Skip to content

Commit

Permalink
Use internal bn_gf2_n_mul() instead of cx_bn_gf2_n_mul() syscall
Browse files Browse the repository at this point in the history
  • Loading branch information
aido committed May 31, 2024
1 parent f188c9f commit d073a5a
Show file tree
Hide file tree
Showing 6 changed files with 49 additions and 43 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [1.7.4-rc.1] - 2024-05-31

### Fixed
- Use internal `bn_gf2_n_mul()` instead of `cx_bn_gf2_n_mul()` syscall

## [1.7.3] - 2024-05-29

### Fixed
Expand Down
13 changes: 9 additions & 4 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,15 @@ all: default
# Main app configuration

APPNAME = "Seed Tool"
APPVERSION_M = 1
APPVERSION_N = 7
APPVERSION_P = 3
APPVERSION = "$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)"
APPVERSION_M = 1
APPVERSION_N = 7
APPVERSION_P = 4
APPVERSION_RC = 1
APPVERSION = "$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)"

ifdef APPVERSION_RC
APPVERSION := $(APPVERSION)-rc.$(APPVERSION_RC)
endif

APP_LOAD_PARAMS = --appFlags 0x10 $(COMMON_LOAD_PARAMS) --curve secp256k1 --path ""

Expand Down
20 changes: 9 additions & 11 deletions src/sskr/sskr.c
Original file line number Diff line number Diff line change
Expand Up @@ -143,9 +143,9 @@ static int16_t sskr_deserialize_shard(const uint8_t *source,
shard->value_len = source_len - SSKR_METADATA_LENGTH_BYTES;
memcpy(shard->value, source + SSKR_METADATA_LENGTH_BYTES, shard->value_len);

int16_t err = sskr_check_secret_length(shard->value_len);
if (err) {
return err;
int16_t error = sskr_check_secret_length(shard->value_len);
if (error) {
return error;
}
return shard->value_len;
}
Expand Down Expand Up @@ -231,9 +231,9 @@ static int16_t sskr_generate_shards_internal(uint8_t group_threshold,
uint16_t shards_size,
unsigned char *(*random_generator)(uint8_t *,
size_t)) {
int16_t err = sskr_check_secret_length(master_secret_len);
if (err) {
return err;
int16_t error = sskr_check_secret_length(master_secret_len);
if (error) {
return error;
}

// Figure out how many shards we are dealing with
Expand Down Expand Up @@ -314,9 +314,9 @@ int16_t sskr_generate_shards(uint8_t group_threshold,
uint8_t *output,
uint16_t buffer_size,
unsigned char *(*random_generator)(uint8_t *, size_t)) {
int16_t err = sskr_check_secret_length(master_secret_len);
if (err) {
return err;
int16_t error = sskr_check_secret_length(master_secret_len);
if (error) {
return error;
}

// Figure out how many shards we are dealing with
Expand All @@ -332,8 +332,6 @@ int16_t sskr_generate_shards(uint8_t group_threshold,
return SSKR_ERROR_INSUFFICIENT_SPACE;
}

int16_t error = 0;

// allocate space for shard representations
sskr_shard_t shards[SSS_MAX_SHARE_COUNT * SSKR_MAX_GROUP_COUNT];

Expand Down
40 changes: 19 additions & 21 deletions src/sskr/sss/interpolate.c
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@
// Minimal required bytes for BN storing a GF(256) value
#define GF2_8_MPI_BYTES 16

#if defined(TARGET_NANOS) && !defined API_LEVEL
/**
* @brief Performs a multiplication over GF(2^n).
*
Expand All @@ -45,11 +44,11 @@
* - CX_INVALID_PARAMETER
* - CX_MEMORY_FULL
*/
cx_err_t cx_bn_gf2_n_mul(cx_bn_t bn_r,
const cx_bn_t bn_a,
const cx_bn_t bn_b,
const cx_bn_t bn_n,
const cx_bn_t bn_h __attribute__((unused))) {
cx_err_t bn_gf2_n_mul(cx_bn_t bn_r,
const cx_bn_t bn_a,
const cx_bn_t bn_b,
const cx_bn_t bn_n,
const cx_bn_t bn_h __attribute__((unused))) {
cx_err_t error = CX_OK;
uint32_t degree, nbits_a, nbits_b;

Expand Down Expand Up @@ -110,7 +109,6 @@ cx_err_t cx_bn_gf2_n_mul(cx_bn_t bn_r,
end:
return error;
}
#endif

