1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-23 06:48:16 +00:00

fix(core): Prevent sensitive data from being left on the call stack in modtrezorcrypto.

This commit is contained in:
Andrew Kozlik 2020-10-11 12:28:30 +02:00 committed by Andrew Kozlik
parent 6cb601509b
commit c21ca81a1e
20 changed files with 281 additions and 206 deletions

View File

@ -43,8 +43,8 @@ typedef struct _mp_obj_HDNode_t {
STATIC const mp_obj_type_t mod_trezorcrypto_HDNode_type;
#define XPUB_MAXLEN 128
#define ADDRESS_MAXLEN 40
#define XPUB_MAXLEN 112
#define ADDRESS_MAXLEN 39
/// def __init__(
/// self,
@ -266,15 +266,18 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_serialize_public(mp_obj_t self,
mp_obj_t version) {
uint32_t ver = trezor_obj_get_uint(version);
mp_obj_HDNode_t *o = MP_OBJ_TO_PTR(self);
char xpub[XPUB_MAXLEN] = {0};
vstr_t xpub = {0};
vstr_init_len(&xpub, XPUB_MAXLEN);
hdnode_fill_public_key(&o->hdnode);
int written = hdnode_serialize_public(&o->hdnode, o->fingerprint, ver, xpub,
XPUB_MAXLEN);
int written = hdnode_serialize_public(&o->hdnode, o->fingerprint, ver,
xpub.buf, xpub.alloc);
if (written <= 0) {
vstr_clear(&xpub);
mp_raise_ValueError("Failed to serialize");
}
// written includes NULL at the end of the string
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)xpub, written - 1);
xpub.len = written - 1;
return mp_obj_new_str_from_vstr(&mp_type_str, &xpub);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_serialize_public_obj,
mod_trezorcrypto_HDNode_serialize_public);
@ -383,10 +386,11 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_address(mp_obj_t self,
uint32_t v = trezor_obj_get_uint(version);
char address[ADDRESS_MAXLEN] = {0};
hdnode_get_address(&o->hdnode, v, address, ADDRESS_MAXLEN);
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)address,
strlen(address));
vstr_t address = {0};
vstr_init_len(&address, ADDRESS_MAXLEN);
hdnode_get_address(&o->hdnode, v, address.buf, address.alloc);
address.len = strlen(address.buf);
return mp_obj_new_str_from_vstr(&mp_type_str, &address);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_address_obj,
mod_trezorcrypto_HDNode_address);
@ -403,12 +407,14 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_nem_address(mp_obj_t self,
uint8_t n = trezor_obj_get_uint8(network);
char address[NEM_ADDRESS_SIZE + 1] = {0}; // + 1 for the 0 byte
if (!hdnode_get_nem_address(&o->hdnode, n, address)) {
vstr_t address = {0};
vstr_init_len(&address, NEM_ADDRESS_SIZE);
if (!hdnode_get_nem_address(&o->hdnode, n, address.buf)) {
vstr_clear(&address);
mp_raise_ValueError("Failed to compute a NEM address");
}
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)address,
strlen(address));
address.len = strlen(address.buf);
return mp_obj_new_str_from_vstr(&mp_type_str, &address);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_nem_address_obj,
mod_trezorcrypto_HDNode_nem_address);
@ -465,9 +471,10 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
STATIC mp_obj_t mod_trezorcrypto_HDNode_ethereum_pubkeyhash(mp_obj_t self) {
mp_obj_HDNode_t *o = MP_OBJ_TO_PTR(self);
uint8_t pkh[20] = {0};
hdnode_get_ethereum_pubkeyhash(&o->hdnode, pkh);
return mp_obj_new_bytes(pkh, sizeof(pkh));
vstr_t pkh = {0};
vstr_init_len(&pkh, 20);
hdnode_get_ethereum_pubkeyhash(&o->hdnode, (uint8_t *)pkh.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pkh);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_HDNode_ethereum_pubkeyhash_obj,

