_hasher, tx_info->hash_prevouts, 32);
|
||||||
// sha_amounts
|
// sha_amounts
|
||||||
hasher_Update(&sigmsg_hasher, tx_info->hash_amounts, 32);
|
HASHER_UPDATE_BYTES(&sigmsg_hasher, tx_info->hash_amounts, 32);
|
||||||
// sha_scriptpubkeys
|
// sha_scriptpubkeys
|
||||||
hasher_Update(&sigmsg_hasher, tx_info->hash_scriptpubkeys, 32);
|
HASHER_UPDATE_BYTES(&sigmsg_hasher, tx_info->hash_scriptpubkeys, 32);
|
||||||
// sha_sequences
|
// sha_sequences
|
||||||
hasher_Update(&sigmsg_hasher, tx_info->hash_sequences, 32);
|
HASHER_UPDATE_BYTES(&sigmsg_hasher, tx_info->hash_sequences, 32);
|
||||||
// sha_outputs
|
// sha_outputs
|
||||||
hasher_Update(&sigmsg_hasher, tx_info->hash_outputs, 32);
|
HASHER_UPDATE_BYTES(&sigmsg_hasher, tx_info->hash_outputs, 32);
|
||||||
// spend_type 0 (no tapscript message extension, no annex)
|
// spend_type 0 (no tapscript message extension, no annex)
|
||||||
hasher_Update(&sigmsg_hasher, &zero, 1);
|
hasher_Update(&sigmsg_hasher, &zero, 1);
|
||||||
// input_index
|
// input_index
|
||||||
hasher_Update(&sigmsg_hasher, (const uint8_t *)&i, 4);
|
HASHER_UPDATE_INT(&sigmsg_hasher, i, uint32_t);
|
||||||
|
|
||||||
hasher_Final(&sigmsg_hasher, hash);
|
hasher_Final(&sigmsg_hasher, hash);
|
||||||
}
|
}
|
||||||
@ -2735,16 +2735,15 @@ static void signing_hash_zip243(const TxInfo *tx_info,
|
|||||||
|
|
||||||
// 1. nVersion | fOverwintered
|
// 1. nVersion | fOverwintered
|
||||||
uint32_t ver = tx_info->version | TX_OVERWINTERED;
|
uint32_t ver = tx_info->version | TX_OVERWINTERED;
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&ver, 4);
|
HASHER_UPDATE_INT(&hasher_preimage, ver, uint32_t);
|
||||||
// 2. nVersionGroupId
|
// 2. nVersionGroupId
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&tx_info->version_group_id,
|
HASHER_UPDATE_INT(&hasher_preimage, tx_info->version_group_id, uint32_t);
|
||||||
4);
|
|
||||||
// 3. hashPrevouts
|
// 3. hashPrevouts
|
||||||
hasher_Update(&hasher_preimage, tx_info->hash_prevouts, 32);
|
HASHER_UPDATE_BYTES(&hasher_preimage, tx_info->hash_prevouts, 32);
|
||||||
// 4. hashSequence
|
// 4. hashSequence
|
||||||
hasher_Update(&hasher_preimage, tx_info->hash_sequences, 32);
|
HASHER_UPDATE_BYTES(&hasher_preimage, tx_info->hash_sequences, 32);
|
||||||
// 5. hashOutputs
|
// 5. hashOutputs
|
||||||
hasher_Update(&hasher_preimage, tx_info->hash_outputs, 32);
|
HASHER_UPDATE_BYTES(&hasher_preimage, tx_info->hash_outputs, 32);
|
||||||
// 6. hashJoinSplits
|
// 6. hashJoinSplits
|
||||||
hasher_Update(&hasher_preimage, null_bytes, 32);
|
hasher_Update(&hasher_preimage, null_bytes, 32);
|
||||||
// 7. hashShieldedSpends
|
// 7. hashShieldedSpends
|
||||||
@ -2752,20 +2751,20 @@ static void signing_hash_zip243(const TxInfo *tx_info,
|
|||||||
// 8. hashShieldedOutputs
|
// 8. hashShieldedOutputs
|
||||||
