From 368ad8e9fdde3a58a5c250d267c8acda57dab9dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Palmer?= Date: Fri, 19 Jan 2024 16:14:50 +0100 Subject: [PATCH] No longer using deprecated functions uses CX_THROW if no error handling is supported --- src/apdu_sign.c | 9 ++-- src/globals.c | 2 +- src/globals.h | 2 +- src/keys.c | 113 ++++++++++++++++++++++++------------------------ 4 files changed, 64 insertions(+), 62 deletions(-) diff --git a/src/apdu_sign.c b/src/apdu_sign.c index 5f18cf09..f7e0185c 100644 --- a/src/apdu_sign.c +++ b/src/apdu_sign.c @@ -24,7 +24,8 @@ static inline void conditional_init_hash_state(blake2b_hash_state_t *const state) { check_null(state); if (!state->initialized) { - cx_blake2b_init(&state->state, SIGN_HASH_SIZE * 8); // cx_blake2b_init takes size in bits. + // cx_blake2b_init takes size in bits. + CX_THROW(cx_blake2b_init_no_throw(&state->state, SIGN_HASH_SIZE * 8)); state->initialized = true; } } @@ -42,7 +43,8 @@ static void blake2b_incremental_hash( while (*out_length > B2B_BLOCKBYTES) { if (current - out > (int) out_size) THROW(EXC_MEMORY_ERROR); conditional_init_hash_state(state); - cx_hash((cx_hash_t *) &state->state, 0, current, B2B_BLOCKBYTES, NULL, 0); + CX_THROW( + cx_hash_no_throw((cx_hash_t *) &state->state, 0, current, B2B_BLOCKBYTES, NULL, 0)); *out_length -= B2B_BLOCKBYTES; current += B2B_BLOCKBYTES; } @@ -64,7 +66,8 @@ static void blake2b_finish_hash( conditional_init_hash_state(state); blake2b_incremental_hash(buff, buff_size, buff_length, state); - cx_hash((cx_hash_t *) &state->state, CX_LAST, buff, *buff_length, out, out_size); + CX_THROW( + cx_hash_no_throw((cx_hash_t *) &state->state, CX_LAST, buff, *buff_length, out, out_size)); } static inline void clear_data(void) { diff --git a/src/globals.c b/src/globals.c index 722b4828..a1cdbed5 100644 --- a/src/globals.c +++ b/src/globals.c @@ -66,7 +66,7 @@ void copy_key(char *out, size_t out_size, void *data) { cx_ecfp_public_key_t pubkey = {0}; generate_public_key(&pubkey, (derivation_type_t const) baking_key->derivation_type, - (bip32_path_t const *const) & baking_key->bip32_path); + (bip32_path_t const *const) &baking_key->bip32_path); pubkey_to_pkh_string(out, out_size, (derivation_type_t const) baking_key->derivation_type, diff --git a/src/globals.h b/src/globals.h index ca945e2d..884eeba0 100644 --- a/src/globals.h +++ b/src/globals.h @@ -156,7 +156,7 @@ high_watermark_t volatile *select_hwm_by_chain(chain_id_t const chain_id, ({ \ nvram_data *const out_name = &global.apdu.baking_auth.new_data; \ memcpy(&global.apdu.baking_auth.new_data, \ - (nvram_data const *const) & N_data, \ + (nvram_data const *const) &N_data, \ sizeof(global.apdu.baking_auth.new_data)); \ body; \ nvm_write((void *) &N_data, &global.apdu.baking_auth.new_data, sizeof(N_data)); \ diff --git a/src/keys.c b/src/keys.c index 4b8c5352..61c5107b 100644 --- a/src/keys.c +++ b/src/keys.c @@ -56,38 +56,30 @@ int crypto_derive_private_key(cx_ecfp_private_key_t *private_key, cx_curve_t const cx_curve = signature_type_to_cx_curve(derivation_type_to_signature_type(derivation_type)); - BEGIN_TRY { - TRY { - if (derivation_type == DERIVATION_TYPE_ED25519) { - // Old, non BIP32_Ed25519 way... - os_perso_derive_node_bip32_seed_key(HDW_ED25519_SLIP10, - CX_CURVE_Ed25519, - bip32_path->components, - bip32_path->length, - raw_private_key, - NULL, - NULL, - 