From 901035fc3c463c4d0f1a321968c41530896c7237 Mon Sep 17 00:00:00 2001 From: ftheirs Date: Fri, 8 Dec 2023 17:06:40 -0300 Subject: [PATCH] improvements v2 --- app/src/txid.c | 82 +++++++++++++------------------------------------- 1 file changed, 21 insertions(+), 61 deletions(-) diff --git a/app/src/txid.c b/app/src/txid.c index 3cf1d68c..b95db9a3 100644 --- a/app/src/txid.c +++ b/app/src/txid.c @@ -10,6 +10,8 @@ #include #include "zcash_utils.h" +#define PERSONALIZATION_SIZE 16 + // TxId level 1 node personalization #define ZCASH_HEADERS_HASH_PERSONALIZATION "ZTxIdHeadersHash" #define ZCASH_TRANSPARENT_HASH_PERSONALIZATION "ZTxIdTranspaHash" @@ -35,8 +37,6 @@ #define ZCASH_TRANSPARENT_AMOUNTS_HASH_PERSONALIZATION "ZTxTrAmountsHash" #define ZCASH_TRANSPARENT_SCRIPTS_HASH_PERSONALIZATION "ZTxTrScriptsHash" -//TODO replace these defines with char[] and use sizeof instead of hardcoded numbers --> avoid copying to personalization - #define SIGHASH_ALL 0x01 zxerr_t nu5_transparent_prevouts_hash(const uint8_t *input, uint8_t *output) { @@ -47,9 +47,7 @@ zxerr_t nu5_transparent_prevouts_hash(const uint8_t *input, uint8_t *output) { const uint8_t n = t_inlist_len(); cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_PREVOUTS_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_PREVOUTS_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); if (n == 0) { CHECK_CX_OK(cx_hash_no_throw(&ctx.header, CX_LAST, 0, 0, output, HASH_SIZE)); @@ -72,9 +70,7 @@ zxerr_t nu5_transparent_sequence_hash(const uint8_t *input, uint8_t *output) { const uint8_t n = t_inlist_len(); cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_SEQUENCE_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_SEQUENCE_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); if (n == 0) { CHECK_CX_OK(cx_hash_no_throw(&ctx.header, CX_LAST, 0, 0, output, HASH_SIZE)); @@ -101,9 +97,7 @@ zxerr_t nu5_transparent_outputs_hash(uint8_t *output) { const uint8_t n = t_outlist_len(); cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_OUTPUTS_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_OUTPUTS_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); if (n == 0) { CHECK_CX_OK(cx_hash_no_throw(&ctx.header, CX_LAST, 0, 0, output, HASH_SIZE)); @@ -147,23 +141,17 @@ zxerr_t nu5_hash_sapling_spends(const uint8_t *input, uint8_t *output) { const uint8_t n = spendlist_len(); cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_SAPLING_SPENDS_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_SAPLING_SPENDS_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); if (n == 0) { CHECK_CX_OK(cx_hash_no_throw(&ctx.header, CX_LAST, 0, 0, output, HASH_SIZE)); return zxerr_ok; } cx_blake2b_t ch_ctx = {0}; - uint8_t ch_personalization[16] = {0}; - MEMCPY(ch_personalization, PIC(ZCASH_SAPLING_SPENDS_COMPACT_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ch_ctx, 256, NULL, 0, (uint8_t *)ch_personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ch_ctx, 256, NULL, 0, (uint8_t*)ZCASH_SAPLING_SPENDS_COMPACT_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); cx_blake2b_t nh_ctx = {0}; - uint8_t nh_personalization[16] = {0}; - MEMCPY(nh_personalization, PIC(ZCASH_SAPLING_SPENDS_NONCOMPACT_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&nh_ctx, 256, NULL, 0, (uint8_t *)nh_personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&nh_ctx, 256, NULL, 0, (uint8_t*)ZCASH_SAPLING_SPENDS_NONCOMPACT_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); const uint8_t *nullifier_data = input + INDEX_SPEND_NF; const