hasher_Update(&hasher_preimage, null_bytes, 32);
|
hasher_Update(&hasher_preimage, null_bytes, 32);
|
||||||
// 9. nLockTime
|
// 9. nLockTime
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&tx_info->lock_time, 4);
|
HASHER_UPDATE_INT(&hasher_preimage, tx_info->lock_time, uint32_t);
|
||||||
// 10. expiryHeight
|
// 10. expiryHeight
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&tx_info->expiry, 4);
|
HASHER_UPDATE_INT(&hasher_preimage, tx_info->expiry, uint32_t);
|
||||||
// 11. valueBalance
|
// 11. valueBalance
|
||||||
hasher_Update(&hasher_preimage, null_bytes, 8);
|
hasher_Update(&hasher_preimage, null_bytes, 8);
|
||||||
// 12. nHashType
|
// 12. nHashType
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&hash_type, 4);
|
HASHER_UPDATE_INT(&hasher_preimage, hash_type, uint32_t);
|
||||||
// 13a. outpoint
|
// 13a. outpoint
|
||||||
tx_prevout_hash(&hasher_preimage, txinput);
|
tx_prevout_hash(&hasher_preimage, txinput);
|
||||||
// 13b. scriptCode
|
// 13b. scriptCode
|
||||||
tx_script_hash(&hasher_preimage, txinput->script_sig.size,
|
tx_script_hash(&hasher_preimage, txinput->script_sig.size,
|
||||||
txinput->script_sig.bytes);
|
txinput->script_sig.bytes);
|
||||||
// 13c. value
|
// 13c. value
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&txinput->amount, 8);
|
HASHER_UPDATE_INT(&hasher_preimage, txinput->amount, uint64_t);
|
||||||
// 13d. nSequence
|
// 13d. nSequence
|
||||||
tx_sequence_hash(&hasher_preimage, txinput);
|
tx_sequence_hash(&hasher_preimage, txinput);
|
||||||
|
|
||||||
@ -2785,12 +2784,12 @@ static void signing_hash_zip244(const TxInfo *tx_info,
|
|||||||
// S.2g.i: prevout (field encoding)
|
// S.2g.i: prevout (field encoding)
|
||||||
tx_prevout_hash(&hasher, txinput);
|
tx_prevout_hash(&hasher, txinput);
|
||||||
// S.2g.ii: value (8-byte signed little-endian)
|
// S.2g.ii: value (8-byte signed little-endian)
|
||||||
hasher_Update(&hasher, (const uint8_t *)&txinput->amount, 8);
|
HASHER_UPDATE_INT(&hasher, txinput->amount, uint64_t);
|
||||||
// S.2g.iii: scriptPubKey (field encoding)
|
// S.2g.iii: scriptPubKey (field encoding)
|
||||||
tx_script_hash(&hasher, txinput->script_pubkey.size,
|
tx_script_hash(&hasher, txinput->script_pubkey.size,
|
||||||
txinput->script_pubkey.bytes);
|
txinput->script_pubkey.bytes);
|
||||||
// S.2g.iv: nSequence (4-byte unsigned little-endian)
|
// S.2g.iv: nSequence (4-byte unsigned little-endian)
|
||||||
hasher_Update(&hasher, (const uint8_t *)&txinput->sequence, 4);
|
HASHER_UPDATE_INT(&hasher, txinput->sequence, uint32_t);
|
||||||
hasher_Final(&hasher, txin_sig_digest);
|
hasher_Final(&hasher, txin_sig_digest);
|
||||||
|
|
||||||
// `S.2: transparent_sig_digest` field for signature digest computation.
|
// `S.2: transparent_sig_digest` field for signature digest computation.
