arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-22 21:30:56 +00:00
Code Issues Releases Wiki Activity

refactor(crypto): make secp256k1_context_writable_randomize() return status

Browse Source
This commit is contained in:
Ondřej Vejpustek 2021-11-03 22:38:39 +01:00
parent ad38d8e324
commit 71b12a2a71
4 changed files with 144 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
crypto/zkp_bip340.c
View File

@ -47,33 +47,43 @@ int zkp_bip340_get_public_key(const uint8_t *private_key_bytes,
uint8_t *public_key_bytes) { uint8_t *public_key_bytes) {
int result = 0; int result = 0;
secp256k1_pubkey pubkey = {0}; secp256k1_context *context_writable = NULL;
if (result == 0) { if (result == 0) {
secp256k1_context *context_writable = zkp_context_acquire_writable(); context_writable = zkp_context_acquire_writable();
if (context_writable) { if (context_writable == NULL) {
secp256k1_context_writable_randomize(context_writable);
if (secp256k1_ec_pubkey_create(context_writable, &pubkey,
private_key_bytes) != 1) {
result = -1;
}
zkp_context_release_writable();
} else {
result = -1; result = -1;
} }
} }
if (result == 0) {
if (secp256k1_context_writable_randomize(context_writable) != 0) {
result = -1;
}
}
secp256k1_pubkey public_key = {0};
if (result == 0) {
if (secp256k1_ec_pubkey_create(context_writable, &public_key,
private_key_bytes) != 1) {
result = -1;
}
}
if (context_writable) {
zkp_context_release_writable();
context_writable = NULL;
}
secp256k1_xonly_pubkey xonly_pubkey = {0}; secp256k1_xonly_pubkey xonly_pubkey = {0};
const secp256k1_context *context_read_only = zkp_context_get_read_only(); const secp256k1_context *context_read_only = zkp_context_get_read_only();
if (result == 0) { if (result == 0) {
if (secp256k1_xonly_pubkey_from_pubkey(context_read_only, &xonly_pubkey, if (secp256k1_xonly_pubkey_from_pubkey(context_read_only, &xonly_pubkey,
NULL, &pubkey) != 1) { NULL, &public_key) != 1) {
result = -1; result = -1;
} }
} }
memzero(&pubkey, sizeof(pubkey)); memzero(&public_key, sizeof(public_key));
if (result == 0) { if (result == 0) {
if (secp256k1_xonly_pubkey_serialize(context_read_only, public_key_bytes, if (secp256k1_xonly_pubkey_serialize(context_read_only, public_key_bytes,
@ -98,36 +108,45 @@ int zkp_bip340_sign_digest(const uint8_t *private_key_bytes,
uint8_t *auxiliary_data) { uint8_t *auxiliary_data) {
int result = 0; int result = 0;
secp256k1_keypair keypair = {0}; secp256k1_context *context_writable = NULL;
if (result == 0) { if (result == 0) {
secp256k1_context *context_writable = zkp_context_acquire_writable(); context_writable = zkp_context_acquire_writable();
if (context_writable) { if (context_writable == NULL) {
secp256k1_context_writable_randomize(context_writable); result = -1;
if (secp256k1_keypair_create(context_writable, &keypair, }
private_key_bytes) != 1) { }
result = -1; if (result == 0) {
} if (secp256k1_context_writable_randomize(context_writable) != 0) {
zkp_context_release_writable(); result = -1;
} else { }
}
secp256k1_keypair keypair = {0};
if (result == 0) {
if (secp256k1_keypair_create(context_writable, &keypair,
private_key_bytes) != 1) {
result = -1; result = -1;
} }
} }
if (result == 0) { if (result == 0) {
secp256k1_context *context_writable = zkp_context_acquire_writable(); if (secp256k1_context_writable_randomize(context_writable) != 0) {
if (context_writable) {
secp256k1_context_writable_randomize(context_writable);
if (secp256k1_schnorrsig_sign(context_writable, signature_bytes, digest,
&keypair, auxiliary_data) != 1) {
result = -1;
}
zkp_context_release_writable();
} else {
result = -1; result = -1;
} }
} }
if (result == 0) {
if (secp256k1_schnorrsig_sign(context_writable, signature_bytes, digest,
&keypair, auxiliary_data) != 1) {
result = -1;
}
}
if (context_writable) {
zkp_context_release_writable();
context_writable = NULL;
}
memzero(&keypair, sizeof(keypair)); memzero(&keypair, sizeof(keypair));
return result; return result;
@ -240,21 +259,29 @@ int zkp_bip340_tweak_private_key(const uint8_t *internal_private_key,
uint8_t *output_private_key) { uint8_t *output_private_key) {
int result = 0; int result = 0;
secp256k1_keypair keypair = {0}; secp256k1_context *context_writable = NULL;
if (result == 0) { if (result == 0) {
secp256k1_context *context_writable = zkp_context_acquire_writable(); context_writable = zkp_context_acquire_writable();
if (context_writable) { if (context_writable == NULL) {
secp256k1_context_writable_randomize(context_writable);
if (secp256k1_keypair_create(context_writable, &keypair,
internal_private_key) != 1) {
result = -1;
}
zkp_context_release_writable();
} else {
result = -1; result = -1;
} }
} }
if (result == 0) {
if (secp256k1_context_writable_randomize(context_writable) != 0) {
result = -1;
}
}
secp256k1_keypair keypair = {0};
if (secp256k1_keypair_create(context_writable, &keypair,
internal_private_key) != 1) {
result = -1;
}
if (context_writable) {
zkp_context_release_writable();
context_writable = NULL;
}
const secp256k1_context *context_read_only = zkp_context_get_read_only(); const secp256k1_context *context_read_only = zkp_context_get_read_only();

