Make operations using the HD path check its correctness.

heliaxdev · Aug 29, 2024 · 7c7c3d4 · 7c7c3d4
1 parent 60f46ea
commit 7c7c3d4
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 17 deletions.
diff --git a/app/src/apdu_handler.c b/app/src/apdu_handler.c
@@ -42,27 +42,11 @@ __Z_INLINE void extractHDPath(uint32_t rx, uint32_t offset) {
     hdPathLen = G_io_apdu_buffer[offset];
     offset++;
 
-    if ((hdPathLen != HDPATH_LEN_DEFAULT && hdPathLen != IDENTITY_DER_PATH_LEN) || (rx - offset) != sizeof(uint32_t) * hdPathLen) {
+    if ((rx - offset) != sizeof(uint32_t) * hdPathLen) {
         THROW(APDU_CODE_WRONG_LENGTH);
     }
 
     memcpy(hdPath, G_io_apdu_buffer + offset, sizeof(uint32_t) * hdPathLen);
-
-    const bool default_mainnet = hdPath[0] == HDPATH_0_DEFAULT &&
-                         hdPath[1] == HDPATH_1_DEFAULT;
-
-    const bool default_testnet = hdPath[0] == HDPATH_0_DEFAULT &&
-                         hdPath[1] == HDPATH_1_TESTNET;
-
-    const bool identity_mainnet = hdPath[0] == HDPATH_0_IDENTITY &&
-                         hdPath[1] == HDPATH_1_DEFAULT;
-
-    const bool identity_testnet = hdPath[0] == HDPATH_0_IDENTITY &&
-                         hdPath[1] == HDPATH_1_TESTNET;
-
-    if (!default_mainnet && !default_testnet && !identity_mainnet && !identity_testnet) {
-        THROW(APDU_CODE_DATA_INVALID);
-    }
 }
 
 __Z_INLINE bool process_chunk(__Z_UNUSED volatile uint32_t *tx, uint32_t rx) {

diff --git a/app/src/crypto.c b/app/src/crypto.c
@@ -58,6 +58,7 @@
   } while (0)
 
 static zxerr_t crypto_extractPublicKey_ed25519(uint8_t *pubKey, uint16_t pubKeyLen) {
+    CHECK_ZXERR(ensureBip32());
     if (pubKey == NULL || pubKeyLen < PK_LEN_25519) {
         return zxerr_invalid_crypto_settings;
     }
@@ -99,6 +100,7 @@ static zxerr_t crypto_extractPublicKey_ed25519(uint8_t *pubKey, uint16_t pubKeyL
 }
 
 static zxerr_t crypto_sign_ed25519(uint8_t *output, uint16_t outputLen, const uint8_t *message, uint16_t messageLen) {
+    CHECK_ZXERR(ensureBip32());
     if (output == NULL || message == NULL || outputLen < ED25519_SIGNATURE_SIZE || messageLen == 0) {
         return zxerr_unknown;
     }
@@ -478,6 +480,7 @@ zxerr_t crypto_sign(const parser_tx_t *txObj, uint8_t *output, uint16_t outputLe
 
 // MASP
 static zxerr_t computeKeys(keys_t * saplingKeys) {
+    CHECK_ZXERR(ensureZip32());
     if (saplingKeys == NULL) {
         return zxerr_no_data;
     }

diff --git a/app/src/crypto_helper.c b/app/src/crypto_helper.c
@@ -57,6 +57,36 @@ uint8_t hdPathLen;
 uint8_t bech32_hrp_len;
 char bech32_hrp[MAX_BECH32_HRP_LEN + 1];
 
+// Ensure that we are working on a BIP 32 path
+zxerr_t ensureBip32() {
+    const bool default_mainnet = hdPath[0] == HDPATH_0_DEFAULT &&
+                         hdPath[1] == HDPATH_1_DEFAULT;
+
+    const bool default_testnet = hdPath[0] == HDPATH_0_DEFAULT &&
+                         hdPath[1] == HDPATH_1_TESTNET;
+
+    if (!default_mainnet && !default_testnet) {
+        return zxerr_unknown;
+    } else {
+        return zxerr_ok;
+    }
+}
+
+// Ensure that we are working on a ZIP 32 path
+zxerr_t ensureZip32() {
+    const bool identity_mainnet = hdPath[0] == HDPATH_0_IDENTITY &&
+                         hdPath[1] == HDPATH_1_DEFAULT;
+
+    const bool identity_testnet = hdPath[0] == HDPATH_0_IDENTITY &&
+                         hdPath[1] == HDPATH_1_TESTNET;
+
+    if (!identity_mainnet && !identity_testnet) {
+        return zxerr_unknown;
+    } else {
+        return zxerr_ok;
+    }
+}
+
 static zxerr_t crypto_publicKeyHash_ed25519(uint8_t *publicKeyHash, const uint8_t *pubkey){
     if (publicKeyHash == NULL || pubkey == NULL) {
         return zxerr_no_data;
@@ -92,6 +122,7 @@ static zxerr_t crypto_publicKeyHash_ed25519(uint8_t *publicKeyHash, const uint8_
 }
 
 zxerr_t crypto_encodeRawPubkey(const uint8_t* rawPubkey, uint16_t rawPubkeyLen, uint8_t *output, uint16_t outputLen) {
+    CHECK_ZXERR(ensureBip32());
     if (rawPubkey == NULL || rawPubkeyLen != PK_LEN_25519_PLUS_TAG || output == NULL) {
         return zxerr_encoding_failed;
     }
@@ -117,6 +148,7 @@ zxerr_t crypto_encodeRawPubkey(const uint8_t* rawPubkey, uint16_t rawPubkeyLen,
 }
 
 zxerr_t crypto_encodeAddress(const uint8_t *pubkey, uint16_t pubkeyLen, uint8_t *output, uint16_t outputLen) {
+    CHECK_ZXERR(ensureBip32());
     if (output == NULL || pubkey == NULL || pubkeyLen != PK_LEN_25519) {
         return zxerr_encoding_failed;
     }

diff --git a/app/src/crypto_helper.h b/app/src/crypto_helper.h
@@ -55,6 +55,8 @@ zxerr_t crypto_hashDataSection(const section_t *data, uint8_t *output, uint32_t
 zxerr_t crypto_hashCodeSection(const section_t *section, uint8_t *output, uint32_t outputLen);
 zxerr_t crypto_hashExtraDataSection(const section_t *section, uint8_t *output, uint32_t outputLen);
 
+zxerr_t ensureBip32();
+zxerr_t ensureZip32();
 
 // MASP SECTION
 parser_error_t generate_key(const uint8_t expandedKey[KEY_LENGTH], constant_key_t keyType, uint8_t output[KEY_LENGTH]);