Add timelock verification on device

This commit is contained in:
cslashm 2020-04-03 22:56:55 +02:00
parent 6c7d928f19
commit 688a3e87e7
8 changed files with 104 additions and 2 deletions

View File

@ -127,6 +127,20 @@ namespace cryptonote
namespace cryptonote namespace cryptonote
{ {
//---------------------------------------------------------------
void get_transaction_prefix_hash(const transaction_prefix& tx, crypto::hash& h, hw::device &hwdev)
{
hwdev.get_transaction_prefix_hash(tx,h);
}
//---------------------------------------------------------------
crypto::hash get_transaction_prefix_hash(const transaction_prefix& tx, hw::device &hwdev)
{
crypto::hash h = null_hash;
get_transaction_prefix_hash(tx, h, hwdev);
return h;
}
//--------------------------------------------------------------- //---------------------------------------------------------------
void get_transaction_prefix_hash(const transaction_prefix& tx, crypto::hash& h) void get_transaction_prefix_hash(const transaction_prefix& tx, crypto::hash& h)
{ {

View File

@ -48,6 +48,8 @@ namespace epee
namespace cryptonote namespace cryptonote
{ {
//--------------------------------------------------------------- //---------------------------------------------------------------
void get_transaction_prefix_hash(const transaction_prefix& tx, crypto::hash& h, hw::device &hwdev);
crypto::hash get_transaction_prefix_hash(const transaction_prefix& tx, hw::device &hwdev);
void get_transaction_prefix_hash(const transaction_prefix& tx, crypto::hash& h); void get_transaction_prefix_hash(const transaction_prefix& tx, crypto::hash& h);
crypto::hash get_transaction_prefix_hash(const transaction_prefix& tx); crypto::hash get_transaction_prefix_hash(const transaction_prefix& tx);
bool parse_and_validate_tx_prefix_from_blob(const blobdata& tx_blob, transaction_prefix& tx); bool parse_and_validate_tx_prefix_from_blob(const blobdata& tx_blob, transaction_prefix& tx);

View File

@ -590,7 +590,7 @@ namespace cryptonote
tx.vout[i].amount = 0; tx.vout[i].amount = 0;
crypto::hash tx_prefix_hash; crypto::hash tx_prefix_hash;
get_transaction_prefix_hash(tx, tx_prefix_hash); get_transaction_prefix_hash(tx, tx_prefix_hash, hwdev);
rct::ctkeyV outSk; rct::ctkeyV outSk;
if (use_simple_rct) if (use_simple_rct)
tx.rct_signatures = rct::genRctSimple(rct::hash2rct(tx_prefix_hash), inSk, destinations, inamounts, outamounts, amount_in - amount_out, mixRing, amount_keys, msout ? &kLRki : NULL, msout, index, outSk, rct_config, hwdev); tx.rct_signatures = rct::genRctSimple(rct::hash2rct(tx_prefix_hash), inSk, destinations, inamounts, outamounts, amount_in - amount_out, mixRing, amount_keys, msout ? &kLRki : NULL, msout, index, outSk, rct_config, hwdev);

View File

@ -56,6 +56,7 @@ namespace cryptonote
struct subaddress_index; struct subaddress_index;
struct tx_destination_entry; struct tx_destination_entry;
struct keypair; struct keypair;
class transaction_prefix;
} }
namespace hw { namespace hw {
@ -203,6 +204,8 @@ namespace hw {
virtual bool open_tx(crypto::secret_key &tx_key) = 0; virtual bool open_tx(crypto::secret_key &tx_key) = 0;
virtual void get_transaction_prefix_hash(const cryptonote::transaction_prefix& tx, crypto::hash& h) = 0;
virtual bool encrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) = 0; virtual bool encrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) = 0;
bool decrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) bool decrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key)
{ {

View File

@ -284,6 +284,10 @@ namespace hw {
return true; return true;
} }
void device_default::get_transaction_prefix_hash(const cryptonote::transaction_prefix& tx, crypto::hash& h) {
cryptonote::get_transaction_prefix_hash(tx, h);
}
bool device_default::generate_output_ephemeral_keys(const size_t tx_version, bool device_default::generate_output_ephemeral_keys(const size_t tx_version,
const cryptonote::account_keys &sender_account_keys, const crypto::public_key &txkey_pub, const crypto::secret_key &tx_key, const cryptonote::account_keys &sender_account_keys, const crypto::public_key &txkey_pub, const crypto::secret_key &tx_key,
const cryptonote::tx_destination_entry &dst_entr, const boost::optional<cryptonote::account_public_address> &change_addr, const size_t output_index, const cryptonote::tx_destination_entry &dst_entr, const boost::optional<cryptonote::account_public_address> &change_addr, const size_t output_index,