View File

@ -21,6 +21,7 @@
#include "py/runtime.h"
#include "bip39.h"
#include "sha2.h"
/// package: trezorcrypto.bip39
@ -135,19 +136,21 @@ STATIC mp_obj_t mod_trezorcrypto_bip39_seed(size_t n_args,
mp_buffer_info_t phrase = {0};
mp_get_buffer_raise(args[0], &mnemo, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &phrase, MP_BUFFER_READ);
uint8_t seed[64] = {0};
vstr_t seed = {0};
vstr_init_len(&seed, SHA512_DIGEST_LENGTH);
const char *pmnemonic = mnemo.len > 0 ? mnemo.buf : "";
const char *ppassphrase = phrase.len > 0 ? phrase.buf : "";
if (n_args > 2) {
// generate with a progress callback
ui_wait_callback = args[2];
mnemonic_to_seed(pmnemonic, ppassphrase, seed, wrapped_ui_wait_callback);
mnemonic_to_seed(pmnemonic, ppassphrase, (uint8_t *)seed.buf,
wrapped_ui_wait_callback);
ui_wait_callback = mp_const_none;
} else {
// generate without callback
mnemonic_to_seed(pmnemonic, ppassphrase, seed, NULL);
mnemonic_to_seed(pmnemonic, ppassphrase, (uint8_t *)seed.buf, NULL);
}
return mp_obj_new_bytes(seed, sizeof(seed));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &seed);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_bip39_seed_obj, 2,
3, mod_trezorcrypto_bip39_seed);

View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake256_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Blake256_digest(mp_obj_t self) {
mp_obj_Blake256_t *o = MP_OBJ_TO_PTR(self);
uint8_t hash[BLAKE256_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, BLAKE256_DIGEST_LENGTH);
BLAKE256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE256_CTX));
blake256_Final(&ctx, hash);
blake256_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(BLAKE256_CTX));
return mp_obj_new_bytes(hash, sizeof(hash));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake256_digest_obj,
mod_trezorcrypto_Blake256_digest);

View File

@ -131,12 +131,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake2b_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Blake2b_digest(mp_obj_t self) {
mp_obj_Blake2b_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[BLAKE2B_DIGEST_LENGTH] = {0};
BLAKE2B_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE2B_CTX));
blake2b_Final(&ctx, out, ctx.outlen);
vstr_t hash = {0};
vstr_init_len(&hash, ctx.outlen);
blake2b_Final(&ctx, (uint8_t *)hash.buf, hash.len);
memzero(&ctx, sizeof(BLAKE2B_CTX));
return mp_obj_new_bytes(out, o->ctx.outlen);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2b_digest_obj,
mod_trezorcrypto_Blake2b_digest);

View File

@ -131,12 +131,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake2s_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Blake2s_digest(mp_obj_t self) {
mp_obj_Blake2s_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[BLAKE2S_DIGEST_LENGTH] = {0};
BLAKE2S_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE2S_CTX));
blake2s_Final(&ctx, out, ctx.outlen);
vstr_t hash = {0};
vstr_init_len(&hash, ctx.outlen);
blake2s_Final(&ctx, (uint8_t *)hash.buf, hash.len);
memzero(&ctx, sizeof(BLAKE2S_CTX));
return mp_obj_new_bytes(out, o->ctx.outlen);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2s_digest_obj,
mod_trezorcrypto_Blake2s_digest);

View File

@ -123,9 +123,10 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_ChaCha20Poly1305_auth_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_ChaCha20Poly1305_finish(mp_obj_t self) {
mp_obj_ChaCha20Poly1305_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[16] = {0};
rfc7539_finish(&(o->ctx), o->alen, o->plen, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_t mac = {0};
vstr_init_len(&mac, 16);
rfc7539_finish(&(o->ctx), o->alen, o->plen, (uint8_t *)mac.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &mac);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_ChaCha20Poly1305_finish_obj,
mod_trezorcrypto_ChaCha20Poly1305_finish);

View File

@ -30,13 +30,14 @@
/// Generate secret key.
/// """
STATIC mp_obj_t mod_trezorcrypto_curve25519_generate_secret() {
uint8_t out[32] = {0};
random_buffer(out, 32);
vstr_t sk = {0};
vstr_init_len(&sk, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// taken from https://cr.yp.to/ecdh.html
out[0] &= 248;
out[31] &= 127;
out[31] |= 64;
return mp_obj_new_bytes(out, sizeof(out));
sk.buf[0] &= 248;
sk.buf[31] &= 127;
sk.buf[31] |= 64;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_0(
mod_trezorcrypto_curve25519_generate_secret_obj,
@ -52,9 +53,10 @@ STATIC mp_obj_t mod_trezorcrypto_curve25519_publickey(mp_obj_t secret_key) {
if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key");
}
uint8_t out[32] = {0};
curve25519_scalarmult_basepoint(out, (const uint8_t *)sk.buf);
return mp_obj_new_bytes(out, sizeof(out));
vstr_t pk = {0};
vstr_init_len(&pk, 32);
curve25519_scalarmult_basepoint((uint8_t *)pk.buf, (const uint8_t *)sk.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_curve25519_publickey_obj,
mod_trezorcrypto_curve25519_publickey);
@ -75,9 +77,11 @@ STATIC mp_obj_t mod_trezorcrypto_curve25519_multiply(mp_obj_t secret_key,
if (pk.len != 32) {
mp_raise_ValueError("Invalid length of public key");
}
uint8_t out[32] = {0};
curve25519_scalarmult(out, (const uint8_t *)sk.buf, (const uint8_t *)pk.buf);
return mp_obj_new_bytes(out, sizeof(out));
vstr_t out = {0};
vstr_init_len(&out, 32);
curve25519_scalarmult((uint8_t *)out.buf, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_curve25519_multiply_obj,
mod_trezorcrypto_curve25519_multiply);

