Skip to content

Commit

Permalink
No longer using deprecated functions
Browse files Browse the repository at this point in the history
uses CX_THROW if no error handling is supported
  • Loading branch information
spalmer25 committed Jan 19, 2024
1 parent a9ad5a8 commit de084cb
Show file tree
Hide file tree
Showing 2 changed files with 70 additions and 60 deletions.
17 changes: 14 additions & 3 deletions src/apdu_sign.c
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,8 @@
static inline void conditional_init_hash_state(blake2b_hash_state_t *const state) {
check_null(state);
if (!state->initialized) {
cx_blake2b_init(&state->state, SIGN_HASH_SIZE * 8); // cx_blake2b_init takes size in bits.
// cx_blake2b_init takes size in bits.
CX_THROW(cx_blake2b_init_no_throw(&state->state, SIGN_HASH_SIZE * 8));
state->initialized = true;
}
}
Expand All @@ -42,7 +43,12 @@ static void blake2b_incremental_hash(
while (*out_length > B2B_BLOCKBYTES) {
if (current - out > (int) out_size) THROW(EXC_MEMORY_ERROR);
conditional_init_hash_state(state);
cx_hash((cx_hash_t *) &state->state, 0, current, B2B_BLOCKBYTES, NULL, 0);
CX_THROW(cx_hash_no_throw((cx_hash_t *) &state->state,
0,
current,
B2B_BLOCKBYTES,
NULL,
0));
*out_length -= B2B_BLOCKBYTES;
current += B2B_BLOCKBYTES;
}
Expand All @@ -64,7 +70,12 @@ static void blake2b_finish_hash(

conditional_init_hash_state(state);
blake2b_incremental_hash(buff, buff_size, buff_length, state);
cx_hash((cx_hash_t *) &state->state, CX_LAST, buff, *buff_length, out, out_size);
CX_THROW(cx_hash_no_throw((cx_hash_t *) &state->state,
CX_LAST,
buff,
*buff_length,
out,
out_size));
}

static inline void clear_data(void) {
Expand Down
113 changes: 56 additions & 57 deletions src/keys.c
Original file line number Diff line number Diff line change
Expand Up @@ -56,38 +56,30 @@ int crypto_derive_private_key(cx_ecfp_private_key_t *private_key,
cx_curve_t const cx_curve =
signature_type_to_cx_curve(derivation_type_to_signature_type(derivation_type));

BEGIN_TRY {
TRY {
if (derivation_type == DERIVATION_TYPE_ED25519) {
// Old, non BIP32_Ed25519 way...
os_perso_derive_node_bip32_seed_key(HDW_ED25519_SLIP10,
CX_CURVE_Ed25519,
bip32_path->components,
bip32_path->length,
raw_private_key,
NULL,
NULL,
0);
} else {
// derive the seed with bip32_path
os_perso_derive_node_bip32(cx_curve,
bip32_path->components,
bip32_path->length,
raw_private_key,
NULL);
}

// new private_key from raw
cx_ecfp_init_private_key(cx_curve, raw_private_key, 32, private_key);
}
CATCH_OTHER(e) {
error = 1;
}
FINALLY {
explicit_bzero(raw_private_key, sizeof(raw_private_key));
}
if (derivation_type == DERIVATION_TYPE_ED25519) {
// Old, non BIP32_Ed25519 way...
error = os_derive_bip32_with_seed_no_throw(HDW_ED25519_SLIP10,
CX_CURVE_Ed25519,
bip32_path->components,
bip32_path->length,
raw_private_key,
NULL,
NULL,
0);
} else {
// derive the seed with bip32_path
error = os_derive_bip32_no_throw(cx_curve,
bip32_path->components,
bip32_path->length,
raw_private_key,
NULL);
}
END_TRY;

if (!error)
// new private_key from raw
error = cx_ecfp_init_private_key_no_throw(cx_curve, raw_private_key, 32, private_key);

explicit_bzero(raw_private_key, sizeof(raw_private_key));

return error;
}
Expand All @@ -100,7 +92,10 @@ int crypto_init_public_key(derivation_type_t const derivation_type,
signature_type_to_cx_curve(derivation_type_to_signature_type(derivation_type));

// generate corresponding public key
cx_ecfp_generate_pair(cx_curve, public_key, private_key, 1);
error = cx_ecfp_generate_pair_no_throw(cx_curve, public_key, private_key, 1);
if (error) {
return error;
}

// If we're using the old curve, make sure to adjust accordingly.
if (cx_curve == CX_CURVE_Ed25519) {
Expand Down Expand Up @@ -170,13 +165,14 @@ void public_key_hash(uint8_t *const hash_out,
}

cx_blake2b_t hash_state;
cx_blake2b_init(&hash_state, HASH_SIZE * 8); // cx_blake2b_init takes size in bits.
cx_hash((cx_hash_t *) &hash_state,
CX_LAST,
compressed.W,
compressed.W_len,
hash_out,
HASH_SIZE);
// cx_blake2b_init takes size in bits.
CX_THROW(cx_blake2b_init_no_throw(&hash_state, HASH_SIZE * 8));
CX_THROW(cx_hash_no_throw((cx_hash_t *) &hash_state,
CX_LAST,
compressed.W,
compressed.W_len,
hash_out,
HASH_SIZE));
if (compressed_out != NULL) {
memmove(compressed_out, &compressed, sizeof(*compressed_out));
}
Expand All @@ -197,30 +193,33 @@ size_t sign(uint8_t *const out,
case SIGNATURE_TYPE_ED25519: {
static size_t const SIG_SIZE = 64;
if (out_size < SIG_SIZE) THROW(EXC_WRONG_LENGTH);
tx += cx_eddsa_sign(&pair->private_key,
0,
CX_SHA512,
(uint8_t const *) PIC(in),
in_size,
NULL,
0,
out,
SIG_SIZE,
NULL);

CX_THROW(cx_eddsa_sign_no_throw(&pair->private_key,
CX_SHA512,
(uint8_t const *) PIC(in),
in_size,
out,
SIG_SIZE));

tx += SIG_SIZE;

} break;
case SIGNATURE_TYPE_SECP256K1:
case SIGNATURE_TYPE_SECP256R1: {
static size_t const SIG_SIZE = 100;
if (out_size < SIG_SIZE) THROW(EXC_WRONG_LENGTH);
unsigned int info;
tx += cx_ecdsa_sign(&pair->private_key,
CX_LAST | CX_RND_RFC6979,
CX_SHA256, // historical reasons...semantically CX_NONE
(uint8_t const *) PIC(in),
in_size,
out,
SIG_SIZE,
&info);
size_t sig_len = SIG_SIZE;
CX_THROW(cx_ecdsa_sign_no_throw(&pair->private_key,
CX_LAST | CX_RND_RFC6979,
CX_SHA256, // historical reasons...semantically CX_NONE
(uint8_t const *) PIC(in),
in_size,
out,
&sig_len,
&info));
tx += sig_len;

if (info & CX_ECCINFO_PARITY_ODD) {
out[0] |= 0x01;
}
Expand Down

0 comments on commit de084cb

Please sign in to comment.