From 8c580158a1e93fcc7aca074e8971bcdcdbaae8ea Mon Sep 17 00:00:00 2001 From: Jan Mazak Date: Wed, 4 Oct 2023 17:24:21 +0200 Subject: [PATCH] XS: protocol magic check --- Makefile | 1 + src/addressUtilsByron.c | 8 +++++++- src/addressUtilsByron.h | 4 ++++ src/securityPolicy.c | 4 +++- src/signTx_ui.c | 8 +++++++- src/uiScreens_bagl.c | 12 ++++++++++++ 6 files changed, 34 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 8b3bf071..82bf1dc5 100644 --- a/Makefile +++ b/Makefile @@ -46,6 +46,7 @@ DEFINES += APP_FEATURE_TOKEN_MINTING DEFINES += APP_FEATURE_POOL_REGISTRATION DEFINES += APP_FEATURE_POOL_RETIREMENT DEFINES += APP_FEATURE_BYRON_ADDRESS_DERIVATION +DEFINES += APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK endif ############## diff --git a/src/addressUtilsByron.c b/src/addressUtilsByron.c index 1b8472c7..86e5bf69 100644 --- a/src/addressUtilsByron.c +++ b/src/addressUtilsByron.c @@ -7,9 +7,13 @@ #include "crc32.h" #include "bufView.h" +#if defined(APP_FEATURE_BYRON_ADDRESS_DERIVATION) || defined(APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK) + static const size_t ADDRESS_ROOT_SIZE = 28; static const size_t PROTOCOL_MAGIC_ADDRESS_ATTRIBUTE_KEY = 2; +#endif + #ifdef APP_FEATURE_BYRON_ADDRESS_DERIVATION enum { @@ -186,6 +190,8 @@ size_t deriveAddress_byron( #endif // APP_FEATURE_BYRON_ADDRESS_DERIVATION +#ifdef APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK + static uint64_t parseToken(read_view_t* view, uint8_t type) { const cbor_token_t token = view_parseToken(view); @@ -216,7 +222,6 @@ static size_t parseBytesSizeToken(read_view_t* view) return parsedSizeDowncasted; } - uint32_t extractProtocolMagic( const uint8_t* addressBuffer, size_t addressSize ) @@ -301,3 +306,4 @@ uint32_t extractProtocolMagic( return protocolMagic; } +#endif // APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK diff --git a/src/addressUtilsByron.h b/src/addressUtilsByron.h index 6798e316..d107993c 100644 --- a/src/addressUtilsByron.h +++ b/src/addressUtilsByron.h @@ -14,11 +14,15 @@ size_t deriveAddress_byron( #endif // APP_FEATURE_BYRON_ADDRESS_DERIVATION +#ifdef APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK + // Note: validates the overall address structure at the same time uint32_t extractProtocolMagic( const uint8_t* addressBuffer, size_t addressSize ); +#endif // APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK + #if defined(DEVEL) && !defined(APP_XS) void run_addressUtilsByron_test(); diff --git a/src/securityPolicy.c b/src/securityPolicy.c index 1674cc01..d6928dfd 100644 --- a/src/securityPolicy.c +++ b/src/securityPolicy.c @@ -463,7 +463,7 @@ security_policy_t policyForSignTxInput(sign_tx_signingmode_t txSigningMode) static bool is_addressBytes_suitable_for_tx_output( const uint8_t* addressBuffer, size_t addressSize, - const uint8_t networkId, const uint32_t protocolMagic + const uint8_t networkId, const uint32_t protocolMagic __attribute__((unused)) ) { ASSERT(addressSize < BUFFER_SIZE_PARANOIA); @@ -482,7 +482,9 @@ static bool is_addressBytes_suitable_for_tx_output( return false; case BYRON: + #ifdef APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK CHECK(extractProtocolMagic(addressBuffer, addressSize) == protocolMagic); + #endif // APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK break; default: { diff --git a/src/signTx_ui.c b/src/signTx_ui.c index 0879719f..91c00b91 100644 --- a/src/signTx_ui.c +++ b/src/signTx_ui.c @@ -74,12 +74,17 @@ static const char* _newTxLine1(sign_tx_signingmode_t txSigningMode) #ifdef HAVE_NBGL static void signTx_handleInit_ui_runStep_cb(void) { + // if the protocol magic check is not enabled, + // displaying the protocol magic might be misleading, + // so we must not show it + #ifdef APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK char networkParams[100] = {0}; ui_getNetworkParamsScreen_2( networkParams, SIZEOF(networkParams), ctx->commonTxData.protocolMagic); fill_and_display_if_required("Protocol magic", networkParams, signTx_handleInit_ui_runStep, respond_with_user_reject); + #endif } #endif // HAVE_NBGL @@ -118,7 +123,8 @@ void signTx_handleInit_ui_runStep() #ifdef HAVE_BAGL ui_displayNetworkParamsScreen( "Network details", - ctx->commonTxData.networkId, ctx->commonTxData.protocolMagic, + ctx->commonTxData.networkId, + ctx->commonTxData.protocolMagic, this_fn ); #elif defined(HAVE_NBGL) diff --git a/src/uiScreens_bagl.c b/src/uiScreens_bagl.c index 615f47fe..7be31fe5 100644 --- a/src/uiScreens_bagl.c +++ b/src/uiScreens_bagl.c @@ -653,11 +653,23 @@ void ui_displayNetworkParamsScreen( STATIC_ASSERT(!IS_SIGNED(networkId), "signed type for %u"); STATIC_ASSERT(sizeof(protocolMagic) <= sizeof(unsigned), "oversized type for %u"); STATIC_ASSERT(!IS_SIGNED(protocolMagic), "signed type for %u"); + + #ifdef APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK snprintf( networkParams, SIZEOF(networkParams), "network id %u / protocol magic %u", networkId, protocolMagic ); + #else + // if the protocol magic check is not enabled, + // displaying the protocol magic might be misleading, + // so we must not show it + snprintf( + networkParams, SIZEOF(networkParams), + "network id %u", + networkId + ); + #endif // APP_FEATURE_BYRON_PROTOCOL_MAGIC_CHECK ASSERT(strlen(networkParams) + 1 < SIZEOF(networkParams)); ui_displayPaginatedText(