From 4a2d68acb99f57660230d2e509f01c44db85be10 Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Tue, 16 Jan 2018 19:49:47 +0100 Subject: [PATCH] use explicit_bzero where possible; update trezor-crypto --- bootloader/usb.c | 8 ++++---- firmware/crypto.c | 1 - firmware/ethereum.c | 4 ++-- firmware/protect.c | 2 +- firmware/recovery.c | 6 +++--- firmware/storage.c | 8 ++++---- vendor/trezor-crypto | 2 +- 7 files changed, 15 insertions(+), 16 deletions(-) diff --git a/bootloader/usb.c b/bootloader/usb.c index e6d1778..db13806 100644 --- a/bootloader/usb.c +++ b/bootloader/usb.c @@ -402,7 +402,7 @@ static void hid_rx_callback(usbd_device *dev, uint8_t ep) // restore metadata from backup erase_metadata_sectors(); restore_metadata(meta_backup); - memset(meta_backup, 0, sizeof(meta_backup)); + explicit_bzero(meta_backup, sizeof(meta_backup)); // compare against known hash computed via the following Python3 script: // hashlib.sha256(binascii.unhexlify('0F5A693C' * 8192)).hexdigest() @@ -599,7 +599,7 @@ static void hid_rx_callback(usbd_device *dev, uint8_t ep) // 2) firmware restore flag isn't set // 3) signatures are not ok if (old_was_unsigned || (flags & 0x01) == 0 || !signatures_ok(NULL)) { - memset(meta_backup, 0, sizeof(meta_backup)); + explicit_bzero(meta_backup, sizeof(meta_backup)); } // copy new firmware header memcpy(meta_backup, (void *)FLASH_META_START, FLASH_META_DESC_LEN); @@ -607,12 +607,12 @@ static void hid_rx_callback(usbd_device *dev, uint8_t ep) if (hash_check_ok) { memcpy(meta_backup, FIRMWARE_MAGIC, 4); } else { - memset(meta_backup, 0, 4); + explicit_bzero(meta_backup, 4); } // no need to erase, because we are not changing any already flashed byte. restore_metadata(meta_backup); - memset(meta_backup, 0, sizeof(meta_backup)); + explicit_bzero(meta_backup, sizeof(meta_backup)); flash_state = STATE_END; if (hash_check_ok) { diff --git a/firmware/crypto.c b/firmware/crypto.c index cdae90e..dae6c4f 100644 --- a/firmware/crypto.c +++ b/firmware/crypto.c @@ -29,7 +29,6 @@ #include "curves.h" #include "secp256k1.h" #include "address.h" -#include "macros.h" #include "coins.h" #include "base58.h" #include "segwit_addr.h" diff --git a/firmware/ethereum.c b/firmware/ethereum.c index 48a8496..2baf61c 100644 --- a/firmware/ethereum.c +++ b/firmware/ethereum.c @@ -193,7 +193,7 @@ static void send_signature(void) return; } - memset(privkey, 0, sizeof(privkey)); + explicit_bzero(privkey, sizeof(privkey)); /* Send back the result */ msg_tx_request.has_data_length = false; @@ -592,7 +592,7 @@ void ethereum_signing_txack(EthereumTxAck *tx) void ethereum_signing_abort(void) { if (ethereum_signing) { - memset(privkey, 0, sizeof(privkey)); + explicit_bzero(privkey, sizeof(privkey)); layoutHome(); ethereum_signing = false; } diff --git a/firmware/protect.c b/firmware/protect.c index 852e0d8..019fcf0 100644 --- a/firmware/protect.c +++ b/firmware/protect.c @@ -231,7 +231,7 @@ bool protectChangePin(void) storage_update(); } - memset(pin_compare, 0, sizeof(pin_compare)); + explicit_bzero(pin_compare, sizeof(pin_compare)); return result; } diff --git a/firmware/recovery.c b/firmware/recovery.c index ed09dee..0601497 100644 --- a/firmware/recovery.c +++ b/firmware/recovery.c @@ -142,7 +142,7 @@ static void recovery_done(void) { if (!dry_run) { // Update mnemonic on storage. storage_setMnemonic(new_mnemonic); - memset(new_mnemonic, 0, sizeof(new_mnemonic)); + explicit_bzero(new_mnemonic, sizeof(new_mnemonic)); if (!enforce_wordlist) { // not enforcing => mark storage as imported storage_setImported(true); @@ -152,7 +152,7 @@ static void recovery_done(void) { } else { // Inform the user about new mnemonic correctness (as well as whether it is the same as the current one). bool match = (storage_isInitialized() && storage_containsMnemonic(new_mnemonic)); - memset(new_mnemonic, 0, sizeof(new_mnemonic)); + explicit_bzero(new_mnemonic, sizeof(new_mnemonic)); if (match) { layoutDialog(&bmp_icon_ok, NULL, _("Confirm"), NULL, _("The seed is valid"), @@ -172,7 +172,7 @@ static void recovery_done(void) { } } else { // New mnemonic is invalid. - memset(new_mnemonic, 0, sizeof(new_mnemonic)); + explicit_bzero(new_mnemonic, sizeof(new_mnemonic)); if (!dry_run) { session_clear(true); } else { diff --git a/firmware/storage.c b/firmware/storage.c index 6ccc91d..8b9eba9 100644 --- a/firmware/storage.c +++ b/firmware/storage.c @@ -262,9 +262,9 @@ void storage_generate_uuid(void) void session_clear(bool clear_pin) { sessionSeedCached = false; - memset(&sessionSeed, 0, sizeof(sessionSeed)); + explicit_bzero(&sessionSeed, sizeof(sessionSeed)); sessionPassphraseCached = false; - memset(&sessionPassphrase, 0, sizeof(sessionPassphrase)); + explicit_bzero(&sessionPassphrase, sizeof(sessionPassphrase)); if (clear_pin) { sessionPinCached = false; } @@ -297,7 +297,7 @@ static void storage_compute_u2froot(const char* mnemonic, StorageHDNode *u2froot u2froot->has_private_key = true; u2froot->private_key.size = sizeof(node.private_key); memcpy(u2froot->private_key.bytes, node.private_key, sizeof(node.private_key)); - memset(&node, 0, sizeof(node)); + explicit_bzero(&node, sizeof(node)); session_clear(false); // invalidate seed cache } @@ -399,7 +399,7 @@ static void storage_commit_locked(bool update) void storage_clear_update(void) { - memset(&storageUpdate, 0, sizeof(storageUpdate)); + explicit_bzero(&storageUpdate, sizeof(storageUpdate)); } void storage_update(void) diff --git a/vendor/trezor-crypto b/vendor/trezor-crypto index 0d8a3be..b7f73ee 160000 --- a/vendor/trezor-crypto +++ b/vendor/trezor-crypto @@ -1 +1 @@ -Subproject commit 0d8a3beeaf22af837f558a5b5e9ae98cdd47a767 +Subproject commit b7f73ee3ff78e09c266a30dbc31407558d471615