Add hearbeats

app/Makefile.version

@@ -3,4 +3,4 @@ APPVERSION_M=3
 # This is the minor version of this release
 APPVERSION_N=3
 # This is the patch version of this release
-APPVERSION_P=4
+APPVERSION_P=5

app/rust/src/commitments.rs

@@ -271,9 +271,12 @@ pub extern "C" fn compute_nullifier(
     let nsk = unsafe { &*nsk_ptr };
     let mut nk = [0u8; 32];
     nsk_to_nk(nsk, &mut nk);
+    crate::heart_beat();
     let scalar = Fr::from(pos);
     let e = bytes_to_extended(ncm);
+    crate::heart_beat();
     let rho = mixed_pedersen(&e, scalar);
+    crate::heart_beat();
     let output = unsafe { &mut *output_ptr };
     output.copy_from_slice(&prf_nf(&nk, &rho));
 }

app/rust/src/lib.rs

@@ -44,3 +44,16 @@ fn debug(_msg: &str) {}
 fn panic(_info: &PanicInfo) -> ! {
     loop {}
 }
+
+#[cfg(not(test))]
+extern "C" {
+    fn io_heart_beat();
+}
+
+// Lets the device breath between computations
+pub(crate) fn heart_beat() {
+    #[cfg(not(test))]
+    unsafe {
+        io_heart_beat()
+    }
+}

app/rust/src/note_encryption.rs

@@ -22,11 +22,7 @@ pub extern "C" fn blake2b_prf(input_ptr: *const [u8; 128], out_ptr: *mut [u8; 32
 }
 
 #[no_mangle]
-pub fn get_epk(
-    esk_ptr: *const [u8; 32],
-    d_ptr: *const [u8; 11],
-    output_ptr: *mut [u8; 32],
-) {
+pub fn get_epk(esk_ptr: *const [u8; 32], d_ptr: *const [u8; 11], output_ptr: *mut [u8; 32]) {
     let esk = unsafe { &*esk_ptr }; //ovk, cv, cmu, epk
     let d = unsafe { &*d_ptr };
     let output = unsafe { &mut *output_ptr };
@@ -35,18 +31,22 @@ pub fn get_epk(
 }
 
 #[no_mangle]
-pub extern "C" fn rseed_get_esk_epk(rseed_ptr: *const [u8; 32],
-                                    d_ptr: *const [u8; 11],
-                                    output_esk_ptr: *mut [u8; 32],
-                                    output_epk_ptr: *mut [u8; 32]) {
+pub extern "C" fn rseed_get_esk_epk(
+    rseed_ptr: *const [u8; 32],
+    d_ptr: *const [u8; 11],
+    output_esk_ptr: *mut [u8; 32],
+    output_epk_ptr: *mut [u8; 32],
+) {
+    crate::heart_beat();
     let rseed = unsafe { &*rseed_ptr };
-//    let d = unsafe { &*d_ptr };
+    //    let d = unsafe { &*d_ptr };
     let output_esk = unsafe { &mut *output_esk_ptr };
     let output_epk = unsafe { &mut *output_epk_ptr };
     rseed_get_esk(rseed, output_esk);
 
     //let epk = multwithgd(output_esk, d);
-    get_epk(output_esk,d_ptr,output_epk);
+    get_epk(output_esk, d_ptr, output_epk);
+    crate::heart_beat();
     //output_epk.copy_from_slice(&epk);
 }
 
@@ -57,11 +57,13 @@ pub extern "C" fn ka_to_key(
     epk_ptr: *const [u8; 32],
     output_ptr: *mut [u8; 32],
 ) {
+    crate::heart_beat();
     let esk = unsafe { &*esk_ptr }; //ovk, cv, cmu, epk
     let pkd = unsafe { &*pkd_ptr };
     let epk = unsafe { &*epk_ptr };
     let shared_secret = sapling_ka_agree(esk, pkd);
     let key = kdf_sapling(&shared_secret, epk);
+    crate::heart_beat();
     let output = unsafe { &mut *output_ptr }; //ovk, cv, cmu, epk
     output.copy_from_slice(&key);
 }

app/rust/src/pedersen.rs

@@ -261,7 +261,6 @@ pub fn pedersen_hash_pointbytes(m: &[u8], bitsize: u32) -> [u8; 32] {
     extended_to_bytes(&result_point)
 }
 
-
 #[cfg(test)]
 mod tests {
     use super::*;

app/rust/src/redjubjub.rs

@@ -55,12 +55,16 @@ pub fn sign_compute_sbar(msg: &[u8], r: &Fr, rbar: &[u8], sfr: &Fr) -> [u8; 32]
 
