arno
/
trezor-firmware
mirror of https://github.com/trezor/trezor-firmware.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(core): Prevent sensitive data from being left on the call stack in modtrezorcrypto.

Browse Source
pull/1306/head
Andrew Kozlik 4 years ago committed by Andrew Kozlik
parent 6cb601509b
commit c21ca81a1e
20 changed files with 281 additions and 206 deletions
Show Stats Download Patch File Download Diff File

41
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-bip32.h
Unescape View File

@ -43,8 +43,8 @@ typedef struct _mp_obj_HDNode_t {
STATIC const mp_obj_type_t mod_trezorcrypto_HDNode_type; STATIC const mp_obj_type_t mod_trezorcrypto_HDNode_type;
#define XPUB_MAXLEN 128 #define XPUB_MAXLEN 112
#define ADDRESS_MAXLEN 40 #define ADDRESS_MAXLEN 39
/// def __init__( /// def __init__(
/// self, /// self,
@ -266,15 +266,18 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_serialize_public(mp_obj_t self,
mp_obj_t version) { mp_obj_t version) {
uint32_t ver = trezor_obj_get_uint(version); uint32_t ver = trezor_obj_get_uint(version);
mp_obj_HDNode_t *o = MP_OBJ_TO_PTR(self); mp_obj_HDNode_t *o = MP_OBJ_TO_PTR(self);
char xpub[XPUB_MAXLEN] = {0}; vstr_t xpub = {0};
vstr_init_len(&xpub, XPUB_MAXLEN);
hdnode_fill_public_key(&o->hdnode); hdnode_fill_public_key(&o->hdnode);
int written = hdnode_serialize_public(&o->hdnode, o->fingerprint, ver, xpub, int written = hdnode_serialize_public(&o->hdnode, o->fingerprint, ver,
XPUB_MAXLEN); xpub.buf, xpub.alloc);
if (written <= 0) { if (written <= 0) {
vstr_clear(&xpub);
mp_raise_ValueError("Failed to serialize"); mp_raise_ValueError("Failed to serialize");
} }
// written includes NULL at the end of the string // written includes NULL at the end of the string
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)xpub, written - 1); xpub.len = written - 1;
return mp_obj_new_str_from_vstr(&mp_type_str, &xpub);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_serialize_public_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_serialize_public_obj,
mod_trezorcrypto_HDNode_serialize_public); mod_trezorcrypto_HDNode_serialize_public);
@ -383,10 +386,11 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_address(mp_obj_t self,
uint32_t v = trezor_obj_get_uint(version); uint32_t v = trezor_obj_get_uint(version);
char address[ADDRESS_MAXLEN] = {0}; vstr_t address = {0};
hdnode_get_address(&o->hdnode, v, address, ADDRESS_MAXLEN); vstr_init_len(&address, ADDRESS_MAXLEN);
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)address, hdnode_get_address(&o->hdnode, v, address.buf, address.alloc);
strlen(address)); address.len = strlen(address.buf);
return mp_obj_new_str_from_vstr(&mp_type_str, &address);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_address_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_address_obj,
mod_trezorcrypto_HDNode_address); mod_trezorcrypto_HDNode_address);
@ -403,12 +407,14 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_nem_address(mp_obj_t self,
uint8_t n = trezor_obj_get_uint8(network); uint8_t n = trezor_obj_get_uint8(network);
char address[NEM_ADDRESS_SIZE + 1] = {0}; // + 1 for the 0 byte vstr_t address = {0};
if (!hdnode_get_nem_address(&o->hdnode, n, address)) { vstr_init_len(&address, NEM_ADDRESS_SIZE);
if (!hdnode_get_nem_address(&o->hdnode, n, address.buf)) {
vstr_clear(&address);
mp_raise_ValueError("Failed to compute a NEM address"); mp_raise_ValueError("Failed to compute a NEM address");
} }
return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)address, address.len = strlen(address.buf);
strlen(address)); return mp_obj_new_str_from_vstr(&mp_type_str, &address);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_nem_address_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_HDNode_nem_address_obj,
mod_trezorcrypto_HDNode_nem_address); mod_trezorcrypto_HDNode_nem_address);
@ -465,9 +471,10 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
STATIC mp_obj_t mod_trezorcrypto_HDNode_ethereum_pubkeyhash(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_HDNode_ethereum_pubkeyhash(mp_obj_t self) {
mp_obj_HDNode_t *o = MP_OBJ_TO_PTR(self); mp_obj_HDNode_t *o = MP_OBJ_TO_PTR(self);
uint8_t pkh[20] = {0}; vstr_t pkh = {0};
hdnode_get_ethereum_pubkeyhash(&o->hdnode, pkh); vstr_init_len(&pkh, 20);
return mp_obj_new_bytes(pkh, sizeof(pkh)); hdnode_get_ethereum_pubkeyhash(&o->hdnode, (uint8_t *)pkh.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pkh);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1( STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_HDNode_ethereum_pubkeyhash_obj, mod_trezorcrypto_HDNode_ethereum_pubkeyhash_obj,

11
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-bip39.h
Unescape View File

@ -21,6 +21,7 @@
#include "py/runtime.h" #include "py/runtime.h"
#include "bip39.h" #include "bip39.h"
#include "sha2.h"
/// package: trezorcrypto.bip39 /// package: trezorcrypto.bip39
@ -135,19 +136,21 @@ STATIC mp_obj_t mod_trezorcrypto_bip39_seed(size_t n_args,
mp_buffer_info_t phrase = {0}; mp_buffer_info_t phrase = {0};
mp_get_buffer_raise(args[0], &mnemo, MP_BUFFER_READ); mp_get_buffer_raise(args[0], &mnemo, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &phrase, MP_BUFFER_READ); mp_get_buffer_raise(args[1], &phrase, MP_BUFFER_READ);
uint8_t seed[64] = {0}; vstr_t seed = {0};
vstr_init_len(&seed, SHA512_DIGEST_LENGTH);
const char *pmnemonic = mnemo.len > 0 ? mnemo.buf : ""; const char *pmnemonic = mnemo.len > 0 ? mnemo.buf : "";
const char *ppassphrase = phrase.len > 0 ? phrase.buf : ""; const char *ppassphrase = phrase.len > 0 ? phrase.buf : "";
if (n_args > 2) { if (n_args > 2) {
// generate with a progress callback // generate with a progress callback
ui_wait_callback = args[2]; ui_wait_callback = args[2];
mnemonic_to_seed(pmnemonic, ppassphrase, seed, wrapped_ui_wait_callback); mnemonic_to_seed(pmnemonic, ppassphrase, (uint8_t *)seed.buf,
wrapped_ui_wait_callback);
ui_wait_callback = mp_const_none; ui_wait_callback = mp_const_none;
} else { } else {
// generate without callback // generate without callback
mnemonic_to_seed(pmnemonic, ppassphrase, seed, NULL); mnemonic_to_seed(pmnemonic, ppassphrase, (uint8_t *)seed.buf, NULL);
} }
return mp_obj_new_bytes(seed, sizeof(seed)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &seed);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_bip39_seed_obj, 2, STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_bip39_seed_obj, 2,
3, mod_trezorcrypto_bip39_seed); 3, mod_trezorcrypto_bip39_seed);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake256.h
Unescape View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake256_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Blake256_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Blake256_digest(mp_obj_t self) {
mp_obj_Blake256_t *o = MP_OBJ_TO_PTR(self); mp_obj_Blake256_t *o = MP_OBJ_TO_PTR(self);
uint8_t hash[BLAKE256_DIGEST_LENGTH] = {0}; vstr_t hash = {0};
vstr_init_len(&hash, BLAKE256_DIGEST_LENGTH);
BLAKE256_CTX ctx = {0}; BLAKE256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE256_CTX)); memcpy(&ctx, &(o->ctx), sizeof(BLAKE256_CTX));
blake256_Final(&ctx, hash); blake256_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(BLAKE256_CTX)); memzero(&ctx, sizeof(BLAKE256_CTX));
return mp_obj_new_bytes(hash, sizeof(hash)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake256_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake256_digest_obj,
mod_trezorcrypto_Blake256_digest); mod_trezorcrypto_Blake256_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2b.h
Unescape View File