View File

@ -112,6 +112,7 @@ namespace hw {
crypto::signature &sig) override; crypto::signature &sig) override;
bool open_tx(crypto::secret_key &tx_key) override; bool open_tx(crypto::secret_key &tx_key) override;
void get_transaction_prefix_hash(const cryptonote::transaction_prefix& tx, crypto::hash& h) override;
bool encrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) override; bool encrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) override;

View File

@ -191,7 +191,7 @@ namespace hw {
static int device_id = 0; static int device_id = 0;
#define PROTOCOL_VERSION 2 #define PROTOCOL_VERSION 3
#define INS_NONE 0x00 #define INS_NONE 0x00
#define INS_RESET 0x02 #define INS_RESET 0x02
@ -228,6 +228,7 @@ namespace hw {
#define INS_BLIND 0x78 #define INS_BLIND 0x78
#define INS_UNBLIND 0x7A #define INS_UNBLIND 0x7A
#define INS_GEN_TXOUT_KEYS 0x7B #define INS_GEN_TXOUT_KEYS 0x7B
#define INS_PREFIX_HASH 0x7D
#define INS_VALIDATE 0x7C #define INS_VALIDATE 0x7C
#define INS_MLSAG 0x7E #define INS_MLSAG 0x7E
#define INS_CLOSE_TX 0x80 #define INS_CLOSE_TX 0x80
@ -1346,6 +1347,81 @@ namespace hw {
return true; return true;
} }
void device_ledger::get_transaction_prefix_hash(const cryptonote::transaction_prefix& tx, crypto::hash& h) {
AUTO_LOCK_CMD();
int pref_length = 0, pref_offset = 0, offset = 0;
#ifdef DEBUG_HWDEVICE
crypto::hash h_x;
this->controle_device->get_transaction_prefix_hash(tx,h_x);
MDEBUG("get_transaction_prefix_hash [[IN]] h_x/1 "<<h_x);
#endif
std::ostringstream s_x;
binary_archive<true> a_x(s_x);
CHECK_AND_ASSERT_THROW_MES(::serialization::serialize(a_x, const_cast<cryptonote::transaction_prefix&>(tx)),
"unable to serialize transaction prefix");
pref_length = s_x.str().size();
//auto pref = std::make_unique<unsigned char[]>(pref_length);
auto uprt_pref = std::unique_ptr<unsigned char[]>{ new unsigned char[pref_length] };
unsigned char* pref = uprt_pref.get();
memmove(pref, s_x.str().data(), pref_length);
offset = set_command_header_noopt(INS_PREFIX_HASH,1);
pref_offset = 0;
unsigned char v;
//version as varint
do {
v = pref[pref_offset];
this->buffer_send[offset] = v;
offset += 1;
pref_offset += 1;
} while (v&0x80);
//locktime as var int
do {
v = pref[pref_offset];
this->buffer_send[offset] = v;
offset += 1;
pref_offset += 1;
} while (v&0x80);
this->buffer_send[4] = offset-5;
this->length_send = offset;
this->exchange_wait_on_input();
//hash remains
int cnt = 0;
while (pref_offset < pref_length) {
int len;
cnt++;
offset = set_command_header(INS_PREFIX_HASH,2,cnt);
len = pref_length - pref_offset;
//options
if (len > (BUFFER_SEND_SIZE-7)) {
len = BUFFER_SEND_SIZE-7;
this->buffer_send[offset] = 0x80;
} else {
this->buffer_send[offset] = 0x00;
}
offset += 1;
//send chunk
memmove(&this->buffer_send[offset], pref+pref_offset, len);
offset += len;
pref_offset += len;
this->buffer_send[4] = offset-5;
this->length_send = offset;
this->exchange();
}
memmove(h.data, &this->buffer_recv[0], 32);
#ifdef DEBUG_HWDEVICE
hw::ledger::check8("prefix_hash", "h", h_x.data, h.data);
#endif
}
bool device_ledger::encrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) { bool device_ledger::encrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) {
AUTO_LOCK_CMD(); AUTO_LOCK_CMD();

View File

@ -235,6 +235,8 @@ namespace hw {
bool open_tx(crypto::secret_key &tx_key) override; bool open_tx(crypto::secret_key &tx_key) override;
void get_transaction_prefix_hash(const cryptonote::transaction_prefix& tx, crypto::hash& h) override;
bool encrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) override; bool encrypt_payment_id(crypto::hash8 &payment_id, const crypto::public_key &public_key, const crypto::secret_key &secret_key) override;
rct::key genCommitmentMask(const rct::key &amount_key) override; rct::key genCommitmentMask(const rct::key &amount_key) override;