arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-22 15:38:11 +00:00
Code Issues Releases Wiki Activity

fix(core): Prevent sensitive data from being left on the call stack in modtrezorcrypto.

Browse Source
This commit is contained in:
Andrew Kozlik 2020-10-11 12:28:30 +02:00 committed by Andrew Kozlik
parent 6cb601509b
commit c21ca81a1e
20 changed files with 281 additions and 206 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-bip32.h
View File

@ -43,8 +43,8 @@ typedef struct _mp_obj_HDNode_t {
STATIC const mp_obj_type_t mod_trezorcrypto_HDNode_type;
#define XPUB_MAXLEN 128
#define ADDRESS_MAXLEN 40
#define XPUB_MAXLEN 112
#define ADDRESS_MAXLEN 39
/// def __init__(
/// self,
@ -266,15 +266,18 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_serialize_public(mp_obj_t self,
mp_obj_t version) {
uint32_t ver = trezor_obj_get_uint(version);
mp_obj_HDNode_t *o = MP_OBJ_TO_PTR(self);
char xpub[XPUB_MAXLEN] = {0};
vstr_t xpub = {0};
vstr_init_len(&xpub, XPUB_MAXLEN);
hdnode_fill_public_key(&o->hdnode);
int written = hdnode_serialize_public(&o->hdnode, o->fingerprint, ver, xpub,
XPUB_MAXLEN);
int written = hdnode_serialize_public(&o->hdnode, o->fingerprint, ver,
xpub.buf, xpub.alloc);
if (written <= 0) {
vstr_clear(&xpub);
mp_raise_ValueError("Failed to serialize");
}
// written includes NULL at the end of the string
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)xpub, written - 1);
xpub.len = written - 1;
return mp_obj_new_str_from_vstr(&mp_type_str, &xpub);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_serialize_public_obj,
mod_trezorcrypto_HDNode_serialize_public);
@ -383,10 +386,11 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_address(mp_obj_t self,
uint32_t v = trezor_obj_get_uint(version);
char address[ADDRESS_MAXLEN] = {0};
hdnode_get_address(&o->hdnode, v, address, ADDRESS_MAXLEN);
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)address,
strlen(address));
vstr_t address = {0};
vstr_init_len(&address, ADDRESS_MAXLEN);
hdnode_get_address(&o->hdnode, v, address.buf, address.alloc);
address.len = strlen(address.buf);
return mp_obj_new_str_from_vstr(&mp_type_str, &address);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_address_obj,
mod_trezorcrypto_HDNode_address);
@ -403,12 +407,14 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_nem_address(mp_obj_t self,
uint8_t n = trezor_obj_get_uint8(network);
char address[NEM_ADDRESS_SIZE + 1] = {0}; // + 1 for the 0 byte
if (!hdnode_get_nem_address(&o->hdnode, n, address)) {
vstr_t address = {0};
vstr_init_len(&address, NEM_ADDRESS_SIZE);
if (!hdnode_get_nem_address(&o->hdnode, n, address.buf)) {
vstr_clear(&address);
mp_raise_ValueError("Failed to compute a NEM address");
}
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)address,
strlen(address));
address.len = strlen(address.buf);
return mp_obj_new_str_from_vstr(&mp_type_str, &address);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_nem_address_obj,
mod_trezorcrypto_HDNode_nem_address);
@ -465,9 +471,10 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
STATIC mp_obj_t mod_trezorcrypto_HDNode_ethereum_pubkeyhash(mp_obj_t self) {
mp_obj_HDNode_t *o = MP_OBJ_TO_PTR(self);
uint8_t pkh[20] = {0};
hdnode_get_ethereum_pubkeyhash(&o->hdnode, pkh);
return mp_obj_new_bytes(pkh, sizeof(pkh));
vstr_t pkh = {0};
vstr_init_len(&pkh, 20);
hdnode_get_ethereum_pubkeyhash(&o->hdnode, (uint8_t *)pkh.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pkh);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_HDNode_ethereum_pubkeyhash_obj,

