arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-04-20 00:59:02 +00:00
Code Issues Releases Wiki Activity

refactor(core): use different encoding of recoverable signatures

Browse Source 
[no changelog]
This commit is contained in:
Ondřej Vejpustek 2025-03-21 19:26:45 +01:00
parent 4d0edf50d7
commit 776eb9dcd2
6 changed files with 14 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/embed/upymod/modtrezorcrypto/modtrezorcrypto-nist256p1.h
View File

@ -114,7 +114,7 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_sign_recoverable(
vstr_clear(&sig);
mp_raise_ValueError("Signing failed");
}
sig.buf[0] = 27 + pby;
sig.buf[0] = pby;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(
@ -167,8 +167,8 @@ mod_trezorcrypto_nist256p1_verify_recover(size_t n_args, const mp_obj_t *args) {
if (dig.len != 32) {
return mp_const_none;
}
uint8_t recid = ((const uint8_t *)sig.buf)[0] - 27;
if (recid >= 8) {
uint8_t recid = ((const uint8_t *)sig.buf)[0];
if (recid >= 4) {
return mp_const_none;
}
recid &= 3;

6
core/embed/upymod/modtrezorcrypto/modtrezorcrypto-secp256k1.h
View File

@ -155,7 +155,7 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_sign_recoverable(
vstr_clear(&sig);
mp_raise_ValueError("Signing failed");
}
sig.buf[0] = 27 + pby;
sig.buf[0] = pby;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
@ -210,8 +210,8 @@ mod_trezorcrypto_secp256k1_verify_recover(size_t n_args, const mp_obj_t *args) {
if (dig.len != 32) {
return mp_const_none;
}
uint8_t recid = ((const uint8_t *)sig.buf)[0] - 27;
if (recid >= 8) {
uint8_t recid = ((const uint8_t *)sig.buf)[0];
if (recid >= 4) {
return mp_const_none;
}
recid &= 3;

9
core/src/apps/bitcoin/verify_message.py
View File

@ -88,15 +88,6 @@ async def verify_message(msg: VerifyMessage) -> Success:
if signature_script_type != address_script_type:
raise ProcessError("Invalid signature")
if signature_script_type == InputScriptType.SPENDP2SHWITNESS:
recoverable_signature = (
bytes([recoverable_signature[0] - 4]) + recoverable_signature[1:]
)
if signature_script_type == InputScriptType.SPENDWITNESS:
recoverable_signature = (
bytes([recoverable_signature[0] - 8]) + recoverable_signature[1:]
)
pubkey = secp256k1.verify_recover(
recoverable_signature,
digest,

6
core/src/apps/ethereum/sign_tx.py
View File

@ -268,10 +268,8 @@ def _sign_digest(
req = EthereumTxRequest()
req.signature_v = signature[0]
if msg.chain_id > MAX_CHAIN_ID:
req.signature_v -= 27
else:
req.signature_v += 2 * msg.chain_id + 8
if msg.chain_id <= MAX_CHAIN_ID:
req.signature_v += 35 + 2 * msg.chain_id
req.signature_r = signature[1:33]
req.signature_s = signature[33:]

2
core/src/apps/ethereum/sign_tx_eip1559.py
View File

@ -163,7 +163,7 @@ def _sign_digest(
)
req = EthereumTxRequest()
req.signature_v = signature[0] - 27
req.signature_v = signature[0]
req.signature_r = signature[1:33]
req.signature_s = signature[33:]

10
core/src/trezor/crypto/signature.py
View File

@ -17,13 +17,13 @@ def encode_bip137_signature(
) -> bytes:
def get_script_type_number(script_type: InputScriptType) -> int:
if script_type == InputScriptType.SPENDADDRESS_UNCOMPRESSED:
return 0
return 27
if script_type == InputScriptType.SPENDADDRESS:
return 4
return 31
elif script_type == InputScriptType.SPENDP2SHWITNESS:
return 8
return 35
elif script_type == InputScriptType.SPENDWITNESS:
return 12
return 39
else:
raise ValueError("Unsupported script type")
@ -47,4 +47,4 @@ def decode_bip137_signature(signature: bytes) -> tuple[InputScriptType, bytes]:
assert len(signature) == 65
header = signature[0]
return get_script_type(header), bytes([header]) + signature[1:]
return get_script_type(header), bytes([(header - 27) % 4]) + signature[1:]