From eaf209d9992965edbe919272d69b294b9af87c31 Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Mon, 29 Jun 2015 16:36:50 +0200 Subject: [PATCH] implement CipherKeyValue.iv field --- firmware/fsm.c | 4 ++-- firmware/protob/messages.options | 1 + firmware/protob/messages.pb.c | 3 ++- firmware/protob/messages.pb.h | 16 ++++++++++++---- 4 files changed, 17 insertions(+), 7 deletions(-) diff --git a/firmware/fsm.c b/firmware/fsm.c index a3d6e314f6..cabcd82558 100644 --- a/firmware/fsm.c +++ b/firmware/fsm.c @@ -445,11 +445,11 @@ void fsm_msgCipherKeyValue(CipherKeyValue *msg) if (encrypt) { aes_encrypt_ctx ctx; aes_encrypt_key256(data, &ctx); - aes_cbc_encrypt(msg->value.bytes, resp->value.bytes, msg->value.size, data + 32, &ctx); + aes_cbc_encrypt(msg->value.bytes, resp->value.bytes, msg->value.size, ((msg->iv.size == 16) ? (msg->iv.bytes) : (data + 32)), &ctx); } else { aes_decrypt_ctx ctx; aes_decrypt_key256(data, &ctx); - aes_cbc_decrypt(msg->value.bytes, resp->value.bytes, msg->value.size, data + 32, &ctx); + aes_cbc_decrypt(msg->value.bytes, resp->value.bytes, msg->value.size, ((msg->iv.size == 16) ? (msg->iv.bytes) : (data + 32)), &ctx); } resp->has_value = true; resp->value.size = msg->value.size; diff --git a/firmware/protob/messages.options b/firmware/protob/messages.options index 1a4b194baa..50499abcfe 100644 --- a/firmware/protob/messages.options +++ b/firmware/protob/messages.options @@ -80,6 +80,7 @@ DecryptedMessage.message max_size:1024 CipherKeyValue.address_n max_count:8 CipherKeyValue.key max_size:256 CipherKeyValue.value max_size:1024 +CipherKeyValue.iv max_size:16 CipheredKeyValue.value max_size:1024 diff --git a/firmware/protob/messages.pb.c b/firmware/protob/messages.pb.c index c5737d6e8a..784210876c 100644 --- a/firmware/protob/messages.pb.c +++ b/firmware/protob/messages.pb.c @@ -251,13 +251,14 @@ const pb_field_t DecryptedMessage_fields[3] = { PB_LAST_FIELD }; -const pb_field_t CipherKeyValue_fields[7] = { +const pb_field_t CipherKeyValue_fields[8] = { PB_FIELD2( 1, UINT32 , REPEATED, STATIC , FIRST, CipherKeyValue, address_n, address_n, 0), PB_FIELD2( 2, STRING , OPTIONAL, STATIC , OTHER, CipherKeyValue, key, address_n, 0), PB_FIELD2( 3, BYTES , OPTIONAL, STATIC , OTHER, CipherKeyValue, value, key, 0), PB_FIELD2( 4, BOOL , OPTIONAL, STATIC , OTHER, CipherKeyValue, encrypt, value, 0), PB_FIELD2( 5, BOOL , OPTIONAL, STATIC , OTHER, CipherKeyValue, ask_on_encrypt, encrypt, 0), PB_FIELD2( 6, BOOL , OPTIONAL, STATIC , OTHER, CipherKeyValue, ask_on_decrypt, ask_on_encrypt, 0), + PB_FIELD2( 7, BYTES , OPTIONAL, STATIC , OTHER, CipherKeyValue, iv, ask_on_decrypt, 0), PB_LAST_FIELD }; diff --git a/firmware/protob/messages.pb.h b/firmware/protob/messages.pb.h index ea39b1c597..b82a54cea4 100644 --- a/firmware/protob/messages.pb.h +++ b/firmware/protob/messages.pb.h @@ -154,6 +154,11 @@ typedef struct { uint8_t bytes[1024]; } CipherKeyValue_value_t; +typedef struct { + size_t size; + uint8_t