View File

@ -31,13 +31,14 @@
/// Generate secret key.
/// """
STATIC mp_obj_t mod_trezorcrypto_ed25519_generate_secret() {
uint8_t out[32] = {0};
random_buffer(out, 32);
vstr_t sk = {0};
vstr_init_len(&sk, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// taken from https://cr.yp.to/ecdh.html
out[0] &= 248;
out[31] &= 127;
out[31] |= 64;
return mp_obj_new_bytes(out, sizeof(out));
sk.buf[0] &= 248;
sk.buf[31] &= 127;
sk.buf[31] |= 64;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_ed25519_generate_secret_obj,
mod_trezorcrypto_ed25519_generate_secret);
@ -52,10 +53,11 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_publickey(mp_obj_t secret_key) {
if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key");
}
uint8_t out[32] = {0};
vstr_t pk = {0};
vstr_init_len(&pk, sizeof(ed25519_public_key));
ed25519_publickey(*(const ed25519_secret_key *)sk.buf,
*(ed25519_public_key *)out);
return mp_obj_new_bytes(out, sizeof(out));
*(ed25519_public_key *)pk.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_ed25519_publickey_obj,
mod_trezorcrypto_ed25519_publickey);
@ -76,8 +78,9 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign(size_t n_args,
mp_raise_ValueError("Empty data to sign");
}
ed25519_public_key pk = {0};
uint8_t out[64] = {0};
mp_buffer_info_t hash_func = {0};
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_signature));
if (n_args == 3) {
mp_get_buffer_raise(args[2], &hash_func, MP_BUFFER_READ);
@ -85,17 +88,18 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign(size_t n_args,
if (memcmp(hash_func.buf, "keccak", sizeof("keccak")) == 0) {
ed25519_publickey_keccak(*(const ed25519_secret_key *)sk.buf, pk);
ed25519_sign_keccak(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
pk, *(ed25519_signature *)out);
pk, *(ed25519_signature *)sig.buf);
} else {
vstr_clear(&sig);
mp_raise_ValueError("Unknown hash function");
}
} else {
ed25519_publickey(*(const ed25519_secret_key *)sk.buf, pk);
ed25519_sign(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf, pk,
*(ed25519_signature *)out);
*(ed25519_signature *)sig.buf);
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_ed25519_sign_obj, 2,
3, mod_trezorcrypto_ed25519_sign);
@ -128,11 +132,12 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign_ext(mp_obj_t secret_key,
ed25519_publickey_ext(*(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)skext.buf, pk);
uint8_t out[64] = {0};
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_signature));
ed25519_sign_ext(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)skext.buf, pk,
*(ed25519_signature *)out);
return mp_obj_new_bytes(out, sizeof(out));
*(ed25519_signature *)sig.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_3(mod_trezorcrypto_ed25519_sign_ext_obj,
mod_trezorcrypto_ed25519_sign_ext);
@ -191,12 +196,14 @@ mod_trezorcrypto_ed25519_cosi_combine_publickeys(mp_obj_t public_keys) {
}
memcpy(pks[i], buf.buf, buf.len);
}
uint8_t out[32] = {0};
if (0 !=
ed25519_cosi_combine_publickeys(*(ed25519_public_key *)out, pks, pklen)) {
vstr_t pk = {0};
vstr_init_len(&pk, sizeof(ed25519_public_key));
if (0 != ed25519_cosi_combine_publickeys(*(ed25519_public_key *)pk.buf, pks,
pklen)) {
vstr_clear(&pk);
mp_raise_ValueError("Error combining public keys");
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_ed25519_cosi_combine_publickeys_obj,
@ -229,11 +236,12 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_cosi_combine_signatures(
}
memcpy(sigs[i], buf.buf, buf.len);
}
uint8_t out[64] = {0};
ed25519_cosi_combine_signatures(*(ed25519_signature *)out,
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_signature));
ed25519_cosi_combine_signatures(*(ed25519_signature *)sig.buf,
*(const ed25519_public_key *)sigR.buf, sigs,
siglen);
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(
mod_trezorcrypto_ed25519_cosi_combine_signatures_obj,
@ -269,13 +277,15 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_cosi_sign(size_t n_args,
if (pk.len != 32) {
mp_raise_ValueError("Invalid length of aggregated public key");
}
uint8_t out[32] = {0};
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_cosi_signature));
;
ed25519_cosi_sign(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)nonce.buf,
*(const ed25519_public_key *)sigR.buf,
*(const ed25519_secret_key *)pk.buf,
*(ed25519_cosi_signature *)out);
return mp_obj_new_bytes(out, sizeof(out));
*(ed25519_cosi_signature *)sig.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_ed25519_cosi_sign_obj, 5, 5,