 #[inline(never)]
 pub fn sign_complete(msg: &[u8], sk: &Fr) -> [u8; 64] {
+    crate::heart_beat();
     let r = sign_generate_r(&msg);
+    crate::heart_beat();
     let rbar = sign_compute_rbar(&r.to_bytes());
+    crate::heart_beat();
     let sbar = sign_compute_sbar(msg, &r, &rbar, sk);
     let mut sig = [0u8; 64];
     sig[..32].copy_from_slice(&rbar);
     sig[32..].copy_from_slice(&sbar);
+    crate::heart_beat();
     sig
 }
 
@@ -127,12 +131,12 @@ pub extern "C" fn randomized_secret_from_seed(
     alpha_ptr: *const [u8; 32],
     output_ptr: *mut [u8; 32],
 ) {
-    let mut ask = [0u8;32];
-    let mut nsk = [0u8;32];
+    let mut ask = [0u8; 32];
+    let mut nsk = [0u8; 32];
     let alpha = unsafe { &*alpha_ptr };
     let output = unsafe { &mut *output_ptr };
 
-    zip32_child_ask_nsk(seed_ptr,&mut ask, &mut nsk, pos);
+    zip32_child_ask_nsk(seed_ptr, &mut ask, &mut nsk, pos);
 
     let mut skfr = Fr::from_bytes(&ask).unwrap();
     let alphafr = Fr::from_bytes(&alpha).unwrap();

app/rust/src/zeccrypto.rs

@@ -14,6 +14,7 @@ use crate::{bolos, pedersen::extended_to_bytes, zip32};
 #[inline(never)]
 pub fn rseed_generate_rcm(rseed: &[u8; 32]) -> Fr {
     let bytes = zip32::prf_expand(rseed, &[0x04]);
+    crate::heart_beat();
     jubjub::Fr::from_bytes_wide(&bytes)
 }
 
@@ -52,6 +53,7 @@ pub fn kdf_sapling(dhsecret: &[u8; 32], epk: &[u8; 32]) -> [u8; 32] {
     (&mut input[..32]).copy_from_slice(dhsecret);
     (&mut input[32..]).copy_from_slice(epk);
     pub const KDF_SAPLING_PERSONALIZATION: &[u8; 16] = b"Zcash_SaplingKDF";
+    crate::heart_beat();
     bolos::blake2b32_with_personalization(KDF_SAPLING_PERSONALIZATION, &input)
 }
 
@@ -62,12 +64,14 @@ pub fn prf_ock(ovk: &[u8; 32], cv: &[u8; 32], cmu: &[u8; 32], epk: &[u8; 32]) ->
     ock_input[64..96].copy_from_slice(cmu);
     ock_input[96..128].copy_from_slice(epk);
     pub const PRF_OCK_PERSONALIZATION: &[u8; 16] = b"Zcash_Derive_ock";
+    crate::heart_beat();
     bolos::blake2b32_with_personalization(PRF_OCK_PERSONALIZATION, &ock_input)
 }
 
 #[inline(never)]
 pub fn prf_sessionkey(data: &[u8]) -> [u8; 32] {
     pub const PRF_SESSION_PERSONALIZATION: &[u8; 16] = b"Zcash_SessionKey";
+    crate::heart_beat();
     bolos::blake2b32_with_personalization(PRF_SESSION_PERSONALIZATION, &data)
 }
 

app/rust/src/zip32.rs

@@ -196,6 +196,8 @@ pub fn ff1aes_list_with_startingindex_default(
     let mut ff1 = BinaryFF1::new(&cipher, 11, &[], &mut scratch).unwrap();
     let mut d: [u8; 11];
 
+    crate::heart_beat();
+
     let size = 4;
 
     for c in 0..size {
@@ -388,12 +390,14 @@ pub fn derive_zip32_ovk_fromseedandpath(seed: &[u8; 32], path: &[u32]) -> [u8; 3
     chain.copy_from_slice(&tmp[32..]);
 
     let mut ask = Fr::from_bytes_wide(&prf_expand(&key, &[0x00]));
-
     let mut nsk = Fr::from_bytes_wide(&prf_expand(&key, &[0x01]));
+    crate::heart_beat();
 
     let mut expkey: [u8; 96];
     expkey = expandedspendingkey_zip32(&key); //96
                                               //master divkey
+    crate::heart_beat();
+
     let mut divkey = [0u8; 32];
     divkey.copy_from_slice(&diversifier_key_zip32(&key)); //32
     for &p in path {
@@ -415,6 +419,7 @@ pub fn derive_zip32_ovk_fromseedandpath(seed: &[u8; 32], path: &[u32]) -> [u8; 3
             LittleEndian::write_u32(&mut le_i, c);
             tmp = bolos::blake2b_expand_vec_four(&chain, &[0x12], &fvk, &divkey, &le_i);
         }
+        crate::heart_beat();
         //extract key and chainkey
         key.copy_from_slice(&tmp[..32]);
         chain.copy_from_slice(&tmp[32..]);
@@ -503,7 +508,7 @@ pub fn master_nsk_from_seed(seed: &[u8; 32]) -> [u8; 32] {
     let mut key = [0u8; 32]; //32
 