@ -131,12 +131,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake2b_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Blake2b_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Blake2b_digest(mp_obj_t self) {
mp_obj_Blake2b_t *o = MP_OBJ_TO_PTR(self); mp_obj_Blake2b_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[BLAKE2B_DIGEST_LENGTH] = {0};
BLAKE2B_CTX ctx = {0}; BLAKE2B_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE2B_CTX)); memcpy(&ctx, &(o->ctx), sizeof(BLAKE2B_CTX));
blake2b_Final(&ctx, out, ctx.outlen); vstr_t hash = {0};
vstr_init_len(&hash, ctx.outlen);
blake2b_Final(&ctx, (uint8_t *)hash.buf, hash.len);
memzero(&ctx, sizeof(BLAKE2B_CTX)); memzero(&ctx, sizeof(BLAKE2B_CTX));
return mp_obj_new_bytes(out, o->ctx.outlen); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2b_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2b_digest_obj,
mod_trezorcrypto_Blake2b_digest); mod_trezorcrypto_Blake2b_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2s.h
Unescape View File

@ -131,12 +131,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Blake2s_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Blake2s_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Blake2s_digest(mp_obj_t self) {
mp_obj_Blake2s_t *o = MP_OBJ_TO_PTR(self); mp_obj_Blake2s_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[BLAKE2S_DIGEST_LENGTH] = {0};
BLAKE2S_CTX ctx = {0}; BLAKE2S_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(BLAKE2S_CTX)); memcpy(&ctx, &(o->ctx), sizeof(BLAKE2S_CTX));
blake2s_Final(&ctx, out, ctx.outlen); vstr_t hash = {0};
vstr_init_len(&hash, ctx.outlen);
blake2s_Final(&ctx, (uint8_t *)hash.buf, hash.len);
memzero(&ctx, sizeof(BLAKE2S_CTX)); memzero(&ctx, sizeof(BLAKE2S_CTX));
return mp_obj_new_bytes(out, o->ctx.outlen); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2s_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2s_digest_obj,
mod_trezorcrypto_Blake2s_digest); mod_trezorcrypto_Blake2s_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-chacha20poly1305.h
Unescape View File

@ -123,9 +123,10 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_ChaCha20Poly1305_auth_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_ChaCha20Poly1305_finish(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_ChaCha20Poly1305_finish(mp_obj_t self) {
mp_obj_ChaCha20Poly1305_t *o = MP_OBJ_TO_PTR(self); mp_obj_ChaCha20Poly1305_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[16] = {0}; vstr_t mac = {0};
rfc7539_finish(&(o->ctx), o->alen, o->plen, out); vstr_init_len(&mac, 16);
return mp_obj_new_bytes(out, sizeof(out)); rfc7539_finish(&(o->ctx), o->alen, o->plen, (uint8_t *)mac.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &mac);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_ChaCha20Poly1305_finish_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_ChaCha20Poly1305_finish_obj,
mod_trezorcrypto_ChaCha20Poly1305_finish); mod_trezorcrypto_ChaCha20Poly1305_finish);

28
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-curve25519.h
Unescape View File

@ -30,13 +30,14 @@
/// Generate secret key. /// Generate secret key.
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_curve25519_generate_secret() { STATIC mp_obj_t mod_trezorcrypto_curve25519_generate_secret() {
uint8_t out[32] = {0}; vstr_t sk = {0};
random_buffer(out, 32); vstr_init_len(&sk, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// taken from https://cr.yp.to/ecdh.html // taken from https://cr.yp.to/ecdh.html
out[0] &= 248; sk.buf[0] &= 248;
out[31] &= 127; sk.buf[31] &= 127;
out[31] |= 64; sk.buf[31] |= 64;
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_0( STATIC MP_DEFINE_CONST_FUN_OBJ_0(
mod_trezorcrypto_curve25519_generate_secret_obj, mod_trezorcrypto_curve25519_generate_secret_obj,
@ -52,9 +53,10 @@ STATIC mp_obj_t mod_trezorcrypto_curve25519_publickey(mp_obj_t secret_key) {
if (sk.len != 32) { if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key"); mp_raise_ValueError("Invalid length of secret key");
} }
uint8_t out[32] = {0}; vstr_t pk = {0};
curve25519_scalarmult_basepoint(out, (const uint8_t *)sk.buf); vstr_init_len(&pk, 32);
return mp_obj_new_bytes(out, sizeof(out)); curve25519_scalarmult_basepoint((uint8_t *)pk.buf, (const uint8_t *)sk.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_curve25519_publickey_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_curve25519_publickey_obj,
mod_trezorcrypto_curve25519_publickey); mod_trezorcrypto_curve25519_publickey);
@ -75,9 +77,11 @@ STATIC mp_obj_t mod_trezorcrypto_curve25519_multiply(mp_obj_t secret_key,
if (pk.len != 32) { if (pk.len != 32) {
mp_raise_ValueError("Invalid length of public key"); mp_raise_ValueError("Invalid length of public key");
} }
uint8_t out[32] = {0}; vstr_t out = {0};
curve25519_scalarmult(out, (const uint8_t *)sk.buf, (const uint8_t *)pk.buf); vstr_init_len(&out, 32);
return mp_obj_new_bytes(out, sizeof(out)); curve25519_scalarmult((uint8_t *)out.buf, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf);
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_curve25519_multiply_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_curve25519_multiply_obj,
mod_trezorcrypto_curve25519_multiply); mod_trezorcrypto_curve25519_multiply);

62
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-ed25519.h
Unescape View File