|
||||||
@ -2801,20 +2800,17 @@ static void signing_hash_zip244(const TxInfo *tx_info,
|
|||||||
// S.2a: hash_type (1 byte)
|
// S.2a: hash_type (1 byte)
|
||||||
hasher_Update(&hasher, (const uint8_t *)&hash_type, 1);
|
hasher_Update(&hasher, (const uint8_t *)&hash_type, 1);
|
||||||
// S.2b: prevouts_sig_digest (32-byte hash)
|
// S.2b: prevouts_sig_digest (32-byte hash)
|
||||||
hasher_Update(&hasher, tx_info->hash_prevouts,
|
HASHER_UPDATE_BYTES(&hasher, tx_info->hash_prevouts, 32);
|
||||||
sizeof(tx_info->hash_prevouts));
|
|
||||||
// S.2c: amounts_sig_digest (32-byte hash)
|
// S.2c: amounts_sig_digest (32-byte hash)
|
||||||
hasher_Update(&hasher, tx_info->hash_amounts, sizeof(tx_info->hash_amounts));
|
HASHER_UPDATE_BYTES(&hasher, tx_info->hash_amounts, 32);
|
||||||
// S.2d: scriptpubkeys_sig_digest (32-byte hash)
|
// S.2d: scriptpubkeys_sig_digest (32-byte hash)
|
||||||
hasher_Update(&hasher, tx_info->hash_scriptpubkeys,
|
HASHER_UPDATE_BYTES(&hasher, tx_info->hash_scriptpubkeys, 32);
|
||||||
sizeof(tx_info->hash_scriptpubkeys));
|
|
||||||
// S.2e: sequence_sig_digest (32-byte hash)
|
// S.2e: sequence_sig_digest (32-byte hash)
|
||||||
hasher_Update(&hasher, tx_info->hash_sequences,
|
HASHER_UPDATE_BYTES(&hasher, tx_info->hash_sequences, 32);
|
||||||
sizeof(tx_info->hash_sequences));
|
|
||||||
// S.2f: outputs_sig_digest (32-byte hash)
|
// S.2f: outputs_sig_digest (32-byte hash)
|
||||||
hasher_Update(&hasher, tx_info->hash_outputs, sizeof(tx_info->hash_outputs));
|
HASHER_UPDATE_BYTES(&hasher, tx_info->hash_outputs, 32);
|
||||||
// S.2g: txin_sig_digest (32-byte hash)
|
// S.2g: txin_sig_digest (32-byte hash)
|
||||||
hasher_Update(&hasher, txin_sig_digest, sizeof(txin_sig_digest));
|
HASHER_UPDATE_BYTES(&hasher, txin_sig_digest, 32);
|
||||||
hasher_Final(&hasher, transparent_sig_digest);
|
hasher_Final(&hasher, transparent_sig_digest);
|
||||||
|
|
||||||
// `S.3: sapling_digest` field. Empty Sapling bundle.
|
// `S.3: sapling_digest` field. Empty Sapling bundle.
|
||||||
@ -2835,14 +2831,13 @@ static void signing_hash_zip244(const TxInfo *tx_info,
|
|||||||
hasher_InitParam(&hasher, HASHER_BLAKE2B_PERSONAL, personal,
|
hasher_InitParam(&hasher, HASHER_BLAKE2B_PERSONAL, personal,
|
||||||
sizeof(personal));
|
sizeof(personal));
|
||||||
// S.1: header_digest (32-byte hash output)
|
// S.1: header_digest (32-byte hash output)
|
||||||
hasher_Update(&hasher, tx_info->hash_header, sizeof(tx_info->hash_header));
|
HASHER_UPDATE_BYTES(&hasher, tx_info->hash_header, 32);
|
||||||
// S.2: transparent_sig_digest (32-byte hash output)
|
// S.2: transparent_sig_digest (32-byte hash output)
|
||||||
hasher_Update(&hasher, transparent_sig_digest,
|
HASHER_UPDATE_BYTES(&hasher, transparent_sig_digest, 32);
|
||||||
sizeof(transparent_sig_digest));
|
|
||||||
// S.3: sapling_digest (32-byte hash output)
|
// S.3: sapling_digest (32-byte hash output)
|
||||||
hasher_Update(&hasher, sapling_digest, sizeof(sapling_digest));
|
HASHER_UPDATE_BYTES(&hasher, sapling_digest, 32);
|
||||||
// S.4: orchard_digest (32-byte hash output)
|
// S.4: orchard_digest (32-byte hash output)
|
||||||
hasher_Update(&hasher, orchard_digest, sizeof(orchard_digest));
|
HASHER_UPDATE_BYTES(&hasher, orchard_digest, 32);
|
||||||
hasher_Final(&hasher, hash);
|
hasher_Final(&hasher, hash);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@ -2900,7 +2895,7 @@ static bool signing_verify_orig_nonlegacy_input(TxInputType *orig_input) {
|
|||||||
static bool signing_verify_orig_legacy_input(void) {
|
static bool signing_verify_orig_legacy_input(void) {
|
||||||
// Finalize legacy digest computation.