uint8_t *cv_data = input + INDEX_SPEND_VALUECMT; @@ -218,9 +206,7 @@ zxerr_t nu5_hash_sapling_outputs(const uint8_t *input, uint8_t *output) { const uint8_t n = outputlist_len(); cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_SAPLING_OUTPUTS_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_SAPLING_OUTPUTS_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); if (n == 0) { CHECK_CX_OK(cx_hash_no_throw(&ctx.header, CX_LAST, 0, 0, output, HASH_SIZE)); @@ -228,19 +214,13 @@ zxerr_t nu5_hash_sapling_outputs(const uint8_t *input, uint8_t *output) { } cx_blake2b_t ch_ctx = {0}; - uint8_t ch_personalization[16] = {0}; - MEMCPY(ch_personalization, PIC(ZCASH_SAPLING_OUTPUTS_COMPACT_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ch_ctx, 256, NULL, 0,(uint8_t *)ch_personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ch_ctx, 256, NULL, 0, (uint8_t*)ZCASH_SAPLING_OUTPUTS_COMPACT_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); cx_blake2b_t mh_ctx = {0}; - uint8_t mh_personalization[16] = {0}; - MEMCPY(mh_personalization,PIC(ZCASH_SAPLING_OUTPUTS_MEMOS_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&mh_ctx, 256, NULL, 0, (uint8_t *)mh_personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&mh_ctx, 256, NULL, 0, (uint8_t*)ZCASH_SAPLING_OUTPUTS_MEMOS_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); cx_blake2b_t nh_ctx = {0}; - uint8_t nh_personalization[16] = {0}; - MEMCPY(nh_personalization, PIC(ZCASH_SAPLING_OUTPUTS_NONCOMPACT_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&nh_ctx, 256, NULL, 0, (uint8_t *)nh_personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&nh_ctx, 256, NULL, 0, (uint8_t*)ZCASH_SAPLING_OUTPUTS_NONCOMPACT_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); const uint8_t *cmu = input + INDEX_OUTPUT_NOTECMT; const uint8_t *ephemeral_key = input + INDEX_OUTPUT_EPK; @@ -298,11 +278,7 @@ zxerr_t hash_header_txid_data(const uint8_t *input, uint8_t *output) { } cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_HEADERS_HASH_PERSONALIZATION), 16); - if (cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16) != CX_OK) { - return zxerr_invalid_crypto_settings; - } + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_HEADERS_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); const uint8_t *version = input + NU5_INDEX_HASH_VERSION; const uint8_t *version_group_id = input + NU5_INDEX_HASH_VERSION_GROUP_ID; @@ -329,11 +305,7 @@ zxerr_t hash_transparent_txid_data(const uint8_t *input, uint8_t *output) { } cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_TRANSPARENT_HASH_PERSONALIZATION), 16); - if (cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16) != CX_OK) { - return zxerr_unknown; - } + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_TRANSPARENT_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); if ((t_inlist_len() + t_outlist_len()) == 0) { return cx_hash_no_throw(&ctx.header, CX_LAST, NULL, 0, output, HASH_SIZE) == CX_OK ? zxerr_ok : zxerr_unknown; @@ -370,9 +342,7 @@ zxerr_t transparent_sig_digest(const uint8_t *input, uint8_t *start_signdata, // compute amounts digest cx_blake2b_t ctx_amounts = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_TRANSPARENT_AMOUNTS_HASH_PERSONALIZATION),16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx_amounts, 256, NULL, 0,(uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx_amounts, 256, NULL, 0, (uint8_t*)ZCASH_TRANSPARENT_AMOUNTS_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); uint64_t amount = 0; uint8_t amounts_digest[HASH_SIZE] = {0}; @@ -386,9 +356,7 @@ zxerr_t transparent_sig_digest(const uint8_t *input, uint8_t *start_signdata, CHECK_CX_OK(cx_hash_no_throw(&ctx_amounts.header, CX_LAST, (uint8_t *)&amount, sizeof(uint64_t), amounts_digest, HASH_SIZE)); cx_blake2b_t ctx_scripts = {0}; - MEMZERO(personalization, 16); - MEMCPY(personalization, PIC(ZCASH_TRANSPARENT_SCRIPTS_HASH_PERSONALIZATION),16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx_scripts, 256, NULL, 0,(uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx_scripts, 256, NULL, 0, (uint8_t*)ZCASH_TRANSPARENT_SCRIPTS_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); uint8_t scripts[SCRIPT_SIZE] = {0}; uint8_t scripts_digest[HASH_SIZE] = {0}; @@ -400,14 +368,12 @@ zxerr_t transparent_sig_digest(const uint8_t *input, uint8_t *start_signdata, t_inlist_retrieve_item_script(t_inlist_len() - 1, scripts); CHECK_CX_OK(cx_hash_no_throw(&ctx_scripts.header, CX_LAST, scripts, SCRIPT_SIZE,scripts_digest, HASH_SIZE)); - MEMZERO(personalization, 16); const uint8_t *sequence_digest = start_signdata + NU5_INDEX_HASH_SEQUENCEHASH; const uint8_t *outputs_digest = start_signdata + NU5_INDEX_HASH_OUTPUTSHASH; cx_blake2b_t ctx_txin_sig_digest = {0}; uint8_t txin_sig_digest[HASH_SIZE] = {0}; - MEMCPY(personalization, PIC(ZCASH_TRANSPARENT_INPUT_HASH_PERSONALIZATION),16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx_txin_sig_digest, 256, NULL, 0,(uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx_txin_sig_digest, 256, NULL, 0, (uint8_t*)ZCASH_TRANSPARENT_INPUT_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); if (type == transparent) { const t_input_item_t *item = t_inlist_retrieve_item(index); @@ -425,12 +391,10 @@ zxerr_t transparent_sig_digest(const uint8_t *input, uint8_t *start_signdata, CHECK_CX_OK(cx_hash_no_throw(&ctx_txin_sig_digest.header, 0, sequence_data, SEQUENCE_SIZE, NULL, 0)); } - CHECK_CX_OK(cx_hash_no_throw(&ctx_txin_sig_digest.header, CX_LAST, NULL, 0,txin_sig_digest, HASH_SIZE)); + CHECK_CX_OK(cx_hash_no_throw(&ctx_txin_sig_digest.header, CX_LAST, NULL, 0, txin_sig_digest, HASH_SIZE)); cx_blake2b_t ctx = {0}; - MEMZERO(personalization, 16); - MEMCPY(personalization, PIC(ZCASH_TRANSPARENT_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization,16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_TRANSPARENT_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); CHECK_CX_OK(cx_hash_no_throw(&ctx.header, 0, &hash_type, sizeof(uint8_t), NULL, 0)); CHECK_CX_OK(cx_hash_no_throw(&ctx.header, 0, prevout_digest, HASH_SIZE, NULL, 0)); @@ -451,9 +415,7 @@ zxerr_t hash_sapling_txid_data(const uint8_t *input, uint8_t *output) { } cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_SAPLING_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_SAPLING_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); if (spendlist_len() + outputlist_len() == 0) { CHECK_CX_OK(cx_hash_no_throw(&ctx.header, CX_LAST, 0, 0, output, HASH_SIZE)); @@ -475,9 +437,7 @@ zxerr_t hash_empty_orchard_txid_data(uint8_t *output) { return zxerr_no_data; } cx_blake2b_t ctx = {0}; - uint8_t personalization[16] = {0}; - MEMCPY(personalization, PIC(ZCASH_ORCHARD_HASH_PERSONALIZATION), 16); - CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t *)personalization, 16)); + CHECK_CX_OK(cx_blake2b_init2_no_throw(&ctx, 256, NULL, 0, (uint8_t*)ZCASH_ORCHARD_HASH_PERSONALIZATION, PERSONALIZATION_SIZE)); CHECK_CX_OK(cx_hash_no_throw(&ctx.header, CX_LAST, 0, 0, output, HASH_SIZE)); return zxerr_ok;