@ -31,13 +31,14 @@
/// Generate secret key. /// Generate secret key.
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_ed25519_generate_secret() { STATIC mp_obj_t mod_trezorcrypto_ed25519_generate_secret() {
uint8_t out[32] = {0}; vstr_t sk = {0};
random_buffer(out, 32); vstr_init_len(&sk, 32);
random_buffer((uint8_t *)sk.buf, sk.len);
// taken from https://cr.yp.to/ecdh.html // taken from https://cr.yp.to/ecdh.html
out[0] &= 248; sk.buf[0] &= 248;
out[31] &= 127; sk.buf[31] &= 127;
out[31] |= 64; sk.buf[31] |= 64;
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_ed25519_generate_secret_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_ed25519_generate_secret_obj,
mod_trezorcrypto_ed25519_generate_secret); mod_trezorcrypto_ed25519_generate_secret);
@ -52,10 +53,11 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_publickey(mp_obj_t secret_key) {
if (sk.len != 32) { if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key"); mp_raise_ValueError("Invalid length of secret key");
} }
uint8_t out[32] = {0}; vstr_t pk = {0};
vstr_init_len(&pk, sizeof(ed25519_public_key));
ed25519_publickey(*(const ed25519_secret_key *)sk.buf, ed25519_publickey(*(const ed25519_secret_key *)sk.buf,
*(ed25519_public_key *)out); *(ed25519_public_key *)pk.buf);
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_ed25519_publickey_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_ed25519_publickey_obj,
mod_trezorcrypto_ed25519_publickey); mod_trezorcrypto_ed25519_publickey);
@ -76,8 +78,9 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign(size_t n_args,
mp_raise_ValueError("Empty data to sign"); mp_raise_ValueError("Empty data to sign");
} }
ed25519_public_key pk = {0}; ed25519_public_key pk = {0};
uint8_t out[64] = {0};
mp_buffer_info_t hash_func = {0}; mp_buffer_info_t hash_func = {0};
vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_signature));
if (n_args == 3) { if (n_args == 3) {
mp_get_buffer_raise(args[2], &hash_func, MP_BUFFER_READ); mp_get_buffer_raise(args[2], &hash_func, MP_BUFFER_READ);
@ -85,17 +88,18 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign(size_t n_args,
if (memcmp(hash_func.buf, "keccak", sizeof("keccak")) == 0) { if (memcmp(hash_func.buf, "keccak", sizeof("keccak")) == 0) {
ed25519_publickey_keccak(*(const ed25519_secret_key *)sk.buf, pk); ed25519_publickey_keccak(*(const ed25519_secret_key *)sk.buf, pk);
ed25519_sign_keccak(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf, ed25519_sign_keccak(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
pk, *(ed25519_signature *)out); pk, *(ed25519_signature *)sig.buf);
} else { } else {
vstr_clear(&sig);
mp_raise_ValueError("Unknown hash function"); mp_raise_ValueError("Unknown hash function");
} }
} else { } else {
ed25519_publickey(*(const ed25519_secret_key *)sk.buf, pk); ed25519_publickey(*(const ed25519_secret_key *)sk.buf, pk);
ed25519_sign(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf, pk, ed25519_sign(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf, pk,
*(ed25519_signature *)out); *(ed25519_signature *)sig.buf);
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_ed25519_sign_obj, 2, STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_ed25519_sign_obj, 2,
3, mod_trezorcrypto_ed25519_sign); 3, mod_trezorcrypto_ed25519_sign);
@ -128,11 +132,12 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_sign_ext(mp_obj_t secret_key,
ed25519_publickey_ext(*(const ed25519_secret_key *)sk.buf, ed25519_publickey_ext(*(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)skext.buf, pk); *(const ed25519_secret_key *)skext.buf, pk);
uint8_t out[64] = {0}; vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_signature));
ed25519_sign_ext(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf, ed25519_sign_ext(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)skext.buf, pk, *(const ed25519_secret_key *)skext.buf, pk,
*(ed25519_signature *)out); *(ed25519_signature *)sig.buf);
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_3(mod_trezorcrypto_ed25519_sign_ext_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_3(mod_trezorcrypto_ed25519_sign_ext_obj,
mod_trezorcrypto_ed25519_sign_ext); mod_trezorcrypto_ed25519_sign_ext);
@ -191,12 +196,14 @@ mod_trezorcrypto_ed25519_cosi_combine_publickeys(mp_obj_t public_keys) {
} }
memcpy(pks[i], buf.buf, buf.len); memcpy(pks[i], buf.buf, buf.len);
} }
uint8_t out[32] = {0}; vstr_t pk = {0};
if (0 != vstr_init_len(&pk, sizeof(ed25519_public_key));
ed25519_cosi_combine_publickeys(*(ed25519_public_key *)out, pks, pklen)) { if (0 != ed25519_cosi_combine_publickeys(*(ed25519_public_key *)pk.buf, pks,
pklen)) {
vstr_clear(&pk);
mp_raise_ValueError("Error combining public keys"); mp_raise_ValueError("Error combining public keys");
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1( STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_ed25519_cosi_combine_publickeys_obj, mod_trezorcrypto_ed25519_cosi_combine_publickeys_obj,
@ -229,11 +236,12 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_cosi_combine_signatures(
} }
memcpy(sigs[i], buf.buf, buf.len); memcpy(sigs[i], buf.buf, buf.len);
} }
uint8_t out[64] = {0}; vstr_t sig = {0};
ed25519_cosi_combine_signatures(*(ed25519_signature *)out, vstr_init_len(&sig, sizeof(ed25519_signature));
ed25519_cosi_combine_signatures(*(ed25519_signature *)sig.buf,
*(const ed25519_public_key *)sigR.buf, sigs, *(const ed25519_public_key *)sigR.buf, sigs,
siglen); siglen);
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_2( STATIC MP_DEFINE_CONST_FUN_OBJ_2(
mod_trezorcrypto_ed25519_cosi_combine_signatures_obj, mod_trezorcrypto_ed25519_cosi_combine_signatures_obj,
@ -269,13 +277,15 @@ STATIC mp_obj_t mod_trezorcrypto_ed25519_cosi_sign(size_t n_args,
if (pk.len != 32) { if (pk.len != 32) {
mp_raise_ValueError("Invalid length of aggregated public key"); mp_raise_ValueError("Invalid length of aggregated public key");
} }
uint8_t out[32] = {0}; vstr_t sig = {0};
vstr_init_len(&sig, sizeof(ed25519_cosi_signature));
;
ed25519_cosi_sign(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf, ed25519_cosi_sign(msg.buf, msg.len, *(const ed25519_secret_key *)sk.buf,
*(const ed25519_secret_key *)nonce.buf, *(const ed25519_secret_key *)nonce.buf,
*(const ed25519_public_key *)sigR.buf, *(const ed25519_public_key *)sigR.buf,
*(const ed25519_secret_key *)pk.buf, *(const ed25519_secret_key *)pk.buf,
*(ed25519_cosi_signature *)out); *(ed25519_cosi_signature *)sig.buf);
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN( STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_ed25519_cosi_sign_obj, 5, 5, mod_trezorcrypto_ed25519_cosi_sign_obj, 5, 5,

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-groestl.h
Unescape View File

@ -81,12 +81,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Groestl512_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Groestl512_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Groestl512_digest(mp_obj_t self) {
mp_obj_Groestl512_t *o = MP_OBJ_TO_PTR(self); mp_obj_Groestl512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[GROESTL512_DIGEST_LENGTH] = {0}; vstr_t hash = {0};
vstr_init_len(&hash, GROESTL512_DIGEST_LENGTH);
GROESTL512_CTX ctx = {0}; GROESTL512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(GROESTL512_CTX)); memcpy(&ctx, &(o->ctx), sizeof(GROESTL512_CTX));
groestl512_Final(&ctx, out); groestl512_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(GROESTL512_CTX)); memzero(&ctx, sizeof(GROESTL512_CTX));
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Groestl512_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Groestl512_digest_obj,
mod_trezorcrypto_Groestl512_digest); mod_trezorcrypto_Groestl512_digest);

