From 30aa3a53fba88d365bc14894bd6535d917eb8e19 Mon Sep 17 00:00:00 2001 From: ftheirs Date: Wed, 25 May 2022 09:20:11 -0300 Subject: [PATCH 1/6] clean up --- app/Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/app/Makefile b/app/Makefile index 5b1c71b..b0fd8ee 100755 --- a/app/Makefile +++ b/app/Makefile @@ -202,7 +202,6 @@ SDK_SOURCE_PATH += lib_ux .PHONY: rust rust: @echo "No rust code" -# cd rust && CARGO_HOME="$(CURDIR)/rust/.cargo" cargo build --target thumbv6m-none-eabi --release # Before linking, we need to be sure rust lib is there bin/app.elf: rust From f9b13309549067fad38c78fb886c3f097a46fd33 Mon Sep 17 00:00:00 2001 From: ftheirs Date: Wed, 25 May 2022 09:20:34 -0300 Subject: [PATCH 2/6] improve error handling --- app/src/apdu_handler.c | 6 ++++++ app/src/crypto.c | 41 ++++++++++++++++++++++++----------------- 2 files changed, 30 insertions(+), 17 deletions(-) diff --git a/app/src/apdu_handler.c b/app/src/apdu_handler.c index cfcaa45..efd6e45 100644 --- a/app/src/apdu_handler.c +++ b/app/src/apdu_handler.c @@ -106,11 +106,17 @@ void handleApdu(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) { } case INS_GET_ADDR_SECP256K1: { + if( os_global_pin_is_validated() != BOLOS_UX_OK ) { + THROW(APDU_CODE_COMMAND_NOT_ALLOWED); + } handleGetAddrSecp256K1(flags, tx, rx); break; } case INS_SIGN_SECP256K1: { + if( os_global_pin_is_validated() != BOLOS_UX_OK ) { + THROW(APDU_CODE_COMMAND_NOT_ALLOWED); + } handleSignSecp256K1(flags, tx, rx); break; } diff --git a/app/src/crypto.c b/app/src/crypto.c index 054b2c3..d788dff 100644 --- a/app/src/crypto.c +++ b/app/src/crypto.c @@ -39,6 +39,7 @@ zxerr_t crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t return zxerr_invalid_crypto_settings; } + zxerr_t err = zxerr_ok; BEGIN_TRY { TRY { @@ -50,10 +51,21 @@ zxerr_t crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &cx_privateKey); cx_ecfp_init_public_key(CX_CURVE_256K1, NULL, 0, &cx_publicKey); cx_ecfp_generate_pair(CX_CURVE_256K1, &cx_publicKey, &cx_privateKey, 1); + + // Format pubkey + for (int i = 0; i < 32; i++) { + pubKey[i] = cx_publicKey.W[64 - i]; + } + cx_publicKey.W[0] = cx_publicKey.W[64] & 1 ? 