11
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-bip39.h
View File

@ -21,6 +21,7 @@
#include "py/runtime.h"
#include "bip39.h"
#include "sha2.h"
/// package: trezorcrypto.bip39
@ -135,19 +136,21 @@ STATIC mp_obj_t mod_trezorcrypto_bip39_seed(size_t n_args,
mp_buffer_info_t phrase = {0};
mp_get_buffer_raise(args[0], &mnemo, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &phrase, MP_BUFFER_READ);
uint8_t seed[64] = {0};
vstr_t seed = {0};
vstr_init_len(&seed, SHA512_DIGEST_LENGTH);
const char *pmnemonic = mnemo.len > 0 ? mnemo.buf : "";
const char *ppassphrase = phrase.len > 0 ? phrase.buf : "";
if (n_args > 2) {
// generate with a progress callback
ui_wait_callback = args[2];
mnemonic_to_seed(pmnemonic, ppassphrase, seed, wrapped_ui_wait_callback);
mnemonic_to_seed(pmnemonic, ppassphrase, (uint8_t *)seed.buf,
wrapped_ui_wait_callback);
ui_wait_callback = mp_const_none;
} else {
// generate without callback
mnemonic_to_seed(pmnemonic, ppassphrase, seed, NULL);
mnemonic_to_seed(pmnemonic, ppassphrase, (uint8_t *)seed.buf, NULL);
}
return mp_obj_new_bytes(seed, sizeof(seed));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &seed);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_bip39_seed_obj, 2,
3, mod_trezorcrypto_bip39_seed);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake256.h
View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake256_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Blake256_digest(mp_obj_t self) {
mp_obj_Blake256_t *o = MP_OBJ_TO_PTR(self);
uint8_t hash[BLAKE256_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, BLAKE256_DIGEST_LENGTH);
BLAKE256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE256_CTX));
blake256_Final(&ctx, hash);
blake256_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(BLAKE256_CTX));
return mp_obj_new_bytes(hash, sizeof(hash));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake256_digest_obj,
mod_trezorcrypto_Blake256_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2b.h
View File

@ -131,12 +131,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake2b_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Blake2b_digest(mp_obj_t self) {
mp_obj_Blake2b_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[BLAKE2B_DIGEST_LENGTH] = {0};
BLAKE2B_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE2B_CTX));
blake2b_Final(&ctx, out, ctx.outlen);
vstr_t hash = {0};
vstr_init_len(&hash, ctx.outlen);
blake2b_Final(&ctx, (uint8_t *)hash.buf, hash.len);
memzero(&ctx, sizeof(BLAKE2B_CTX));
return mp_obj_new_bytes(out, o->ctx.outlen);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2b_digest_obj,
mod_trezorcrypto_Blake2b_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2s.h
View File

@ -131,12 +131,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake2s_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Blake2s_digest(mp_obj_t self) {
mp_obj_Blake2s_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[BLAKE2S_DIGEST_LENGTH] = {0};
BLAKE2S_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE2S_CTX));
blake2s_Final(&ctx, out, ctx.outlen);
vstr_t hash = {0};
vstr_init_len(&hash, ctx.outlen);
blake2s_Final(&ctx, (uint8_t *)hash.buf, hash.len);
memzero(&ctx, sizeof(BLAKE2S_CTX));
return mp_obj_new_bytes(out, o->ctx.outlen);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2s_digest_obj,
mod_trezorcrypto_Blake2s_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-chacha20poly1305.h
View File

@ -123,9 +123,10 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_ChaCha20Poly1305_auth_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_ChaCha20Poly1305_finish(mp_obj_t self) {
mp_obj_ChaCha20Poly1305_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[16] = {0};
rfc7539_finish(&(o->ctx), o->alen, o->plen, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_t mac = {0};
vstr_init_len(&mac, 16);
rfc7539_finish(&(o->ctx), o->alen, o->plen, (uint8_t *)mac.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &mac);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_ChaCha20Poly1305_finish_obj,
mod_trezorcrypto_ChaCha20Poly1305_finish);

28
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-curve25519.h
View File

@ -30,13 +30,14 @@
/// Generate secret key.
/// """
STATIC mp_obj_t mod_trezorcrypto_curve25519_generate_secret() {
uint8_t out[32] = {0};
random_buffer(out, 32);
vstr_t sk = {0};
vstr_init_len(&sk, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// taken from https://cr.yp.to/ecdh.html
out[0] &= 248;
out[31] &= 127;
out[31] |= 64;
return mp_obj_new_bytes(out, sizeof(out));
sk.buf[0] &= 248;
sk.buf[31] &= 127;
sk.buf[31] |= 64;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_0(
mod_trezorcrypto_curve25519_generate_secret_obj,
@ -52,9 +53,10 @@ STATIC mp_obj_t mod_trezorcrypto_curve25519_publickey(mp_obj_t secret_key) {
if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key");
}
uint8_t out[32] = {0};
curve25519_scalarmult_basepoint(out, (const uint8_t *)sk.buf);
return mp_obj_new_bytes(out, sizeof(out));
vstr_t pk = {0};
vstr_init_len(&pk, 32);
curve25519_scalarmult_basepoint((uint8_t *)pk.buf, (const uint8_t *)sk.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_curve25519_publickey_obj,
mod_trezorcrypto_curve25519_publickey);
@ -75,9 +77,11 @@ STATIC mp_obj_t mod_trezorcrypto_curve25519_multiply(mp_obj_t secret_key,
if (pk.len != 32) {
mp_raise_ValueError("Invalid length of public key");
}
uint8_t out[32] = {0};
curve25519_scalarmult(out, (const uint8_t *)sk.buf, (const uint8_t *)pk.buf);
return mp_obj_new_bytes(out, sizeof(out));
vstr_t out = {0};
vstr_init_len(&out, 32);
curve25519_scalarmult((uint8_t *)out.buf, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_curve25519_multiply_obj,
mod_trezorcrypto_curve25519_multiply);

62
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-ed25519.h
View File

@ -31,13 +31,14 @@
/// Generate secret key.
/// """
STATIC mp_obj_t mod_trezorcrypto_ed25519_generate_secret() {
uint8_t out[32] = {0};
random_buffer(out, 32);
vstr_t sk = {0};
vstr_init_len(&sk, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// taken from https://cr.yp.to/ecdh.html
out[0] &= 248;
out[31] &= 127;
out[31] |= 64;
return mp_obj_new_bytes(out, sizeof(out));
sk.buf[0] &= 248;
sk.buf[31] &= 127;
sk.buf[31] |= 64;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_ed25519_generate_secret_obj,
mod_trezorcrypto_ed25519_generate_secret);
@ -52,10 +53,11 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_publickey(mp_obj_t secret_key) {
if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key");
}
uint8_t out[32] = {0};
vstr_t pk = {0};
vstr_init_len(&pk, sizeof(ed25519_public_key));
ed25519_publickey(*(const ed25519_secret_key *)sk.buf,
*(ed25519_public_key *)out);
return mp_obj_new_bytes(out, sizeof(out));
*(ed25519_public_key *)pk.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_ed25519_publickey_obj,
mod_trezorcrypto_ed25519_publickey);
@ -76,8 +78,9 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign(size_t n_args,
mp_raise_ValueError("Empty data to sign");
}
ed25519_public_key pk = {0};
uint8_t out[64] = {0};
mp_buffer_info_t hash_func = {0};
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_signature));
if (n_args == 3) {
mp_get_buffer_raise(args[2], &hash_func, MP_BUFFER_READ);
@ -85,17 +88,18 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign(size_t n_args,
if (memcmp(hash_func.buf, "keccak", sizeof("keccak")) == 0) {
ed25519_publickey_keccak(*(const ed25519_secret_key *)sk.buf, pk);
ed25519_sign_keccak(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
pk, *(ed25519_signature *)out);
pk, *(ed25519_signature *)sig.buf);
} else {
vstr_clear(&sig);
mp_raise_ValueError("Unknown hash function");
}
} else {
ed25519_publickey(*(const ed25519_secret_key *)sk.buf, pk);
ed25519_sign(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf, pk,
*(ed25519_signature *)out);
*(ed25519_signature *)sig.buf);
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_ed25519_sign_obj, 2,
3, mod_trezorcrypto_ed25519_sign);
@ -128,11 +132,12 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign_ext(mp_obj_t secret_key,
ed25519_publickey_ext(*(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)skext.buf, pk);
uint8_t out[64] = {0};
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_signature));
ed25519_sign_ext(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)skext.buf, pk,
*(ed25519_signature *)out);
return mp_obj_new_bytes(out, sizeof(out));
*(ed25519_signature *)sig.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_3(mod_trezorcrypto_ed25519_sign_ext_obj,
mod_trezorcrypto_ed25519_sign_ext);
@ -191,12 +196,14 @@ mod_trezorcrypto_ed25519_cosi_combine_publickeys(mp_obj_t public_keys) {
}
memcpy(pks[i], buf.buf, buf.len);
}
uint8_t out[32] = {0};
if (0 !=
ed25519_cosi_combine_publickeys(*(ed25519_public_key *)out, pks, pklen)) {
vstr_t pk = {0};
vstr_init_len(&pk, sizeof(ed25519_public_key));
if (0 != ed25519_cosi_combine_publickeys(*(ed25519_public_key *)pk.buf, pks,
pklen)) {
vstr_clear(&pk);
mp_raise_ValueError("Error combining public keys");
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_ed25519_cosi_combine_publickeys_obj,
@ -229,11 +236,12 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_cosi_combine_signatures(
}
memcpy(sigs[i], buf.buf, buf.len);
}
uint8_t out[64] = {0};
ed25519_cosi_combine_signatures(*(ed25519_signature *)out,
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_signature));
ed25519_cosi_combine_signatures(*(ed25519_signature *)sig.buf,
*(const ed25519_public_key *)sigR.buf, sigs,
siglen);
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(
mod_trezorcrypto_ed25519_cosi_combine_signatures_obj,
@ -269,13 +277,15 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_cosi_sign(size_t n_args,
if (pk.len != 32) {
mp_raise_ValueError("Invalid length of aggregated public key");
}
uint8_t out[32] = {0};
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_cosi_signature));
;
ed25519_cosi_sign(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)nonce.buf,
*(const ed25519_public_key *)sigR.buf,
*(const ed25519_secret_key *)pk.buf,
*(ed25519_cosi_signature *)out);
return mp_obj_new_bytes(out, sizeof(out));
*(ed25519_cosi_signature *)sig.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_ed25519_cosi_sign_obj, 5, 5,

