xmr: manual serialization of txout elements

ph4r05 · Sep 13, 2018 · d07cee6 · d07cee6
1 parent 8d56c80
commit d07cee6
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 19 deletions.
diff --git a/src/apps/monero/protocol/tsx_sign_builder.py b/src/apps/monero/protocol/tsx_sign_builder.py
@@ -1147,11 +1147,10 @@ def _set_out1_ecdh(self, idx, dest_pub_key, amount, mask, amount_key):
 
         # ECDH masking
         from apps.monero.xmr.sub.recode import recode_ecdh
-        from apps.monero.xmr.serialize_messages.tx_ecdh import EcdhTuple
 
-        ecdh_info = EcdhTuple(mask=mask, amount=crypto.sc_init(amount))
-        ecdh_info = ring_ct.ecdh_encode(
-            ecdh_info, derivation=crypto.encodeint(amount_key)
+        ecdh_info = misc.StdObj(mask=mask, amount=crypto.sc_init(amount))
+        ring_ct.ecdh_encode_into(
+            ecdh_info, ecdh_info, derivation=crypto.encodeint(amount_key)
         )
         recode_ecdh(ecdh_info, encode=True)
         gc.collect()
@@ -1300,11 +1299,14 @@ async def set_out1(self, dst_entr, dst_entr_hmac, rsig_data=None):
             amount_key=amount_key,
         )
         self._mem_trace(12, True)
+        ecdh_info_bin = bytearray(64)
+        utils.memcpy(ecdh_info_bin, 0, ecdh_info.mask, 0, 32)
+        utils.memcpy(ecdh_info_bin, 32, ecdh_info.amount, 0, 32)
 
         # Incremental hashing of the ECDH info.
         # RctSigBase allows to hash only one of the (ecdh, out_pk) as they are serialized
         # as whole vectors. Hashing ECDH info saves state space.
-        self.full_message_hasher.set_ecdh(ecdh_info)
+        self.full_message_hasher.set_ecdh(ecdh_info_bin, True)
         self._mem_trace(13, True)
 
         # Output_pk is stored to the state as it is used during the signature and hashed to the
@@ -1315,14 +1317,17 @@ async def set_out1(self, dst_entr, dst_entr_hmac, rsig_data=None):
         from trezor.messages.MoneroTransactionSetOutputAck import (
             MoneroTransactionSetOutputAck
         )
-        from apps.monero.xmr.serialize_messages.ct_keys import CtKey
+
+        out_pk_bin = bytearray(64)
+        utils.memcpy(out_pk_bin, 0, out_pk.dest, 0, 32)
+        utils.memcpy(out_pk_bin, 32, out_pk.mask, 0, 32)
 
         return MoneroTransactionSetOutputAck(
             tx_out=tx_out_bin,
             vouti_hmac=hmac_vouti,
             rsig_data=self._return_rsig_data(rsig),
-            out_pk=misc.dump_msg(out_pk, preallocate=64, msg_type=CtKey),
-            ecdh_info=misc.dump_msg(ecdh_info, preallocate=64),
+            out_pk=out_pk_bin,
+            ecdh_info=ecdh_info_bin,
         )
 
     def all_out1_set_tx_extra(self):

diff --git a/src/apps/monero/xmr/ring_ct.py b/src/apps/monero/xmr/ring_ct.py
@@ -111,7 +111,7 @@ def prove_range(
 #   verifies the above sig is created corretly
 
 
-def ecdh_encode(unmasked, receiver_pk=None, derivation=None):
+def ecdh_encode_into(dst, unmasked, receiver_pk=None, derivation=None):
     """
     Elliptic Curve Diffie-Helman: encodes and decodes the amount b and mask a
     where C= aG + bH
@@ -120,20 +120,17 @@ def ecdh_encode(unmasked, receiver_pk=None, derivation=None):
     :param derivation:
     :return:
     """
-    from apps.monero.xmr.serialize_messages.tx_ecdh import EcdhTuple
-
-    rv = EcdhTuple()
     if derivation is None:
         esk = crypto.random_scalar()
-        rv.senderPk = crypto.scalarmult_base(esk)
+        dst.senderPk = crypto.scalarmult_base(esk)
         derivation = crypto.encodepoint(crypto.scalarmult(receiver_pk, esk))
 
     sharedSec1 = crypto.hash_to_scalar(derivation)
     sharedSec2 = crypto.hash_to_scalar(crypto.encodeint(sharedSec1))
 
-    rv.mask = crypto.sc_add(unmasked.mask, sharedSec1)
-    rv.amount = crypto.sc_add(unmasked.amount, sharedSec2)
-    return rv
+    dst.mask = crypto.sc_add(unmasked.mask, sharedSec1)
+    dst.amount = crypto.sc_add(unmasked.amount, sharedSec2)
+    return dst
 
 
 def ecdh_decode(masked, receiver_sk=None, derivation=None):

diff --git a/src/apps/monero/xmr/sub/mlsag_hasher.py b/src/apps/monero/xmr/sub/mlsag_hasher.py
@@ -70,14 +70,17 @@ def set_pseudo_out(self, out):
 
         self.rtcsig_hasher.field(out, KeyV.ELEM_TYPE)
 
-    def set_ecdh(self, ecdh):
+    def set_ecdh(self, ecdh, raw=False):
         if self.state != 2 and self.state != 3 and self.state != 4:
             raise ValueError("State error")
         self.state = 4
 
-        from apps.monero.xmr.serialize_messages.tx_ecdh import EcdhInfo
+        if raw:
+            self.rtcsig_hasher.buffer(ecdh)
+        else:
+            from apps.monero.xmr.serialize_messages.tx_ecdh import EcdhInfo
 
-        self.rtcsig_hasher.field(ecdh, EcdhInfo.ELEM_TYPE)
+            self.rtcsig_hasher.field(ecdh, EcdhInfo.ELEM_TYPE)
 
     def set_out_pk(self, out_pk, mask=None):
         if self.state != 4 and self.state != 5: