Merge pull request #19 from Zondax/dev

Fix hashing of signature section
Zondax · Nov 28, 2023 · 4fd882b · 4fd882b
2 parents 02601d7 + 0247757
commit 4fd882b
Show file tree

Hide file tree

Showing 14 changed files with 40 additions and 16 deletions.
diff --git a/app/Makefile.version b/app/Makefile.version
@@ -3,4 +3,4 @@ APPVERSION_M=0
 # This is the `spec_version` field of `Runtime`
 APPVERSION_N=0
 # This is the patch version of this release
-APPVERSION_P=10
+APPVERSION_P=11
diff --git a/app/src/crypto.c b/app/src/crypto.c
@@ -197,13 +197,24 @@ zxerr_t crypto_hashSigSection(const signature_section_t *signature_section, cons
     cx_sha256_update(&sha256, (uint8_t*) &signature_section->signerDiscriminant, 1);
 
     switch (signature_section->signerDiscriminant) {
-        case PubKeys:
+        case PubKeys: {
             cx_sha256_update(&sha256, (uint8_t*) &signature_section->pubKeysLen, 4);
-            if (signature_section->pubKeysLen > 0) {
-                cx_sha256_update(&sha256, signature_section->pubKeys.ptr, PK_LEN_25519_PLUS_TAG * signature_section->pubKeysLen);
+            uint32_t pos = 0;
+            for (uint32_t i = 0; i < signature_section->pubKeysLen; i++) {
+                uint8_t tag = signature_section->pubKeys.ptr[pos++];
+                if (tag != key_ed25519 && tag != key_secp256k1) {
+                    return zxerr_unknown;
+                }
+                // Skip the public key's type tag
+                const uint8_t pubKeySize = tag == key_ed25519 ? PK_LEN_25519 : COMPRESSED_SECP256K1_PK_LEN;
+                // Skip the signature proper
+                pos += pubKeySize;
+            }
+            if(pos > 0) {
+                cx_sha256_update(&sha256, signature_section->pubKeys.ptr, pos);
             }
             break;
-
+        }
         case Address:
             cx_sha256_update(&sha256, signature_section->address.ptr, signature_section->address.len);
             break;
@@ -213,8 +224,21 @@ zxerr_t crypto_hashSigSection(const signature_section_t *signature_section, cons
     }
 
     cx_sha256_update(&sha256, (const uint8_t*) &signature_section->signaturesLen, 4);
-    if(signature_section->signaturesLen > 0) {
-        cx_sha256_update(&sha256, signature_section->indexedSignatures.ptr, signature_section->indexedSignatures.len);
+    uint32_t pos = 0;
+    for (uint32_t i = 0; i < signature_section->signaturesLen; i++) {
+        // Skip the signature's 1 byte index
+        pos++;
+        uint8_t tag = signature_section->indexedSignatures.ptr[pos++];
+        if (tag != key_ed25519 && tag != key_secp256k1) {
+            return zxerr_unknown;
+        }
+        // Skip the signature's type tag
+        const uint8_t signatureSize = tag == key_ed25519 ? ED25519_SIGNATURE_SIZE : SIG_SECP256K1_LEN;
+        // Skip the signature proper
+        pos += signatureSize;
+    }
+    if(pos > 0) {
+        cx_sha256_update(&sha256, signature_section->indexedSignatures.ptr, pos);
     }
     cx_sha256_final(&sha256, output);
     return zxerr_ok;

diff --git a/app/src/parser_impl_txn.c b/app/src/parser_impl_txn.c
@@ -978,7 +978,7 @@ static parser_error_t readSignatureSection(parser_context_t *ctx, signature_sect
     CHECK_ERROR(readBytes(ctx, &signature->indexedSignatures.ptr, signature->indexedSignatures.len))
 
     for (uint32_t i = 0; i < signature->signaturesLen; i++) {
-        // Skip the signatures 1 byte index
+        // Skip the signature's 1 byte index
         ctx->offset ++;
         signature->indexedSignatures.len ++;
         // Read the signature's tag

diff --git a/deps/ledger-secure-sdk b/deps/ledger-secure-sdk
diff --git a/deps/ledger-zxlib b/deps/ledger-zxlib
diff --git a/js/package.json b/js/package.json
@@ -32,12 +32,12 @@
     "url": "https://github.com/zondax/ledger-namada/issues"
   },
   "dependencies": {
-    "@ledgerhq/hw-transport": "^6.29.0"
+    "@ledgerhq/hw-transport": "^6.30.0"
   },
   "devDependencies": {
     "@types/ledgerhq__hw-transport": "^4.21.8",
-    "@typescript-eslint/eslint-plugin": "^6.12.0",
-    "@typescript-eslint/parser": "^6.12.0",
+    "@typescript-eslint/eslint-plugin": "^6.13.1",
+    "@typescript-eslint/parser": "^6.13.1",
     "bip32": "^4.0.0",
     "bip39": "^3.1.0",
     "core-js": "^3.33.3",

diff --git a/tests_zemu/package.json b/tests_zemu/package.json
@@ -24,10 +24,10 @@
   "devDependencies": {
     "@types/jest": "^29.5.6",
     "@types/ledgerhq__hw-transport": "^4.21.6",
-    "@typescript-eslint/eslint-plugin": "^6.9.0",
-    "@typescript-eslint/parser": "^6.9.0",
+    "@typescript-eslint/eslint-plugin": "^6.13.1",
+    "@typescript-eslint/parser": "^6.13.1",
     "blakejs": "^1.1.1",
-    "crypto-js": "4.1.1",
+    "crypto-js": "4.2.0",
     "ed25519-supercop": "^2.0.1",
     "eslint": "^8.52.0",
     "eslint-config-prettier": "^9.0.0",

diff --git a/tests_zemu/snapshots/s-mainmenu/00004.png b/tests_zemu/snapshots/s-mainmenu/00004.png
diff --git a/tests_zemu/snapshots/s-mainmenu/00010.png b/tests_zemu/snapshots/s-mainmenu/00010.png
diff --git a/tests_zemu/snapshots/sp-mainmenu/00004.png b/tests_zemu/snapshots/sp-mainmenu/00004.png
diff --git a/tests_zemu/snapshots/sp-mainmenu/00010.png b/tests_zemu/snapshots/sp-mainmenu/00010.png
diff --git a/tests_zemu/snapshots/st-mainmenu/00001.png b/tests_zemu/snapshots/st-mainmenu/00001.png
diff --git a/tests_zemu/snapshots/x-mainmenu/00004.png b/tests_zemu/snapshots/x-mainmenu/00004.png
diff --git a/tests_zemu/snapshots/x-mainmenu/00010.png b/tests_zemu/snapshots/x-mainmenu/00010.png
+2 −4		app/ui/view_nano_inspect.c
+1 −1		dockerized_build.mk
+2 −2		include/utf8.h
+1 −1		include/zxversion.h