10
crypto/zkp_context.c
View File

@ -34,12 +34,18 @@ static uint8_t context_buffer[SECP256K1_CONTEXT_SIZE];
static secp256k1_context *context; static secp256k1_context *context;
static volatile atomic_flag locked; static volatile atomic_flag locked;
void secp256k1_context_writable_randomize(secp256k1_context *context_writable) { // returns 0 on success
int secp256k1_context_writable_randomize(secp256k1_context *context_writable) {
uint8_t seed[32] = {0}; uint8_t seed[32] = {0};
random_buffer(seed, sizeof(seed)); random_buffer(seed, sizeof(seed));
int returned = secp256k1_context_randomize(context_writable, seed); int returned = secp256k1_context_randomize(context_writable, seed);
memzero(seed, sizeof(seed)); memzero(seed, sizeof(seed));
assert(returned == 1);
if (returned != 1) {
return 1;
}
return 0;
} }
bool zkp_context_is_initialized(void) { return context != NULL; } bool zkp_context_is_initialized(void) { return context != NULL; }

2
crypto/zkp_context.h
View File

@ -5,7 +5,7 @@
#include "vendor/secp256k1-zkp/include/secp256k1_preallocated.h" #include "vendor/secp256k1-zkp/include/secp256k1_preallocated.h"
void secp256k1_context_writable_randomize(secp256k1_context *context); int secp256k1_context_writable_randomize(secp256k1_context *context);
int zkp_context_init(void); int zkp_context_init(void);
void zkp_context_destroy(void); void zkp_context_destroy(void);
const secp256k1_context *zkp_context_get_read_only(void); const secp256k1_context *zkp_context_get_read_only(void);

98
crypto/zkp_ecdsa.c
View File

@ -55,21 +55,31 @@ int zkp_ecdsa_get_public_key33(const ecdsa_curve *curve,
int result = 0; int result = 0;
secp256k1_pubkey public_key = {0}; secp256k1_context *context_writable = NULL;
if (result == 0) { if (result == 0) {
secp256k1_context *context_writable = zkp_context_acquire_writable(); context_writable = zkp_context_acquire_writable();
if (context_writable) { if (context_writable == NULL) {
secp256k1_context_writable_randomize(context_writable);
if (secp256k1_ec_pubkey_create(context_writable, &public_key,
private_key_bytes) != 1) {
result = 1;
}
zkp_context_release_writable();
} else {
result = 1; result = 1;
} }
} }
if (result == 0) {
if (secp256k1_context_writable_randomize(context_writable) != 0) {
result = 1;
}
}
secp256k1_pubkey public_key = {0};
if (result == 0) {
if (secp256k1_ec_pubkey_create(context_writable, &public_key,
private_key_bytes) != 1) {
result = 1;
}
}
if (context_writable) {
zkp_context_release_writable();
context_writable = NULL;
}
if (result == 0) { if (result == 0) {
size_t written = 33; size_t written = 33;
@ -102,21 +112,31 @@ int zkp_ecdsa_get_public_key65(const ecdsa_curve *curve,
int result = 0; int result = 0;
secp256k1_pubkey public_key = {0}; secp256k1_context *context_writable = NULL;
if (result == 0) { if (result == 0) {
secp256k1_context *context_writable = zkp_context_acquire_writable(); context_writable = zkp_context_acquire_writable();
if (context_writable) { if (context_writable == NULL) {
secp256k1_context_writable_randomize(context_writable);
if (secp256k1_ec_pubkey_create(context_writable, &public_key,
private_key_bytes) != 1) {
result = 1;
}
zkp_context_release_writable();
} else {
result = 1; result = 1;
} }
} }
if (result == 0) {
if (secp256k1_context_writable_randomize(context_writable) != 0) {
result = 1;
}
}
secp256k1_pubkey public_key = {0};
if (result == 0) {
if (secp256k1_ec_pubkey_create(context_writable, &public_key,
private_key_bytes) != 1) {
result = 1;
}
}
if (context_writable) {
zkp_context_release_writable();
context_writable = NULL;
}
if (result == 0) { if (result == 0) {
size_t written = 65; size_t written = 65;
@ -164,22 +184,32 @@ int zkp_ecdsa_sign_digest(
} }
} }
secp256k1_ecdsa_recoverable_signature recoverable_signature = {0}; secp256k1_context *context_writable = NULL;
if (result == 0) { if (result == 0) {
secp256k1_context *context_writable = zkp_context_acquire_writable(); context_writable = zkp_context_acquire_writable();
if (context_writable) { if (context_writable == NULL) {
secp256k1_context_writable_randomize(context_writable);
if (secp256k1_ecdsa_sign_recoverable(
context_writable, &recoverable_signature, digest,
private_key_bytes, NULL, NULL) != 1) {
result = 1;
}
zkp_context_release_writable();
} else {
result = 1; result = 1;
} }
} }
if (result == 0) {
if (secp256k1_context_writable_randomize(context_writable) != 0) {
result = 1;
}
}
secp256k1_ecdsa_recoverable_signature recoverable_signature = {0};
if (result == 0) {
if (secp256k1_ecdsa_sign_recoverable(context_writable,
&recoverable_signature, digest,
private_key_bytes, NULL, NULL) != 1) {
result = 1;
}
}
if (context_writable) {
zkp_context_release_writable();
context_writable = NULL;
}
if (result == 0) { if (result == 0) {
int recid = 0; int recid = 0;