From e1fa896d6c9e9027e95d0b8b31032fcd943dd5ba Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Thu, 12 May 2016 21:09:00 +0200 Subject: [PATCH] disable ECIES --- firmware/crypto.c | 10 ++++++---- firmware/crypto.h | 4 ++-- firmware/fsm.c | 2 ++ firmware/messages.c | 4 ++++ 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/firmware/crypto.c b/firmware/crypto.c index e49b4b27a0..eb986abde9 100644 --- a/firmware/crypto.c +++ b/firmware/crypto.c @@ -158,6 +158,7 @@ int cryptoMessageVerify(const uint8_t *message, size_t message_len, const uint8_ return 0; } +/* ECIES disabled int cryptoMessageEncrypt(curve_point *pubkey, const uint8_t *msg, size_t msg_size, bool display_only, uint8_t *nonce, size_t *nonce_len, uint8_t *payload, size_t *payload_len, uint8_t *hmac, size_t *hmac_len, const uint8_t *privkey, const uint8_t *address_raw) { if (privkey && address_raw) { // signing == true @@ -195,10 +196,10 @@ int cryptoMessageEncrypt(curve_point *pubkey, const uint8_t *msg, size_t msg_siz bn_write_be(&R.x, shared_secret + 1); // generate keying bytes uint8_t keying_bytes[80]; - uint8_t salt[22 + 33 + 4]; + uint8_t salt[22 + 33]; memcpy(salt, "Bitcoin Secure Message", 22); memcpy(salt + 22, nonce, 33); - pbkdf2_hmac_sha256(shared_secret, 33, salt, 22 + 33, 2048, keying_bytes, 80, NULL); + pbkdf2_hmac_sha256(shared_secret, 33, salt, 22 + 33, 2048, keying_bytes, 80); // encrypt payload aes_encrypt_ctx ctx; aes_encrypt_key256(keying_bytes, &ctx); @@ -227,11 +228,11 @@ int cryptoMessageDecrypt(curve_point *nonce, uint8_t *payload, size_t payload_le bn_write_be(&R.x, shared_secret + 1); // generate keying bytes uint8_t keying_bytes[80]; - uint8_t salt[22 + 33 + 4]; + uint8_t salt[22 + 33]; memcpy(salt, "Bitcoin Secure Message", 22); salt[22] = 0x02 | (nonce->y.val[0] & 0x01); bn_write_be(&(nonce->x), salt + 23); - pbkdf2_hmac_sha256(shared_secret, 33, salt, 22 + 33, 2048, keying_bytes, 80, NULL); + pbkdf2_hmac_sha256(shared_secret, 33, salt, 22 + 33, 2048, keying_bytes, 80); // compute hmac uint8_t out[32]; hmac_sha256(keying_bytes + 32, 32, payload, payload_len, out); @@ -267,6 +268,7 @@ int cryptoMessageDecrypt(curve_point *nonce, uint8_t *payload, size_t payload_le *msg_len = o; return 0; } +*/ uint8_t *cryptoHDNodePathToPubkey(const HDNodePathType *hdnodepath) { diff --git a/firmware/crypto.h b/firmware/crypto.h index efde2265dc..11adee1ccb 100644 --- a/firmware/crypto.h +++ b/firmware/crypto.h @@ -41,11 +41,11 @@ int cryptoMessageSign(const HDNode *node, const uint8_t *message, size_t message int cryptoMessageVerify(const uint8_t *message, size_t message_len, const uint8_t *address_raw, const uint8_t *signature); -// ECIES: http://memwallet.info/btcmssgs.html - +/* ECIES disabled int cryptoMessageEncrypt(curve_point *pubkey, const uint8_t *msg, size_t msg_size, bool display_only, uint8_t *nonce, size_t *nonce_len, uint8_t *payload, size_t *payload_len, uint8_t *hmac, size_t *hmac_len, const uint8_t *privkey, const uint8_t *address_raw); int cryptoMessageDecrypt(curve_point *nonce, uint8_t *payload, size_t payload_len, const uint8_t *hmac, size_t hmac_len, const uint8_t *privkey, uint8_t *msg, size_t *msg_len, bool *display_only, bool *signing, uint8_t *address_raw); +*/ uint8_t *cryptoHDNodePathToPubkey(const HDNodePathType *hdnodepath); diff --git a/firmware/fsm.c b/firmware/fsm.c index 930a761810..97cb933bed 100644 --- a/firmware/fsm.c +++ b/firmware/fsm.c @@ -771,6 +771,7 @@ void fsm_msgSignIdentity(SignIdentity *msg) layoutHome(); } +/* ECIES disabled void fsm_msgEncryptMessage(EncryptMessage *msg) { if (!storage_isInitialized()) { @@ -888,6 +889,7 @@ void fsm_msgDecryptMessage(DecryptMessage *msg) msg_write(MessageType_MessageType_DecryptedMessage, resp); layoutHome(); } +*/ void fsm_msgEstimateTxSize(EstimateTxSize *msg) { diff --git a/firmware/messages.c b/firmware/messages.c index 9d50729179..1994f61a78 100644 --- a/firmware/messages.c +++ b/firmware/messages.c @@ -63,8 +63,10 @@ static const struct MessagesMap_t MessagesMap[] = { {'n', 'i', MessageType_MessageType_SignMessage, SignMessage_fields, (void (*)(void *))fsm_msgSignMessage}, {'n', 'i', MessageType_MessageType_SignIdentity, SignIdentity_fields, (void (*)(void *))fsm_msgSignIdentity}, {'n', 'i', MessageType_MessageType_VerifyMessage, VerifyMessage_fields, (void (*)(void *))fsm_msgVerifyMessage}, +/* ECIES disabled {'n', 'i', MessageType_MessageType_EncryptMessage, EncryptMessage_fields, (void (*)(void *))fsm_msgEncryptMessage}, {'n', 'i', MessageType_MessageType_DecryptMessage, DecryptMessage_fields, (void (*)(void *))fsm_msgDecryptMessage}, +*/ // {'n', 'i', MessageType_MessageType_PassphraseAck, PassphraseAck_fields, (void (*)(void *))fsm_msgPassphraseAck}, {'n', 'i', MessageType_MessageType_EstimateTxSize, EstimateTxSize_fields, (void (*)(void *))fsm_msgEstimateTxSize}, {'n', 'i', MessageType_MessageType_RecoveryDevice, RecoveryDevice_fields, (void (*)(void *))fsm_msgRecoveryDevice}, @@ -83,8 +85,10 @@ static const struct MessagesMap_t MessagesMap[] = { {'n', 'o', MessageType_MessageType_EntropyRequest, EntropyRequest_fields, 0}, {'n', 'o', MessageType_MessageType_MessageSignature, MessageSignature_fields, 0}, {'n', 'o', MessageType_MessageType_SignedIdentity, SignedIdentity_fields, 0}, +/* ECIES disabled {'n', 'o', MessageType_MessageType_EncryptedMessage, EncryptedMessage_fields, 0}, {'n', 'o', MessageType_MessageType_DecryptedMessage, DecryptedMessage_fields, 0}, +*/ {'n', 'o', MessageType_MessageType_PassphraseRequest, PassphraseRequest_fields, 0}, {'n', 'o', MessageType_MessageType_TxSize, TxSize_fields, 0}, {'n', 'o', MessageType_MessageType_WordRequest, WordRequest_fields, 0},