70
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h
Unescape View File

@ -551,10 +551,10 @@ STATIC mp_obj_t mod_trezorcrypto_monero_pack256_modm(size_t n_args,
const mp_obj_t *args) { const mp_obj_t *args) {
if (n_args == 1 || args[0] == mp_const_none) { if (n_args == 1 || args[0] == mp_const_none) {
assert_scalar(args[0]); assert_scalar(args[0]);
uint8_t buff[32] = {0}; vstr_t out = {0};
contract256_modm(buff, MP_OBJ_C_SCALAR(args[0])); vstr_init_len(&out, 32);
return mp_obj_new_bytes(buff, 32); contract256_modm((uint8_t *)out.buf, MP_OBJ_C_SCALAR(args[0]));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} else { } else {
mp_buffer_info_t bufm = {0}; mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE); mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE);
@ -873,10 +873,10 @@ STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_pack(size_t n_args,
const mp_obj_t *args) { const mp_obj_t *args) {
if (n_args == 1 || args[0] == mp_const_none) { if (n_args == 1 || args[0] == mp_const_none) {
assert_ge25519(args[0]); assert_ge25519(args[0]);
uint8_t buff[32] = {0}; vstr_t out = {0};
ge25519_pack(buff, &MP_OBJ_C_GE25519(args[0])); vstr_init_len(&out, 32);
return mp_obj_new_bytes(buff, 32); ge25519_pack((uint8_t *)out.buf, &MP_OBJ_C_GE25519(args[0]));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} else { } else {
mp_buffer_info_t bufm = {0}; mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE); mp_get_buffer_raise(args[0], &bufm, MP_BUFFER_WRITE);
@ -922,17 +922,20 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_encode_check( STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_encode_check(
size_t n_args, const mp_obj_t *args) { size_t n_args, const mp_obj_t *args) {
uint8_t out[128] = {0}; vstr_t out = {0};
vstr_init_len(&out, 128);
mp_buffer_info_t data = {0}; mp_buffer_info_t data = {0};
mp_get_buffer_raise(args[1], &data, MP_BUFFER_READ); mp_get_buffer_raise(args[1], &data, MP_BUFFER_READ);
int sz = xmr_base58_addr_encode_check(mp_obj_get_int(args[0]), data.buf, int sz = xmr_base58_addr_encode_check(mp_obj_get_int(args[0]), data.buf,
data.len, (char *)out, sizeof(out)); data.len, out.buf, out.alloc);
if (sz == 0) { if (sz <= 0) {
vstr_clear(&out);
mp_raise_ValueError("b58 encoding error"); mp_raise_ValueError("b58 encoding error");
} }
out.len = sz;
return mp_obj_new_bytes(out, sz); return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN( STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_monero_xmr_base58_addr_encode_check_obj, 2, 2, mod_trezorcrypto_monero_xmr_base58_addr_encode_check_obj, 2, 2,
@ -945,20 +948,23 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_decode_check( STATIC mp_obj_t mod_trezorcrypto_monero_xmr_base58_addr_decode_check(
size_t n_args, const mp_obj_t *args) { size_t n_args, const mp_obj_t *args) {
uint8_t out[128] = {0};
uint64_t tag = 0; uint64_t tag = 0;
vstr_t out = {0};
vstr_init_len(&out, 128);
mp_buffer_info_t data = {0}; mp_buffer_info_t data = {0};
mp_get_buffer_raise(args[0], &data, MP_BUFFER_READ); mp_get_buffer_raise(args[0], &data, MP_BUFFER_READ);
int sz = int sz = xmr_base58_addr_decode_check(data.buf, data.len, &tag, out.buf,
xmr_base58_addr_decode_check(data.buf, data.len, &tag, out, sizeof(out)); out.alloc);
if (sz == 0) { if (sz <= 0) {
vstr_clear(&out);
mp_raise_ValueError("b58 decoding error"); mp_raise_ValueError("b58 decoding error");
} }
out.len = sz;
mp_obj_tuple_t *tuple = MP_OBJ_TO_PTR(mp_obj_new_tuple(2, NULL)); mp_obj_tuple_t *tuple = MP_OBJ_TO_PTR(mp_obj_new_tuple(2, NULL));
tuple->items[0] = mp_obj_new_bytes(out, sz); tuple->items[0] = mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
tuple->items[1] = mp_obj_new_int_from_ull(tag); tuple->items[1] = mp_obj_new_int_from_ull(tag);
return MP_OBJ_FROM_PTR(tuple); return MP_OBJ_FROM_PTR(tuple);
} }
@ -989,15 +995,19 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
STATIC mp_obj_t mod_trezorcrypto_monero_xmr_fast_hash(size_t n_args, STATIC mp_obj_t mod_trezorcrypto_monero_xmr_fast_hash(size_t n_args,
const mp_obj_t *args) { const mp_obj_t *args) {
const int off = n_args >= 2 ? 0 : -1; const int off = n_args >= 2 ? 0 : -1;
uint8_t buff[32] = {0}; vstr_t out = {0};
uint8_t *buff_use = buff; uint8_t *buff_use = NULL;
if (n_args > 1) { if (n_args >= 2) {
mp_buffer_info_t odata = {0}; mp_buffer_info_t odata = {0};
mp_get_buffer_raise(args[0], &odata, MP_BUFFER_WRITE); mp_get_buffer_raise(args[0], &odata, MP_BUFFER_WRITE);
if (odata.len < 32) { if (odata.len < HASHER_DIGEST_LENGTH) {
vstr_clear(&out);
mp_raise_ValueError("Output buffer too small"); mp_raise_ValueError("Output buffer too small");
} }
buff_use = odata.buf; buff_use = odata.buf;
} else {
vstr_init_len(&out, HASHER_DIGEST_LENGTH);
buff_use = (uint8_t *)out.buf;
} }
mp_buffer_info_t data = {0}; mp_buffer_info_t data = {0};
@ -1010,7 +1020,7 @@ STATIC mp_obj_t mod_trezorcrypto_monero_xmr_fast_hash(size_t n_args,
mp_raise_ValueError("Illegal offset/length"); mp_raise_ValueError("Illegal offset/length");
} }
xmr_fast_hash(buff_use, (const char *)data.buf + offset, length); xmr_fast_hash(buff_use, (const char *)data.buf + offset, length);
return n_args >= 2 ? args[0] : mp_obj_new_bytes(buff, 32); return n_args >= 2 ? args[0] : mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN( STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_monero_xmr_fast_hash_obj, 1, 4, mod_trezorcrypto_monero_xmr_fast_hash_obj, 1, 4,
@ -1333,22 +1343,22 @@ STATIC mp_obj_t mod_trezorcrypto_monero_hasher_digest(size_t n_args,
Hasher ctx = {0}; Hasher ctx = {0};
memcpy(&ctx, &(o->h), sizeof(Hasher)); memcpy(&ctx, &(o->h), sizeof(Hasher));
uint8_t out[SHA3_256_DIGEST_LENGTH] = {0};
xmr_hasher_final(&ctx, out);
memzero(&ctx, sizeof(SHA3_CTX));
if (n_args == 1 || args[1] == mp_const_none) { if (n_args == 1 || args[1] == mp_const_none) {
return mp_obj_new_bytes(out, sizeof(out)); vstr_t hash = {0};
vstr_init_len(&hash, SHA3_256_DIGEST_LENGTH);
xmr_hasher_final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} else { } else {
mp_buffer_info_t bufm = {0}; mp_buffer_info_t bufm = {0};
mp_get_buffer_raise(args[1], &bufm, MP_BUFFER_WRITE); mp_get_buffer_raise(args[1], &bufm, MP_BUFFER_WRITE);
const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0; const mp_int_t offset = n_args >= 3 ? mp_obj_get_int(args[2]) : 0;
if (bufm.len < 32 + offset) { if (bufm.len < SHA3_256_DIGEST_LENGTH + offset) {
mp_raise_ValueError("Buffer too small"); mp_raise_ValueError("Buffer too small");
} }
memcpy((uint8_t *)bufm.buf + offset, out, SHA3_256_DIGEST_LENGTH); xmr_hasher_final(&ctx, (uint8_t *)bufm.buf + offset);
memzero(&ctx, sizeof(SHA3_CTX));
return args[1]; return args[1];
} }
} }