     key.copy_from_slice(&tmp[..32]);
-
+    crate::heart_beat();
     let nsk = Fr::from_bytes_wide(&prf_expand(&key, &[0x01]));
     let mut result = [0u8; 32];
     result.copy_from_slice(&nsk.to_bytes());
@@ -522,9 +527,12 @@ pub fn derive_zip32_child_fromseedandpath(seed: &[u8; 32], path: &[u32], child_c
     let mut ask = Fr::from_bytes_wide(&prf_expand(tmp[..32].try_into().unwrap(), &[0x00]));
 
     let mut nsk = Fr::from_bytes_wide(&prf_expand(tmp[..32].try_into().unwrap(), &[0x01]));
+    crate::heart_beat();
 
     let mut expkey: [u8; 96];
     expkey = expandedspendingkey_zip32(&tmp[..32].try_into().unwrap()); //96
+    crate::heart_beat();
+
     //master divkey
     let mut divkey = [0u8; 32];
     divkey.copy_from_slice(&diversifier_key_zip32(&tmp[..32].try_into().unwrap())); //32
@@ -548,6 +556,7 @@ pub fn derive_zip32_child_fromseedandpath(seed: &[u8; 32], path: &[u32], child_c
             tmp = bolos::blake2b_expand_vec_four(&tmp[32..], &[0x12], &fvk, &divkey, &le_i);
         }
 
+        crate::heart_beat();
         let ask_cur = Fr::from_bytes_wide(&prf_expand(&tmp[..32], &[0x13]));
         let nsk_cur = Fr::from_bytes_wide(&prf_expand(&tmp[..32], &[0x14]));
 
@@ -562,7 +571,7 @@ pub fn derive_zip32_child_fromseedandpath(seed: &[u8; 32], path: &[u32], child_c
     // Get ak from ask
     let mut ak = [0u8; 32];
     bolos::sdk_jubjub_scalarmult_spending_base(&mut ak, &ask.to_bytes());
-
+    crate::heart_beat();
 
     // Get nk from nsk = k[64..96]
     let nk_tmp = PROVING_KEY_BASE.multiply_bits(&nsk.to_bytes());
@@ -680,17 +689,16 @@ pub extern "C" fn get_default_diversifier_without_start_index(
     while !found {
         ff1aes_list_with_startingindex_default(&dk[0..32].try_into().unwrap(),
         &mut start, &mut div_list);
-        for i in 0..DIV_DEFAULT_LIST_LEN
-            {
+        for i in 0..DIV_DEFAULT_LIST_LEN {
             if !found && is_valid_diversifier(
-            &div_list[i*DIV_SIZE..(i+1)*DIV_SIZE].try_into().unwrap())
-                {
+            &div_list[i*DIV_SIZE..(i+1)*DIV_SIZE].try_into().unwrap()) {
                     found = true;
                     div.copy_from_slice(&div_list[i*DIV_SIZE..(i+1)*DIV_SIZE]);
-                }
             }
         }
+        crate::heart_beat();
     }
+}
 
 #[no_mangle]
 pub extern "C" fn zip32_master(
@@ -846,7 +854,7 @@ pub extern "C" fn get_pkd_from_seed(
     let div = unsafe {&mut *diversifier_ptr};
 
     let mut div_list = [0u8;DIV_SIZE*DIV_DEFAULT_LIST_LEN];
-
+    crate::heart_beat();
     let dk_ak_nk = derive_zip32_child_fromseedandpath(&seed,
                                                   &[FIRSTVALUE,
                                                       COIN_TYPE, pos],
@@ -866,6 +874,7 @@ pub extern "C" fn get_pkd_from_seed(
                 div.copy_from_slice(&div_list[i*DIV_SIZE..(i+1)*DIV_SIZE]);
             }
         }
+        crate::heart_beat();
     }
     let  ivk = aknk_to_ivk(&dk_ak_nk[32..64].try_into().unwrap(),
                            &dk_ak_nk[64..96].try_into().unwrap());

app/src/c_api/rust.c

@@ -174,3 +174,7 @@ void c_jubjub_spending_base_scalarmult(uint8_t *point, const uint8_t *scalar) {
     MEMZERO(point, JUBJUB_FIELD_BYTES);
   }
 }
+
+void io_heart_beat() {
+    io_seproxyhal_io_heartbeat();
+}

app/src/chacha.c

@@ -118,6 +118,7 @@ void chacha(uint8_t *out, const uint8_t *in, size_t in_len, const uint8_t *key,
       todo = in_len;
     }
     chacha_core(buf, input);
+    io_seproxyhal_io_heartbeat();
     for (i = 0; i < todo; i++) {
       out[i] = in[i] ^ buf[i];
     }