|
// Finalize legacy digest computation.
|
||||||
uint32_t hash_type = signing_hash_type(&input);
|
uint32_t hash_type = signing_hash_type(&input);
|
||||||
hasher_Update(&ti.hasher, (const uint8_t *)&hash_type, 4);
|
HASHER_UPDATE_INT(&ti.hasher, hash_type, uint32_t);
|
||||||
|
|
||||||
// Compute the signed digest and verify signature.
|
// Compute the signed digest and verify signature.
|
||||||
uint8_t hash[32] = {0};
|
uint8_t hash[32] = {0};
|
||||||
@ -3131,12 +3126,12 @@ static void phase1_request_orig_output(void) {
|
|||||||
|
|
||||||
#if !BITCOIN_ONLY
|
#if !BITCOIN_ONLY
|
||||||
static void signing_hash_decred(const TxInputType *txinput,
|
static void signing_hash_decred(const TxInputType *txinput,
|
||||||
const uint8_t *hash_witness, uint8_t *hash) {
|
const uint8_t hash_witness[32], uint8_t *hash) {
|
||||||
uint32_t hash_type = signing_hash_type(txinput);
|
uint32_t hash_type = signing_hash_type(txinput);
|
||||||
Hasher hasher_preimage = {0};
|
Hasher hasher_preimage = {0};
|
||||||
hasher_Init(&hasher_preimage, coin->curve->hasher_sign);
|
hasher_Init(&hasher_preimage, coin->curve->hasher_sign);
|
||||||
hasher_Update(&hasher_preimage, (const uint8_t *)&hash_type, 4);
|
HASHER_UPDATE_INT(&hasher_preimage, hash_type, uint32_t);
|
||||||
hasher_Update(&hasher_preimage, decred_hash_prefix, 32);
|
HASHER_UPDATE_BYTES(&hasher_preimage, decred_hash_prefix, 32);
|
||||||
hasher_Update(&hasher_preimage, hash_witness, 32);
|
hasher_Update(&hasher_preimage, hash_witness, 32);
|
||||||
hasher_Final(&hasher_preimage, hash);
|
hasher_Final(&hasher_preimage, hash);
|
||||||
}
|
}
|
||||||
@ -3208,7 +3203,7 @@ static bool signing_sign_bip340(const uint8_t *private_key,
|
|||||||
static bool signing_sign_legacy_input(void) {
|
static bool signing_sign_legacy_input(void) {
|
||||||
// Finalize legacy digest computation.
|
// Finalize legacy digest computation.
|
||||||
uint32_t hash_type = signing_hash_type(&input);
|
uint32_t hash_type = signing_hash_type(&input);
|
||||||
hasher_Update(&ti.hasher, (const uint8_t *)&hash_type, 4);
|
HASHER_UPDATE_INT(&ti.hasher, hash_type, uint32_t);
|
||||||
|
|
||||||
// Compute the digest and generate signature.
|
// Compute the digest and generate signature.
