arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-13 19:18:56 +00:00
Code Issues Releases Wiki Activity

Use single SHA256 for groestl curve for tx and msg signing

Browse Source
This commit is contained in:
Yura Pakhuchiy 2018-07-01 21:22:52 +07:00 committed by Pavol Rusnak
parent a3542a6441
commit b48cc1d6f8
4 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/apps/common/coininfo.py
View File

@ -35,6 +35,10 @@ class CoinInfo:
self.version_group_id = version_group_id
self.bip115 = bip115
self.curve_name = curve_name
if curve_name == 'secp256k1-groestl':
self.sign_hash_double = False
else:
self.sign_hash_double = True
# the following list is generated using tools/codegen/gen_coins.py

5
src/apps/common/signverify.py
View File

@ -12,7 +12,10 @@ def message_digest(coin, message):
h.extend(coin.signed_message_header)
write_varint(h, len(message))
h.extend(message)
return sha256(h.get_digest()).digest()
ret = h.get_digest()
if coin.sign_hash_double:
ret = sha256(ret).digest()
return ret
def split_message(message):

20
src/apps/wallet/sign_tx/segwit_bip143.py
View File

@ -32,14 +32,14 @@ class Bip143:
def add_output(self, txo_bin: TxOutputBinType):
write_tx_output(self.h_outputs, txo_bin)
def get_prevouts_hash(self) -> bytes:
return get_tx_hash(self.h_prevouts, double=True)
def get_prevouts_hash(self, coin: CoinInfo) -> bytes:
return get_tx_hash(self.h_prevouts, double=coin.sign_hash_double)
def get_sequence_hash(self) -> bytes:
return get_tx_hash(self.h_sequence, double=True)
def get_sequence_hash(self, coin: CoinInfo) -> bytes:
return get_tx_hash(self.h_sequence, double=coin.sign_hash_double)
def get_outputs_hash(self) -> bytes:
return get_tx_hash(self.h_outputs, double=True)
def get_outputs_hash(self, coin: CoinInfo) -> bytes:
return get_tx_hash(self.h_outputs, double=coin.sign_hash_double)
def preimage_hash(self, coin: CoinInfo, tx: SignTx, txi: TxInputType, pubkeyhash: bytes, sighash: int) -> bytes:
h_preimage = HashWriter(sha256)
@ -47,8 +47,8 @@ class Bip143:
assert not tx.overwintered
write_uint32(h_preimage, tx.version) # nVersion
write_bytes(h_preimage, bytearray(self.get_prevouts_hash())) # hashPrevouts
write_bytes(h_preimage, bytearray(self.get_sequence_hash())) # hashSequence
write_bytes(h_preimage, bytearray(self.get_prevouts_hash(coin))) # hashPrevouts
write_bytes(h_preimage, bytearray(self.get_sequence_hash(coin))) # hashSequence
write_bytes_rev(h_preimage, txi.prev_hash) # outpoint
write_uint32(h_preimage, txi.prev_index) # outpoint
@ -59,11 +59,11 @@ class Bip143:
write_uint64(h_preimage, txi.amount) # amount
write_uint32(h_preimage, txi.sequence) # nSequence
write_bytes(h_preimage, bytearray(self.get_outputs_hash())) # hashOutputs
write_bytes(h_preimage, bytearray(self.get_outputs_hash(coin))) # hashOutputs
write_uint32(h_preimage, tx.lock_time) # nLockTime
write_uint32(h_preimage, sighash) # nHashType
return get_tx_hash(h_preimage, double=True)
return get_tx_hash(h_preimage, double=coin.sign_hash_double)
# see https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#specification
# item 5 for details

4
src/apps/wallet/sign_tx/signing.py
View File

@ -312,7 +312,7 @@ async def sign_tx(tx: SignTx, root: bip32.HDNode):
multisig_pubkey_index(txi_sign.multisig, key_sign_pub)
# compute the signature from the tx digest
signature = ecdsa_sign(key_sign, get_tx_hash(h_sign, double=True))
signature = ecdsa_sign(key_sign, get_tx_hash(h_sign, double=coin.sign_hash_double))
tx_ser.signature_index = i_sign
tx_ser.signature = signature
@ -437,7 +437,7 @@ async def get_prevtx_output_value(coin: CoinInfo, tx_req: TxRequest, prev_hash:
write_bytes(txh, data)
ofs += len(data)
if get_tx_hash(txh, double=True, reverse=True) != prev_hash:
if get_tx_hash(txh, double=coin.sign_hash_double, reverse=True) != prev_hash:
raise SigningError(FailureType.ProcessError,
'Encountered invalid prev_hash')