Fix stark order signatures on LNX

src/stark_utils.c

@@ -3,6 +3,7 @@
 #include "stark_crypto.h"
 #include "shared_context.h"
 #include "ethUtils.h"
+#include "uint256.h"
 
 #include "os_io_seproxyhal.h"
 
@@ -93,6 +94,28 @@ void pedersen(FieldElement res, /* out */
     memcpy(res, hash + 1, FIELD_ELEMENT_SIZE);
 }
 
+#ifdef TARGET_NANOX
+void shift_stark_hash(FieldElement hash){
+    uint256_t hash256, final_hash256;
+    readu256BE(hash, &hash256);
+    uint32_t bits_count = bits256(&hash256);
+    if(bits_count < 248){
+        return;
+    }
+    else if(bits_count >= 248 && bits_count%8 >= 1 && bits_count%8 <= 4){
+        shiftl256(&hash256, 4, &final_hash256);
+        write_u64_be(hash, UPPER(UPPER_P((&final_hash256))));
+        write_u64_be(hash+8, LOWER(UPPER_P((&final_hash256))));
+        write_u64_be(hash+16, UPPER(LOWER_P((&final_hash256))));
+        write_u64_be(hash+24, LOWER(LOWER_P((&final_hash256))));
+        return;
+    }
+    else{
+        THROW(0x6A80);
+    }
+}
+#endif // TARGET_NANOX
+
 int stark_sign(uint8_t *signature, /* out */
                uint8_t *privateKeyData,
                FieldElement token1,
@@ -116,6 +139,9 @@ int stark_sign(uint8_t *signature, /* out */
     }
     pedersen(hash, hash, msg);
     PRINTF("Pedersen hash 2 %.*H\n", 32, hash);
+#ifdef TARGET_NANOX
+    shift_stark_hash(hash);
+#endif // TARGET_NANOX
     cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey);
     io_seproxyhal_io_heartbeat();
     int signatureLength = cx_ecdsa_sign(&privateKey,

src_common/uint256.h

@@ -41,6 +41,7 @@ typedef struct uint256_t {
 
 void readu128BE(uint8_t *buffer, uint128_t *target);
 void readu256BE(uint8_t *buffer, uint256_t *target);
+void write_u64_be(uint8_t *buffer, uint64_t value);
 bool zero128(uint128_t *number);
 bool zero256(uint256_t *number);
 void copy128(uint128_t *target, uint128_t *number);