63
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-nist256p1.h
Unescape View File

@ -29,27 +29,28 @@
/// Generate secret key. /// Generate secret key.
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_nist256p1_generate_secret() { STATIC mp_obj_t mod_trezorcrypto_nist256p1_generate_secret() {
uint8_t out[32] = {0}; vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) { for (;;) {
random_buffer(out, 32); random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order // check whether secret > 0 && secret < curve_order
if (0 == if (0 ==
memcmp( memcmp(
out, sk.buf,
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
32)) sk.len))
continue; continue;
if (0 <= if (0 <=
memcmp( memcmp(
out, sk.buf,
"\xFF\xFF\xFF\xFF\x00\x00\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF" "\xFF\xFF\xFF\xFF\x00\x00\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
"\xBC\xE6\xFA\xAD\xA7\x17\x9E\x84\xF3\xB9\xCA\xC2\xFC\x63\x25\x51", "\xBC\xE6\xFA\xAD\xA7\x17\x9E\x84\xF3\xB9\xCA\xC2\xFC\x63\x25\x51",
32)) sk.len))
continue; continue;
break; break;
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_nist256p1_generate_secret_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_nist256p1_generate_secret_obj,
mod_trezorcrypto_nist256p1_generate_secret); mod_trezorcrypto_nist256p1_generate_secret);
@ -65,16 +66,18 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_publickey(size_t n_args,
if (sk.len != 32) { if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key"); mp_raise_ValueError("Invalid length of secret key");
} }
vstr_t pk = {0};
bool compressed = n_args < 2 || args[1] == mp_const_true; bool compressed = n_args < 2 || args[1] == mp_const_true;
if (compressed) { if (compressed) {
uint8_t out[33] = {0}; vstr_init_len(&pk, 33);
ecdsa_get_public_key33(&nist256p1, (const uint8_t *)sk.buf, out); ecdsa_get_public_key33(&nist256p1, (const uint8_t *)sk.buf,
return mp_obj_new_bytes(out, sizeof(out)); (uint8_t *)pk.buf);
} else { } else {
uint8_t out[65] = {0}; vstr_init_len(&pk, 65);
ecdsa_get_public_key65(&nist256p1, (const uint8_t *)sk.buf, out); ecdsa_get_public_key65(&nist256p1, (const uint8_t *)sk.buf,
return mp_obj_new_bytes(out, sizeof(out)); (uint8_t *)pk.buf);
} }
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN( STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_nist256p1_publickey_obj, 1, 2, mod_trezorcrypto_nist256p1_publickey_obj, 1, 2,
@ -88,7 +91,8 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_nist256p1_sign(size_t n_args, STATIC mp_obj_t mod_trezorcrypto_nist256p1_sign(size_t n_args,
const mp_obj_t *args) { const mp_obj_t *args) {
mp_buffer_info_t sk = {0}, dig = {0}; mp_buffer_info_t sk = {0};
mp_buffer_info_t dig = {0};
mp_get_buffer_raise(args[0], &sk, MP_BUFFER_READ); mp_get_buffer_raise(args[0], &sk, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &dig, MP_BUFFER_READ); mp_get_buffer_raise(args[1], &dig, MP_BUFFER_READ);
bool compressed = n_args < 3 || args[2] == mp_const_true; bool compressed = n_args < 3 || args[2] == mp_const_true;
@ -98,13 +102,17 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_sign(size_t n_args,
if (dig.len != 32) { if (dig.len != 32) {
mp_raise_ValueError("Invalid length of digest"); mp_raise_ValueError("Invalid length of digest");
} }
uint8_t out[65] = {0}, pby = 0; vstr_t sig = {0};
vstr_init_len(&sig, 65);
uint8_t pby = 0;
if (0 != ecdsa_sign_digest(&nist256p1, (const uint8_t *)sk.buf, if (0 != ecdsa_sign_digest(&nist256p1, (const uint8_t *)sk.buf,
(const uint8_t *)dig.buf, out + 1, &pby, NULL)) { (const uint8_t *)dig.buf, (uint8_t *)sig.buf + 1,
&pby, NULL)) {
vstr_clear(&sig);
mp_raise_ValueError("Signing failed"); mp_raise_ValueError("Signing failed");
} }
out[0] = 27 + pby + compressed * 4; sig.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_nist256p1_sign_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_nist256p1_sign_obj,
2, 3, 2, 3,
@ -162,15 +170,16 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_verify_recover(mp_obj_t signature,
} }
bool compressed = (recid >= 4); bool compressed = (recid >= 4);
recid &= 3; recid &= 3;
uint8_t out[65] = {0}; vstr_t pk = {0};
if (0 == ecdsa_recover_pub_from_sig(&nist256p1, out, vstr_init_len(&pk, 65);
if (0 == ecdsa_recover_pub_from_sig(&nist256p1, (uint8_t *)pk.buf,
(const uint8_t *)sig.buf + 1, (const uint8_t *)sig.buf + 1,
(const uint8_t *)dig.buf, recid)) { (const uint8_t *)dig.buf, recid)) {
if (compressed) { if (compressed) {
out[0] = 0x02 | (out[64] & 1); pk.buf[0] = 0x02 | (pk.buf[64] & 1);
return mp_obj_new_bytes(out, 33); pk.len = 33;
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} else { } else {
return mp_const_none; return mp_const_none;
} }
@ -194,12 +203,14 @@ STATIC mp_obj_t mod_trezorcrypto_nist256p1_multiply(mp_obj_t secret_key,
if (pk.len != 33 && pk.len != 65) { if (pk.len != 33 && pk.len != 65) {
mp_raise_ValueError("Invalid length of public key"); mp_raise_ValueError("Invalid length of public key");
} }
uint8_t out[65] = {0}; vstr_t out = {0};
vstr_init_len(&out, 65);
if (0 != ecdh_multiply(&nist256p1, (const uint8_t *)sk.buf, if (0 != ecdh_multiply(&nist256p1, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf, out)) { (const uint8_t *)pk.buf, (uint8_t *)out.buf)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed"); mp_raise_ValueError("Multiply failed");
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_nist256p1_multiply_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_nist256p1_multiply_obj,
mod_trezorcrypto_nist256p1_multiply); mod_trezorcrypto_nist256p1_multiply);

