1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-22 15:38:11 +00:00

adapt to new aes api

This commit is contained in:
Pavol Rusnak 2014-06-07 14:21:59 +02:00
parent 9d1cc7933d
commit 67ad043209
8 changed files with 99 additions and 9 deletions

View File

@ -22,15 +22,19 @@ OBJS += debug.o
OBJS += ../trezor-crypto/bignum.o
OBJS += ../trezor-crypto/ecdsa.o
OBJS += ../trezor-crypto/secp256k1.o
OBJS += ../trezor-crypto/sha2.o
OBJS += ../trezor-crypto/hmac.o
OBJS += ../trezor-crypto/bip32.o
OBJS += ../trezor-crypto/ripemd160.o
OBJS += ../trezor-crypto/bip39.o
OBJS += ../trezor-crypto/pbkdf2.o
OBJS += ../trezor-crypto/base58.o
OBJS += ../trezor-crypto/ripemd160.o
OBJS += ../trezor-crypto/sha2.o
OBJS += ../trezor-crypto/aescrypt.o
OBJS += ../trezor-crypto/aeskey.o
OBJS += ../trezor-crypto/aestab.o
OBJS += ../trezor-crypto/aes_modes.o
OBJS += protob/pb_decode.o
OBJS += protob/pb_encode.o
@ -41,6 +45,7 @@ OBJS += protob/types.pb.o
include ../Makefile.include
# CFLAGS += -fstack-protector -fstack-protector-all
CFLAGS += -Wno-sequence-point
CFLAGS += -Iprotob -DPB_FIELD_16BIT=1
CFLAGS += -DDEBUG_LINK=0
CFLAGS += -DDEBUG_LOG=0

View File

@ -38,6 +38,8 @@
#include "usb.h"
#include "util.h"
#include "signing.h"
#include "aes.h"
#include "hmac.h"
// message methods
@ -360,6 +362,63 @@ void fsm_msgTxAck(TxAck *msg)
}
}
void fsm_msgCipherKeyValue(CipherKeyValue *msg)
{
if (!msg->has_key) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No key provided");
return;
}
if (!msg->has_value) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No value provided");
return;
}
if (msg->value.size % 16) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "Value length must be a multiple of 16");
return;
}
if (!protectPin(true)) {
layoutHome();
return;
}
HDNode *node = fsm_getRootNode();
if (!node) return;
fsm_deriveKey(node, msg->address_n, msg->address_n_count);
bool encrypt = msg->has_encrypt && msg->encrypt;
bool ask_on_encrypt = msg->has_ask_on_encrypt && msg->ask_on_encrypt;
bool ask_on_decrypt = msg->has_ask_on_decrypt && msg->ask_on_decrypt;
if ((encrypt && ask_on_encrypt) || (!encrypt && ask_on_decrypt)) {
layoutCipherKeyValue(encrypt, msg->key);
if (!protectButton(ButtonRequestType_ButtonRequest_Other, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "CipherKeyValue cancelled");
layoutHome();
return;
}
}
uint8_t data[256 + 4];
strlcpy((char *)data, msg->key, sizeof(data));
strlcat((char *)data, ask_on_encrypt ? "E1" : "E0", sizeof(data));
strlcat((char *)data, ask_on_decrypt ? "D1" : "D0", sizeof(data));
hmac_sha512(node->private_key, 32, data, strlen((char *)data), data);
RESP_INIT(Success);
if (encrypt) {
aes_encrypt_ctx ctx;
aes_encrypt_key256(data, &ctx);
aes_cbc_encrypt(msg->value.bytes, resp->payload.bytes, msg->value.size, data + 32, &ctx);
} else {
aes_decrypt_ctx ctx;
aes_decrypt_key256(data, &ctx);
aes_cbc_decrypt(msg->value.bytes, resp->payload.bytes, msg->value.size, data + 32, &ctx);
}
resp->has_payload = true;
resp->payload.size = msg->value.size;
msg_write(MessageType_MessageType_Success, resp);
layoutHome();
}
void fsm_msgApplySettings(ApplySettings *msg)
{
if (msg->has_label && msg->has_language) {

View File

@ -41,6 +41,7 @@ void fsm_msgSignTx(SignTx *msg);
//void fsm_msgPinMatrixAck(PinMatrixAck *msg);
void fsm_msgCancel(Cancel *msg);
void fsm_msgTxAck(TxAck *msg);
void fsm_msgCipherKeyValue(CipherKeyValue *msg);
void fsm_msgApplySettings(ApplySettings *msg);
//void fsm_msgButtonAck(ButtonAck *msg);
void fsm_msgGetAddress(GetAddress *msg);

