Merge branch 'murisi/zip32-support' into murisi/fixes+zip32

heliaxdev · Sep 20, 2024 · d48c9c6 · d48c9c6
2 parents 76b17c0 + 96e7119
commit d48c9c6
Show file tree

Hide file tree

Showing 38 changed files with 2,684 additions and 274 deletions.
diff --git a/app/rust/Cargo.lock b/app/rust/Cargo.lock
diff --git a/app/rust/Cargo.toml b/app/rust/Cargo.toml
@@ -11,9 +11,14 @@ name = "rslib"
 crate-type = ["staticlib"]
 
 [dependencies]
+ztruct = { path = "../ztruct", version = "*" }
 jubjub = { version = "0.10.0", default-features = false }
 aes = { version = "0.7", default-features = false }
 binary-ff1 = { version = "0.2", default-features = false }
+blake2s_simd = { version = "0.5", default-features = false }
+blake2b_simd = { version = "0.5", default-features = false }
+byteorder = { version = "1.5", default-features = false }
+log = "0.4"
 
 [target.thumbv6m-none-eabi.dev-dependencies]
 panic-halt = "0.2.0"

diff --git a/app/rust/include/rslib.h b/app/rust/include/rslib.h
@@ -8,10 +8,15 @@
 parser_error_t from_bytes_wide(const uint8_t input[64], uint8_t output[32]);
 parser_error_t scalar_multiplication(const uint8_t input[32], constant_key_t key, uint8_t output[32]);
 parser_error_t get_default_diversifier_list(const uint8_t dk[32], uint8_t start_index[11], uint8_t d_l[44]);
-parser_error_t get_default_diversifier(const uint8_t dk[32], uint8_t start_index[11], uint8_t d[11]);
-parser_error_t get_pkd(const uint8_t ivk_ptr[32], const uint8_t hash[32], uint8_t pk_d[32]);
-parser_error_t get_pkd(const uint8_t ivk_ptr[32], const uint8_t hash[32], uint8_t pk_d[32]);
+void get_pkd(uint32_t zip32_account, const uint8_t *diversifier_ptr, uint8_t *pkd);
 bool is_valid_diversifier(const uint8_t hash[32]);
 parser_error_t randomized_secret_from_seed(const uint8_t ask[32], const uint8_t alpha[32], uint8_t output[32]);
 parser_error_t compute_sbar(const uint8_t s[32], uint8_t r[32], uint8_t rsk[32], uint8_t sbar[32]);
 parser_error_t add_points(const uint8_t hash[32], const uint8_t value[32], const uint8_t scalar[32], uint8_t cv[32]);
+void zip32_ovk(uint32_t zip32_account, uint8_t *ovk);
+void zip32_child_ask_nsk(uint32_t account, uint8_t *ask, uint8_t *nsk);
+void diversifier_find_valid(uint32_t zip32_account, uint8_t *default_diversifier);
+void zip32_dk(uint32_t zip32_account, uint8_t *dk);
+void zip32_chain_code(uint32_t zip32_account, uint8_t *chain_code);
+void zip32_parent_fvk_tag(uint32_t zip32_account, uint8_t *fvk_tag);
+void zip32_xfvk(uint32_t zip32_account, uint8_t *fvk_tag, uint8_t *chain_code, uint8_t *fvk, uint8_t *dk);
diff --git a/app/rust/src/bolos/aes.rs b/app/rust/src/bolos/aes.rs
@@ -0,0 +1,52 @@
+use aes::cipher::generic_array::typenum::{U16, U32, U8};
+use aes::cipher::generic_array::GenericArray;
+use aes::cipher::BlockEncrypt;
+use aes::cipher::NewBlockCipher;
+use aes::cipher::{BlockCipher, BlockCipherKey};
+use aes::Aes256;
+
+/// Encrypts a block using AES-256.
+/// This function uses the Rust `aes` crate for encryption in test environments.
+pub fn aes256_encrypt_block(k: &[u8], a: &[u8]) -> [u8; 16] {
+    let cipher: Aes256 = Aes256::new(GenericArray::from_slice(k));
+
+    let mut b = GenericArray::clone_from_slice(a);
+    cipher.encrypt_block(&mut b);
+
+    let out: [u8; 16] = b.as_slice().try_into().expect("err");
+    out
+}
+
+pub struct AesBOLOS {
+    key: [u8; 32],
+}
+
+impl AesBOLOS {
+    pub fn new(k: &[u8; 32]) -> AesBOLOS {
+        AesBOLOS { key: *k }
+    }
+}
+
+impl BlockCipher for AesBOLOS {
+    type BlockSize = U16;
+    type ParBlocks = U8;
+}
+
+impl NewBlockCipher for AesBOLOS {
+    type KeySize = U32;
+
+    #[inline(never)]
+    fn new(key: &BlockCipherKey<Self>) -> Self {
+        let v: [u8; 32] = key.as_slice().try_into().expect("Wrong length");
+        AesBOLOS { key: v }
+    }
+}
+impl BlockEncrypt for AesBOLOS {
+    #[inline(never)]
+    fn encrypt_block(&self, block: &mut GenericArray<u8, Self::BlockSize>) {
+        let x: [u8; 16] = block.as_slice().try_into().expect("err");
+        let y = aes256_encrypt_block(&self.key, &x);
+
+        block.copy_from_slice(&y);
+    }
+}