|
||||||
uint8_t hash[32] = {0};
|
uint8_t hash[32] = {0};
|
||||||
|
|||||||
@ -544,19 +544,15 @@ bool tx_sign_bip340(const uint8_t *private_key, const uint8_t *hash,
|
|||||||
|
|
||||||
// tx methods
|
// tx methods
|
||||||
bool tx_input_check_hash(Hasher *hasher, const TxInputType *input) {
|
bool tx_input_check_hash(Hasher *hasher, const TxInputType *input) {
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->address_n_count,
|
HASHER_UPDATE_INT(hasher, input->address_n_count, uint16_t);
|
||||||
sizeof(input->address_n_count));
|
for (int i = 0; i < input->address_n_count; ++i) {
|
||||||
for (int i = 0; i < input->address_n_count; ++i)
|
HASHER_UPDATE_INT(hasher, input->address_n[i], uint32_t);
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->address_n[i],
|
}
|
||||||
sizeof(input->address_n[0]));
|
HASHER_UPDATE_BYTES(hasher, input->prev_hash.bytes, 32);
|
||||||
hasher_Update(hasher, input->prev_hash.bytes, sizeof(input->prev_hash.bytes));
|
HASHER_UPDATE_INT(hasher, input->prev_index, uint32_t);
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->prev_index,
|
|
||||||
sizeof(input->prev_index));
|
|
||||||
tx_script_hash(hasher, input->script_sig.size, input->script_sig.bytes);
|
tx_script_hash(hasher, input->script_sig.size, input->script_sig.bytes);
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->sequence,
|
HASHER_UPDATE_INT(hasher, input->sequence, uint32_t);
|
||||||
sizeof(input->sequence));
|
HASHER_UPDATE_INT(hasher, input->script_type, uint32_t);
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->script_type,
|
|
||||||
sizeof(input->script_type));
|
|
||||||
uint8_t multisig_fp[32] = {0};
|
uint8_t multisig_fp[32] = {0};
|
||||||
if (input->has_multisig) {
|
if (input->has_multisig) {
|
||||||
if (cryptoMultisigFingerprint(&input->multisig, multisig_fp) == 0) {
|
if (cryptoMultisigFingerprint(&input->multisig, multisig_fp) == 0) {
|
||||||
@ -564,14 +560,12 @@ bool tx_input_check_hash(Hasher *hasher, const TxInputType *input) {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
hasher_Update(hasher, multisig_fp, sizeof(multisig_fp));
|
HASHER_UPDATE_BYTES(hasher, multisig_fp, 32);
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->amount, sizeof(input->amount));
|
HASHER_UPDATE_INT(hasher, input->amount, uint64_t);
|
||||||
tx_script_hash(hasher, input->witness.size, input->witness.bytes);
|
tx_script_hash(hasher, input->witness.size, input->witness.bytes);
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->has_orig_hash,
|
HASHER_UPDATE_INT(hasher, input->has_orig_hash, uint8_t);
|
||||||
sizeof(input->has_orig_hash));
|
HASHER_UPDATE_BYTES(hasher, input->orig_hash.bytes, 32);
|
||||||
hasher_Update(hasher, input->orig_hash.bytes, sizeof(input->orig_hash.bytes));
|
HASHER_UPDATE_INT(hasher, input->orig_index, uint32_t);
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->orig_index,
|
|
||||||
sizeof(input->orig_index));
|
|
||||||
tx_script_hash(hasher, input->script_pubkey.size, input->script_pubkey.bytes);
|
tx_script_hash(hasher, input->script_pubkey.size, input->script_pubkey.bytes);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -580,12 +574,12 @@ uint32_t tx_prevout_hash(Hasher *hasher, const TxInputType *input) {
|
|||||||
for (int i = 0; i < 32; i++) {
|
for (int i = 0; i < 32; i++) {
|
||||||
hasher_Update(hasher, &(input->prev_hash.bytes[31 - i]), 1);
|
hasher_Update(hasher, &(input->prev_hash.bytes[31 - i]), 1);
|
||||||
}
|
}
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->prev_index, 4);
|
HASHER_UPDATE_INT(hasher, input->prev_index, uint32_t);
|
||||||
return 36;
|
return 36;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint32_t tx_amount_hash(Hasher *hasher, const TxInputType *input) {
|
uint32_t tx_amount_hash(Hasher *hasher, const TxInputType *input) {