View File

@ -81,12 +81,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Groestl512_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Groestl512_digest(mp_obj_t self) {
mp_obj_Groestl512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[GROESTL512_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, GROESTL512_DIGEST_LENGTH);
GROESTL512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(GROESTL512_CTX));
groestl512_Final(&ctx, out);
groestl512_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(GROESTL512_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Groestl512_digest_obj,
mod_trezorcrypto_Groestl512_digest);

View File

@ -551,10 +551,10 @@ STATIC mp_obj_t mod_trezorcrypto_monero_pack256_modm(size_t n_args,
const mp_obj_t *args) {
if (n_args == 1 || args[0] == mp_const_none) {
assert_scalar(args[0]);
uint8_t buff[32] = {0};
contract256_modm(buff, MP_OBJ_C_SCALAR(args[0]));
return mp_obj_new_bytes(buff, 32);
vstr_t out = {0};
vstr_init_len(&out, 32);
contract256_modm((uint8_t *)out.buf, MP_OBJ_C_SCALAR(args[0]));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} else {
mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE);
@ -873,10 +873,10 @@ STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_pack(size_t n_args,
const mp_obj_t *args) {
if (n_args == 1 || args[0] == mp_const_none) {
assert_ge25519(args[0]);
uint8_t buff[32] = {0};
ge25519_pack(buff, &MP_OBJ_C_GE25519(args[0]));
return mp_obj_new_bytes(buff, 32);
vstr_t out = {0};
vstr_init_len(&out, 32);
ge25519_pack((uint8_t *)out.buf, &MP_OBJ_C_GE25519(args[0]));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} else {
mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE);
@ -922,17 +922,20 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_encode_check(
size_t n_args, const mp_obj_t *args) {
uint8_t out[128] = {0};
vstr_t out = {0};
vstr_init_len(&out, 128);
mp_buffer_info_t data = {0};
mp_get_buffer_raise(args[1], &data, MP_BUFFER_READ);
int sz = xmr_base58_addr_encode_check(mp_obj_get_int(args[0]), data.buf,
data.len, (char *)out, sizeof(out));
if (sz == 0) {
data.len, out.buf, out.alloc);
if (sz <= 0) {
vstr_clear(&out);
mp_raise_ValueError("b58 encoding error");
}
out.len = sz;
return mp_obj_new_bytes(out, sz);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_monero_xmr_base58_addr_encode_check_obj, 2, 2,
@ -945,20 +948,23 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_decode_check(
size_t n_args, const mp_obj_t *args) {
uint8_t out[128] = {0};
uint64_t tag = 0;
vstr_t out = {0};
vstr_init_len(&out, 128);
mp_buffer_info_t data = {0};
mp_get_buffer_raise(args[0], &data, MP_BUFFER_READ);
int sz =
xmr_base58_addr_decode_check(data.buf, data.len, &tag, out, sizeof(out));
if (sz == 0) {
int sz = xmr_base58_addr_decode_check(data.buf, data.len, &tag, out.buf,
out.alloc);
if (sz <= 0) {
vstr_clear(&out);
mp_raise_ValueError("b58 decoding error");
}
out.len = sz;
mp_obj_tuple_t *tuple = MP_OBJ_TO_PTR(mp_obj_new_tuple(2, NULL));
tuple->items[0] = mp_obj_new_bytes(out, sz);
tuple->items[0] = mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
tuple->items[1] = mp_obj_new_int_from_ull(tag);
return MP_OBJ_FROM_PTR(tuple);
}
@ -989,15 +995,19 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_fast_hash(size_t n_args,
const mp_obj_t *args) {
const int off = n_args >= 2 ? 0 : -1;
uint8_t buff[32] = {0};
uint8_t *buff_use = buff;
if (n_args > 1) {
vstr_t out = {0};
uint8_t *buff_use = NULL;
if (n_args >= 2) {
mp_buffer_info_t odata = {0};
mp_get_buffer_raise(args[0], &odata, MP_BUFFER_WRITE);
if (odata.len < 32) {
if (odata.len < HASHER_DIGEST_LENGTH) {
vstr_clear(&out);
mp_raise_ValueError("Output buffer too small");
}
buff_use = odata.buf;
} else {
vstr_init_len(&out, HASHER_DIGEST_LENGTH);
buff_use = (uint8_t *)out.buf;
}
mp_buffer_info_t data = {0};
@ -1010,7 +1020,7 @@ STATIC mp_obj_t mod_trezorcrypto_monero_xmr_fast_hash(size_t n_args,
mp_raise_ValueError("Illegal offset/length");
}
xmr_fast_hash(buff_use, (const char *)data.buf + offset, length);
return n_args >= 2 ? args[0] : mp_obj_new_bytes(buff, 32);
return n_args >= 2 ? args[0] : mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_monero_xmr_fast_hash_obj, 1, 4,
@ -1333,22 +1343,22 @@ STATIC mp_obj_t mod_trezorcrypto_monero_hasher_digest(size_t n_args,
Hasher ctx = {0};
memcpy(&ctx, &(o->h), sizeof(Hasher));
uint8_t out[SHA3_256_DIGEST_LENGTH] = {0};
xmr_hasher_final(&ctx, out);
memzero(&ctx, sizeof(SHA3_CTX));
if (n_args == 1 || args[1] == mp_const_none) {
return mp_obj_new_bytes(out, sizeof(out));
vstr_t hash = {0};
vstr_init_len(&hash, SHA3_256_DIGEST_LENGTH);
xmr_hasher_final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} else {
mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[1], &bufm, MP_BUFFER_WRITE);
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
if (bufm.len < 32 + offset) {
if (bufm.len < SHA3_256_DIGEST_LENGTH + offset) {
mp_raise_ValueError("Buffer too small");
}
memcpy((uint8_t *)bufm.buf + offset, out, SHA3_256_DIGEST_LENGTH);
xmr_hasher_final(&ctx, (uint8_t *)bufm.buf + offset);
memzero(&ctx, sizeof(SHA3_CTX));
return args[1];
}
}