bytes[16]; +} CipherKeyValue_iv_t; + typedef struct _CipherKeyValue { size_t address_n_count; uint32_t address_n[8]; @@ -167,6 +172,8 @@ typedef struct _CipherKeyValue { bool ask_on_encrypt; bool has_ask_on_decrypt; bool ask_on_decrypt; + bool has_iv; + CipherKeyValue_iv_t iv; } CipherKeyValue; typedef struct { @@ -673,7 +680,7 @@ extern const char SimpleSignTx_coin_name_default[17]; #define EncryptedMessage_init_default {false, {0, {0}}, false, {0, {0}}, false, {0, {0}}} #define DecryptMessage_init_default {0, {0, 0, 0, 0, 0, 0, 0, 0}, false, {0, {0}}, false, {0, {0}}, false, {0, {0}}} #define DecryptedMessage_init_default {false, {0, {0}}, false, ""} -#define CipherKeyValue_init_default {0, {0, 0, 0, 0, 0, 0, 0, 0}, false, "", false, {0, {0}}, false, 0, false, 0, false, 0} +#define CipherKeyValue_init_default {0, {0, 0, 0, 0, 0, 0, 0, 0}, false, "", false, {0, {0}}, false, 0, false, 0, false, 0, false, {0, {0}}} #define CipheredKeyValue_init_default {false, {0, {0}}} #define EstimateTxSize_init_default {0, 0, false, "Bitcoin"} #define TxSize_init_default {false, 0} @@ -727,7 +734,7 @@ extern const char SimpleSignTx_coin_name_default[17]; #define EncryptedMessage_init_zero {false, {0, {0}}, false, {0, {0}}, false, {0, {0}}} #define DecryptMessage_init_zero {0, {0, 0, 0, 0, 0, 0, 0, 0}, false, {0, {0}}, false, {0, {0}}, false, {0, {0}}} #define DecryptedMessage_init_zero {false, {0, {0}}, false, ""} -#define CipherKeyValue_init_zero {0, {0, 0, 0, 0, 0, 0, 0, 0}, false, "", false, {0, {0}}, false, 0, false, 0, false, 0} +#define CipherKeyValue_init_zero {0, {0, 0, 0, 0, 0, 0, 0, 0}, false, "", false, {0, {0}}, false, 0, false, 0, false, 0, false, {0, {0}}} #define CipheredKeyValue_init_zero {false, {0, {0}}} #define EstimateTxSize_init_zero {0, 0, false, ""} #define TxSize_init_zero {false, 0} @@ -760,6 +767,7 @@ extern const char SimpleSignTx_coin_name_default[17]; #define CipherKeyValue_encrypt_tag 4 #define CipherKeyValue_ask_on_encrypt_tag 5 #define CipherKeyValue_ask_on_decrypt_tag 6 +#define CipherKeyValue_iv_tag 7 #define CipheredKeyValue_value_tag 1 #define DebugLinkDecision_yes_no_tag 1 #define DebugLinkLog_level_tag 1 @@ -917,7 +925,7 @@ extern const pb_field_t EncryptMessage_fields[6]; extern const pb_field_t EncryptedMessage_fields[4]; extern const pb_field_t DecryptMessage_fields[5]; extern const pb_field_t DecryptedMessage_fields[3]; -extern const pb_field_t CipherKeyValue_fields[7]; +extern const pb_field_t CipherKeyValue_fields[8]; extern const pb_field_t CipheredKeyValue_fields[2]; extern const pb_field_t EstimateTxSize_fields[4]; extern const pb_field_t TxSize_fields[2]; @@ -973,7 +981,7 @@ extern const pb_field_t DebugLinkLog_fields[4]; #define EncryptedMessage_size 1168 #define DecryptMessage_size 1216 #define DecryptedMessage_size 1065 -#define CipherKeyValue_size 1340 +#define CipherKeyValue_size 1358 #define CipheredKeyValue_size 1027 #define EstimateTxSize_size 31 #define TxSize_size 6