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-groestl.h
View File

@ -81,12 +81,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Groestl512_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Groestl512_digest(mp_obj_t self) {
mp_obj_Groestl512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[GROESTL512_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, GROESTL512_DIGEST_LENGTH);
GROESTL512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(GROESTL512_CTX));
groestl512_Final(&ctx, out);
groestl512_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(GROESTL512_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Groestl512_digest_obj,
mod_trezorcrypto_Groestl512_digest);

70
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h
View File

@ -551,10 +551,10 @@ STATIC mp_obj_t mod_trezorcrypto_monero_pack256_modm(size_t n_args,
const mp_obj_t *args) {
if (n_args == 1 || args[0] == mp_const_none) {
assert_scalar(args[0]);
uint8_t buff[32] = {0};
contract256_modm(buff, MP_OBJ_C_SCALAR(args[0]));
return mp_obj_new_bytes(buff, 32);
vstr_t out = {0};
vstr_init_len(&out, 32);
contract256_modm((uint8_t *)out.buf, MP_OBJ_C_SCALAR(args[0]));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} else {
mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE);
@ -873,10 +873,10 @@ STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_pack(size_t n_args,
const mp_obj_t *args) {
if (n_args == 1 || args[0] == mp_const_none) {
assert_ge25519(args[0]);
uint8_t buff[32] = {0};
ge25519_pack(buff, &MP_OBJ_C_GE25519(args[0]));
return mp_obj_new_bytes(buff, 32);
vstr_t out = {0};
vstr_init_len(&out, 32);
ge25519_pack((uint8_t *)out.buf, &MP_OBJ_C_GE25519(args[0]));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} else {
mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE);
@ -922,17 +922,20 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_encode_check(
size_t n_args, const mp_obj_t *args) {
uint8_t out[128] = {0};
vstr_t out = {0};
vstr_init_len(&out, 128);
mp_buffer_info_t data = {0};
mp_get_buffer_raise(args[1], &data, MP_BUFFER_READ);
int sz = xmr_base58_addr_encode_check(mp_obj_get_int(args[0]), data.buf,
data.len, (char *)out, sizeof(out));
if (sz == 0) {
data.len, out.buf, out.alloc);
if (sz <= 0) {
vstr_clear(&out);
mp_raise_ValueError("b58 encoding error");
}
out.len = sz;
return mp_obj_new_bytes(out, sz);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_monero_xmr_base58_addr_encode_check_obj, 2, 2,
@ -945,20 +948,23 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_decode_check(
size_t n_args, const mp_obj_t *args) {
uint8_t out[128] = {0};
uint64_t tag = 0;
vstr_t out = {0};
vstr_init_len(&out, 128);
mp_buffer_info_t data = {0};
mp_get_buffer_raise(args[0], &data, MP_BUFFER_READ);
int sz =
xmr_base58_addr_decode_check(data.buf, data.len, &tag, out, sizeof(out));
if (sz == 0) {
int sz = xmr_base58_addr_decode_check(data.buf, data.len, &tag, out.buf,
out.alloc);
if (sz <= 0) {
vstr_clear(&out);
mp_raise_ValueError("b58 decoding error");
}
out.len = sz;
mp_obj_tuple_t *tuple = MP_OBJ_TO_PTR(mp_obj_new_tuple(2, NULL));
tuple->items[0] = mp_obj_new_bytes(out, sz);
tuple->items[0] = mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
tuple->items[1] = mp_obj_new_int_from_ull(tag);
return MP_OBJ_FROM_PTR(tuple);
}
@ -989,15 +995,19 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_fast_hash(size_t n_args,
const mp_obj_t *args) {
const int off = n_args >= 2 ? 0 : -1;
uint8_t buff[32] = {0};
uint8_t *buff_use = buff;
if (n_args > 1) {
vstr_t out = {0};
uint8_t *buff_use = NULL;
if (n_args >= 2) {
mp_buffer_info_t odata = {0};
mp_get_buffer_raise(args[0], &odata, MP_BUFFER_WRITE);
if (odata.len < 32) {
if (odata.len < HASHER_DIGEST_LENGTH) {
vstr_clear(&out);
mp_raise_ValueError("Output buffer too small");
}
buff_use = odata.buf;
} else {
vstr_init_len(&out, HASHER_DIGEST_LENGTH);
buff_use = (uint8_t *)out.buf;
}
mp_buffer_info_t data = {0};
@ -1010,7 +1020,7 @@ STATIC mp_obj_t mod_trezorcrypto_monero_xmr_fast_hash(size_t n_args,
mp_raise_ValueError("Illegal offset/length");
}
xmr_fast_hash(buff_use, (const char *)data.buf + offset, length);
return n_args >= 2 ? args[0] : mp_obj_new_bytes(buff, 32);
return n_args >= 2 ? args[0] : mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_monero_xmr_fast_hash_obj, 1, 4,
@ -1333,22 +1343,22 @@ STATIC mp_obj_t mod_trezorcrypto_monero_hasher_digest(size_t n_args,
Hasher ctx = {0};
memcpy(&ctx, &(o->h), sizeof(Hasher));
uint8_t out[SHA3_256_DIGEST_LENGTH] = {0};
xmr_hasher_final(&ctx, out);
memzero(&ctx, sizeof(SHA3_CTX));
if (n_args == 1 || args[1] == mp_const_none) {
return mp_obj_new_bytes(out, sizeof(out));
vstr_t hash = {0};
vstr_init_len(&hash, SHA3_256_DIGEST_LENGTH);
xmr_hasher_final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} else {
mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[1], &bufm, MP_BUFFER_WRITE);
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
if (bufm.len < 32 + offset) {
if (bufm.len < SHA3_256_DIGEST_LENGTH + offset) {
mp_raise_ValueError("Buffer too small");
}
memcpy((uint8_t *)bufm.buf + offset, out, SHA3_256_DIGEST_LENGTH);
xmr_hasher_final(&ctx, (uint8_t *)bufm.buf + offset);
memzero(&ctx, sizeof(SHA3_CTX));
return args[1];
}
}

