Merge pull request #3 from xtruan/develop

Wallet storage, code formatting, & touch ups

Author: xtruan

README.md

@@ -10,12 +10,12 @@ The goal of this project is to see how much crypto functionality can be brought
 ## How to install on Flipper Zero
 - If you do not have one, download a Flipper Zero firmware to get the `fbt` build tool
 - Plug your Flipper Zero in via USB
-- Copy the contents of this folder into the applications_user folder of your firmware
-- Modify the `site_scons/cc.scons` file in the Flipper Zero firmware to remove the `"-Wdouble-promotion"` warning and add the `"-Os"` flag
+- Copy the contents of this folder into the `applications_user` folder of your firmware
+- Modify the `site_scons/cc.scons` file in the Flipper Zero firmware to add the `"-Os"` flag
 
 Then run the command: 
  ```
-.\fbt COMPACT=1 DEBUG=0 launch_app APPSRC=applications_user/FlipBIP
+./fbt COMPACT=1 DEBUG=0 launch_app APPSRC=applications_user/FlipBIP
  ```
 The application will be compiled and copied onto your device
 
@@ -34,16 +34,26 @@ The application will be compiled and copied onto your device
   - Generation of offline `m/44'/0'/0'/0` BTC wallet
   - Generation of offline `m/44'/60'/0'/0` ETH wallet (coded from the $SPORK Castle of ETHDenver 2023!)
   - Similar features to: https://iancoleman.io/bip39/
+- Saving wallets to SD card
+  - Wallets are saved to SD card upon creation in `apps_data/flipbip`
+      - NOTE: `apps_data` folder must already exist on SD card!
+  - Saved wallets can be viewed between app runs
+  - Wallets are encrypted with a randomly generated key, and that key is also encrypted
+      - `.flipbip.dat` and `.flipbip.key` files are both required to be in `apps_data/flipbip`
+      - Backups of both these files `.flipbip.dat.bak` and `.flipbip.key.bak` are also maintained
+      - If you want to externally back up your wallet, I recommend copying all these files, and storing the `key` and `dat` files seperately
+  - NOTE: The wallets should be decently tough to crack off of a Flipper, however any Flipper with the app installed can load a wallet in the `apps_data/flipbip` directory if both the `key` and `dat` file are present
 
 ### Work in Progress
 
-- Support for BIP39 passphrase
-  - Currently blank
-- Support for more custom BIP32 wallet paths
-  - Currently hardcoded to `m/44'/0'/0'/0` or `m/44'/60'/0'/0`
+- More coin types
+  - Support for more custom BIP32 wallet paths
+  - Currently hardcoded to `m/44'/0'/0'/0` and `m/44'/60'/0'/0`
 
 ### (FAR) Future
 
-- More coin types
-- Saving wallets to disk
-- USB/Bluetooth wallet functionality
+- Custom wallet security
+  - User specified password
+- Support for BIP39 passphrase
+  - Currently blank
+- USB/Bluetooth wallet functionality

application.fam

@@ -13,6 +13,6 @@ App(
     fap_icon_assets="icons",
     fap_category="Misc",
     fap_description="Crypto toolkit for Flipper",
-    fap_author="Struan Clark",
+    fap_author="Struan Clark (xtruan)",
     fap_weburl="https://github.com/xtruan/FlipBIP",
 )

crypto/.gitignore

@@ -97,9 +97,9 @@ SRCS  += sha2.c
 SRCS  += sha3.c
 SRCS  += hasher.c
 SRCS  += aes/aescrypt.c aes/aeskey.c aes/aestab.c aes/aes_modes.c
-SRCS  += ed25519-donna/curve25519-donna-32bit.c ed25519-donna/curve25519-donna-helpers.c ed25519-donna/modm-donna-32bit.c
-SRCS  += ed25519-donna/ed25519-donna-basepoint-table.c ed25519-donna/ed25519-donna-32bit-tables.c ed25519-donna/ed25519-donna-impl-base.c
-SRCS  += ed25519-donna/ed25519.c ed25519-donna/curve25519-donna-scalarmult-base.c ed25519-donna/ed25519-sha3.c ed25519-donna/ed25519-keccak.c
+SRCS  += ed25519_donna/curve25519-donna-32bit.c ed25519_donna/curve25519-donna-helpers.c ed25519_donna/modm-donna-32bit.c
+SRCS  += ed25519_donna/ed25519_donna-basepoint-table.c ed25519_donna/ed25519_donna-32bit-tables.c ed25519_donna/ed25519_donna-impl-base.c
+SRCS  += ed25519_donna/ed25519.c ed25519_donna/curve25519-donna-scalarmult-base.c ed25519_donna/ed25519-sha3.c ed25519_donna/ed25519-keccak.c
 SRCS  += monero/base58.c
 SRCS  += monero/serialize.c
 SRCS  += monero/xmr.c
@@ -177,7 +177,7 @@ secp256k1-zkp.o:
 	$(CC) $(CFLAGS) -Wno-unused-function $(ZKP_CFLAGS) -fPIC -I$(ZKP_PATH) -I$(ZKP_PATH)/src -c $(ZKP_PATH)/src/secp256k1.c -o secp256k1-zkp.o
 
