From 1a311684a2eca30929d7ecda6f84cf4646fc32a0 Mon Sep 17 00:00:00 2001 From: BTChip github Date: Mon, 30 Nov 2020 18:13:21 +0100 Subject: [PATCH] Replace memset by expilcit_bzero for critical data --- src_features/getPublicKey/cmd_getPublicKey.c | 4 ++-- src_features/signMessage/ui_common_signMessage.c | 4 ++-- src_features/signMessageEIP712/ui_common_signMessage712.c | 4 ++-- src_features/signTx/ui_common_signTx.c | 4 ++-- src_features/stark_getPublicKey/cmd_stark_getPublicKey.c | 4 ++-- src_features/stark_sign/cmd_stark_sign.c | 4 ++-- src_features/stark_unsafe_sign/cmd_stark_unsafe_sign.c | 4 ++-- src_plugins/starkware/starkware_plugin.c | 4 ++-- 8 files changed, 16 insertions(+), 16 deletions(-) diff --git a/src_features/getPublicKey/cmd_getPublicKey.c b/src_features/getPublicKey/cmd_getPublicKey.c index 8042aca..9a2aa60 100644 --- a/src_features/getPublicKey/cmd_getPublicKey.c +++ b/src_features/getPublicKey/cmd_getPublicKey.c @@ -35,8 +35,8 @@ void handleGetPublicKey(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t da cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey); io_seproxyhal_io_heartbeat(); cx_ecfp_generate_pair(CX_CURVE_256K1, &tmpCtx.publicKeyContext.publicKey, &privateKey, 1); - memset(&privateKey, 0, sizeof(privateKey)); - memset(privateKeyData, 0, sizeof(privateKeyData)); + explicit_bzero(&privateKey, sizeof(privateKey)); + explicit_bzero(privateKeyData, sizeof(privateKeyData)); io_seproxyhal_io_heartbeat(); getEthAddressStringFromKey(&tmpCtx.publicKeyContext.publicKey, tmpCtx.publicKeyContext.address, &global_sha3, chainConfig); #ifndef NO_CONSENT diff --git a/src_features/signMessage/ui_common_signMessage.c b/src_features/signMessage/ui_common_signMessage.c index 3d7e7e0..306cca9 100644 --- a/src_features/signMessage/ui_common_signMessage.c +++ b/src_features/signMessage/ui_common_signMessage.c @@ -13,14 +13,14 @@ unsigned int io_seproxyhal_touch_signMessage_ok(const bagl_element_t *e) { tmpCtx.messageSigningContext.pathLength, privateKeyData, NULL); io_seproxyhal_io_heartbeat(); cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey); - memset(privateKeyData, 0, sizeof(privateKeyData)); + explicit_bzero(privateKeyData, sizeof(privateKeyData)); unsigned int info = 0; io_seproxyhal_io_heartbeat(); signatureLength = cx_ecdsa_sign(&privateKey, CX_RND_RFC6979 | CX_LAST, CX_SHA256, tmpCtx.messageSigningContext.hash, sizeof(tmpCtx.messageSigningContext.hash), signature, sizeof(signature), &info); - memset(&privateKey, 0, sizeof(privateKey)); + explicit_bzero(&privateKey, sizeof(privateKey)); G_io_apdu_buffer[0] = 27; if (info & CX_ECCINFO_PARITY_ODD) { G_io_apdu_buffer[0]++; diff --git a/src_features/signMessageEIP712/ui_common_signMessage712.c b/src_features/signMessageEIP712/ui_common_signMessage712.c index df6d2bf..e503642 100644 --- a/src_features/signMessageEIP712/ui_common_signMessage712.c +++ b/src_features/signMessageEIP712/ui_common_signMessage712.c @@ -24,14 +24,14 @@ unsigned int io_seproxyhal_touch_signMessage712_v0_ok(const bagl_element_t *e) { tmpCtx.messageSigningContext712.pathLength, privateKeyData, NULL); io_seproxyhal_io_heartbeat(); cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey); - memset(privateKeyData, 0, sizeof(privateKeyData)); + explicit_bzero(privateKeyData, sizeof(privateKeyData)); unsigned int info = 0; io_seproxyhal_io_heartbeat(); signatureLength = cx_ecdsa_sign(&privateKey, CX_RND_RFC6979 | CX_LAST, CX_SHA256, hash, sizeof(hash), signature, sizeof(signature), &info); - memset(&privateKey, 0, sizeof(privateKey)); + explicit_bzero(&privateKey, sizeof(privateKey)); G_io_apdu_buffer[0] = 27; if (info & CX_ECCINFO_PARITY_ODD) { G_io_apdu_buffer[0]++; diff --git a/src_features/signTx/ui_common_signTx.c b/src_features/signTx/ui_common_signTx.c index bde1553..17efa4c 100644 --- a/src_features/signTx/ui_common_signTx.c +++ b/src_features/signTx/ui_common_signTx.c @@ -15,14 +15,14 @@ unsigned int io_seproxyhal_touch_tx_ok(const