63
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-nist256p1.h
View File

@ -29,27 +29,28 @@
/// Generate secret key.
/// """
STATIC mp_obj_t mod_trezorcrypto_nist256p1_generate_secret() {
uint8_t out[32] = {0};
vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) {
random_buffer(out, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order
if (0 ==
memcmp(
out,
sk.buf,
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
32))
sk.len))
continue;
if (0 <=
memcmp(
out,
sk.buf,
"\xFF\xFF\xFF\xFF\x00\x00\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
"\xBC\xE6\xFA\xAD\xA7\x17\x9E\x84\xF3\xB9\xCA\xC2\xFC\x63\x25\x51",
32))
sk.len))
continue;
break;
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_nist256p1_generate_secret_obj,
mod_trezorcrypto_nist256p1_generate_secret);
@ -65,16 +66,18 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_publickey(size_t n_args,
if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key");
}
vstr_t pk = {0};
bool compressed = n_args < 2 || args[1] == mp_const_true;
if (compressed) {
uint8_t out[33] = {0};
ecdsa_get_public_key33(&nist256p1, (const uint8_t *)sk.buf, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_init_len(&pk, 33);
ecdsa_get_public_key33(&nist256p1, (const uint8_t *)sk.buf,
(uint8_t *)pk.buf);
} else {
uint8_t out[65] = {0};
ecdsa_get_public_key65(&nist256p1, (const uint8_t *)sk.buf, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_init_len(&pk, 65);
ecdsa_get_public_key65(&nist256p1, (const uint8_t *)sk.buf,
(uint8_t *)pk.buf);
}
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_nist256p1_publickey_obj, 1, 2,
@ -88,7 +91,8 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """
STATIC mp_obj_t mod_trezorcrypto_nist256p1_sign(size_t n_args,
const mp_obj_t *args) {
mp_buffer_info_t sk = {0}, dig = {0};
mp_buffer_info_t sk = {0};
mp_buffer_info_t dig = {0};
mp_get_buffer_raise(args[0], &sk, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &dig, MP_BUFFER_READ);
bool compressed = n_args < 3 || args[2] == mp_const_true;
@ -98,13 +102,17 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_sign(size_t n_args,
if (dig.len != 32) {
mp_raise_ValueError("Invalid length of digest");
}
uint8_t out[65] = {0}, pby = 0;
vstr_t sig = {0};
vstr_init_len(&sig, 65);
uint8_t pby = 0;
if (0 != ecdsa_sign_digest(&nist256p1, (const uint8_t *)sk.buf,
(const uint8_t *)dig.buf, out + 1, &pby, NULL)) {
(const uint8_t *)dig.buf, (uint8_t *)sig.buf + 1,
&pby, NULL)) {
vstr_clear(&sig);
mp_raise_ValueError("Signing failed");
}
out[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out));
sig.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_nist256p1_sign_obj,
2, 3,
@ -162,15 +170,16 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_verify_recover(mp_obj_t signature,
}
bool compressed = (recid >= 4);
recid &= 3;
uint8_t out[65] = {0};
if (0 == ecdsa_recover_pub_from_sig(&nist256p1, out,
vstr_t pk = {0};
vstr_init_len(&pk, 65);
if (0 == ecdsa_recover_pub_from_sig(&nist256p1, (uint8_t *)pk.buf,
(const uint8_t *)sig.buf + 1,
(const uint8_t *)dig.buf, recid)) {
if (compressed) {
out[0] = 0x02 | (out[64] & 1);
return mp_obj_new_bytes(out, 33);
pk.buf[0] = 0x02 | (pk.buf[64] & 1);
pk.len = 33;
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} else {
return mp_const_none;
}
@ -194,12 +203,14 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_multiply(mp_obj_t secret_key,
if (pk.len != 33 && pk.len != 65) {
mp_raise_ValueError("Invalid length of public key");
}
uint8_t out[65] = {0};
vstr_t out = {0};
vstr_init_len(&out, 65);
if (0 != ecdh_multiply(&nist256p1, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf, out)) {
(const uint8_t *)pk.buf, (uint8_t *)out.buf)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed");
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_nist256p1_multiply_obj,
mod_trezorcrypto_nist256p1_multiply);