View File

@ -29,27 +29,28 @@
/// Generate secret key.
/// """
STATIC mp_obj_t mod_trezorcrypto_nist256p1_generate_secret() {
uint8_t out[32] = {0};
vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) {
random_buffer(out, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order
if (0 ==
memcmp(
out,
sk.buf,
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
32))
sk.len))
continue;
if (0 <=
memcmp(
out,
sk.buf,
"\xFF\xFF\xFF\xFF\x00\x00\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
"\xBC\xE6\xFA\xAD\xA7\x17\x9E\x84\xF3\xB9\xCA\xC2\xFC\x63\x25\x51",
32))
sk.len))
continue;
break;
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_nist256p1_generate_secret_obj,
mod_trezorcrypto_nist256p1_generate_secret);
@ -65,16 +66,18 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_publickey(size_t n_args,
if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key");
}
vstr_t pk = {0};
bool compressed = n_args < 2 || args[1] == mp_const_true;
if (compressed) {
uint8_t out[33] = {0};
ecdsa_get_public_key33(&nist256p1, (const uint8_t *)sk.buf, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_init_len(&pk, 33);
ecdsa_get_public_key33(&nist256p1, (const uint8_t *)sk.buf,
(uint8_t *)pk.buf);
} else {
uint8_t out[65] = {0};
ecdsa_get_public_key65(&nist256p1, (const uint8_t *)sk.buf, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_init_len(&pk, 65);
ecdsa_get_public_key65(&nist256p1, (const uint8_t *)sk.buf,
(uint8_t *)pk.buf);
}
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_nist256p1_publickey_obj, 1, 2,
@ -88,7 +91,8 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """
STATIC mp_obj_t mod_trezorcrypto_nist256p1_sign(size_t n_args,
const mp_obj_t *args) {
mp_buffer_info_t sk = {0}, dig = {0};
mp_buffer_info_t sk = {0};
mp_buffer_info_t dig = {0};
mp_get_buffer_raise(args[0], &sk, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &dig, MP_BUFFER_READ);
bool compressed = n_args < 3 || args[2] == mp_const_true;
@ -98,13 +102,17 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_sign(size_t n_args,
if (dig.len != 32) {
mp_raise_ValueError("Invalid length of digest");
}
uint8_t out[65] = {0}, pby = 0;
vstr_t sig = {0};
vstr_init_len(&sig, 65);
uint8_t pby = 0;
if (0 != ecdsa_sign_digest(&nist256p1, (const uint8_t *)sk.buf,
(const uint8_t *)dig.buf, out + 1, &pby, NULL)) {
(const uint8_t *)dig.buf, (uint8_t *)sig.buf + 1,
&pby, NULL)) {
vstr_clear(&sig);
mp_raise_ValueError("Signing failed");
}
out[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out));
sig.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_nist256p1_sign_obj,
2, 3,
@ -162,15 +170,16 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_verify_recover(mp_obj_t signature,
}
bool compressed = (recid >= 4);
recid &= 3;
uint8_t out[65] = {0};
if (0 == ecdsa_recover_pub_from_sig(&nist256p1, out,
vstr_t pk = {0};
vstr_init_len(&pk, 65);
if (0 == ecdsa_recover_pub_from_sig(&nist256p1, (uint8_t *)pk.buf,
(const uint8_t *)sig.buf + 1,
(const uint8_t *)dig.buf, recid)) {
if (compressed) {
out[0] = 0x02 | (out[64] & 1);
return mp_obj_new_bytes(out, 33);
pk.buf[0] = 0x02 | (pk.buf[64] & 1);
pk.len = 33;
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} else {
return mp_const_none;
}
@ -194,12 +203,14 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_multiply(mp_obj_t secret_key,
if (pk.len != 33 && pk.len != 65) {
mp_raise_ValueError("Invalid length of public key");
}
uint8_t out[65] = {0};
vstr_t out = {0};
vstr_init_len(&out, 65);
if (0 != ecdh_multiply(&nist256p1, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf, out)) {
(const uint8_t *)pk.buf, (uint8_t *)out.buf)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed");
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_nist256p1_multiply_obj,
mod_trezorcrypto_nist256p1_multiply);