0x03 : 0x02; // "Compress" public key in place + if ((cx_publicKey.W[32] & 1) != 0) { + pubKey[31] |= 0x80; + } + ////////////////////// + MEMCPY(pubKey, cx_publicKey.W, PK_LEN_SECP256K1); + } - CATCH_OTHER(e) { - CLOSE_TRY; - return zxerr_ledger_api_error; + CATCH_ALL { + err = zxerr_ledger_api_error; } FINALLY { MEMZERO(&cx_privateKey, sizeof(cx_privateKey)); @@ -62,18 +74,7 @@ zxerr_t crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t } END_TRY; - // Format pubkey - for (int i = 0; i < 32; i++) { - pubKey[i] = cx_publicKey.W[64 - i]; - } - cx_publicKey.W[0] = cx_publicKey.W[64] & 1 ? 0x03 : 0x02; // "Compress" public key in place - if ((cx_publicKey.W[32] & 1) != 0) { - pubKey[31] |= 0x80; - } - ////////////////////// - MEMCPY(pubKey, cx_publicKey.W, PK_LEN_SECP256K1); - - return zxerr_ok; + return err; } zxerr_t crypto_sign(uint8_t *signature, @@ -91,6 +92,8 @@ zxerr_t crypto_sign(uint8_t *signature, uint8_t privateKeyData[32]; unsigned int info = 0; int signatureLength = 0; + + zxerr_t err = zxerr_ok; BEGIN_TRY { TRY @@ -113,6 +116,10 @@ zxerr_t crypto_sign(uint8_t *signature, signatureMaxlen, &info); } + CATCH_ALL { + signatureLength = 0; + err = zxerr_ledger_api_error; + } FINALLY { MEMZERO(&cx_privateKey, sizeof(cx_privateKey)); MEMZERO(privateKeyData, 32); @@ -182,7 +189,7 @@ zxerr_t crypto_fillAddress(uint8_t *buffer, uint16_t buffer_len, uint16_t *addrR } // extract pubkey - crypto_extractPublicKey(hdPath, buffer, buffer_len); + CHECK_ZXERR(crypto_extractPublicKey(hdPath, buffer, buffer_len)) // Hash it uint8_t hashed1_pk[CX_SHA256_SIZE]; @@ -192,7 +199,7 @@ zxerr_t crypto_fillAddress(uint8_t *buffer, uint16_t buffer_len, uint16_t *addrR ripemd160_32(hashed2_pk, hashed1_pk); char *addr = (char *) (buffer + PK_LEN_SECP256K1); - bech32EncodeFromBytes(addr, buffer_len - PK_LEN_SECP256K1, bech32_hrp, hashed2_pk, CX_RIPEMD160_SIZE, 1); + CHECK_ZXERR(bech32EncodeFromBytes(addr, buffer_len - PK_LEN_SECP256K1, bech32_hrp, hashed2_pk, CX_RIPEMD160_SIZE, 1)) *addrResponseLen = PK_LEN_SECP256K1 + strlen(addr); From 40028588267f101a975ae711fd9ae800c962ac2d Mon Sep 17 00:00:00 2001 From: ftheirs Date: Wed, 25 May 2022 09:20:41 -0300 Subject: [PATCH 3/6] bump version --- app/Makefile.version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Makefile.version b/app/Makefile.version index c18eb82..1869e56 100644 --- a/app/Makefile.version +++ b/app/Makefile.version @@ -3,4 +3,4 @@ APPVERSION_M=2 # This is the `spec_version` field of `Runtime` APPVERSION_N=0 # This is the patch version of this release -APPVERSION_P=0 +APPVERSION_P=1 