1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-15 19:08:07 +00:00

xmr: mgsig generated in chunks

This commit is contained in:
Dusan Klinec 2018-11-02 08:12:00 +01:00
parent 0414a8e74b
commit 3d66ba1535
No known key found for this signature in database
GPG Key ID: 6337E118CCBCE103
2 changed files with 12 additions and 39 deletions

View File

@ -11,7 +11,6 @@ from .state import State
from apps.monero.layout import confirms
from apps.monero.signing import RctType
from apps.monero.xmr import crypto
from apps.monero.xmr.serialize import int_serialize
if False:
from trezor.messages.MoneroTransactionSourceEntry import (
@ -135,7 +134,7 @@ async def sign_input(
)
state.mem_trace(4, True)
mg_buffer = bytearray(_mg_size(len(src_entr.outputs)))
mg_buffer = []
from apps.monero.xmr import mlsag
@ -184,18 +183,3 @@ async def sign_input(
)
return MoneroTransactionSignInputAck(signature=mg_buffer)
def _mg_size(num_outs):
"""
Computes size of the MgSig
:param num_outs:
:return:
"""
size = 32 # cc
mg_cols = num_outs
mg_rows = 2
cols_b_size = int_serialize.uvarint_size(mg_cols)
rows_b_size = 1
size += cols_b_size + mg_cols * (rows_b_size + mg_rows * 32)
return size

View File

@ -45,8 +45,6 @@ Author: Dusan Klinec, ph4r05, 2018
import gc
from trezor import utils
from apps.monero.xmr import crypto
from apps.monero.xmr.serialize import int_serialize
@ -268,15 +266,12 @@ def generate_mlsag(message, pk, xx, kLRki, index, dsRows, mg_buff):
"""
rows, cols = gen_mlsag_assert(pk, xx, kLRki, index, dsRows)
rows_b_size = int_serialize.uvarint_size(rows)
cols_b_size = int_serialize.uvarint_size(cols)
int_serialize.dump_uvarint_b_into(cols, mg_buff)
# Computes offset to the mg_buffer
# mg_buffer format: (("ss", KeyM), ("cc", ECKey))
# ss[i][j], i over cols, j over rows
def buff_offset(col):
return cols_b_size + col * (rows_b_size + rows * 32)
# Preallocation of the chunked buffer, len + cols + cc
for _ in range(1 + cols + 1):
mg_buff.append(None)
mg_buff[0] = int_serialize.dump_uvarint_b(cols)
cc = crypto.new_scalar() # rv.cc
c = crypto.new_scalar()
L = crypto.new_point()
@ -299,9 +294,8 @@ def generate_mlsag(message, pk, xx, kLRki, index, dsRows, mg_buff):
hasher = _hasher_message(message)
# Serialize size of the row
offset = buff_offset(i)
int_serialize.dump_uvarint_b_into(rows, mg_buff, offset)
offset += rows_b_size
mg_buff[i + 1] = bytearray(rows_b_size + 32 * rows)
int_serialize.dump_uvarint_b_into(rows, mg_buff[i + 1])
for x in ss:
crypto.random_scalar(x)
@ -329,8 +323,7 @@ def generate_mlsag(message, pk, xx, kLRki, index, dsRows, mg_buff):
_hash_point(hasher, L, tmp_buff)
for si in range(rows):
crypto.encodeint_into(tmp_buff, ss[si])
utils.memcpy(mg_buff, offset + 32 * si, tmp_buff, 0, 32)
crypto.encodeint_into(mg_buff[i + 1], ss[si], rows_b_size + 32 * si)
crypto.decodeint_into(c, hasher.digest())
crypto.sc_copy(c_old, c)
@ -344,18 +337,14 @@ def generate_mlsag(message, pk, xx, kLRki, index, dsRows, mg_buff):
del II
# Finalizing rv.ss by processing rv.ss[index]
offset = buff_offset(index)
int_serialize.dump_uvarint_b_into(rows, mg_buff, offset)
offset += rows_b_size
mg_buff[index + 1] = bytearray(rows_b_size + 32 * rows)
int_serialize.dump_uvarint_b_into(rows, mg_buff[index + 1])
for j in range(rows):
crypto.sc_mulsub_into(ss[j], c, xx[j], alpha[j])
crypto.encodeint_into(tmp_buff, ss[j])
utils.memcpy(mg_buff, offset + 32 * j, tmp_buff, 0, 32)
crypto.encodeint_into(mg_buff[index + 1], ss[j], rows_b_size + 32 * j)
# rv.cc
utils.memcpy(mg_buff, len(mg_buff) - 32, crypto.encodeint_into(tmp_buff, cc), 0, 32)
utils.ensure(buff_offset(cols) + 32 == len(mg_buff), "Invalid mg_buff size")
mg_buff[-1] = crypto.encodeint(cc)
def _key_vector(rows):