View File

@ -231,3 +231,23 @@ void layoutVerifyMessage(const uint8_t *msg, uint32_t len)
ascii ? "Message contents:" : "Bin message contents:",
str[0], str[1], str[2], str[3], NULL);
}
void layoutCipherKeyValue(bool encrypt, const char *key)
{
int len = strlen(key);
char str[4][17];
memset(str, 0, sizeof(str));
strlcpy(str[0], (char *)key, 17);
if (len > 16) {
strlcpy(str[1], (char *)key + 16, 17);
}
if (len > 32) {
strlcpy(str[2], (char *)key + 32, 17);
}
if (len > 48) {
strlcpy(str[3], (char *)key + 48, 17);
}
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL,
encrypt ? "Encrypt?" : "Decrypt?",
str[0], str[1], str[2], str[3], NULL);
}

View File

@ -32,5 +32,6 @@ void layoutConfirmTx(const CoinType *coin, uint64_t amount_out, uint64_t amount_
void layoutFeeOverThreshold(const CoinType *coin, uint64_t fee, uint32_t kb);
void layoutSignMessage(const uint8_t *msg, uint32_t len);
void layoutVerifyMessage(const uint8_t *msg, uint32_t len);
void layoutCipherKeyValue(bool encrypt, const char *key);
#endif

View File

@ -53,6 +53,7 @@ static const struct MessagesMap_t MessagesMap[] = {
// {'n', 'i', MessageType_MessageType_PinMatrixAck, PinMatrixAck_fields, (void (*)(void *))fsm_msgPinMatrixAck},
{'n', 'i', MessageType_MessageType_Cancel, Cancel_fields, (void (*)(void *))fsm_msgCancel},
{'n', 'i', MessageType_MessageType_TxAck, TxAck_fields, (void (*)(void *))fsm_msgTxAck},
{'n', 'i', MessageType_MessageType_CipherKeyValue, CipherKeyValue_fields, (void (*)(void *))fsm_msgCipherKeyValue},
{'n', 'i', MessageType_MessageType_ApplySettings, ApplySettings_fields, (void (*)(void *))fsm_msgApplySettings},
// {'n', 'i', MessageType_MessageType_ButtonAck, ButtonAck_fields, (void (*)(void *))fsm_msgButtonAck},
{'n', 'i', MessageType_MessageType_GetAddress, GetAddress_fields, (void (*)(void *))fsm_msgGetAddress},

View File

@ -26,7 +26,9 @@
#include "storage.pb.h"
#include "trezor.h"
#include "sha2.h"
#include "aes.h"
#include "pbkdf2.h"
#include "bip32.h"
#include "bip39.h"
#include "util.h"
@ -217,12 +219,13 @@ bool storage_getRootNode(HDNode *node)
hdnode_from_xprv(storage.node.depth, storage.node.fingerprint, storage.node.child_num, storage.node.chain_code.bytes, storage.node.private_key.bytes, &sessionRootNode);
if (storage.has_passphrase_protection && storage.passphrase_protection) {
// decrypt hd node
aes_ctx ctx;
aes_enc_key((const uint8_t *)sessionPassphrase, strlen(sessionPassphrase), &ctx);
aes_enc_blk(sessionRootNode.chain_code, sessionRootNode.chain_code, &ctx);
aes_enc_blk(sessionRootNode.chain_code + 16, sessionRootNode.chain_code + 16, &ctx);
aes_enc_blk(sessionRootNode.private_key, sessionRootNode.private_key, &ctx);
aes_enc_blk(sessionRootNode.private_key + 16, sessionRootNode.private_key + 16, &ctx);
uint8_t secret[64];
layoutProgressSwipe("Waking up", 0, 0);
pbkdf2((const uint8_t *)sessionPassphrase, strlen(sessionPassphrase), (uint8_t *)"TREZORHD", 8, BIP39_PBKDF2_ROUNDS, secret, 64, get_root_node_callback);
aes_decrypt_ctx ctx;
aes_decrypt_key256(secret, &ctx);
aes_cbc_decrypt(sessionRootNode.chain_code, sessionRootNode.chain_code, 32, secret + 32, &ctx);
aes_cbc_decrypt(sessionRootNode.private_key, sessionRootNode.private_key, 32, secret + 32, &ctx);
}
memcpy(node, &sessionRootNode, sizeof(HDNode));
sessionRootNodeCached = true;

@ -1 +1 @@
Subproject commit 44116b8a7405299be5de8353e9e624538b4dac92
Subproject commit e588906f811e826c596e631d4dd2500fc38fea60