0); - } else { - // derive the seed with bip32_path - os_perso_derive_node_bip32(cx_curve, - bip32_path->components, - bip32_path->length, - raw_private_key, - NULL); - } - - // new private_key from raw - cx_ecfp_init_private_key(cx_curve, raw_private_key, 32, private_key); - } - CATCH_OTHER(e) { - error = 1; - } - FINALLY { - explicit_bzero(raw_private_key, sizeof(raw_private_key)); - } + if (derivation_type == DERIVATION_TYPE_ED25519) { + // Old, non BIP32_Ed25519 way... + error = os_derive_bip32_with_seed_no_throw(HDW_ED25519_SLIP10, + CX_CURVE_Ed25519, + bip32_path->components, + bip32_path->length, + raw_private_key, + NULL, + NULL, + 0); + } else { + // derive the seed with bip32_path + error = os_derive_bip32_no_throw(cx_curve, + bip32_path->components, + bip32_path->length, + raw_private_key, + NULL); } - END_TRY; + + if (!error) + // new private_key from raw + error = cx_ecfp_init_private_key_no_throw(cx_curve, raw_private_key, 32, private_key); + + explicit_bzero(raw_private_key, sizeof(raw_private_key)); return error; } @@ -100,7 +92,10 @@ int crypto_init_public_key(derivation_type_t const derivation_type, signature_type_to_cx_curve(derivation_type_to_signature_type(derivation_type)); // generate corresponding public key - cx_ecfp_generate_pair(cx_curve, public_key, private_key, 1); + error = cx_ecfp_generate_pair_no_throw(cx_curve, public_key, private_key, 1); + if (error) { + return error; + } // If we're using the old curve, make sure to adjust accordingly. if (cx_curve == CX_CURVE_Ed25519) { @@ -170,13 +165,14 @@ void public_key_hash(uint8_t *const hash_out, } cx_blake2b_t hash_state; - cx_blake2b_init(&hash_state, HASH_SIZE * 8); // cx_blake2b_init takes size in bits. - cx_hash((cx_hash_t *) &hash_state, - CX_LAST, - compressed.W, - compressed.W_len, - hash_out, - HASH_SIZE); + // cx_blake2b_init takes size in bits. + CX_THROW(cx_blake2b_init_no_throw(&hash_state, HASH_SIZE * 8)); + CX_THROW(cx_hash_no_throw((cx_hash_t *) &hash_state, + CX_LAST, + compressed.W, + compressed.W_len, + hash_out, + HASH_SIZE)); if (compressed_out != NULL) { memmove(compressed_out, &compressed, sizeof(*compressed_out)); } @@ -197,30 +193,33 @@ size_t sign(uint8_t *const out, case SIGNATURE_TYPE_ED25519: { static size_t const SIG_SIZE = 64; if (out_size < SIG_SIZE) THROW(EXC_WRONG_LENGTH); - tx += cx_eddsa_sign(&pair->private_key, - 0, - CX_SHA512, - (uint8_t const *) PIC(in), - in_size, - NULL, - 0, - out, - SIG_SIZE, - NULL); + + CX_THROW(cx_eddsa_sign_no_throw(&pair->private_key, + CX_SHA512, + (uint8_t const *) PIC(in), + in_size, + out, + SIG_SIZE)); + + tx += SIG_SIZE; + } break; case SIGNATURE_TYPE_SECP256K1: case SIGNATURE_TYPE_SECP256R1: { static size_t const SIG_SIZE = 100; if (out_size < SIG_SIZE) THROW(EXC_WRONG_LENGTH); unsigned int info; - tx += cx_ecdsa_sign(&pair->private_key, - CX_LAST | CX_RND_RFC6979, - CX_SHA256, // historical reasons...semantically CX_NONE - (uint8_t const *) PIC(in), - in_size, - out, - SIG_SIZE, - &info); + size_t sig_len = SIG_SIZE; + CX_THROW(cx_ecdsa_sign_no_throw(&pair->private_key, + CX_LAST | CX_RND_RFC6979, + CX_SHA256, // historical reasons...semantically CX_NONE + (uint8_t const *) PIC(in), + in_size, + out, + &sig_len, + &info)); + tx += sig_len; + if (info & CX_ECCINFO_PARITY_ODD) { out[0] |= 0x01; }