diff --git a/firmware/coins.c b/firmware/coins.c index 1d62abca98..ae057cf6e1 100644 --- a/firmware/coins.c +++ b/firmware/coins.c @@ -63,7 +63,7 @@ bool coinExtractAddressType(const CoinInfo *coin, const char *addr, uint32_t *ad { if (!addr) return false; uint8_t addr_raw[MAX_ADDR_RAW_SIZE]; - int len = base58_decode_check(addr, addr_raw, MAX_ADDR_RAW_SIZE); + int len = base58_decode_check(addr, coin->hasher_type, addr_raw, MAX_ADDR_RAW_SIZE); if (len >= 21) { return coinExtractAddressTypeRaw(coin, addr_raw, address_type); } diff --git a/firmware/crypto.c b/firmware/crypto.c index 924e5766a3..3eeba4a641 100644 --- a/firmware/crypto.c +++ b/firmware/crypto.c @@ -178,8 +178,8 @@ int cryptoMessageVerify(const CoinInfo *coin, const uint8_t *message, size_t mes // p2pkh if (signature[0] >= 27 && signature[0] <= 34) { - size_t len = base58_decode_check(address, addr_raw, MAX_ADDR_RAW_SIZE); - ecdsa_get_address_raw(pubkey, coin->address_type, recovered_raw); + size_t len = base58_decode_check(address, coin->hasher_type, addr_raw, MAX_ADDR_RAW_SIZE); + ecdsa_get_address_raw(pubkey, coin->address_type, coin->hasher_type, recovered_raw); if (memcmp(recovered_raw, addr_raw, len) != 0 || len != address_prefix_bytes_len(coin->address_type) + 20) { return 2; @@ -187,8 +187,8 @@ int cryptoMessageVerify(const CoinInfo *coin, const uint8_t *message, size_t mes } else // segwit-in-p2sh if (signature[0] >= 35 && signature[0] <= 38) { - size_t len = base58_decode_check(address, addr_raw, MAX_ADDR_RAW_SIZE); - ecdsa_get_address_segwit_p2sh_raw(pubkey, coin->address_type_p2sh, recovered_raw); + size_t len = base58_decode_check(address, coin->hasher_type, addr_raw, MAX_ADDR_RAW_SIZE); + ecdsa_get_address_segwit_p2sh_raw(pubkey, coin->address_type_p2sh, coin->hasher_type, recovered_raw); if (memcmp(recovered_raw, addr_raw, len) != 0 || len != address_prefix_bytes_len(coin->address_type_p2sh) + 20) { return 2; @@ -202,7 +202,7 @@ int cryptoMessageVerify(const CoinInfo *coin, const uint8_t *message, size_t mes || !segwit_addr_decode(&witver, recovered_raw, &len, coin->bech32_prefix, address)) { return 4; } - ecdsa_get_pubkeyhash(pubkey, addr_raw); + ecdsa_get_pubkeyhash(pubkey, coin->hasher_type, addr_raw); if (memcmp(recovered_raw, addr_raw, len) != 0 || witver != 0 || len != 20) { return 2; diff --git a/firmware/signing.c b/firmware/signing.c index 3402cdea8d..38f87ebe1c 100644 --- a/firmware/signing.c +++ b/firmware/signing.c @@ -424,7 +424,7 @@ bool compile_input_script_sig(TxInputType *tinput) tinput->script_sig.size = compile_script_multisig(&(tinput->multisig), tinput->script_sig.bytes); } else { // SPENDADDRESS uint8_t hash[20]; - ecdsa_get_pubkeyhash(node.public_key, hash); + ecdsa_get_pubkeyhash(node.public_key, coin->hasher_type, hash); tinput->script_sig.size = compile_script_sig(coin->address_type, hash, tinput->script_sig.bytes); } return tinput->script_sig.size > 0; diff --git a/firmware/transaction.c b/firmware/transaction.c index c7cce44f14..9067bb9d21 100644 --- a/firmware/transaction.c +++ b/firmware/transaction.c @@ -123,7 +123,7 @@ bool compute_address(const CoinInfo *coin, prelen = address_prefix_bytes_len(coin->address_type_p2sh); address_write_prefix_bytes(coin->address_type_p2sh, raw); ripemd160(digest, 32, raw + prelen); - if (!base58_encode_check(raw, prelen + 20, address, MAX_ADDR_SIZE)) { + if (!base58_encode_check(raw, prelen + 