Electroneum
Loading...
Searching...
No Matches
hw::trezor::protocol::ki Namespace Reference

Typedefs

using ElectroneumTransferDetails = messages::electroneum::ElectroneumKeyImageSyncStepRequest_ElectroneumTransferDetails
using ElectroneumSubAddressIndicesList = messages::electroneum::ElectroneumKeyImageExportInitRequest_ElectroneumSubAddressIndicesList
using ElectroneumExportedKeyImage = messages::electroneum::ElectroneumKeyImageSyncStepAck_ElectroneumExportedKeyImage
using exported_key_image = hw::device_cold::exported_key_image

Functions

bool key_image_data (wallet_shim *wallet, const std::vector< tools::wallet2::transfer_details > &transfers, std::vector< ElectroneumTransferDetails > &res)
std::string compute_hash (const ElectroneumTransferDetails &rr)
void generate_commitment (std::vector< ElectroneumTransferDetails > &mtds, const std::vector< tools::wallet2::transfer_details > &transfers, std::shared_ptr< messages::Electroneum::ElectroneumKeyImageExportInitRequest > &req)
void live_refresh_ack (const ::crypto::secret_key &view_key_priv, const ::crypto::public_key &out_key, const std::shared_ptr< messages::Electroneum::ElectroneumLiveRefreshStepAck > &ack, ::cryptonote::keypair &in_ephemeral, ::crypto::key_image &ki)
void generate_commitment (std::vector< ElectroneumTransferDetails > &mtds, const std::vector< tools::wallet2::transfer_details > &transfers, std::shared_ptr< messages::electroneum::ElectroneumKeyImageExportInitRequest > &req)
void live_refresh_ack (const ::crypto::secret_key &view_key_priv, const ::crypto::public_key &out_key, const std::shared_ptr< messages::electroneum::ElectroneumLiveRefreshStepAck > &ack, ::cryptonote::keypair &in_ephemeral, ::crypto::key_image &ki)

Typedef Documentation

◆ ElectroneumExportedKeyImage

using hw::trezor::protocol::ki::ElectroneumExportedKeyImage = messages::electroneum::ElectroneumKeyImageSyncStepAck_ElectroneumExportedKeyImage

Definition at line 113 of file protocol.hpp.

◆ ElectroneumSubAddressIndicesList

using hw::trezor::protocol::ki::ElectroneumSubAddressIndicesList = messages::electroneum::ElectroneumKeyImageExportInitRequest_ElectroneumSubAddressIndicesList

Definition at line 112 of file protocol.hpp.

◆ ElectroneumTransferDetails

using hw::trezor::protocol::ki::ElectroneumTransferDetails = messages::electroneum::ElectroneumKeyImageSyncStepRequest_ElectroneumTransferDetails

Definition at line 111 of file protocol.hpp.

◆ exported_key_image

using hw::trezor::protocol::ki::exported_key_image = hw::device_cold::exported_key_image

Definition at line 114 of file protocol.hpp.

Function Documentation

◆ compute_hash()

std::string hw::trezor::protocol::ki::compute_hash ( const ElectroneumTransferDetails & rr)

Computes a hash over ElectroneumTransferDetails. Commitment used in the KI sync.

Definition at line 167 of file protocol.cpp.

167 {
168 KECCAK_CTX kck;
169 uint8_t md[32];
170
171 CHECK_AND_ASSERT_THROW_MES(rr.out_key().size() == 32, "Invalid out_key size");
172 CHECK_AND_ASSERT_THROW_MES(rr.tx_pub_key().size() == 32, "Invalid tx_pub_key size");
173
174 keccak_init(&kck);
175 keccak_update(&kck, reinterpret_cast<const uint8_t *>(rr.out_key().data()), 32);
176 keccak_update(&kck, reinterpret_cast<const uint8_t *>(rr.tx_pub_key().data()), 32);
177 for (const auto &aux : rr.additional_tx_pub_keys()){
178 CHECK_AND_ASSERT_THROW_MES(aux.size() == 32, "Invalid aux size");
179 keccak_update(&kck, reinterpret_cast<const uint8_t *>(aux.data()), 32);
180 }
181
182 auto index_serialized = tools::get_varint_data(rr.internal_output_index());
183 keccak_update(&kck, reinterpret_cast<const uint8_t *>(index_serialized.data()), index_serialized.size());
184 keccak_finish(&kck, md);
185 return std::string(reinterpret_cast<const char*>(md), sizeof(md));
186 }
keccak_finish
void keccak_finish(KECCAK_CTX *ctx, uint8_t *md)
keccak_update
void keccak_update(KECCAK_CTX *ctx, const uint8_t *in, size_t inlen)
keccak_init
void keccak_init(KECCAK_CTX *ctx)
CHECK_AND_ASSERT_THROW_MES
#define CHECK_AND_ASSERT_THROW_MES(expr, message)
Definition misc_log_ex.h:173
tools::get_varint_data
std::string get_varint_data(const T &v)
Returns the string that represents the varint.
Definition varint.h:85
uint8_t
unsigned char uint8_t
Definition stdint.h:124
KECCAK_CTX
Definition keccak.h:20
Here is the call graph for this function:
Here is the caller graph for this function:

◆ generate_commitment() [1/2]

void hw::trezor::protocol::ki::generate_commitment ( std::vector< ElectroneumTransferDetails > & mtds,
const std::vector< tools::wallet2::transfer_details > & transfers,
std::shared_ptr< messages::Electroneum::ElectroneumKeyImageExportInitRequest > & req )

Definition at line 188 of file protocol.cpp.

191 {
192 req = std::make_shared<messages::Electroneum::ElectroneumKeyImageExportInitRequest>();
193
194 KECCAK_CTX kck;
195 uint8_t final_hash[32];
196 keccak_init(&kck);
197
198 for(auto &cur : mtds){
199 auto hash = compute_hash(cur);
200 keccak_update(&kck, reinterpret_cast<const uint8_t *>(hash.data()), hash.size());
201 }
202 keccak_finish(&kck, final_hash);
203
204 req = std::make_shared<messages::Electroneum::ElectroneumKeyImageExportInitRequest>();
205 req->set_hash(std::string(reinterpret_cast<const char*>(final_hash), 32));
206 req->set_num(transfers.size());
207
208 std::unordered_map<uint32_t, std::set<uint32_t>> sub_indices;
209 for (auto &cur : transfers){
210 auto search = sub_indices.emplace(cur.m_subaddr_index.major, std::set<uint32_t>());
211 auto & st = search.first->second;
212 st.insert(cur.m_subaddr_index.minor);
213 }
214
215 for (auto& x: sub_indices){
216 auto subs = req->add_subs();
217 subs->set_account(x.first);
218 for(auto minor : x.second){
219 subs->add_minor_indices(minor);
220 }
221 }
222 }
hw::trezor::protocol::ki::compute_hash
std::string compute_hash(const ElectroneumTransferDetails &rr)
Definition protocol.cpp:167
Here is the call graph for this function:

◆ generate_commitment() [2/2]

void hw::trezor::protocol::ki::generate_commitment ( std::vector< ElectroneumTransferDetails > & mtds,
const std::vector< tools::wallet2::transfer_details > & transfers,
std::shared_ptr< messages::electroneum::ElectroneumKeyImageExportInitRequest > & req )

Generates KI sync request with commitments computed.

◆ key_image_data()

bool hw::trezor::protocol::ki::key_image_data ( wallet_shim * wallet,
const std::vector< tools::wallet2::transfer_details > & transfers,
std::vector< ElectroneumTransferDetails > & res )

Converts transfer details to the ElectroneumTransferDetails required for KI sync

Definition at line 145 of file protocol.cpp.

148 {
149 for(auto & td : transfers){
150 ::crypto::public_key tx_pub_key = wallet->get_tx_pub_key_from_received_outs(td);
151 const std::vector<::crypto::public_key> additional_tx_pub_keys = cryptonote::get_additional_tx_pub_keys_from_extra(td.m_tx);
152
153 res.emplace_back();
154 auto & cres = res.back();
155
156 cres.set_out_key(key_to_string(boost::get<cryptonote::txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key));
157 cres.set_tx_pub_key(key_to_string(tx_pub_key));
158 cres.set_internal_output_index(td.m_internal_output_index);
159 for(auto & aux : additional_tx_pub_keys){
160 cres.add_additional_tx_pub_keys(key_to_string(aux));
161 }
162 }
163
164 return true;
165 }
res
const char * res
Definition hmac_keccak.cpp:41
crypto::public_key
POD_CLASS public_key
Definition crypto.h:79
cryptonote::get_additional_tx_pub_keys_from_extra
std::vector< crypto::public_key > get_additional_tx_pub_keys_from_extra(const std::vector< uint8_t > &tx_extra)
Definition cryptonote_format_utils.cpp:558
hw::trezor::protocol::key_to_string
std::string key_to_string(const ::crypto::ec_point &key)
Definition protocol.cpp:80
hw::wallet_shim::get_tx_pub_key_from_received_outs
boost::function< crypto::public_key(const tools::wallet2::transfer_details &td)> get_tx_pub_key_from_received_outs
Definition device_cold.hpp:41
Here is the call graph for this function:

◆ live_refresh_ack() [1/2]

void hw::trezor::protocol::ki::live_refresh_ack ( const ::crypto::secret_key & view_key_priv,
const ::crypto::public_key & out_key,
const std::shared_ptr< messages::Electroneum::ElectroneumLiveRefreshStepAck > & ack,
::cryptonote::keypair & in_ephemeral,
::crypto::key_image & ki )

Definition at line 224 of file protocol.cpp.

229 {
230 std::string str_out_key(out_key.data, sizeof(out_key.data));
231 auto enc_key = protocol::tx::compute_enc_key(view_key_priv, str_out_key, ack->salt());
232
233 const size_t len_ciphertext = ack->key_image().size(); // IV || keys
234 CHECK_AND_ASSERT_THROW_MES(len_ciphertext > crypto::chacha::IV_SIZE + crypto::chacha::TAG_SIZE, "Invalid size");
235
236 size_t ki_len = len_ciphertext - crypto::chacha::IV_SIZE - crypto::chacha::TAG_SIZE;
237 std::unique_ptr<uint8_t[]> plaintext(new uint8_t[ki_len]);
238 uint8_t * buff = plaintext.get();
239
240 protocol::crypto::chacha::decrypt(
241 ack->key_image().data() + crypto::chacha::IV_SIZE,
242 len_ciphertext - crypto::chacha::IV_SIZE,
243 reinterpret_cast<const uint8_t *>(enc_key.data),
244 reinterpret_cast<const uint8_t *>(ack->key_image().data()),
245 reinterpret_cast<char *>(buff), &ki_len);
246
247 CHECK_AND_ASSERT_THROW_MES(ki_len == 3*32, "Invalid size");
248 ::crypto::signature sig{};
249 memcpy(ki.data, buff, 32);
250 memcpy(sig.c.data, buff + 32, 32);
251 memcpy(sig.r.data, buff + 64, 32);
252 in_ephemeral.pub = out_key;
253 in_ephemeral.sec = ::crypto::null_skey;
254
255 // Verification
256 std::vector<const ::crypto::public_key*> pkeys;
257 pkeys.push_back(&out_key);
258
259 CHECK_AND_ASSERT_THROW_MES(rct::scalarmultKey(rct::ki2rct(ki), rct::curveOrder()) == rct::identity(),
260 "Key image out of validity domain: key image " << epee::string_tools::pod_to_hex(ki));
261
262 CHECK_AND_ASSERT_THROW_MES(::crypto::check_ring_signature((const ::crypto::hash&)ki, ki, pkeys, &sig),
263 "Signature failed for key image " << epee::string_tools::pod_to_hex(ki)
264 << ", signature " + epee::string_tools::pod_to_hex(sig)
265 << ", pubkey " + epee::string_tools::pod_to_hex(*pkeys[0]));
266 }
memcpy
void * memcpy(void *a, const void *b, size_t c)
Definition glibc_compat.cpp:16
crypto::signature
POD_CLASS signature
Definition crypto.h:108
crypto::null_skey
const crypto::secret_key null_skey
Definition crypto.cpp:73
crypto::check_ring_signature
bool check_ring_signature(const hash &prefix_hash, const key_image &image, const public_key *const *pubs, std::size_t pubs_count, const signature *sig)
Definition crypto.h:333
epee::string_tools::pod_to_hex
std::string pod_to_hex(const t_pod_type &s)
Definition string_tools.h:317
hw::trezor::protocol::crypto::chacha::decrypt
void decrypt(const void *ciphertext, size_t length, const uint8_t *key, const uint8_t *iv, char *plaintext, size_t *plaintext_len)
Definition protocol.cpp:120
hw::trezor::protocol::tx::compute_enc_key
::crypto::secret_key compute_enc_key(const ::crypto::secret_key &private_view_key, const std::string &aux, const std::string &salt)
Definition protocol.cpp:351
rct::curveOrder
key curveOrder()
Definition rctOps.h:76
rct::scalarmultKey
void scalarmultKey(key &aP, const key &P, const key &a)
Definition rctOps.cpp:368
rct::identity
key identity()
Definition rctOps.h:73
cryptonote::keypair::sec
crypto::secret_key sec
Definition cryptonote_basic.h:511
cryptonote::keypair::pub
crypto::public_key pub
Definition cryptonote_basic.h:510
Here is the call graph for this function:

◆ live_refresh_ack() [2/2]

void hw::trezor::protocol::ki::live_refresh_ack ( const ::crypto::secret_key & view_key_priv,
const ::crypto::public_key & out_key,
const std::shared_ptr< messages::electroneum::ElectroneumLiveRefreshStepAck > & ack,
::cryptonote::keypair & in_ephemeral,
::crypto::key_image & ki )

Processes Live refresh step response, parses KI, checks the signature