mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-09 15:00:58 +00:00
trezor.crypto: put back vstr where it makes sense (= user controlled input)
This commit is contained in:
parent
26ac0b6e52
commit
981ec87877
@ -101,7 +101,8 @@ STATIC mp_obj_t mod_trezorcrypto_AES_update(mp_obj_t self, mp_obj_t data) {
|
|||||||
if (buf.len == 0) {
|
if (buf.len == 0) {
|
||||||
return mp_const_empty_bytes;
|
return mp_const_empty_bytes;
|
||||||
}
|
}
|
||||||
uint8_t out[buf.len];
|
vstr_t vstr;
|
||||||
|
vstr_init_len(&vstr, buf.len);
|
||||||
mp_obj_AES_t *o = MP_OBJ_TO_PTR(self);
|
mp_obj_AES_t *o = MP_OBJ_TO_PTR(self);
|
||||||
switch (o->mode & AESModeMask) {
|
switch (o->mode & AESModeMask) {
|
||||||
case ECB:
|
case ECB:
|
||||||
@ -109,9 +110,9 @@ STATIC mp_obj_t mod_trezorcrypto_AES_update(mp_obj_t self, mp_obj_t data) {
|
|||||||
mp_raise_ValueError("Invalid data length");
|
mp_raise_ValueError("Invalid data length");
|
||||||
}
|
}
|
||||||
if ((o->mode & AESDirMask) == Encrypt) {
|
if ((o->mode & AESDirMask) == Encrypt) {
|
||||||
aes_ecb_encrypt(buf.buf, out, buf.len, &(o->ctx.encrypt_ctx));
|
aes_ecb_encrypt(buf.buf, (uint8_t *)vstr.buf, buf.len, &(o->ctx.encrypt_ctx));
|
||||||
} else {
|
} else {
|
||||||
aes_ecb_decrypt(buf.buf, out, buf.len, &(o->ctx.decrypt_ctx));
|
aes_ecb_decrypt(buf.buf, (uint8_t *)vstr.buf, buf.len, &(o->ctx.decrypt_ctx));
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CBC:
|
case CBC:
|
||||||
@ -119,26 +120,26 @@ STATIC mp_obj_t mod_trezorcrypto_AES_update(mp_obj_t self, mp_obj_t data) {
|
|||||||
mp_raise_ValueError("Invalid data length");
|
mp_raise_ValueError("Invalid data length");
|
||||||
}
|
}
|
||||||
if ((o->mode & AESDirMask) == Encrypt) {
|
if ((o->mode & AESDirMask) == Encrypt) {
|
||||||
aes_cbc_encrypt(buf.buf, out, buf.len, o->iv, &(o->ctx.encrypt_ctx));
|
aes_cbc_encrypt(buf.buf, (uint8_t *)vstr.buf, buf.len, o->iv, &(o->ctx.encrypt_ctx));
|
||||||
} else {
|
} else {
|
||||||
aes_cbc_decrypt(buf.buf, out, buf.len, o->iv, &(o->ctx.decrypt_ctx));
|
aes_cbc_decrypt(buf.buf, (uint8_t *)vstr.buf, buf.len, o->iv, &(o->ctx.decrypt_ctx));
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CFB:
|
case CFB:
|
||||||
if ((o->mode & AESDirMask) == Encrypt) {
|
if ((o->mode & AESDirMask) == Encrypt) {
|
||||||
aes_cfb_encrypt(buf.buf, out, buf.len, o->iv, &(o->ctx.encrypt_ctx));
|
aes_cfb_encrypt(buf.buf, (uint8_t *)vstr.buf, buf.len, o->iv, &(o->ctx.encrypt_ctx));
|
||||||
} else {
|
} else {
|
||||||
aes_cfb_decrypt(buf.buf, out, buf.len, o->iv, &(o->ctx.encrypt_ctx));
|
aes_cfb_decrypt(buf.buf, (uint8_t *)vstr.buf, buf.len, o->iv, &(o->ctx.encrypt_ctx));
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case OFB: // (encrypt == decrypt)
|
case OFB: // (encrypt == decrypt)
|
||||||
aes_ofb_crypt(buf.buf, out, buf.len, o->iv, &(o->ctx.encrypt_ctx));
|
aes_ofb_crypt(buf.buf, (uint8_t *)vstr.buf, buf.len, o->iv, &(o->ctx.encrypt_ctx));
|
||||||
break;
|
break;
|
||||||
case CTR: // (encrypt == decrypt)
|
case CTR: // (encrypt == decrypt)
|
||||||
aes_ctr_crypt(buf.buf, out, buf.len, o->ctr, aes_ctr_cbuf_inc, &(o->ctx.encrypt_ctx));
|
aes_ctr_crypt(buf.buf, (uint8_t *)vstr.buf, buf.len, o->ctr, aes_ctr_cbuf_inc, &(o->ctx.encrypt_ctx));
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
return mp_obj_new_bytes(out, sizeof(out));
|
return mp_obj_new_bytes((uint8_t *)vstr.buf, vstr.len);
|
||||||
}
|
}
|
||||||
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_AES_update_obj, mod_trezorcrypto_AES_update);
|
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_AES_update_obj, mod_trezorcrypto_AES_update);
|
||||||
|
|
||||||
|
@ -51,10 +51,11 @@ STATIC mp_obj_t mod_trezorcrypto_ChaCha20Poly1305_encrypt(mp_obj_t self, mp_obj_
|
|||||||
mp_obj_ChaCha20Poly1305_t *o = MP_OBJ_TO_PTR(self);
|
mp_obj_ChaCha20Poly1305_t *o = MP_OBJ_TO_PTR(self);
|
||||||
mp_buffer_info_t in;
|
mp_buffer_info_t in;
|
||||||
mp_get_buffer_raise(data, &in, MP_BUFFER_READ);
|
mp_get_buffer_raise(data, &in, MP_BUFFER_READ);
|
||||||
uint8_t out[in.len];
|
vstr_t vstr;
|
||||||
chacha20poly1305_encrypt(&(o->ctx), in.buf, out, in.len);
|
vstr_init_len(&vstr, in.len);
|
||||||
|
chacha20poly1305_encrypt(&(o->ctx), in.buf, (uint8_t *)vstr.buf, in.len);
|
||||||
o->plen += in.len;
|
o->plen += in.len;
|
||||||
return mp_obj_new_bytes(out, sizeof(out));
|
return mp_obj_new_bytes((uint8_t *)vstr.buf, vstr.len);
|
||||||
}
|
}
|
||||||
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_ChaCha20Poly1305_encrypt_obj, mod_trezorcrypto_ChaCha20Poly1305_encrypt);
|
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_ChaCha20Poly1305_encrypt_obj, mod_trezorcrypto_ChaCha20Poly1305_encrypt);
|
||||||
|
|
||||||
@ -66,10 +67,11 @@ STATIC mp_obj_t mod_trezorcrypto_ChaCha20Poly1305_decrypt(mp_obj_t self, mp_obj_
|
|||||||
mp_obj_ChaCha20Poly1305_t *o = MP_OBJ_TO_PTR(self);
|
mp_obj_ChaCha20Poly1305_t *o = MP_OBJ_TO_PTR(self);
|
||||||
mp_buffer_info_t in;
|
mp_buffer_info_t in;
|
||||||
mp_get_buffer_raise(data, &in, MP_BUFFER_READ);
|
mp_get_buffer_raise(data, &in, MP_BUFFER_READ);
|
||||||
uint8_t out[in.len];
|
vstr_t vstr;
|
||||||
chacha20poly1305_decrypt(&(o->ctx), in.buf, out, in.len);
|
vstr_init_len(&vstr, in.len);
|
||||||
|
chacha20poly1305_decrypt(&(o->ctx), in.buf, (uint8_t *)vstr.buf, in.len);
|
||||||
o->plen += in.len;
|
o->plen += in.len;
|
||||||
return mp_obj_new_bytes(out, sizeof(out));
|
return mp_obj_new_bytes((uint8_t *)vstr.buf, vstr.len);
|
||||||
}
|
}
|
||||||
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_ChaCha20Poly1305_decrypt_obj, mod_trezorcrypto_ChaCha20Poly1305_decrypt);
|
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_ChaCha20Poly1305_decrypt_obj, mod_trezorcrypto_ChaCha20Poly1305_decrypt);
|
||||||
|
|
||||||
|
@ -31,9 +31,10 @@ STATIC mp_obj_t mod_trezorcrypto_random_bytes(mp_obj_t len) {
|
|||||||
if (l > 1024) {
|
if (l > 1024) {
|
||||||
mp_raise_ValueError("Maximum requested size is 1024");
|
mp_raise_ValueError("Maximum requested size is 1024");
|
||||||
}
|
}
|
||||||
uint8_t out[l];
|
vstr_t vstr;
|
||||||
random_buffer(out, l);
|
vstr_init_len(&vstr, l);
|
||||||
return mp_obj_new_bytes(out, sizeof(out));
|
random_buffer((uint8_t *)vstr.buf, l);
|
||||||
|
return mp_obj_new_bytes((uint8_t *)vstr.buf, vstr.len);
|
||||||
}
|
}
|
||||||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_random_bytes_obj, mod_trezorcrypto_random_bytes);
|
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_random_bytes_obj, mod_trezorcrypto_random_bytes);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user