From 6d921d0d95a2a96ab3e3c28fbc211497ea70be96 Mon Sep 17 00:00:00 2001 From: ftheirs Date: Wed, 25 May 2022 09:25:31 -0300 Subject: [PATCH 4/6] add extra testcase --- tests/testcases/manual.json | 59 +++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/tests/testcases/manual.json b/tests/testcases/manual.json index 1a7481c..214ee19 100644 --- a/tests/testcases/manual.json +++ b/tests/testcases/manual.json @@ -1517,5 +1517,64 @@ "6 | Fee : 0.000600 AXL" ], "expert": false + }, + { + "name": "completeTransferExpertAxl", + "tx": { + "account_number": "0", + "chain_id": "axelar-dojo-1", + "fee": { + "amount": [ + { + "amount": "150", + "denom": "uaxl" + } + ], + "gas": "10000" + }, + "memo": "testmemo", + "msgs": [ + { + "inputs": [ + { + "address": "axelaraccaddr1d9h8qat5e4ehc5", + "coins": [ + { + "amount": "50", + "denom": "axl" + } + ] + } + ], + "outputs": [ + { + "address": "axelaraccaddr1da6hgur4wse3jx32", + "coins": [ + { + "amount": "10", + "denom": "axl" + } + ] + } + ] + } + ], + "sequence": "1" + }, + "parsingErr": "No error", + "validationErr": "No error", + "expected": [ + "0 | Chain ID : axelar-dojo-1", + "1 | Account : 0", + "2 | Sequence : 1", + "3 | Source Address : axelaraccaddr1d9h8qat5e4ehc5", + "4 | Source Coins : 50 axl", + "5 | Dest Address : axelaraccaddr1da6hgur4wse3jx32", + "6 | Dest Coins : 10 axl", + "7 | Memo : testmemo", + "8 | Fee : 150 uaxl", + "9 | Gas : 10000" + ], + "expert": true } ] From 8a02c5a73e65d2777a13bb4051db2da1b9d0e9db Mon Sep 17 00:00:00 2001 From: ftheirs Date: Wed, 25 May 2022 09:45:35 -0300 Subject: [PATCH 5/6] update snapshots --- tests_zemu/snapshots/s-mainmenu/00004.png | Bin 437 -> 442 bytes tests_zemu/snapshots/s-mainmenu/00010.png | Bin 437 -> 442 bytes tests_zemu/snapshots/sp-mainmenu/00004.png | Bin 361 -> 367 bytes tests_zemu/snapshots/sp-mainmenu/00010.png | Bin 361 -> 367 bytes tests_zemu/snapshots/x-mainmenu/00004.png | Bin 361 -> 367 bytes tests_zemu/snapshots/x-mainmenu/00010.png | Bin 361 -> 367 bytes 6 files changed, 0 insertions(+), 0 deletions(-) diff --git a/tests_zemu/snapshots/s-mainmenu/00004.png b/tests_zemu/snapshots/s-mainmenu/00004.png index 8d46929d21264471474ae99d9fc9899c8508f80d..131ba7b5ba4dc47aa7f9317ceb0c5b89adca8e25 100644 GIT binary patch delta 416 zcmV;R0bl;L1G)o{B!7WPL_t(|ob8#xvcfP3MX96z|G{0@>0000#ZH%SqW|r|t2&pD#oJF&lCKzrz<6 