20, coin->hasher_type, address, MAX_ADDR_SIZE)) { return 0; } } else { @@ -131,7 +131,7 @@ bool compute_address(const CoinInfo *coin, prelen = address_prefix_bytes_len(coin->address_type_p2sh); address_write_prefix_bytes(coin->address_type_p2sh, raw); ripemd160(digest, 32, raw + prelen); - if (!base58_encode_check(raw, prelen + 20, address, MAX_ADDR_SIZE)) { + if (!base58_encode_check(raw, prelen + 20, coin->hasher_type, address, MAX_ADDR_SIZE)) { return 0; } } @@ -140,7 +140,7 @@ bool compute_address(const CoinInfo *coin, if (!coin->has_segwit || !coin->bech32_prefix) { return 0; } - ecdsa_get_pubkeyhash(node->public_key, digest); + ecdsa_get_pubkeyhash(node->public_key, coin->hasher_type, digest); if (!segwit_addr_encode(address, coin->bech32_prefix, SEGWIT_VERSION_0, digest, 20)) { return 0; } @@ -152,9 +152,9 @@ bool compute_address(const CoinInfo *coin, if (!coin->has_address_type_p2sh) { return 0; } - ecdsa_get_address_segwit_p2sh(node->public_key, coin->address_type_p2sh, address, MAX_ADDR_SIZE); + ecdsa_get_address_segwit_p2sh(node->public_key, coin->address_type_p2sh, coin->hasher_type, address, MAX_ADDR_SIZE); } else { - ecdsa_get_address(node->public_key, coin->address_type, address, MAX_ADDR_SIZE); + ecdsa_get_address(node->public_key, coin->address_type, coin->hasher_type, address, MAX_ADDR_SIZE); } return 1; } @@ -219,7 +219,7 @@ int compile_output(const CoinInfo *coin, const HDNode *root, TxOutputType *in, T return 0; // failed to compile output } - addr_raw_len = base58_decode_check(in->address, addr_raw, MAX_ADDR_RAW_SIZE); + addr_raw_len = base58_decode_check(in->address, coin->hasher_type, addr_raw, MAX_ADDR_RAW_SIZE); size_t prefix_len; if (coin->has_address_type // p2pkh && address_check_prefix(addr_raw, coin->address_type) @@ -639,7 +639,7 @@ uint32_t tx_output_weight(const CoinInfo *coin, const TxOutputType *txoutput) { && segwit_addr_decode(&witver, addr_raw, &addr_raw_len, coin->bech32_prefix, txoutput->address)) { output_script_size = 2 + addr_raw_len; } else { - addr_raw_len = base58_decode_check(txoutput->address, addr_raw, MAX_ADDR_RAW_SIZE); + addr_raw_len = base58_decode_check(txoutput->address, coin->hasher_type, addr_raw, MAX_ADDR_RAW_SIZE); if (coin->has_address_type && address_check_prefix(addr_raw, coin->address_type)) { output_script_size = TXSIZE_P2PKHASH; diff --git a/firmware/u2f.c b/firmware/u2f.c index 1a8270e1fd..23902183a2 100644 --- a/firmware/u2f.c +++ b/firmware/u2f.c @@ -613,7 +613,7 @@ void u2f_register(const APDU *a) memcpy(sig_base.chal, req->chal, U2F_CHAL_SIZE); memcpy(sig_base.keyHandle, &resp->keyHandleCertSig, KEY_HANDLE_LEN); memcpy(sig_base.pubKey, &resp->pubKey, U2F_PUBKEY_LEN); - if (ecdsa_sign(&nist256p1, U2F_ATT_PRIV_KEY, (uint8_t *)&sig_base, sizeof(sig_base), sig, NULL, NULL) != 0) { + if (ecdsa_sign(&nist256p1, HASHER_SHA2, U2F_ATT_PRIV_KEY, (uint8_t *)&sig_base, sizeof(sig_base), sig, NULL, NULL) != 0) { send_u2f_error(U2F_SW_WRONG_DATA); return; } @@ -735,7 +735,7 @@ void u2f_authenticate(const APDU *a) sig_base.flags = resp->flags; memcpy(sig_base.ctr, resp->ctr, 4); memcpy(sig_base.chal, req->chal, U2F_CHAL_SIZE); - if (ecdsa_sign(&nist256p1, node->private_key, (uint8_t *)&sig_base, sizeof(sig_base), sig, NULL, NULL) != 0) { + if (ecdsa_sign(&nist256p1, HASHER_SHA2, node->private_key, (uint8_t *)&sig_base, sizeof(sig_base), sig, NULL, NULL) != 0) { send_u2f_error(U2F_SW_WRONG_DATA); return; }