24
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-pbkdf2.h
View File

@ -106,10 +106,12 @@ STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_update(mp_obj_t self,
uint32_t iter = trezor_obj_get_uint(iterations);
if (o->prf == PRF_HMAC_SHA256) {
pbkdf2_hmac_sha256_Update(&(o->ctx256), iter);
}
if (o->prf == PRF_HMAC_SHA512) {
} else if (o->prf == PRF_HMAC_SHA512) {
pbkdf2_hmac_sha512_Update(&(o->ctx512), iter);
} else {
mp_raise_ValueError("Invalid PRF");
}
return mp_const_none;
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Pbkdf2_update_obj,
@ -121,23 +123,23 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Pbkdf2_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_key(mp_obj_t self) {
mp_obj_Pbkdf2_t *o = MP_OBJ_TO_PTR(self);
vstr_t out = {0};
if (o->prf == PRF_HMAC_SHA256) {
PBKDF2_HMAC_SHA256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx256), sizeof(PBKDF2_HMAC_SHA256_CTX));
uint8_t out[SHA256_DIGEST_LENGTH] = {0};
pbkdf2_hmac_sha256_Final(&ctx, out);
vstr_init_len(&out, SHA256_DIGEST_LENGTH);
pbkdf2_hmac_sha256_Final(&ctx, (uint8_t *)out.buf);
memzero(&ctx, sizeof(PBKDF2_HMAC_SHA256_CTX));
return mp_obj_new_bytes(out, sizeof(out));
}
if (o->prf == PRF_HMAC_SHA512) {
} else if (o->prf == PRF_HMAC_SHA512) {
PBKDF2_HMAC_SHA512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx512), sizeof(PBKDF2_HMAC_SHA512_CTX));
uint8_t out[SHA512_DIGEST_LENGTH] = {0};
pbkdf2_hmac_sha512_Final(&ctx, out);
vstr_init_len(&out, SHA512_DIGEST_LENGTH);
pbkdf2_hmac_sha512_Final(&ctx, (uint8_t *)out.buf);
memzero(&ctx, sizeof(PBKDF2_HMAC_SHA512_CTX));
return mp_obj_new_bytes(out, sizeof(out));
} else {
mp_raise_ValueError("Invalid PRF");
}
return mp_const_none;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Pbkdf2_key_obj,
mod_trezorcrypto_Pbkdf2_key);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-ripemd160.h
View File

@ -78,12 +78,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Ripemd160_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Ripemd160_digest(mp_obj_t self) {
mp_obj_Ripemd160_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[RIPEMD160_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, RIPEMD160_DIGEST_LENGTH);
RIPEMD160_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(RIPEMD160_CTX));
ripemd160_Final(&ctx, out);
ripemd160_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(RIPEMD160_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Ripemd160_digest_obj,
mod_trezorcrypto_Ripemd160_digest);