zSIxw2*k8_~aE*ux9VW-rGKf{lgGKnuHz1WHuS!F1Ql(m~Uw^&O(0yV*d zM+&PZ)-jB)1=X5Bm?npc!TP3=bK=>_X8`ZlF(>jWagn5{sl%Vv6rXs5^{~03^oO(y zYFRn{PscfCKeylAfwXw@g7gV=czN6X?U7)|`uvq34|i1th2)=7^`YfZENa zh#J8AzFoy4hQI8bn$}mJf(B^SY!7$|pV%=jG4=MHhKjoGNwU6_F+$$}Udx?aqK)(r z-2-9=)b_Dj&TJ>2_-HeLuLb?6KZu`Y^x1}IhX()v02u%P3-Sc{JInLW4UXpk0000< KMNUMnLSTYrV9coi delta 411 zcmV;M0c8HV1GNK?B!7HKL_t(|ob8#xmct+jMa`V)|9@~6nT0bR0!R^^s_nb0G$KiO z1c^-v0002^N3Jtnr*hos>Mi)5eFKdgkJ)!Hn5hELT+Wfb&U8F}&zA#ckcbS$fS#cf z)mba?HSNkJC^SYXDHW#J)I6|RS%Xb@$s3SUl4hk5?j%xG&3|7x(TMxPdiVrrUHAMC zY+Ev^7LH>WUkR!efiO)9smAi8;d9~M$tM7<*D)o^EOwAXQ;QBAtwns{1=hpivXT#J zC)Bp#cs(s$kZcM;H<|!Ob{jRJr$D_oYQy%25P*Hi*iL0-Uv;gU35(~wox2NA#+o!h z^q*4VDVk{_0Dl|vXh1>qZE`$CiEinFq{o_#e#r%Dof186RHvS;BQNOTQ|ZBX0W zYQ?kdeBrIl0KPVK2@>0000#ZH%SqW|r|t2&pD#oJF&lCKzrz<6 zSIxw2*k8_~aE*ux9VW-rGKf{lgGKnuHz1WHuS!F1Ql(m~Uw^&O(0yV*d zM+&PZ)-jB)1=X5Bm?npc!TP3=bK=>_X8`ZlF(>jWagn5{sl%Vv6rXs5^{~03^oO(y zYFRn{PscfCKeylAfwXw@g7gV=czN6X?U7)|`uvq34|i1th2)=7^`YfZENa zh#J8AzFoy4hQI8bn$}mJf(B^SY!7$|pV%=jG4=MHhKjoGNwU6_F+$$}Udx?aqK)(r z-2-9=)b_Dj&TJ>2_-HeLuLb?6KZu`Y^x1}IhX()v02u%P3-Sc{JInLW4UXpk0000< KMNUMnLSTYrV9coi delta 411 zcmV;M0c8HV1GNK?B!7HKL_t(|ob8#xmct+jMa`V)|9@~6nT0bR0!R^^s_nb0G$KiO z1c^-v0002^N3Jtnr*hos>Mi)5eFKdgkJ)!Hn5hELT+Wfb&U8F}&zA#ckcbS$fS#cf z)mba?HSNkJC^SYXDHW#J)I6|RS%Xb@$s3SUl4hk5?j%xG&3|7x(TMxPdiVrrUHAMC zY+Ev^7LH>WUkR!efiO)9smAi8;d9~M$tM7<*D)o^EOwAXQ;QBAtwns{1=hpivXT#J zC)Bp#cs(s$kZcM;H<|!Ob{jRJr$D_oYQy%25P*Hi*iL0-Uv;gU35(~wox2NA#+o!h z^q*4VDVk{_0Dl|vXh1>qZE`$CiEinFq{o_#e#r%Dof186RHvS;BQNOTQ|ZBX0W zYQ?kdeBrIl0KPVK2oz21C7pmt;+_pHQ z{zq7ui2(u1maJNpbz9tj>xB0240dWupV+oYI&ue`e>!K)s%29?eY=#wH(?de(}pVV zyBlx6uDc&+Zxi6O(s)Pfbf$cL^-kQ6A+hc|D z?^P^&Sx>Icm=(11xrOc>-4``e+`r53E-di-UcP)A!}tDWOD>yyS$TW)z3M4DeluUI z5`5qF{^Ds%o|#|rFL%!RlJCZAQz-uFNb!xyz28r#$_T&NF1!2t-Pjoy|6Ve} z-*^8ApSbWx-S!`SmBkWfzqd(u(K&FS?rX$KhTlu|6YbrvcgI(rp7!!|QMkkAj``B5 ip~u&`Bl*6e{x$pFBR7RFp7%Bc1&ODtpUXO@geCxjSE7di delta 334 zcmaFQ^pa_UO1*)ni(^Q|oVPaviw-OBxCY*O>38G*q%G6y3{pi{ZY*7=I=OnEO@hp` z&KrE5oD2x?#>2(sh}{2=LHwVd+BTkkGH37d4N4h|U!wF*c6prJx#fEEvz8^N0{k!N zRwa~Q`D?e=u3}N!B4e-hp_;EO7i*g=_Tv4QeyzKH&VI&J&sU+Aoz^p#-iqB{_CTfl zdlk!G)}@OxW(DnhzC-7Z?u(i!i+}g$&WXAF_wGvF1AjNKd}+e|X|c7}_dcQW`U6qy zAMHNc{wi!!ocu4>Dsb|@vnv|a-#N{z;H%#Bv2MqiS&DAF-!_HXifoz21C7pmt;+_pHQ z{zq7ui2(u1maJNpbz9tj>xB0240dWupV+oYI&ue`e>!K)s%29?eY=#wH(?de(}pVV zyBlx6uDc&+Zxi6O(s)Pfbf$cL^-kQ6A+hc|D z?