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->amount, 8);
|
HASHER_UPDATE_INT(hasher, input->amount, uint64_t);
|
||||||
return 8;
|
return 8;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -596,18 +590,18 @@ uint32_t tx_script_hash(Hasher *hasher, uint32_t size, const uint8_t *data) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
uint32_t tx_sequence_hash(Hasher *hasher, const TxInputType *input) {
|
uint32_t tx_sequence_hash(Hasher *hasher, const TxInputType *input) {
|
||||||
hasher_Update(hasher, (const uint8_t *)&input->sequence, 4);
|
HASHER_UPDATE_INT(hasher, input->sequence, uint32_t);
|
||||||
return 4;
|
return 4;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint32_t tx_output_hash(Hasher *hasher, const TxOutputBinType *output,
|
uint32_t tx_output_hash(Hasher *hasher, const TxOutputBinType *output,
|
||||||
bool decred) {
|
bool decred) {
|
||||||
uint32_t r = 0;
|
uint32_t r = 0;
|
||||||
hasher_Update(hasher, (const uint8_t *)&output->amount, 8);
|
HASHER_UPDATE_INT(hasher, output->amount, uint64_t);
|
||||||
r += 8;
|
r += 8;
|
||||||
if (decred) {
|
if (decred) {
|
||||||
uint16_t script_version = output->decred_script_version & 0xFFFF;
|
uint16_t script_version = output->decred_script_version & 0xFFFF;
|
||||||
hasher_Update(hasher, (const uint8_t *)&script_version, 2);
|
HASHER_UPDATE_INT(hasher, script_version, uint16_t);
|
||||||
r += 2;
|
r += 2;
|
||||||
}
|
}
|
||||||
r += tx_script_hash(hasher, output->script_pubkey.size,
|
r += tx_script_hash(hasher, output->script_pubkey.size,
|
||||||
@ -662,20 +656,20 @@ uint32_t tx_serialize_header_hash(TxStruct *tx) {
|
|||||||
#if !BITCOIN_ONLY
|
#if !BITCOIN_ONLY
|
||||||
if (tx->is_zcashlike && tx->version >= 3) {
|
if (tx->is_zcashlike && tx->version >= 3) {
|
||||||
uint32_t ver = tx->version | TX_OVERWINTERED;
|
uint32_t ver = tx->version | TX_OVERWINTERED;
|
||||||
hasher_Update(&(tx->hasher), (const uint8_t *)&ver, 4);
|
HASHER_UPDATE_INT(&(tx->hasher), ver, uint32_t);
|
||||||
hasher_Update(&(tx->hasher), (const uint8_t *)&(tx->version_group_id), 4);
|
HASHER_UPDATE_INT(&(tx->hasher), tx->version_group_id, uint32_t);
|
||||||
r += 4;
|
r += 4;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
hasher_Update(&(tx->hasher), (const uint8_t *)&(tx->version), 4);
|
HASHER_UPDATE_INT(&(tx->hasher), tx->version, uint32_t);
|
||||||
#if !BITCOIN_ONLY
|
#if !BITCOIN_ONLY
|
||||||
if (tx->timestamp) {
|
if (tx->timestamp) {
|
||||||
hasher_Update(&(tx->hasher), (const uint8_t *)&(tx->timestamp), 4);
|
HASHER_UPDATE_INT(&(tx->hasher), tx->timestamp, uint32_t);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
if (tx->is_segwit) {
|
if (tx->is_segwit) {
|
||||||
hasher_Update(&(tx->hasher), segwit_header, 2);
|
HASHER_UPDATE_BYTES(&(tx->hasher), segwit_header, 2);
|
||||||
r += 2;
|
r += 2;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -852,14 +846,14 @@ uint32_t tx_serialize_footer(TxStruct *tx, uint8_t *out) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
uint32_t tx_serialize_footer_hash(TxStruct *tx) {
|
uint32_t tx_serialize_footer_hash(TxStruct *tx) {
|
||||||
hasher_Update(&(tx->hasher), (const uint8_t *)&(tx->lock_time), 4);
|
HASHER_UPDATE_INT(&(tx->hasher), tx->lock_time, uint32_t);
|
||||||
#if !BITCOIN_ONLY
|
#if !BITCOIN_ONLY
|
||||||
if (tx->is_zcashlike && tx->version >= 3) {
|
if (tx->is_zcashlike && tx->version >= 3) {
|
||||||
hasher_Update(&(tx->hasher), (const uint8_t *)&(tx->expiry), 4);
|
HASHER_UPDATE_INT(&(tx->hasher), tx->expiry, uint32_t);
|
||||||
return 8;
|
return 8;
|
||||||
}
|
}
|
||||||
if (tx->is_decred) {
|
if (tx->is_decred) {
|
||||||
hasher_Update(&(tx->hasher), (const uint8_t *)&(tx->expiry), 4);
|
HASHER_UPDATE_INT(&(tx->hasher), tx->expiry, uint32_t);
|
||||||
return 8;
|
return 8;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user