60
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-secp256k1.h
View File

@ -29,27 +29,28 @@
/// Generate secret key.
/// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_generate_secret() {
uint8_t out[32] = {0};
vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) {
random_buffer(out, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order
if (0 ==
memcmp(
out,
sk.buf,
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
32))
continue;
if (0 <=
memcmp(
out,
sk.buf,
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE"
"\xBA\xAE\xDC\xE6\xAF\x48\xA0\x3B\xBF\xD2\x5E\x8C\xD0\x36\x41\x41",
32))
continue;
break;
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_secp256k1_generate_secret_obj,
mod_trezorcrypto_secp256k1_generate_secret);
@ -65,16 +66,18 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_publickey(size_t n_args,
if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key");
}
vstr_t pk = {0};
bool compressed = n_args < 2 || args[1] == mp_const_true;
if (compressed) {
uint8_t out[33] = {0};
ecdsa_get_public_key33(&secp256k1, (const uint8_t *)sk.buf, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_init_len(&pk, 33);
ecdsa_get_public_key33(&secp256k1, (const uint8_t *)sk.buf,
(uint8_t *)pk.buf);
} else {
uint8_t out[65] = {0};
ecdsa_get_public_key65(&secp256k1, (const uint8_t *)sk.buf, out);
return mp_obj_new_bytes(out, sizeof(out));
vstr_init_len(&pk, 65);
ecdsa_get_public_key65(&secp256k1, (const uint8_t *)sk.buf,
(uint8_t *)pk.buf);
}
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_publickey_obj, 1, 2,
@ -117,7 +120,8 @@ enum {
/// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_sign(size_t n_args,
const mp_obj_t *args) {
mp_buffer_info_t sk = {0}, dig = {0};
mp_buffer_info_t sk = {0};
mp_buffer_info_t dig = {0};
mp_get_buffer_raise(args[0], &sk, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &dig, MP_BUFFER_READ);
bool compressed = (n_args < 3) || (args[2] == mp_const_true);
@ -139,14 +143,17 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_sign(size_t n_args,
if (dig.len != 32) {
mp_raise_ValueError("Invalid length of digest");
}
uint8_t out[65] = {0}, pby = 0;
vstr_t sig = {0};
vstr_init_len(&sig, 65);
uint8_t pby = 0;
if (0 != ecdsa_sign_digest(&secp256k1, (const uint8_t *)sk.buf,
(const uint8_t *)dig.buf, out + 1, &pby,
is_canonical)) {
(const uint8_t *)dig.buf, (uint8_t *)sig.buf + 1,
&pby, is_canonical)) {
vstr_clear(&sig);
mp_raise_ValueError("Signing failed");
}
out[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out));
sig.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_secp256k1_sign_obj,
2, 4,
@ -204,15 +211,16 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_verify_recover(mp_obj_t signature,
}
bool compressed = (recid >= 4);
recid &= 3;
uint8_t out[65] = {0};
if (0 == ecdsa_recover_pub_from_sig(&secp256k1, out,
vstr_t pk = {0};
vstr_init_len(&pk, 65);
if (0 == ecdsa_recover_pub_from_sig(&secp256k1, (uint8_t *)pk.buf,
(const uint8_t *)sig.buf + 1,
(const uint8_t *)dig.buf, recid)) {
if (compressed) {
out[0] = 0x02 | (out[64] & 1);
return mp_obj_new_bytes(out, 33);
pk.buf[0] = 0x02 | (pk.buf[64] & 1);
pk.len = 33;
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} else {
return mp_const_none;
}
@ -236,12 +244,14 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_multiply(mp_obj_t secret_key,
if (pk.len != 33 && pk.len != 65) {
mp_raise_ValueError("Invalid length of public key");
}
uint8_t out[65] = {0};
vstr_t out = {0};
vstr_init_len(&out, 65);
if (0 != ecdh_multiply(&secp256k1, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf, out)) {
(const uint8_t *)pk.buf, (uint8_t *)out.buf)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed");
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_secp256k1_multiply_obj,
mod_trezorcrypto_secp256k1_multiply);

47
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-secp256k1_zkp.h
View File