View File

@ -106,10 +106,12 @@ STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_update(mp_obj_t self,
uint32_t iter = trezor_obj_get_uint(iterations);
if (o->prf == PRF_HMAC_SHA256) {
pbkdf2_hmac_sha256_Update(&(o->ctx256), iter);
}
if (o->prf == PRF_HMAC_SHA512) {
} else if (o->prf == PRF_HMAC_SHA512) {
pbkdf2_hmac_sha512_Update(&(o->ctx512), iter);
} else {
mp_raise_ValueError("Invalid PRF");
}
return mp_const_none;
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Pbkdf2_update_obj,
@ -121,23 +123,23 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Pbkdf2_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_key(mp_obj_t self) {
mp_obj_Pbkdf2_t *o = MP_OBJ_TO_PTR(self);
vstr_t out = {0};
if (o->prf == PRF_HMAC_SHA256) {
PBKDF2_HMAC_SHA256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx256), sizeof(PBKDF2_HMAC_SHA256_CTX));
uint8_t out[SHA256_DIGEST_LENGTH] = {0};
pbkdf2_hmac_sha256_Final(&ctx, out);
vstr_init_len(&out, SHA256_DIGEST_LENGTH);
pbkdf2_hmac_sha256_Final(&ctx, (uint8_t *)out.buf);
memzero(&ctx, sizeof(PBKDF2_HMAC_SHA256_CTX));
return mp_obj_new_bytes(out, sizeof(out));
}
if (o->prf == PRF_HMAC_SHA512) {
} else if (o->prf == PRF_HMAC_SHA512) {
PBKDF2_HMAC_SHA512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx512), sizeof(PBKDF2_HMAC_SHA512_CTX));
uint8_t out[SHA512_DIGEST_LENGTH] = {0};
pbkdf2_hmac_sha512_Final(&ctx, out);
vstr_init_len(&out, SHA512_DIGEST_LENGTH);
pbkdf2_hmac_sha512_Final(&ctx, (uint8_t *)out.buf);
memzero(&ctx, sizeof(PBKDF2_HMAC_SHA512_CTX));
return mp_obj_new_bytes(out, sizeof(out));
} else {
mp_raise_ValueError("Invalid PRF");
}
return mp_const_none;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Pbkdf2_key_obj,
mod_trezorcrypto_Pbkdf2_key);

View File

@ -78,12 +78,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Ripemd160_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Ripemd160_digest(mp_obj_t self) {
mp_obj_Ripemd160_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[RIPEMD160_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, RIPEMD160_DIGEST_LENGTH);
RIPEMD160_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(RIPEMD160_CTX));
ripemd160_Final(&ctx, out);
ripemd160_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(RIPEMD160_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Ripemd160_digest_obj,
mod_trezorcrypto_Ripemd160_digest);

