ESP32: исправить off-curve проверку для user PDA

This commit is contained in:
AidarKC 2026-06-13 08:20:12 +04:00
parent fba6d6bba0
commit 556004a557
2 changed files with 15 additions and 8 deletions

View File

@ -8,9 +8,6 @@
#include <Arduino_GFX_Library.h> #include <Arduino_GFX_Library.h>
#include <TouchDrvCSTXXX.hpp> #include <TouchDrvCSTXXX.hpp>
#include <mbedtls/sha256.h> #include <mbedtls/sha256.h>
extern "C" int ge25519_is_canonical(const unsigned char *s);
extern "C" int ge25519_is_on_curve(const unsigned char *p);
#include <mbedtls/base64.h> #include <mbedtls/base64.h>
#include <Ed25519.h> #include <Ed25519.h>
#include <sodium.h> #include <sodium.h>
@ -38,6 +35,17 @@ extern "C" int ge25519_is_on_curve(const unsigned char *p);
#define TAP_CANCEL_THRESHOLD 18 #define TAP_CANCEL_THRESHOLD 18
#define MAX_SCAN_RESULTS 8 #define MAX_SCAN_RESULTS 8
#define MAX_SAVED_WIFI_NETWORKS 8 #define MAX_SAVED_WIFI_NETWORKS 8
extern "C" {
typedef int32_t fe25519[10];
typedef struct {
fe25519 X;
fe25519 Y;
fe25519 Z;
fe25519 T;
} ge25519_p3;
int ge25519_frombytes(ge25519_p3 *h, const unsigned char *s);
}
#define WIFI_CONNECT_TIMEOUT_MS 12000 #define WIFI_CONNECT_TIMEOUT_MS 12000
#define WIFI_RECONNECT_FAST_MS 10000 #define WIFI_RECONNECT_FAST_MS 10000
#define WIFI_RECONNECT_SLOW_MS 30000 #define WIFI_RECONNECT_SLOW_MS 30000
@ -918,9 +926,8 @@ static bool findProgramAddress(const std::vector<std::vector<uint8_t>> &seeds, c
reinterpret_cast<const unsigned char *>(kProgramDerivedAddressMarker), reinterpret_cast<const unsigned char *>(kProgramDerivedAddressMarker),
strlen(kProgramDerivedAddressMarker)); strlen(kProgramDerivedAddressMarker));
crypto_hash_sha256_final(&st, out32); crypto_hash_sha256_final(&st, out32);
bool isCanonical = ge25519_is_canonical(out32) != 0; ge25519_p3 point;
bool isOnCurve = ge25519_is_on_curve(out32) != 0; if (ge25519_frombytes(&point, out32) != 0) {
if (!(isCanonical && isOnCurve)) {
return true; return true;
} }
} }

View File

@ -1,2 +1,2 @@
client.version=1.2.171 client.version=1.2.172
server.version=1.2.160 server.version=1.2.161