@ -130,15 +130,17 @@ static const secp256k1_context *mod_trezorcrypto_get_secp256k1_context(
/// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_zkp_generate_secret(mp_obj_t self) {
const secp256k1_context *ctx = mod_trezorcrypto_get_secp256k1_context(self);
uint8_t out[32] = {0};
vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) {
random_buffer(out, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order
if (secp256k1_ec_seckey_verify(ctx, out) == 1) {
if (secp256k1_ec_seckey_verify(ctx, (uint8_t *)sk.buf) == 1) {
break;
}
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_secp256k1_zkp_generate_secret_obj,
@ -163,12 +165,13 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_publickey(
}
bool compressed = n_args < 3 || args[2] == mp_const_true;
uint8_t out[65] = {0};
size_t outlen = sizeof(out);
vstr_t out = {0};
vstr_init_len(&out, 65);
secp256k1_ec_pubkey_serialize(
ctx, out, &outlen, &pk,
ctx, (uint8_t *)out.buf, &out.len, &pk,
compressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED);
return mp_obj_new_bytes(out, outlen);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_context_publickey_obj, 2, 3,
@ -195,16 +198,18 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_sign(size_t n_args,
mp_raise_ValueError("Invalid length of digest");
}
secp256k1_ecdsa_recoverable_signature sig;
uint8_t out[65] = {0};
vstr_t out = {0};
vstr_init_len(&out, 65);
int pby = 0;
if (!secp256k1_ecdsa_sign_recoverable(ctx, &sig, (const uint8_t *)dig.buf,
(const uint8_t *)sk.buf, NULL, NULL)) {
vstr_clear(&out);
mp_raise_ValueError("Signing failed");
}
secp256k1_ecdsa_recoverable_signature_serialize_compact(ctx, &out[1], &pby,
&sig);
out[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out));
secp256k1_ecdsa_recoverable_signature_serialize_compact(
ctx, (uint8_t *)&out.buf[1], &pby, &sig);
out.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_context_sign_obj, 3, 4,
@ -286,12 +291,12 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_verify_recover(
if (!secp256k1_ecdsa_recover(ctx, &pk, &ec_sig, (const uint8_t *)dig.buf)) {
return mp_const_none;
}
uint8_t out[65] = {0};
size_t pklen = sizeof(out);
vstr_t out = {0};
vstr_init_len(&out, 65);
secp256k1_ec_pubkey_serialize(
ctx, out, &pklen, &pk,
ctx, (uint8_t *)out.buf, &out.len, &pk,
compressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED);
return mp_obj_new_bytes(out, pklen);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_3(
mod_trezorcrypto_secp256k1_context_verify_recover_obj,
@ -328,12 +333,14 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_multiply(
pk.len)) {
mp_raise_ValueError("Invalid public key");
}
uint8_t out[65] = {0};
if (!secp256k1_ecdh(ctx, out, &ec_pk, (const uint8_t *)sk.buf,
vstr_t out = {0};
vstr_init_len(&out, 65);
if (!secp256k1_ecdh(ctx, (uint8_t *)out.buf, &ec_pk, (const uint8_t *)sk.buf,
secp256k1_ecdh_hash_passthrough, NULL)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed");
}
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_3(
mod_trezorcrypto_secp256k1_context_multiply_obj,

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha1.h
View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha1_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha1_digest(mp_obj_t self) {
mp_obj_Sha1_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA1_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA1_DIGEST_LENGTH);
SHA1_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA1_CTX));
sha1_Final(&ctx, out);
sha1_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA1_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha1_digest_obj,
mod_trezorcrypto_Sha1_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha256.h
View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha256_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha256_digest(mp_obj_t self) {
mp_obj_Sha256_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA256_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA256_DIGEST_LENGTH);
SHA256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA256_CTX));
sha256_Final(&ctx, out);
sha256_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA256_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha256_digest_obj,
mod_trezorcrypto_Sha256_digest);

9
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-256.h
View File

@ -90,16 +90,17 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha3_256_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha3_256_digest(mp_obj_t self) {
mp_obj_Sha3_256_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA3_256_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA3_256_DIGEST_LENGTH);
SHA3_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA3_CTX));
if (o->keccak) {
keccak_Final(&ctx, out);
keccak_Final(&ctx, (uint8_t *)hash.buf);
} else {
sha3_Final(&ctx, out);
sha3_Final(&ctx, (uint8_t *)hash.buf);
}
memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_256_digest_obj,
mod_trezorcrypto_Sha3_256_digest);

9
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-512.h
View File

@ -90,16 +90,17 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha3_512_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha3_512_digest(mp_obj_t self) {
mp_obj_Sha3_512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA3_512_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA3_512_DIGEST_LENGTH);
SHA3_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA3_CTX));
if (o->keccak) {
keccak_Final(&ctx, out);
keccak_Final(&ctx, (uint8_t *)hash.buf);
} else {
sha3_Final(&ctx, out);
sha3_Final(&ctx, (uint8_t *)hash.buf);
}
memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_512_digest_obj,
mod_trezorcrypto_Sha3_512_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha512.h
View File

@ -76,12 +76,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha512_update_obj,
/// """
STATIC mp_obj_t mod_trezorcrypto_Sha512_digest(mp_obj_t self) {
mp_obj_Sha512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA512_DIGEST_LENGTH] = {0};
vstr_t hash = {0};
vstr_init_len(&hash, SHA512_DIGEST_LENGTH);
SHA512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA512_CTX));
sha512_Final(&ctx, out);
sha512_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA512_CTX));
return mp_obj_new_bytes(out, sizeof(out));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha512_digest_obj,
mod_trezorcrypto_Sha512_digest);