View File

@ -29,27 +29,28 @@
/// Generate secret key.
/// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_generate_secret() {
uint8_t out[32] = {0};
vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) {
random_buffer(out, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order
if (0 ==
memcmp(
out,
sk.buf,
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
32))
continue;
if (0 <=
memcmp(
out,
sk.buf,
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE"
"\xBA\xAE\xDC\xE6\xAF\x48\xA0\x3B\xBF\xD2\x5E\x8C\xD0\x36\x41\x41",
32))
continue;
break;
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_secp256k1_generate_secret_obj,
mod_trezorcrypto_secp256k1_generate_secret);
@ -65,16 +66,18 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_publickey(size_t n_args,
if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key");
}
vstr_t pk = {0};
bool compressed = n_args < 2 || args[1] == mp_const_true;
if (compressed) {
uint8_t out[33] = {0};
ecdsa_get_public_key33(&secp256k1, (const uint8_t *)sk.buf, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_init_len(&pk, 33);
ecdsa_get_public_key33(&secp256k1, (const uint8_t *)sk.buf,
(uint8_t *)pk.buf);
} else {
uint8_t out[65] = {0};
ecdsa_get_public_key65(&secp256k1, (const uint8_t *)sk.buf, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_init_len(&pk, 65);
ecdsa_get_public_key65(&secp256k1, (const uint8_t *)sk.buf,
(uint8_t *)pk.buf);
}
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_publickey_obj, 1, 2,
@ -117,7 +120,8 @@ enum {
/// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_sign(size_t n_args,
const mp_obj_t *args) {
mp_buffer_info_t sk = {0}, dig = {0};
mp_buffer_info_t sk = {0};
mp_buffer_info_t dig = {0};
mp_get_buffer_raise(args[0], &sk, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &dig, MP_BUFFER_READ);
bool compressed = (n_args < 3) || (args[2] == mp_const_true);
@ -139,14 +143,17 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_sign(size_t n_args,
if (dig.len != 32) {
mp_raise_ValueError("Invalid length of digest");
}
uint8_t out[65] = {0}, pby = 0;
vstr_t sig = {0};
vstr_init_len(&sig, 65);
uint8_t pby = 0;
if (0 != ecdsa_sign_digest(&secp256k1, (const uint8_t *)sk.buf,
(const uint8_t *)dig.buf, out + 1, &pby,
is_canonical)) {
(const uint8_t *)dig.buf, (uint8_t *)sig.buf + 1,
&pby, is_canonical)) {
vstr_clear(&sig);
mp_raise_ValueError("Signing failed");
}
out[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out));
sig.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_secp256k1_sign_obj,
2, 4,
@ -204,15 +211,16 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_verify_recover(mp_obj_t signature,
}
bool compressed = (recid >= 4);
recid &= 3;
uint8_t out[65] = {0};
if (0 == ecdsa_recover_pub_from_sig(&secp256k1, out,
vstr_t pk = {0};
vstr_init_len(&pk, 65);
if (0 == ecdsa_recover_pub_from_sig(&secp256k1, (uint8_t *)pk.buf,
(const uint8_t *)sig.buf + 1,
(const uint8_t *)dig.buf, recid)) {
if (compressed) {
out[0] = 0x02 | (out[64] & 1);
return mp_obj_new_bytes(out, 33);
pk.buf[0] = 0x02 | (pk.buf[64] & 1);
pk.len = 33;
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} else {
return mp_const_none;
}
@ -236,12 +244,14 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_multiply(mp_obj_t secret_key,
if (pk.len != 33 && pk.len != 65) {
mp_raise_ValueError("Invalid length of public key");
}
uint8_t out[65] = {0};
vstr_t out = {0};
vstr_init_len(&out, 65);
if (0 != ecdh_multiply(&secp256k1, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf, out)) {
(const uint8_t *)pk.buf, (uint8_t *)out.buf)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed");
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_secp256k1_multiply_obj,
mod_trezorcrypto_secp256k1_multiply);