bagl_element_t *e) { privateKeyData, NULL); cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey); - memset(privateKeyData, 0, sizeof(privateKeyData)); + explicit_bzero(privateKeyData, sizeof(privateKeyData)); unsigned int info = 0; io_seproxyhal_io_heartbeat(); signatureLength = cx_ecdsa_sign(&privateKey, CX_RND_RFC6979 | CX_LAST, CX_SHA256, tmpCtx.transactionContext.hash, sizeof(tmpCtx.transactionContext.hash), signature, sizeof(signature), &info); - memset(&privateKey, 0, sizeof(privateKey)); + explicit_bzero(&privateKey, sizeof(privateKey)); // Parity is present in the sequence tag in the legacy API if (tmpContent.txContent.vLength == 0) { // Legacy API diff --git a/src_features/stark_getPublicKey/cmd_stark_getPublicKey.c b/src_features/stark_getPublicKey/cmd_stark_getPublicKey.c index d1da1aa..dc0a35f 100644 --- a/src_features/stark_getPublicKey/cmd_stark_getPublicKey.c +++ b/src_features/stark_getPublicKey/cmd_stark_getPublicKey.c @@ -34,8 +34,8 @@ void handleStarkwareGetPublicKey(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, ui cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey); io_seproxyhal_io_heartbeat(); cx_ecfp_generate_pair(CX_CURVE_Stark256, &tmpCtx.publicKeyContext.publicKey, &privateKey, 1); - memset(&privateKey, 0, sizeof(privateKey)); - memset(privateKeyData, 0, sizeof(privateKeyData)); + explicit_bzero(&privateKey, sizeof(privateKey)); + explicit_bzero(privateKeyData, sizeof(privateKeyData)); io_seproxyhal_io_heartbeat(); #ifndef NO_CONSENT if (p1 == P1_NON_CONFIRM) diff --git a/src_features/stark_sign/cmd_stark_sign.c b/src_features/stark_sign/cmd_stark_sign.c index c5d4d28..b2c3b3b 100644 --- a/src_features/stark_sign/cmd_stark_sign.c +++ b/src_features/stark_sign/cmd_stark_sign.c @@ -176,8 +176,8 @@ void handleStarkwareSignMessage(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uin cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey); io_seproxyhal_io_heartbeat(); cx_ecfp_generate_pair(CX_CURVE_Stark256, &publicKey, &privateKey, 1); - memset(&privateKey, 0, sizeof(privateKey)); - memset(privateKeyData, 0, sizeof(privateKeyData)); + explicit_bzero(&privateKey, sizeof(privateKey)); + explicit_bzero(privateKeyData, sizeof(privateKeyData)); io_seproxyhal_io_heartbeat(); selfTransfer = (memcmp(publicKey.W + 1, dataBuffer + 20 + 32 + postOffset, 32) == 0); PRINTF("self transfer %d\n", selfTransfer); diff --git a/src_features/stark_unsafe_sign/cmd_stark_unsafe_sign.c b/src_features/stark_unsafe_sign/cmd_stark_unsafe_sign.c index 7b55d5a..89e2b85 100644 --- a/src_features/stark_unsafe_sign/cmd_stark_unsafe_sign.c +++ b/src_features/stark_unsafe_sign/cmd_stark_unsafe_sign.c @@ -42,8 +42,8 @@ void handleStarkwareUnsafeSign(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey); io_seproxyhal_io_heartbeat(); cx_ecfp_generate_pair(CX_CURVE_Stark256, &publicKey, &privateKey, 1); - memset(&privateKey, 0, sizeof(privateKey)); - memset(privateKeyData, 0, sizeof(privateKeyData)); + explicit_bzero(&privateKey, sizeof(privateKey)); + explicit_bzero(privateKeyData, sizeof(privateKeyData)); io_seproxyhal_io_heartbeat(); memmove(dataContext.starkContext.w1, publicKey.W + 1, 32); ux_flow_init(0, ux_stark_unsafe_sign_flow, NULL); diff --git a/src_plugins/starkware/starkware_plugin.c b/src_plugins/starkware/starkware_plugin.c index a38a623..e248bbe 100644 --- a/src_plugins/starkware/starkware_plugin.c +++ b/src_plugins/starkware/starkware_plugin.c @@ -308,8 +308,8 @@ void starkware_get_source_address(char *destination) { cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey); io_seproxyhal_io_heartbeat(); cx_ecfp_generate_pair(CX_CURVE_256K1, &publicKey, &privateKey, 1); - memset(&privateKey, 0, sizeof(privateKey)); - memset(privateKeyData, 0, sizeof(privateKeyData)); + explicit_bzero(&privateKey, sizeof(privateKey)); + explicit_bzero(privateKeyData, sizeof(privateKeyData)); io_seproxyhal_io_heartbeat(); destination[0] = '0'; destination[1] = 'x';