From b8063e882b5f89e9655d85b13e273c4385a5e0a3 Mon Sep 17 00:00:00 2001 From: Martin Milata Date: Tue, 28 Jul 2020 00:46:54 +0200 Subject: [PATCH] legacy: drop zcash v3 tx signing support --- legacy/firmware/signing.c | 89 ++++++++++------------------------- legacy/firmware/transaction.c | 20 +++----- 2 files changed, 32 insertions(+), 77 deletions(-) diff --git a/legacy/firmware/signing.c b/legacy/firmware/signing.c index 4654ac2571..0bd7633e14 100644 --- a/legacy/firmware/signing.c +++ b/legacy/firmware/signing.c @@ -494,12 +494,6 @@ void signing_init(const SignTx *msg, const CoinInfo *_coin, version = msg->version; lock_time = msg->lock_time; - if (coin->overwintered && !msg->has_version_group_id) { - fsm_sendFailure(FailureType_Failure_DataError, - _("Version group ID must be set.")); - signing_abort(); - return; - } if (!coin->overwintered) { if (msg->has_version_group_id) { fsm_sendFailure(FailureType_Failure_DataError, @@ -519,19 +513,26 @@ void signing_init(const SignTx *msg, const CoinInfo *_coin, expiry = (coin->decred || coin->overwintered) ? msg->expiry : 0; timestamp = coin->timestamp ? msg->timestamp : 0; if (coin->overwintered) { + if (!msg->has_version_group_id) { + fsm_sendFailure(FailureType_Failure_DataError, + _("Version group ID must be set.")); + signing_abort(); + return; + } + if (!msg->has_branch_id) { + fsm_sendFailure(FailureType_Failure_DataError, + _("Branch ID must be set.")); + signing_abort(); + return; + } + if (version != 4) { + fsm_sendFailure(FailureType_Failure_DataError, + _("Unsupported transaction version.")); + signing_abort(); + return; + } version_group_id = msg->version_group_id; branch_id = msg->branch_id; - if (branch_id == 0) { - // set default values for Zcash if branch_id is unset - switch (version) { - case 3: - branch_id = 0x5BA81B19; // Overwinter - break; - case 4: - branch_id = 0x76B809BB; // Sapling - break; - } - } } else { version_group_id = 0; branch_id = 0; @@ -1006,40 +1007,6 @@ static void signing_hash_bip143(const TxInputType *txinput, uint8_t *hash) { #if !BITCOIN_ONLY -static void signing_hash_zip143(const TxInputType *txinput, uint8_t *hash) { - uint32_t hash_type = signing_hash_type(); - uint8_t personal[16] = {0}; - memcpy(personal, "ZcashSigHash", 12); - memcpy(personal + 12, &branch_id, 4); - Hasher hasher_preimage = {0}; - hasher_InitParam(&hasher_preimage, HASHER_BLAKE2B_PERSONAL, personal, - sizeof(personal)); - uint32_t ver = version | TX_OVERWINTERED; // 1. nVersion | fOverwintered - hasher_Update(&hasher_preimage, (const uint8_t *)&ver, 4); - hasher_Update(&hasher_preimage, (const uint8_t *)&version_group_id, - 4); // 2. nVersionGroupId - hasher_Update(&hasher_preimage, hash_prevouts, 32); // 3. hashPrevouts - hasher_Update(&hasher_preimage, hash_sequence, 32); // 4. hashSequence - hasher_Update(&hasher_preimage, hash_outputs, 32); // 5. hashOutputs - // 6. hashJoinSplits - hasher_Update(&hasher_preimage, (const uint8_t *)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32); - hasher_Update(&hasher_preimage, (const uint8_t *)&lock_time, - 4); // 7. nLockTime - hasher_Update(&hasher_preimage, (const uint8_t *)&expiry, - 4); // 8. expiryHeight - hasher_Update(&hasher_preimage, (const uint8_t *)&hash_type, - 4); // 9. nHashType - - tx_prevout_hash(&hasher_preimage, txinput); // 10a. outpoint - tx_script_hash(&hasher_preimage, txinput->script_sig.size, - txinput->script_sig.bytes); // 10b. scriptCode - hasher_Update(&hasher_preimage, (const uint8_t *)&txinput->amount, - 8); // 10c. value - tx_sequence_hash(&hasher_preimage, txinput); // 10d. nSequence - - hasher_Final(&hasher_preimage, hash); -} - static void signing_hash_zip243(const TxInputType *txinput, uint8_t *hash) { uint32_t hash_type = signing_hash_type(); uint8_t personal[16] = {0}; @@ -1640,20 +1607,14 @@ void signing_txack(TransactionType *tx) { uint8_t hash[32] = {0}; #if !BITCOIN_ONLY if (coin->overwintered) { - switch (version) { - case 3: - signing_hash_zip143(&tx->inputs[0], hash); - break; - case 4: - signing_hash_zip243(&tx->inputs[0], hash); - break; - default: - fsm_sendFailure( - FailureType_Failure_DataError, - _("Unsupported version for overwintered transaction")); - signing_abort(); - return; + if (version != 4) { + fsm_sendFailure( + FailureType_Failure_DataError, + _("Unsupported version for overwintered transaction")); + signing_abort(); + return; } + signing_hash_zip243(&tx->inputs[0], hash); } else #endif { diff --git a/legacy/firmware/transaction.c b/legacy/firmware/transaction.c index e5b68e0e45..df608ea280 100644 --- a/legacy/firmware/transaction.c +++ b/legacy/firmware/transaction.c @@ -684,19 +684,13 @@ uint32_t tx_serialize_middle_hash(TxStruct *tx) { uint32_t tx_serialize_footer(TxStruct *tx, uint8_t *out) { memcpy(out, &(tx->lock_time), 4); #if !BITCOIN_ONLY - if (tx->overwintered) { - if (tx->version == 3) { - memcpy(out + 4, &(tx->expiry), 4); - out[8] = 0x00; // nJoinSplit - return 9; - } else if (tx->version == 4) { - memcpy(out + 4, &(tx->expiry), 4); - memzero(out + 8, 8); // valueBalance - out[16] = 0x00; // nShieldedSpend - out[17] = 0x00; // nShieldedOutput - out[18] = 0x00; // nJoinSplit - return 19; - } + if (tx->overwintered && tx->version == 4) { + memcpy(out + 4, &(tx->expiry), 4); + memzero(out + 8, 8); // valueBalance + out[16] = 0x00; // nShieldedSpend + out[17] = 0x00; // nShieldedOutput + out[18] = 0x00; // nJoinSplit + return 19; } if (tx->is_decred) { memcpy(out + 4, &(tx->expiry), 4);