^P^&Sx>Icm=(11xrOc>-4``e+`r53E-di-UcP)A!}tDWOD>yyS$TW)z3M4DeluUI z5`5qF{^Ds%o|#|rFL%!RlJCZAQz-uFNb!xyz28r#$_T&NF1!2t-Pjoy|6Ve} z-*^8ApSbWx-S!`SmBkWfzqd(u(K&FS?rX$KhTlu|6YbrvcgI(rp7!!|QMkkAj``B5 ip~u&`Bl*6e{x$pFBR7RFp7%Bc1&ODtpUXO@geCxjSE7di delta 334 zcmaFQ^pa_UO1*)ni(^Q|oVPaviw-OBxCY*O>38G*q%G6y3{pi{ZY*7=I=OnEO@hp` z&KrE5oD2x?#>2(sh}{2=LHwVd+BTkkGH37d4N4h|U!wF*c6prJx#fEEvz8^N0{k!N zRwa~Q`D?e=u3}N!B4e-hp_;EO7i*g=_Tv4QeyzKH&VI&J&sU+Aoz^p#-iqB{_CTfl zdlk!G)}@OxW(DnhzC-7Z?u(i!i+}g$&WXAF_wGvF1AjNKd}+e|X|c7}_dcQW`U6qy zAMHNc{wi!!ocu4>Dsb|@vnv|a-#N{z;H%#Bv2MqiS&DAF-!_HXifoz21C7pmt;+_pHQ z{zq7ui2(u1maJNpbz9tj>xB0240dWupV+oYI&ue`e>!K)s%29?eY=#wH(?de(}pVV zyBlx6uDc&+Zxi6O(s)Pfbf$cL^-kQ6A+hc|D z?^P^&Sx>Icm=(11xrOc>-4``e+`r53E-di-UcP)A!}tDWOD>yyS$TW)z3M4DeluUI z5`5qF{^Ds%o|#|rFL%!RlJCZAQz-uFNb!xyz28r#$_T&NF1!2t-Pjoy|6Ve} z-*^8ApSbWx-S!`SmBkWfzqd(u(K&FS?rX$KhTlu|6YbrvcgI(rp7!!|QMkkAj``B5 ip~u&`Bl*6e{x$pFBR7RFp7%Bc1&ODtpUXO@geCxjSE7di delta 334 zcmaFQ^pa_UO1*)ni(^Q|oVPaviw-OBxCY*O>38G*q%G6y3{pi{ZY*7=I=OnEO@hp` z&KrE5oD2x?#>2(sh}{2=LHwVd+BTkkGH37d4N4h|U!wF*c6prJx#fEEvz8^N0{k!N zRwa~Q`D?e=u3}N!B4e-hp_;EO7i*g=_Tv4QeyzKH&VI&J&sU+Aoz^p#-iqB{_CTfl zdlk!G)}@OxW(DnhzC-7Z?u(i!i+}g$&WXAF_wGvF1AjNKd}+e|X|c7}_dcQW`U6qy zAMHNc{wi!!ocu4>Dsb|@vnv|a-#N{z;H%#Bv2MqiS&DAF-!_HXifoz21C7pmt;+_pHQ z{zq7ui2(u1maJNpbz9tj>xB0240dWupV+oYI&ue`e>!K)s%29?eY=#wH(?de(}pVV zyBlx6uDc&+Zxi6O(s)Pfbf$cL^-kQ6A+hc|D z?^P^&Sx>Icm=(11xrOc>-4``e+`r53E-di-UcP)A!}tDWOD>yyS$TW)z3M4DeluUI z5`5qF{^Ds%o|#|rFL%!RlJCZAQz-uFNb!xyz28r#$_T&NF1!2t-Pjoy|6Ve} z-*^8ApSbWx-S!`SmBkWfzqd(u(K&FS?rX$KhTlu|6YbrvcgI(rp7!!|QMkkAj``B5 ip~u&`Bl*6e{x$pFBR7RFp7%Bc1&ODtpUXO@geCxjSE7di delta 334 zcmaFQ^pa_UO1*)ni(^Q|oVPaviw-OBxCY*O>38G*q%G6y3{pi{ZY*7=I=OnEO@hp` z&KrE5oD2x?#>2(sh}{2=LHwVd+BTkkGH37d4N4h|U!wF*c6prJx#fEEvz8^N0{k!N zRwa~Q`D?e=u3}N!B4e-hp_;EO7i*g=_Tv4QeyzKH&VI&J&sU+Aoz^p#-iqB{_CTfl zdlk!G)}@OxW(DnhzC-7Z?u(i!i+}g$&WXAF_wGvF1AjNKd}+e|X|c7}_dcQW`U6qy zAMHNc{wi!!ocu4>Dsb|@vnv|a-#N{z;H%#Bv2MqiS&DAF-!_HXif Date: Wed, 25 May 2022 10:08:59 -0300 Subject: [PATCH 6/6] fix return variable --- app/src/crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/src/crypto.c b/app/src/crypto.c index d788dff..355d624 100644 --- a/app/src/crypto.c +++ b/app/src/crypto.c @@ -128,7 +128,7 @@ zxerr_t crypto_sign(uint8_t *signature, END_TRY; *sigSize = signatureLength; - return zxerr_ok; + return err; } #else