cx_err_t interpolate(uint8_t n,
const uint8_t* xi,
Expand Down Expand Up @@ -167,39 +165,39 @@ cx_err_t interpolate(uint8_t n,
// Calculate the inverse of the denominator
// In GF(2^8) the inverse of x = x^254
// bn_result = bn_denominator^2
CX_CHECK(cx_bn_gf2_n_mul(bn_result, bn_denominator, bn_denominator, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_result, bn_denominator, bn_denominator, bn_n, bn_r2));
// bn_result = bn_denominator^4
CX_CHECK(cx_bn_gf2_n_mul(bn_result, bn_result, bn_result, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_result, bn_result, bn_result, bn_n, bn_r2));
// bn_tempa = bn_denominator^8
CX_CHECK(cx_bn_gf2_n_mul(bn_tempa, bn_result, bn_result, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempa, bn_result, bn_result, bn_n, bn_r2));
// bn_tempb = bn_denominator^9
CX_CHECK(cx_bn_gf2_n_mul(bn_tempb, bn_tempa, bn_denominator, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempb, bn_tempa, bn_denominator, bn_n, bn_r2));
// bn_tempa = bn_denominator^16
CX_CHECK(cx_bn_gf2_n_mul(bn_tempa, bn_tempa, bn_tempa, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempa, bn_tempa, bn_tempa, bn_n, bn_r2));
// bn_tempa = bn_denominator^25
CX_CHECK(cx_bn_gf2_n_mul(bn_tempa, bn_tempa, bn_tempb, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempa, bn_tempa, bn_tempb, bn_n, bn_r2));
// bn_tempa = bn_denominator^50
CX_CHECK(cx_bn_gf2_n_mul(bn_tempa, bn_tempa, bn_tempa, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempa, bn_tempa, bn_tempa, bn_n, bn_r2));
// bn_tempb = bn_denominator^100
CX_CHECK(cx_bn_gf2_n_mul(bn_tempb, bn_tempa, bn_tempa, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempb, bn_tempa, bn_tempa, bn_n, bn_r2));
// bn_tempb = bn_denominator^200
CX_CHECK(cx_bn_gf2_n_mul(bn_tempb, bn_tempb, bn_tempb, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempb, bn_tempb, bn_tempb, bn_n, bn_r2));
// bn_tempa = bn_denominator^250
CX_CHECK(cx_bn_gf2_n_mul(bn_tempa, bn_tempa, bn_tempb, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempa, bn_tempa, bn_tempb, bn_n, bn_r2));
// bn_denominator = bn_denominator^254
CX_CHECK(cx_bn_gf2_n_mul(bn_denominator, bn_result, bn_tempa, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_denominator, bn_result, bn_tempa, bn_n, bn_r2));

// Calculate the lagrange basis coefficient
CX_CHECK(cx_bn_gf2_n_mul(bn_lagrange, bn_numerator, bn_lagrange, bn_n, bn_r2));
CX_CHECK(cx_bn_gf2_n_mul(bn_lagrange, bn_denominator, bn_lagrange, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_lagrange, bn_numerator, bn_lagrange, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_lagrange, bn_denominator, bn_lagrange, bn_n, bn_r2));
}
}

for (uint8_t j = 0; j < yl; j++) {
CX_CHECK(cx_bn_set_u32(bn_tempa, (uint32_t) yij[i][j]));
CX_CHECK(cx_bn_set_u32(bn_tempb, (uint32_t) result[j]));

CX_CHECK(cx_bn_gf2_n_mul(bn_tempa, bn_lagrange, bn_tempa, bn_n, bn_r2));
CX_CHECK(bn_gf2_n_mul(bn_tempa, bn_lagrange, bn_tempa, bn_n, bn_r2));
CX_CHECK(cx_bn_xor(bn_result, bn_tempa, bn_tempb));
CX_CHECK(cx_bn_get_u32(bn_result, &result_u32));
result[j] = (uint8_t) result_u32;
Expand Down
12 changes: 6 additions & 6 deletions src/sskr/sss/sss.c
Original file line number Diff line number Diff line change
Expand Up @@ -88,9 +88,9 @@ int16_t sss_split_secret(uint8_t threshold,
uint8_t secret_length,
uint8_t *result,
unsigned char *(*random_generator)(uint8_t *, size_t)) {
int16_t err = sss_validate_parameters(threshold, share_count, secret_length);
if (err) {
return err;
int16_t error = sss_validate_parameters(threshold, share_count, secret_length);
if (error) {
return error;
}

if (threshold == 1) {
Expand Down Expand Up @@ -146,9 +146,9 @@ int16_t sss_recover_secret(uint8_t threshold,
const uint8_t **shares,
uint8_t share_length,
uint8_t *secret) {
int16_t err = sss_validate_parameters(threshold, threshold, share_length);
if (err) {
return err;
int16_t error = sss_validate_parameters(threshold, threshold, share_length);
if (error) {
return error;
}

uint8_t digest[SSS_MAX_SECRET_SIZE];
Expand Down
2 changes: 1 addition & 1 deletion tests/unit/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ set(PICKY_DEVELOPER OFF CACHE BOOL "CMocka: Build with picky developer flags" FO
FetchContent_MakeAvailable(cmocka)

add_compile_definitions(TEST DEBUG=0 SKIP_FOR_CMOCKA)
add_compile_definitions(TARGET_NANOS HAVE_HASH HAVE_HMAC HAVE_SHA224 HAVE_SHA256 HAVE_SHA512 HAVE_PBKDF2 HAVE_ECC HAVE_CRC HAVE_RNG IO_HID_EP_LENGTH=64)
add_compile_definitions(HAVE_HASH HAVE_HMAC HAVE_SHA224 HAVE_SHA256 HAVE_SHA512 HAVE_PBKDF2 HAVE_ECC HAVE_CRC HAVE_RNG IO_HID_EP_LENGTH=64)

include_directories(${CMAKE_CURRENT_SOURCE_DIR}/lib $ENV{LEDGER_SECURE_SDK}/include $ENV{LEDGER_SECURE_SDK}/lib_cxng/src $ENV{LEDGER_SECURE_SDK}/lib_cxng/include $ENV{LEDGER_SECURE_SDK}/lib_ux/include $ENV{LEDGER_SECURE_SDK}/lib_bagl/include)

Expand Down

0 comments on commit d073a5a

Please sign in to comment.