diff --git a/app/src/crypto.c b/app/src/crypto.c index 9b593f5d..9b0ca4e3 100644 --- a/app/src/crypto.c +++ b/app/src/crypto.c @@ -47,11 +47,11 @@ static zxerr_t crypto_extractPublicKey_ed25519(uint8_t *pubKey, uint16_t pubKeyL privateKeyData, NULL, NULL, - 0)) + 0)); - CATCH_CXERROR(cx_ecfp_init_private_key_no_throw(CX_CURVE_Ed25519, privateKeyData, SK_LEN_25519, &cx_privateKey)) - CATCH_CXERROR(cx_ecfp_init_public_key_no_throw(CX_CURVE_Ed25519, NULL, 0, &cx_publicKey)) - CATCH_CXERROR(cx_ecfp_generate_pair_no_throw(CX_CURVE_Ed25519, &cx_publicKey, &cx_privateKey, 1)) + CATCH_CXERROR(cx_ecfp_init_private_key_no_throw(CX_CURVE_Ed25519, privateKeyData, SK_LEN_25519, &cx_privateKey)); + CATCH_CXERROR(cx_ecfp_init_public_key_no_throw(CX_CURVE_Ed25519, NULL, 0, &cx_publicKey)); + CATCH_CXERROR(cx_ecfp_generate_pair_no_throw(CX_CURVE_Ed25519, &cx_publicKey, &cx_privateKey, 1)); for (unsigned int i = 0; i < PK_LEN_25519; i++) { pubKey[i] = cx_publicKey.W[64 - i]; } @@ -88,15 +88,15 @@ static zxerr_t crypto_sign_ed25519(uint8_t *output, uint16_t outputLen, const ui privateKeyData, NULL, NULL, - 0)) + 0)); - CATCH_CXERROR(cx_ecfp_init_private_key_no_throw(CX_CURVE_Ed25519, privateKeyData, SK_LEN_25519, &cx_privateKey)) + CATCH_CXERROR(cx_ecfp_init_private_key_no_throw(CX_CURVE_Ed25519, privateKeyData, SK_LEN_25519, &cx_privateKey)); CATCH_CXERROR(cx_eddsa_sign_no_throw(&cx_privateKey, CX_SHA512, message, messageLen, output, - outputLen)) + outputLen)); error = zxerr_ok; catch_cx_error: @@ -125,7 +125,7 @@ zxerr_t crypto_fillAddress_ed25519(uint8_t *buffer, uint16_t bufferLen, uint16_t if (bufferLen < PK_LEN_25519_PLUS_TAG + ADDRESS_LEN_TESTNET) { return zxerr_unknown; } - CHECK_ZXERR(crypto_extractPublicKey_ed25519(answer->publicKey + 1, PK_LEN_25519)) + CHECK_ZXERR(crypto_extractPublicKey_ed25519(answer->publicKey + 1, PK_LEN_25519)); const bool isTestnet = hdPath[1] == HDPATH_1_TESTNET; outLen = crypto_encodePubkey_ed25519(answer->address, sizeof(answer->address), answer->publicKey + 1, isTestnet); @@ -160,9 +160,9 @@ static zxerr_t crypto_hashFeeHeader(const header_t *header, uint8_t *output, uin cx_sha256_t sha256 = {0}; cx_sha256_init(&sha256); const uint8_t discriminant = 0x07; - cx_sha256_update(&sha256, &discriminant, sizeof(discriminant)); - cx_sha256_update(&sha256, header->extBytes.ptr, header->extBytes.len); - cx_sha256_final(&sha256, output); + CHECK_CX_OK(cx_sha256_update(&sha256, &discriminant, sizeof(discriminant))); + CHECK_CX_OK(cx_sha256_update(&sha256, header->extBytes.ptr, header->extBytes.len)); + CHECK_CX_OK(cx_sha256_final(&sha256, output)); return zxerr_ok; } @@ -174,11 +174,11 @@ static zxerr_t crypto_hashRawHeader(const header_t *header, uint8_t *output, uin cx_sha256_t sha256 = {0}; cx_sha256_init(&sha256); const uint8_t discriminant = 0x07; - cx_sha256_update(&sha256, &discriminant, sizeof(discriminant)); - cx_sha256_update(&sha256, header->bytes.ptr, header->bytes.len); + CHECK_CX_OK(cx_sha256_update(&sha256, &discriminant, sizeof(discriminant))); + CHECK_CX_OK(cx_sha256_update(&sha256, header->bytes.ptr, header->bytes.len)); const uint8_t header_discriminant = 0x00; - cx_sha256_update(&sha256, &header_discriminant, sizeof(header_discriminant)); - cx_sha256_final(&sha256, output); + CHECK_CX_OK(cx_sha256_update(&sha256, &header_discriminant, sizeof(header_discriminant))); + CHECK_CX_OK(cx_sha256_final(&sha256, output)); return zxerr_ok; } @@ -190,15 +190,15 @@ zxerr_t crypto_hashSigSection(const signature_section_t *signature_section, cons cx_sha256_t sha256 = {0}; cx_sha256_init(&sha256); if (prefix != NULL) { - cx_sha256_update(&sha256, prefix, prefixLen); + CHECK_CX_OK(cx_sha256_update(&sha256, prefix, prefixLen)); } - cx_sha256_update(&sha256, (uint8_t*) &signature_section->hashes.hashesLen, 4); - cx_sha256_update(&sha256, signature_section->hashes.hashes.ptr, HASH_LEN * signature_section->hashes.hashesLen); - cx_sha256_update(&sha256, (uint8_t*) &signature_section->signerDiscriminant, 1); + CHECK_CX_OK(cx_sha256_update(&sha256, (uint8_t*) &signature_section->hashes.hashesLen, 4)); + CHECK_CX_OK(cx_sha256_update(&sha256, signature_section->hashes.hashes.ptr, HASH_LEN * signature_section->hashes.hashesLen)); + CHECK_CX_OK(cx_sha256_update(&sha256, (uint8_t*) &signature_section->signerDiscriminant, 1)); switch (signature_section->signerDiscriminant) { case PubKeys: { - cx_sha256_update(&sha256, (uint8_t*) &signature_section->pubKeysLen, 4); + CHECK_CX_OK(cx_sha256_update(&sha256, (uint8_t*) &signature_section->pubKeysLen, 4)); uint32_t pos = 0; for (uint32_t i = 0; i < signature_section->pubKeysLen; i++) { uint8_t tag = signature_section->pubKeys.ptr[pos++]; @@ -211,19 +211,19 @@ zxerr_t crypto_hashSigSection(const signature_section_t *signature_section, cons pos += pubKeySize; } if(pos > 0) { - cx_sha256_update(&sha256, signature_section->pubKeys.ptr, pos); + CHECK_CX_OK(cx_sha256_update(&sha256, signature_section->pubKeys.ptr, pos)); } break; } case Address: - cx_sha256_update(&sha256, signature_section->address.ptr, signature_section->address.len); + CHECK_CX_OK(cx_sha256_update(&sha256, signature_section->address.ptr, signature_section->address.len)); break; default: return zxerr_invalid_crypto_settings; } - cx_sha256_update(&sha256, (const uint8_t*) &signature_section->signaturesLen, 4); + CHECK_CX_OK(cx_sha256_update(&sha256, (const uint8_t*) &signature_section->signaturesLen, 4)); uint32_t pos = 0; for (uint32_t i = 0; i < signature_section->signaturesLen; i++) { // Skip the signature's 1 byte index @@ -238,9 +238,9 @@ zxerr_t crypto_hashSigSection(const signature_section_t *signature_section, cons pos += signatureSize; } if(pos > 0) { - cx_sha256_update(&sha256, signature_section->indexedSignatures.ptr, pos); + CHECK_CX_OK(cx_sha256_update(&sha256, signature_section->indexedSignatures.ptr, pos)); } - cx_sha256_final(&sha256, output); + CHECK_CX_OK(cx_sha256_final(&sha256, output)); return zxerr_ok; } diff --git a/app/src/crypto_helper.c b/app/src/crypto_helper.c index 370e948c..f44998b2 100644 --- a/app/src/crypto_helper.c +++ b/app/src/crypto_helper.c @@ -18,6 +18,7 @@ #include "bech32.h" #include "zxformat.h" #include "leb128.h" +#include "zxmacros.h" #ifdef LEDGER_SPECIFIC #include "bolos_target.h" @@ -130,14 +131,14 @@ zxerr_t crypto_hashExtraDataSection(const section_t *extraData, uint8_t *output, #if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) cx_sha256_t sha256 = {0}; cx_sha256_init(&sha256); - cx_sha256_update(&sha256, &extraData->discriminant, 1); - cx_sha256_update(&sha256, extraData->salt.ptr, extraData->salt.len); - cx_sha256_update(&sha256, extraData->bytes.ptr, extraData->bytes.len); + CHECK_CX_OK(cx_sha256_update(&sha256, &extraData->discriminant, 1)); + CHECK_CX_OK(cx_sha256_update(&sha256, extraData->salt.ptr, extraData->salt.len)); + CHECK_CX_OK(cx_sha256_update(&sha256, extraData->bytes.ptr, extraData->bytes.len)); uint8_t has_tag = (extraData->tag.ptr == NULL) ? 