 clean:
-	rm -f *.o aes/*.o chacha20poly1305/*.o ed25519-donna/*.o monero/*.o
+	rm -f *.o aes/*.o chacha20poly1305/*.o ed25519_donna/*.o monero/*.o
 	rm -f tests/*.o tests/test_check tests/test_speed tests/test_openssl tests/libtrezor-crypto.so tests/aestst
 	rm -f tools/*.o tools/xpubaddrgen tools/mktable tools/bip39bruteforce
 	rm -f fuzzer/*.o fuzzer/fuzzer

crypto/.gitrepo

@@ -1,7 +1,5 @@
 # trezor-crypto
 
-[![Build Status](https://travis-ci.org/trezor/trezor-crypto.svg?branch=master)](https://travis-ci.org/trezor/trezor-crypto) [![gitter](https://badges.gitter.im/trezor/community.svg)](https://gitter.im/trezor/community)
-
 Heavily optimized cryptography algorithms for embedded devices.
 
 These include:
@@ -40,6 +38,17 @@ Distibuted under MIT License.
 - SHA1/SHA2: http://www.aarongifford.com/computers/sha.html
 - SHA3: https://github.com/rhash/RHash
 - Curve25519: https://github.com/agl/curve25519-donna
-- Ed25519: https://github.com/floodyberry/ed25519-donna
+- Ed25519: https://github.com/floodyberry/ed25519_donna
 - Chacha20: https://github.com/wg/c20p1305
 - Poly1305: https://github.com/floodyberry/poly1305-donna
+
+## Repo source:
+
+```
+remote = git+ssh://git@github.com/trezor/trezor-crypto
+branch = master
+commit = 915b3dbbbf58c262865647728a3463b8785fc965
+parent = 6ad3294f31a1e7484b43c104ff2880b965198cad
+method = rebase
+cmdver = 0.4.0
+```

crypto/Makefile

@@ -25,70 +25,66 @@
 #include "bignum.h"
 
 size_t address_prefix_bytes_len(uint32_t address_type) {
-  if (address_type <= 0xFF) return 1;
-  if (address_type <= 0xFFFF) return 2;
-  if (address_type <= 0xFFFFFF) return 3;
-  return 4;
+    if(address_type <= 0xFF) return 1;
+    if(address_type <= 0xFFFF) return 2;
+    if(address_type <= 0xFFFFFF) return 3;
+    return 4;
 }
 
-void address_write_prefix_bytes(uint32_t address_type, uint8_t *out) {
-  if (address_type > 0xFFFFFF) *(out++) = address_type >> 24;
-  if (address_type > 0xFFFF) *(out++) = (address_type >> 16) & 0xFF;
-  if (address_type > 0xFF) *(out++) = (address_type >> 8) & 0xFF;
-  *(out++) = address_type & 0xFF;
+void address_write_prefix_bytes(uint32_t address_type, uint8_t* out) {
+    if(address_type > 0xFFFFFF) *(out++) = address_type >> 24;
+    if(address_type > 0xFFFF) *(out++) = (address_type >> 16) & 0xFF;
+    if(address_type > 0xFF) *(out++) = (address_type >> 8) & 0xFF;
+    *(out++) = address_type & 0xFF;
 }
 
-bool address_check_prefix(const uint8_t *addr, uint32_t address_type) {
-  if (address_type <= 0xFF) {
-    return address_type == (uint32_t)(addr[0]);
-  }
-  if (address_type <= 0xFFFF) {
-    return address_type == (((uint32_t)addr[0] << 8) | ((uint32_t)addr[1]));
-  }
-  if (address_type <= 0xFFFFFF) {
-    return address_type == (((uint32_t)addr[0] << 16) |
-                            ((uint32_t)addr[1] << 8) | ((uint32_t)addr[2]));
-  }
-  return address_type ==
-         (((uint32_t)addr[0] << 24) | ((uint32_t)addr[1] << 16) |
-          ((uint32_t)addr[2] << 8) | ((uint32_t)addr[3]));
+bool address_check_prefix(const uint8_t* addr, uint32_t address_type) {
+    if(address_type <= 0xFF) {
+        return address_type == (uint32_t)(addr[0]);
+    }
+    if(address_type <= 0xFFFF) {
+        return address_type == (((uint32_t)addr[0] << 8) | ((uint32_t)addr[1]));
+    }
+    if(address_type <= 0xFFFFFF) {
+        return address_type ==
+               (((uint32_t)addr[0] << 16) | ((uint32_t)addr[1] << 8) | ((uint32_t)addr[2]));
+    }
+    return address_type == (((uint32_t)addr[0] << 24) | ((uint32_t)addr[1] << 16) |
+                            ((uint32_t)addr[2] << 8) | ((uint32_t)addr[3]));
 }
 