View File

@ -130,15 +130,17 @@ static const secp256k1_context *mod_trezorcrypto_get_secp256k1_context(
/// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_zkp_generate_secret(mp_obj_t self) {
const secp256k1_context *ctx = mod_trezorcrypto_get_secp256k1_context(self);
uint8_t out[32] = {0};
vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) {
random_buffer(out, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order
if (secp256k1_ec_seckey_verify(ctx, out) == 1) {
if (secp256k1_ec_seckey_verify(ctx, (uint8_t *)sk.buf) == 1) {
break;
}
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_secp256k1_zkp_generate_secret_obj,
@ -163,12 +165,13 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_publickey(
}
bool compressed = n_args < 3 || args[2] == mp_const_true;
uint8_t out[65] = {0};
size_t outlen = sizeof(out);
vstr_t out = {0};
vstr_init_len(&out, 65);
secp256k1_ec_pubkey_serialize(
ctx, out, &outlen, &pk,
ctx, (uint8_t *)out.buf, &out.len, &pk,
compressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED);
return mp_obj_new_bytes(out, outlen);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_context_publickey_obj, 2, 3,
@ -195,16 +198,18 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_sign(size_t n_args,
mp_raise_ValueError("Invalid length of digest");
}
secp256k1_ecdsa_recoverable_signature sig;
uint8_t out[65] = {0};
vstr_t out = {0};
vstr_init_len(&out, 65);
int pby = 0;
if (!secp256k1_ecdsa_sign_recoverable(ctx, &sig, (const uint8_t *)dig.buf,
(const uint8_t *)sk.buf, NULL, NULL)) {
vstr_clear(&out);
mp_raise_ValueError("Signing failed");
}
secp256k1_ecdsa_recoverable_signature_serialize_compact(ctx, &out[1], &pby,
&sig);
out[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out));
secp256k1_ecdsa_recoverable_signature_serialize_compact(
ctx, (uint8_t *)&out.buf[1], &pby, &sig);
out.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_context_sign_obj, 3, 4,
@ -286,12 +291,12 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_verify_recover(
if (!secp256k1_ecdsa_recover(ctx, &pk, &ec_sig, (const uint8_t *)dig.buf)) {
return mp_const_none;
}
uint8_t out[65] = {0};
size_t pklen = sizeof(out);
vstr_t out = {0};
vstr_init_len(&out, 65);
secp256k1_ec_pubkey_serialize(
ctx, out, &pklen, &pk,
ctx, (uint8_t *)out.buf, &out.len, &pk,
compressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED);
return mp_obj_new_bytes(out, pklen);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_3(
mod_trezorcrypto_secp256k1_context_verify_recover_obj,
@ -328,12 +333,14 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_multiply(
pk.len)) {
mp_raise_ValueError("Invalid public key");
}
uint8_t out[65] = {0};
if (!secp256k1_ecdh(ctx, out, &ec_pk, (const uint8_t *)sk.buf,
vstr_t out = {0};
vstr_init_len(&out, 65);
if (!secp256k1_ecdh(ctx, (uint8_t *)out.buf, &ec_pk, (const uint8_t *)sk.buf,
secp256k1_ecdh_hash_passthrough, NULL)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed");
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_3(
mod_trezorcrypto_secp256k1_context_multiply_obj,

View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha1_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha1_digest(mp_obj_t self) {
mp_obj_Sha1_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA1_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA1_DIGEST_LENGTH);
SHA1_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA1_CTX));
sha1_Final(&ctx, out);
sha1_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA1_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha1_digest_obj,
mod_trezorcrypto_Sha1_digest);

View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha256_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha256_digest(mp_obj_t self) {
mp_obj_Sha256_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA256_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA256_DIGEST_LENGTH);
SHA256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA256_CTX));
sha256_Final(&ctx, out);
sha256_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA256_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha256_digest_obj,
mod_trezorcrypto_Sha256_digest);

View File

@ -90,16 +90,17 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha3_256_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha3_256_digest(mp_obj_t self) {
mp_obj_Sha3_256_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA3_256_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA3_256_DIGEST_LENGTH);
SHA3_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA3_CTX));
if (o->keccak) {
keccak_Final(&ctx, out);
keccak_Final(&ctx, (uint8_t *)hash.buf);
} else {
sha3_Final(&ctx, out);
sha3_Final(&ctx, (uint8_t *)hash.buf);
}
memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_256_digest_obj,
mod_trezorcrypto_Sha3_256_digest);

View File

@ -90,16 +90,17 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha3_512_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha3_512_digest(mp_obj_t self) {
mp_obj_Sha3_512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA3_512_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA3_512_DIGEST_LENGTH);
SHA3_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA3_CTX));
if (o->keccak) {
keccak_Final(&ctx, out);
keccak_Final(&ctx, (uint8_t *)hash.buf);
} else {
sha3_Final(&ctx, out);
sha3_Final(&ctx, (uint8_t *)hash.buf);
}
memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_512_digest_obj,
mod_trezorcrypto_Sha3_512_digest);

View File

@ -76,12 +76,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha512_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha512_digest(mp_obj_t self) {
mp_obj_Sha512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA512_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA512_DIGEST_LENGTH);
SHA512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA512_CTX));
sha512_Final(&ctx, out);
sha512_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA512_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha512_digest_obj,
mod_trezorcrypto_Sha512_digest);