From 1c55f5a30156ac67b55e6ae030f9c2306a20a144 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Palmer?= Date: Wed, 6 Nov 2024 09:28:39 +0100 Subject: [PATCH] [pk-derivation] do not derive pk if it has already been derived Since `global.public_key` is the key associated to `global.path_with_curve`, if the `path_with_curve` to derive is equal to `global.path_with_curve`, then the key associated to the `path_with_curve` is `global.public_key`. There is no need to re-derive it again. --- src/apdu.c | 15 +++++++++++---- src/apdu.h | 11 +++++++---- src/apdu_pubkey.c | 11 +++++++---- src/ui_bagl.c | 8 +++++++- src/ui_nbgl.c | 8 +++++++- 5 files changed, 39 insertions(+), 14 deletions(-) diff --git a/src/apdu.c b/src/apdu.c index d99a6e82..eee51a32 100644 --- a/src/apdu.c +++ b/src/apdu.c @@ -39,14 +39,21 @@ tz_exc read_path_with_curve(derivation_type_t derivation_type, cx_ecfp_public_key_t* pubkey) { tz_exc exc = SW_OK; cx_err_t error = CX_OK; + bip32_path_with_curve_t tmp_path_with_curve = {0}; TZ_ASSERT_NOT_NULL(buf); TZ_ASSERT_NOT_NULL(path_with_curve); - TZ_ASSERT_NOT_NULL(pubkey); - path_with_curve->derivation_type = derivation_type; - TZ_ASSERT(read_bip32_path(buf, &path_with_curve->bip32_path), EXC_WRONG_VALUES); - CX_CHECK(generate_public_key(pubkey, path_with_curve)); + tmp_path_with_curve.derivation_type = derivation_type; + TZ_ASSERT(read_bip32_path(buf, &tmp_path_with_curve.bip32_path), EXC_WRONG_VALUES); + + // Do not derive the public key if the two path_with_curve are equal + if (!bip32_path_with_curve_eq(path_with_curve, &tmp_path_with_curve)) { + memmove(path_with_curve, &tmp_path_with_curve, sizeof(bip32_path_with_curve_t)); + if (pubkey != NULL) { + CX_CHECK(generate_public_key(pubkey, path_with_curve)); + } + } end: TZ_CONVERT_CX(); diff --git a/src/apdu.h b/src/apdu.h index a06ec76c..871ffdf9 100644 --- a/src/apdu.h +++ b/src/apdu.h @@ -89,11 +89,14 @@ static inline int io_send_apdu_err(uint16_t sw) { /** * @brief Reads a path with curve and derive the public key. + * Set [pubkey] to NULL to not deriving the public key. + * Will not derive the public key if the path with curve read + * is the same as the one provided. * - * @param[in] derivation_type: Derivation type of the key. - * @param[in] buf: Buffer that should contains a bip32 path. - * @param[out] path_with_curve: Buffer to store the path with curve. - * @param[out] pubkey: Buffer to store the pubkey. + * @param[in] derivation_type: Derivation type of the key. + * @param[in] buf: Buffer that should contains a bip32 path. + * @param[in/out] path_with_curve: Buffer to store the path with curve. + * @param[out] pubkey: Buffer to store the pubkey. Can be NULL * @return tz_exc: exception, SW_OK if none */ tz_exc read_path_with_curve(derivation_type_t derivation_type, diff --git a/src/apdu_pubkey.c b/src/apdu_pubkey.c index 06f68bc7..c650c9b9 100644 --- a/src/apdu_pubkey.c +++ b/src/apdu_pubkey.c @@ -74,10 +74,13 @@ int handle_get_public_key(buffer_t *cdata, TZ_ASSERT_NOT_NULL(cdata); if ((cdata->size == 0u) && authorize) { - TZ_ASSERT(copy_bip32_path_with_curve(&global.path_with_curve, &(g_hwm.baking_key)), - EXC_MEMORY_ERROR); - CX_CHECK(generate_public_key((cx_ecfp_public_key_t *) &global.public_key, - &global.path_with_curve)); + // Do not derive the public key if the two path_with_curve are equal + if (!bip32_path_with_curve_eq(&global.path_with_curve, &g_hwm.baking_key)) { + TZ_ASSERT(copy_bip32_path_with_curve(&global.path_with_curve, &g_hwm.baking_key), + EXC_MEMORY_ERROR); + CX_CHECK(generate_public_key((cx_ecfp_public_key_t *) &global.public_key, + &global.path_with_curve)); + } } else { TZ_CHECK(read_path_with_curve(derivation_type, cdata, diff --git a/src/ui_bagl.c b/src/ui_bagl.c index cd0a1ee0..0620f1ac 100644 --- a/src/ui_bagl.c +++ b/src/ui_bagl.c @@ -224,7 +224,13 @@ tz_exc calculate_idle_screen_authorized_key(void) { "No Key Authorized"), EXC_WRONG_LENGTH); } else { - CX_CHECK(generate_public_key(authorized_pk, &g_hwm.baking_key)); + // Do not derive the public key if the two path_with_curve are equal + if (!bip32_path_with_curve_eq(&global.path_with_curve, &g_hwm.baking_key)) { + CX_CHECK(generate_public_key((cx_ecfp_public_key_t *) authorized_pk, + &global.path_with_curve)); + } else { + memmove(authorized_pk, &global.public_key, sizeof(tz_ecfp_public_key_t)); + } TZ_CHECK(pk_to_pkh_string(home_context.authorized_key, sizeof(home_context.authorized_key), diff --git a/src/ui_nbgl.c b/src/ui_nbgl.c index 3614418b..9b0bf781 100644 --- a/src/ui_nbgl.c +++ b/src/ui_nbgl.c @@ -85,7 +85,13 @@ static void initInfo(void) { TZ_ASSERT(copy_string(infoContentsBridge[PKH_IDX], MAX_LENGTH, "No Key Authorized"), EXC_WRONG_LENGTH); } else { - CX_CHECK(generate_public_key(authorized_pk, &g_hwm.baking_key)); + // Do not derive the public key if the two path_with_curve are equal + if (!bip32_path_with_curve_eq(&global.path_with_curve, &g_hwm.baking_key)) { + CX_CHECK(generate_public_key((cx_ecfp_public_key_t*) authorized_pk, + &global.path_with_curve)); + } else { + memmove(authorized_pk, &global.public_key, sizeof(tz_ecfp_public_key_t)); + } TZ_CHECK(pk_to_pkh_string(infoContentsBridge[PKH_IDX], MAX_LENGTH, authorized_pk)); }