 #if USE_ETHEREUM
 #include "sha3.h"
 
-void ethereum_address_checksum(const uint8_t *addr, char *address, bool rskip60,
-                               uint64_t chain_id) {
-  const char *hex = "0123456789abcdef";
-  address[0] = '0';
-  address[1] = 'x';
-  for (int i = 0; i < 20; i++) {
-    address[2 + i * 2] = hex[(addr[i] >> 4) & 0xF];
-    address[2 + i * 2 + 1] = hex[addr[i] & 0xF];
-  }
-  address[42] = 0;
-
-  SHA3_CTX ctx = {0};
-  uint8_t hash[32] = {0};
-  keccak_256_Init(&ctx);
-  if (rskip60) {
-    char prefix[16] = {0};
-    int prefix_size = bn_format_uint64(chain_id, NULL, "0x", 0, 0, false, 0,
-                                       prefix, sizeof(prefix));
-    keccak_Update(&ctx, (const uint8_t *)prefix, prefix_size);
-  }
-  keccak_Update(&ctx, (const uint8_t *)(address + 2), 40);
-  keccak_Final(&ctx, hash);
+void ethereum_address_checksum(const uint8_t* addr, char* address, bool rskip60, uint64_t chain_id) {
+    const char* hex = "0123456789abcdef";
+    address[0] = '0';
+    address[1] = 'x';
+    for(int i = 0; i < 20; i++) {
+        address[2 + i * 2] = hex[(addr[i] >> 4) & 0xF];
+        address[2 + i * 2 + 1] = hex[addr[i] & 0xF];
+    }
+    address[42] = 0;
 
-  for (int i = 0; i < 20; i++) {
-    if ((hash[i] & 0x80) && address[2 + i * 2] >= 'a' &&
-        address[2 + i * 2] <= 'f') {
-      address[2 + i * 2] -= 0x20;
+    SHA3_CTX ctx = {0};
+    uint8_t hash[32] = {0};
+    keccak_256_Init(&ctx);
+    if(rskip60) {
+        char prefix[16] = {0};
+        int prefix_size =
+            bn_format_uint64(chain_id, NULL, "0x", 0, 0, false, 0, prefix, sizeof(prefix));
+        keccak_Update(&ctx, (const uint8_t*)prefix, prefix_size);
     }
-    if ((hash[i] & 0x08) && address[2 + i * 2 + 1] >= 'a' &&
-        address[2 + i * 2 + 1] <= 'f') {
-      address[2 + i * 2 + 1] -= 0x20;
+    keccak_Update(&ctx, (const uint8_t*)(address + 2), 40);
+    keccak_Final(&ctx, hash);
+
+    for(int i = 0; i < 20; i++) {
+        if((hash[i] & 0x80) && address[2 + i * 2] >= 'a' && address[2 + i * 2] <= 'f') {
+            address[2 + i * 2] -= 0x20;
+        }
+        if((hash[i] & 0x08) && address[2 + i * 2 + 1] >= 'a' && address[2 + i * 2 + 1] <= 'f') {
+            address[2 + i * 2 + 1] -= 0x20;
+        }
     }
-  }
 }
 #endif

crypto/README.md

@@ -30,11 +30,10 @@
 #include "options.h"
 
 size_t address_prefix_bytes_len(uint32_t address_type);
-void address_write_prefix_bytes(uint32_t address_type, uint8_t *out);
-bool address_check_prefix(const uint8_t *addr, uint32_t address_type);
+void address_write_prefix_bytes(uint32_t address_type, uint8_t* out);
+bool address_check_prefix(const uint8_t* addr, uint32_t address_type);
 #if USE_ETHEREUM
-void ethereum_address_checksum(const uint8_t *addr, char *address, bool rskip60,
-                               uint64_t chain_id);
+void ethereum_address_checksum(const uint8_t* addr, char* address, bool rskip60, uint64_t chain_id);
 #endif
 
 #endif