24
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-pbkdf2.h
Unescape View File

@ -106,10 +106,12 @@ STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_update(mp_obj_t self,
uint32_t iter = trezor_obj_get_uint(iterations); uint32_t iter = trezor_obj_get_uint(iterations);
if (o->prf == PRF_HMAC_SHA256) { if (o->prf == PRF_HMAC_SHA256) {
pbkdf2_hmac_sha256_Update(&(o->ctx256), iter); pbkdf2_hmac_sha256_Update(&(o->ctx256), iter);
} } else if (o->prf == PRF_HMAC_SHA512) {
if (o->prf == PRF_HMAC_SHA512) {
pbkdf2_hmac_sha512_Update(&(o->ctx512), iter); pbkdf2_hmac_sha512_Update(&(o->ctx512), iter);
} else {
mp_raise_ValueError("Invalid PRF");
} }
return mp_const_none; return mp_const_none;
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Pbkdf2_update_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Pbkdf2_update_obj,
@ -121,23 +123,23 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Pbkdf2_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_key(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_key(mp_obj_t self) {
mp_obj_Pbkdf2_t *o = MP_OBJ_TO_PTR(self); mp_obj_Pbkdf2_t *o = MP_OBJ_TO_PTR(self);
vstr_t out = {0};
if (o->prf == PRF_HMAC_SHA256) { if (o->prf == PRF_HMAC_SHA256) {
PBKDF2_HMAC_SHA256_CTX ctx = {0}; PBKDF2_HMAC_SHA256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx256), sizeof(PBKDF2_HMAC_SHA256_CTX)); memcpy(&ctx, &(o->ctx256), sizeof(PBKDF2_HMAC_SHA256_CTX));
uint8_t out[SHA256_DIGEST_LENGTH] = {0}; vstr_init_len(&out, SHA256_DIGEST_LENGTH);
pbkdf2_hmac_sha256_Final(&ctx, out); pbkdf2_hmac_sha256_Final(&ctx, (uint8_t *)out.buf);
memzero(&ctx, sizeof(PBKDF2_HMAC_SHA256_CTX)); memzero(&ctx, sizeof(PBKDF2_HMAC_SHA256_CTX));
return mp_obj_new_bytes(out, sizeof(out)); } else if (o->prf == PRF_HMAC_SHA512) {
}
if (o->prf == PRF_HMAC_SHA512) {
PBKDF2_HMAC_SHA512_CTX ctx = {0}; PBKDF2_HMAC_SHA512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx512), sizeof(PBKDF2_HMAC_SHA512_CTX)); memcpy(&ctx, &(o->ctx512), sizeof(PBKDF2_HMAC_SHA512_CTX));
uint8_t out[SHA512_DIGEST_LENGTH] = {0}; vstr_init_len(&out, SHA512_DIGEST_LENGTH);
pbkdf2_hmac_sha512_Final(&ctx, out); pbkdf2_hmac_sha512_Final(&ctx, (uint8_t *)out.buf);
memzero(&ctx, sizeof(PBKDF2_HMAC_SHA512_CTX)); memzero(&ctx, sizeof(PBKDF2_HMAC_SHA512_CTX));
return mp_obj_new_bytes(out, sizeof(out)); } else {
mp_raise_ValueError("Invalid PRF");
} }
return mp_const_none; return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Pbkdf2_key_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Pbkdf2_key_obj,
mod_trezorcrypto_Pbkdf2_key); mod_trezorcrypto_Pbkdf2_key);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-ripemd160.h
Unescape View File

@ -78,12 +78,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Ripemd160_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Ripemd160_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Ripemd160_digest(mp_obj_t self) {
mp_obj_Ripemd160_t *o = MP_OBJ_TO_PTR(self); mp_obj_Ripemd160_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[RIPEMD160_DIGEST_LENGTH] = {0}; vstr_t hash = {0};
vstr_init_len(&hash, RIPEMD160_DIGEST_LENGTH);
RIPEMD160_CTX ctx = {0}; RIPEMD160_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(RIPEMD160_CTX)); memcpy(&ctx, &(o->ctx), sizeof(RIPEMD160_CTX));
ripemd160_Final(&ctx, out); ripemd160_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(RIPEMD160_CTX)); memzero(&ctx, sizeof(RIPEMD160_CTX));
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Ripemd160_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Ripemd160_digest_obj,
mod_trezorcrypto_Ripemd160_digest); mod_trezorcrypto_Ripemd160_digest);

60
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-secp256k1.h
Unescape View File

@ -29,27 +29,28 @@
/// Generate secret key. /// Generate secret key.
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_generate_secret() { STATIC mp_obj_t mod_trezorcrypto_secp256k1_generate_secret() {
uint8_t out[32] = {0}; vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) { for (;;) {
random_buffer(out, 32); random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order // check whether secret > 0 && secret < curve_order
if (0 == if (0 ==
memcmp( memcmp(
out, sk.buf,
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
32)) 32))
continue; continue;
if (0 <= if (0 <=
memcmp( memcmp(
out, sk.buf,
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE" "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE"
"\xBA\xAE\xDC\xE6\xAF\x48\xA0\x3B\xBF\xD2\x5E\x8C\xD0\x36\x41\x41", "\xBA\xAE\xDC\xE6\xAF\x48\xA0\x3B\xBF\xD2\x5E\x8C\xD0\x36\x41\x41",
32)) 32))
continue; continue;
break; break;
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_secp256k1_generate_secret_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_secp256k1_generate_secret_obj,
mod_trezorcrypto_secp256k1_generate_secret); mod_trezorcrypto_secp256k1_generate_secret);
@ -65,16 +66,18 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_publickey(size_t n_args,
if (sk.len != 32) { if (sk.len != 32) {
mp_raise_ValueError("Invalid length of secret key"); mp_raise_ValueError("Invalid length of secret key");
} }
vstr_t pk = {0};
bool compressed = n_args < 2 || args[1] == mp_const_true; bool compressed = n_args < 2 || args[1] == mp_const_true;
if (compressed) { if (compressed) {
uint8_t out[33] = {0}; vstr_init_len(&pk, 33);
ecdsa_get_public_key33(&secp256k1, (const uint8_t *)sk.buf, out); ecdsa_get_public_key33(&secp256k1, (const uint8_t *)sk.buf,
return mp_obj_new_bytes(out, sizeof(out)); (uint8_t *)pk.buf);
} else { } else {
uint8_t out[65] = {0}; vstr_init_len(&pk, 65);
ecdsa_get_public_key65(&secp256k1, (const uint8_t *)sk.buf, out); ecdsa_get_public_key65(&secp256k1, (const uint8_t *)sk.buf,
return mp_obj_new_bytes(out, sizeof(out)); (uint8_t *)pk.buf);
} }
return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN( STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_publickey_obj, 1, 2, mod_trezorcrypto_secp256k1_publickey_obj, 1, 2,
@ -117,7 +120,8 @@ enum {
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_sign(size_t n_args, STATIC mp_obj_t mod_trezorcrypto_secp256k1_sign(size_t n_args,
const mp_obj_t *args) { const mp_obj_t *args) {
mp_buffer_info_t sk = {0}, dig = {0}; mp_buffer_info_t sk = {0};
mp_buffer_info_t dig = {0};
mp_get_buffer_raise(args[0], &sk, MP_BUFFER_READ); mp_get_buffer_raise(args[0], &sk, MP_BUFFER_READ);
mp_get_buffer_raise(args[1], &dig, MP_BUFFER_READ); mp_get_buffer_raise(args[1], &dig, MP_BUFFER_READ);
bool compressed = (n_args < 3) || (args[2] == mp_const_true); bool compressed = (n_args < 3) || (args[2] == mp_const_true);
@ -139,14 +143,17 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_sign(size_t n_args,
if (dig.len != 32) { if (dig.len != 32) {
mp_raise_ValueError("Invalid length of digest"); mp_raise_ValueError("Invalid length of digest");
} }
uint8_t out[65] = {0}, pby = 0; vstr_t sig = {0};
vstr_init_len(&sig, 65);
uint8_t pby = 0;
if (0 != ecdsa_sign_digest(&secp256k1, (const uint8_t *)sk.buf, if (0 != ecdsa_sign_digest(&secp256k1, (const uint8_t *)sk.buf,
(const uint8_t *)dig.buf, out + 1, &pby, (const uint8_t *)dig.buf, (uint8_t *)sig.buf + 1,
is_canonical)) { &pby, is_canonical)) {
vstr_clear(&sig);
mp_raise_ValueError("Signing failed"); mp_raise_ValueError("Signing failed");
} }
out[0] = 27 + pby + compressed * 4; sig.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sig);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_secp256k1_sign_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorcrypto_secp256k1_sign_obj,
2, 4, 2, 4,
@ -204,15 +211,16 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_verify_recover(mp_obj_t signature,
} }
bool compressed = (recid >= 4); bool compressed = (recid >= 4);
recid &= 3; recid &= 3;
uint8_t out[65] = {0}; vstr_t pk = {0};
if (0 == ecdsa_recover_pub_from_sig(&secp256k1, out, vstr_init_len(&pk, 65);
if (0 == ecdsa_recover_pub_from_sig(&secp256k1, (uint8_t *)pk.buf,
(const uint8_t *)sig.buf + 1, (const uint8_t *)sig.buf + 1,
(const uint8_t *)dig.buf, recid)) { (const uint8_t *)dig.buf, recid)) {
if (compressed) { if (compressed) {
out[0] = 0x02 | (out[64] & 1); pk.buf[0] = 0x02 | (pk.buf[64] & 1);
return mp_obj_new_bytes(out, 33); pk.len = 33;
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &pk);
} else { } else {
return mp_const_none; return mp_const_none;
} }
@ -236,12 +244,14 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_multiply(mp_obj_t secret_key,
if (pk.len != 33 && pk.len != 65) { if (pk.len != 33 && pk.len != 65) {
mp_raise_ValueError("Invalid length of public key"); mp_raise_ValueError("Invalid length of public key");
} }
uint8_t out[65] = {0}; vstr_t out = {0};
vstr_init_len(&out, 65);
if (0 != ecdh_multiply(&secp256k1, (const uint8_t *)sk.buf, if (0 != ecdh_multiply(&secp256k1, (const uint8_t *)sk.buf,
(const uint8_t *)pk.buf, out)) { (const uint8_t *)pk.buf, (uint8_t *)out.buf)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed"); mp_raise_ValueError("Multiply failed");
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_secp256k1_multiply_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_secp256k1_multiply_obj,
mod_trezorcrypto_secp256k1_multiply); mod_trezorcrypto_secp256k1_multiply);

47
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-secp256k1_zkp.h
Unescape View File

@ -130,15 +130,17 @@ static const secp256k1_context *mod_trezorcrypto_get_secp256k1_context(
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_secp256k1_zkp_generate_secret(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_secp256k1_zkp_generate_secret(mp_obj_t self) {
const secp256k1_context *ctx = mod_trezorcrypto_get_secp256k1_context(self); const secp256k1_context *ctx = mod_trezorcrypto_get_secp256k1_context(self);
uint8_t out[32] = {0}; vstr_t sk = {0};
vstr_init_len(&sk, 32);
for (;;) { for (;;) {
random_buffer(out, 32); random_buffer((uint8_t *)sk.buf, sk.len);
// check whether secret > 0 && secret < curve_order // check whether secret > 0 && secret < curve_order
if (secp256k1_ec_seckey_verify(ctx, out) == 1) { if (secp256k1_ec_seckey_verify(ctx, (uint8_t *)sk.buf) == 1) {
break; break;
} }
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &sk);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1( STATIC MP_DEFINE_CONST_FUN_OBJ_1(
mod_trezorcrypto_secp256k1_zkp_generate_secret_obj, mod_trezorcrypto_secp256k1_zkp_generate_secret_obj,
@ -163,12 +165,13 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_publickey(
} }
bool compressed = n_args < 3 || args[2] == mp_const_true; bool compressed = n_args < 3 || args[2] == mp_const_true;
uint8_t out[65] = {0}; vstr_t out = {0};
size_t outlen = sizeof(out); vstr_init_len(&out, 65);
secp256k1_ec_pubkey_serialize( secp256k1_ec_pubkey_serialize(
ctx, out, &outlen, &pk, ctx, (uint8_t *)out.buf, &out.len, &pk,
compressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED); compressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED);
return mp_obj_new_bytes(out, outlen); return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN( STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_context_publickey_obj, 2, 3, mod_trezorcrypto_secp256k1_context_publickey_obj, 2, 3,
@ -195,16 +198,18 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_sign(size_t n_args,
mp_raise_ValueError("Invalid length of digest"); mp_raise_ValueError("Invalid length of digest");
} }
secp256k1_ecdsa_recoverable_signature sig; secp256k1_ecdsa_recoverable_signature sig;
uint8_t out[65] = {0}; vstr_t out = {0};
vstr_init_len(&out, 65);
int pby = 0; int pby = 0;
if (!secp256k1_ecdsa_sign_recoverable(ctx, &sig, (const uint8_t *)dig.buf, if (!secp256k1_ecdsa_sign_recoverable(ctx, &sig, (const uint8_t *)dig.buf,
(const uint8_t *)sk.buf, NULL, NULL)) { (const uint8_t *)sk.buf, NULL, NULL)) {
vstr_clear(&out);
mp_raise_ValueError("Signing failed"); mp_raise_ValueError("Signing failed");
} }
secp256k1_ecdsa_recoverable_signature_serialize_compact(ctx, &out[1], &pby, secp256k1_ecdsa_recoverable_signature_serialize_compact(
&sig); ctx, (uint8_t *)&out.buf[1], &pby, &sig);
out[0] = 27 + pby + compressed * 4; out.buf[0] = 27 + pby + compressed * 4;
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN( STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(
mod_trezorcrypto_secp256k1_context_sign_obj, 3, 4, mod_trezorcrypto_secp256k1_context_sign_obj, 3, 4,
@ -286,12 +291,12 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_verify_recover(
if (!secp256k1_ecdsa_recover(ctx, &pk, &ec_sig, (const uint8_t *)dig.buf)) { if (!secp256k1_ecdsa_recover(ctx, &pk, &ec_sig, (const uint8_t *)dig.buf)) {
return mp_const_none; return mp_const_none;
} }
uint8_t out[65] = {0}; vstr_t out = {0};
size_t pklen = sizeof(out); vstr_init_len(&out, 65);
secp256k1_ec_pubkey_serialize( secp256k1_ec_pubkey_serialize(
ctx, out, &pklen, &pk, ctx, (uint8_t *)out.buf, &out.len, &pk,
compressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED); compressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED);
return mp_obj_new_bytes(out, pklen); return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_3( STATIC MP_DEFINE_CONST_FUN_OBJ_3(
mod_trezorcrypto_secp256k1_context_verify_recover_obj, mod_trezorcrypto_secp256k1_context_verify_recover_obj,
@ -328,12 +333,14 @@ STATIC mp_obj_t mod_trezorcrypto_secp256k1_context_multiply(
pk.len)) { pk.len)) {
mp_raise_ValueError("Invalid public key"); mp_raise_ValueError("Invalid public key");
} }
uint8_t out[65] = {0}; vstr_t out = {0};
if (!secp256k1_ecdh(ctx, out, &ec_pk, (const uint8_t *)sk.buf, vstr_init_len(&out, 65);
if (!secp256k1_ecdh(ctx, (uint8_t *)out.buf, &ec_pk, (const uint8_t *)sk.buf,
secp256k1_ecdh_hash_passthrough, NULL)) { secp256k1_ecdh_hash_passthrough, NULL)) {
vstr_clear(&out);
mp_raise_ValueError("Multiply failed"); mp_raise_ValueError("Multiply failed");
} }
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &out);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_3( STATIC MP_DEFINE_CONST_FUN_OBJ_3(
mod_trezorcrypto_secp256k1_context_multiply_obj, mod_trezorcrypto_secp256k1_context_multiply_obj,

