arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-03-30 15:05:43 +00:00
Code Issues Releases Wiki Activity

fix(core): make custom noise implementation compatible with standard

Browse Source
This commit is contained in:
M1nd3r 2025-03-09 08:50:11 +01:00
parent 6ddfff4376
commit 8594ff19c3
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/src/trezor/wire/thp/crypto.py
View File

@ -98,6 +98,7 @@ class Handshake:
trezor_ephemeral_pubkey = curve25519.publickey(self.trezor_ephemeral_privkey) trezor_ephemeral_pubkey = curve25519.publickey(self.trezor_ephemeral_privkey)
self.h = _hash_of_two(PROTOCOL_NAME, device_properties) self.h = _hash_of_two(PROTOCOL_NAME, device_properties)
self.h = _hash_of_two(self.h, host_ephemeral_pubkey) self.h = _hash_of_two(self.h, host_ephemeral_pubkey)
self.h = _hash_of_two(self.h, b"")
self.h = _hash_of_two(self.h, trezor_ephemeral_pubkey) self.h = _hash_of_two(self.h, trezor_ephemeral_pubkey)
point = curve25519.multiply( point = curve25519.multiply(
self.trezor_ephemeral_privkey, host_ephemeral_pubkey self.trezor_ephemeral_privkey, host_ephemeral_pubkey
@ -156,6 +157,7 @@ class Handshake:
) )
aes_ctx = aesgcm(self.k, IV_1) aes_ctx = aesgcm(self.k, IV_1)
aes_ctx.auth(self.h) aes_ctx.auth(self.h)
self.h = _hash_of_two(self.h, memoryview(encrypted_payload))
aes_ctx.decrypt_in_place(memoryview(encrypted_payload)[:-16]) aes_ctx.decrypt_in_place(memoryview(encrypted_payload)[:-16])
if __debug__: if __debug__:
log.debug( log.debug(
@ -165,7 +167,6 @@ class Handshake:
if tag != encrypted_payload[-16:]: if tag != encrypted_payload[-16:]:
raise ThpDecryptionError() raise ThpDecryptionError()
self.h = _hash_of_two(self.h, memoryview(encrypted_payload)[:-16])
self.key_receive, self.key_send = _hkdf(self.ck, b"") self.key_receive, self.key_send = _hkdf(self.ck, b"")
if __debug__: if __debug__:
log.debug( log.debug(