0 : 1; - cx_sha256_update(&sha256, &has_tag, 1); - cx_sha256_update(&sha256, (uint8_t*) &extraData->tag.len, has_tag*sizeof(extraData->tag.len)); - cx_sha256_update(&sha256, extraData->tag.ptr, has_tag*extraData->tag.len); - cx_sha256_final(&sha256, output); + CHECK_CX_OK(cx_sha256_update(&sha256, &has_tag, 1)); + CHECK_CX_OK(cx_sha256_update(&sha256, (uint8_t*) &extraData->tag.len, has_tag*sizeof(extraData->tag.len))); + CHECK_CX_OK(cx_sha256_update(&sha256, extraData->tag.ptr, has_tag*extraData->tag.len)); + CHECK_CX_OK(cx_sha256_final(&sha256, output)); #else picohash_ctx_t sha256 = {0}; picohash_init_sha256(&sha256); @@ -162,11 +163,11 @@ zxerr_t crypto_hashDataSection(const section_t *data, uint8_t *output, uint32_t #if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) cx_sha256_t sha256 = {0}; cx_sha256_init(&sha256); - cx_sha256_update(&sha256, &data->discriminant, 1); - cx_sha256_update(&sha256, data->salt.ptr, data->salt.len); - cx_sha256_update(&sha256, (uint8_t*) &data->bytes.len, sizeof(data->bytes.len)); - cx_sha256_update(&sha256, data->bytes.ptr, data->bytes.len); - cx_sha256_final(&sha256, output); + CHECK_CX_OK(cx_sha256_update(&sha256, &data->discriminant, 1)); + CHECK_CX_OK(cx_sha256_update(&sha256, data->salt.ptr, data->salt.len)); + CHECK_CX_OK(cx_sha256_update(&sha256, (uint8_t*) &data->bytes.len, sizeof(data->bytes.len))); + CHECK_CX_OK(cx_sha256_update(&sha256, data->bytes.ptr, data->bytes.len)); + CHECK_CX_OK(cx_sha256_final(&sha256, output)); #else picohash_ctx_t sha256 = {0}; picohash_init_sha256(&sha256); @@ -188,14 +189,14 @@ zxerr_t crypto_hashCodeSection(const section_t *code, uint8_t *output, uint32_t #if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) cx_sha256_t sha256 = {0}; cx_sha256_init(&sha256); - cx_sha256_update(&sha256, &code->discriminant, 1); - cx_sha256_update(&sha256, code->salt.ptr, code->salt.len); - cx_sha256_update(&sha256, code->bytes.ptr, code->bytes.len); + CHECK_CX_OK(cx_sha256_update(&sha256, &code->discriminant, 1)); + CHECK_CX_OK(cx_sha256_update(&sha256, code->salt.ptr, code->salt.len)); + CHECK_CX_OK(cx_sha256_update(&sha256, code->bytes.ptr, code->bytes.len)); uint8_t has_tag = (code->tag.ptr == NULL) ? 0 : 1; - cx_sha256_update(&sha256, &has_tag, 1); - cx_sha256_update(&sha256, (uint8_t*) &code->tag.len, has_tag*sizeof(code->tag.len)); - cx_sha256_update(&sha256, code->tag.ptr, has_tag*code->tag.len); - cx_sha256_final(&sha256, output); + CHECK_CX_OK(cx_sha256_update(&sha256, &has_tag, 1)); + CHECK_CX_OK(cx_sha256_update(&sha256, (uint8_t*) &code->tag.len, has_tag*sizeof(code->tag.len))); + CHECK_CX_OK(cx_sha256_update(&sha256, code->tag.ptr, has_tag*code->tag.len)); + CHECK_CX_OK(cx_sha256_final(&sha256, output)); #else picohash_ctx_t sha256 = {0}; picohash_init_sha256(&sha256); diff --git a/app/src/leb128.c b/app/src/leb128.c index 1b5ab2a3..d6c1fdd3 100644 --- a/app/src/leb128.c +++ b/app/src/leb128.c @@ -14,6 +14,7 @@ * limitations under the License. ******************************************************************************* */ #include "leb128.h" +#include zxerr_t encodeLEB128(uint64_t number, uint8_t *encoded, uint8_t encodedLen, uint8_t *encodedBytes) { if (encoded == NULL || encodedBytes == NULL) { diff --git a/app/src/leb128.h b/app/src/leb128.h index f5da34f9..922f3773 100644 --- a/app/src/leb128.h +++ b/app/src/leb128.h @@ -20,6 +20,7 @@ extern "C" { #endif #include +#include #define MAX_LEB128_OUTPUT 10 diff --git a/deps/ledger-zxlib b/deps/ledger-zxlib index 42e82e91..5a48bac0 160000 --- a/deps/ledger-zxlib +++ b/deps/ledger-zxlib @@ -1 +1 @@ -Subproject commit 42e82e9115de2727696e8508c47f65eae87acbfe +Subproject commit 5a48bac0101ffa3aec604f0323c90dfcc44f9786