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha1.h
Unescape View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha1_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Sha1_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Sha1_digest(mp_obj_t self) {
mp_obj_Sha1_t *o = MP_OBJ_TO_PTR(self); mp_obj_Sha1_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA1_DIGEST_LENGTH] = {0}; vstr_t hash = {0};
vstr_init_len(&hash, SHA1_DIGEST_LENGTH);
SHA1_CTX ctx = {0}; SHA1_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA1_CTX)); memcpy(&ctx, &(o->ctx), sizeof(SHA1_CTX));
sha1_Final(&ctx, out); sha1_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA1_CTX)); memzero(&ctx, sizeof(SHA1_CTX));
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha1_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha1_digest_obj,
mod_trezorcrypto_Sha1_digest); mod_trezorcrypto_Sha1_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha256.h
Unescape View File

@ -77,12 +77,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha256_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Sha256_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Sha256_digest(mp_obj_t self) {
mp_obj_Sha256_t *o = MP_OBJ_TO_PTR(self); mp_obj_Sha256_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA256_DIGEST_LENGTH] = {0}; vstr_t hash = {0};
vstr_init_len(&hash, SHA256_DIGEST_LENGTH);
SHA256_CTX ctx = {0}; SHA256_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA256_CTX)); memcpy(&ctx, &(o->ctx), sizeof(SHA256_CTX));
sha256_Final(&ctx, out); sha256_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA256_CTX)); memzero(&ctx, sizeof(SHA256_CTX));
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha256_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha256_digest_obj,
mod_trezorcrypto_Sha256_digest); mod_trezorcrypto_Sha256_digest);

9
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-256.h
Unescape View File

@ -90,16 +90,17 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha3_256_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Sha3_256_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Sha3_256_digest(mp_obj_t self) {
mp_obj_Sha3_256_t *o = MP_OBJ_TO_PTR(self); mp_obj_Sha3_256_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA3_256_DIGEST_LENGTH] = {0}; vstr_t hash = {0};
vstr_init_len(&hash, SHA3_256_DIGEST_LENGTH);
SHA3_CTX ctx = {0}; SHA3_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA3_CTX)); memcpy(&ctx, &(o->ctx), sizeof(SHA3_CTX));
if (o->keccak) { if (o->keccak) {
keccak_Final(&ctx, out); keccak_Final(&ctx, (uint8_t *)hash.buf);
} else { } else {
sha3_Final(&ctx, out); sha3_Final(&ctx, (uint8_t *)hash.buf);
} }
memzero(&ctx, sizeof(SHA3_CTX)); memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_256_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_256_digest_obj,
mod_trezorcrypto_Sha3_256_digest); mod_trezorcrypto_Sha3_256_digest);

9
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-512.h
Unescape View File

@ -90,16 +90,17 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha3_512_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Sha3_512_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Sha3_512_digest(mp_obj_t self) {
mp_obj_Sha3_512_t *o = MP_OBJ_TO_PTR(self); mp_obj_Sha3_512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA3_512_DIGEST_LENGTH] = {0}; vstr_t hash = {0};
vstr_init_len(&hash, SHA3_512_DIGEST_LENGTH);
SHA3_CTX ctx = {0}; SHA3_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA3_CTX)); memcpy(&ctx, &(o->ctx), sizeof(SHA3_CTX));
if (o->keccak) { if (o->keccak) {
keccak_Final(&ctx, out); keccak_Final(&ctx, (uint8_t *)hash.buf);
} else { } else {
sha3_Final(&ctx, out); sha3_Final(&ctx, (uint8_t *)hash.buf);
} }
memzero(&ctx, sizeof(SHA3_CTX)); memzero(&ctx, sizeof(SHA3_CTX));
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_512_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_512_digest_obj,
mod_trezorcrypto_Sha3_512_digest); mod_trezorcrypto_Sha3_512_digest);

7
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha512.h
Unescape View File

@ -76,12 +76,13 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Sha512_update_obj,
/// """ /// """
STATIC mp_obj_t mod_trezorcrypto_Sha512_digest(mp_obj_t self) { STATIC mp_obj_t mod_trezorcrypto_Sha512_digest(mp_obj_t self) {
mp_obj_Sha512_t *o = MP_OBJ_TO_PTR(self); mp_obj_Sha512_t *o = MP_OBJ_TO_PTR(self);
uint8_t out[SHA512_DIGEST_LENGTH] = {0}; vstr_t hash = {0};
vstr_init_len(&hash, SHA512_DIGEST_LENGTH);
SHA512_CTX ctx = {0}; SHA512_CTX ctx = {0};
memcpy(&ctx, &(o->ctx), sizeof(SHA512_CTX)); memcpy(&ctx, &(o->ctx), sizeof(SHA512_CTX));
sha512_Final(&ctx, out); sha512_Final(&ctx, (uint8_t *)hash.buf);
memzero(&ctx, sizeof(SHA512_CTX)); memzero(&ctx, sizeof(SHA512_CTX));
return mp_obj_new_bytes(out, sizeof(out)); return mp_obj_new_str_from_vstr(&mp_type_bytes, &hash);
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha512_digest_obj, STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha512_digest_obj,
mod_trezorcrypto_Sha512_digest); mod_trezorcrypto_Sha512_digest);

Write Preview
Loading…
Cancel
Save