Fix blind signing and multiple transaction sending for legacy (#12)

* fix behavior when blind signing is disabled * bump version * reset process chunk if an error occurs
Zondax · Nov 5, 2024 · d26afc5 · d26afc5
1 parent ad495d0
commit d26afc5
Show file tree

Hide file tree

Showing 13 changed files with 79 additions and 43 deletions.
diff --git a/app/Makefile.version b/app/Makefile.version
@@ -3,4 +3,4 @@ APPVERSION_M=1
 # This is the minor version
 APPVERSION_N=0
 # This is the patch version
-APPVERSION_P=1
+APPVERSION_P=2
diff --git a/app/src/apdu_handler_legacy.c b/app/src/apdu_handler_legacy.c
@@ -262,6 +262,7 @@ bool legacy_process_transfer_chunk(uint32_t rx) {
         offset += payload_size + 1;
 
         if (offset > rx) {
+            tx_initialized = false;
             THROW(APDU_CODE_DATA_INVALID);
         }
 
@@ -281,10 +282,12 @@ bool legacy_process_transfer_chunk(uint32_t rx) {
         legacy_append_data(&G_io_apdu_buffer[offset], payload_size + 1);
 
         if (++items > LEGACY_TRANSFER_NUM_ITEMS) {
+            tx_initialized = false;
             THROW(APDU_CODE_DATA_INVALID);
         }
 
         if (next_offset >= rx && next_offset != LEGACY_FULL_CHUNK_SIZE) {
+            tx_initialized = false;
             if (items != LEGACY_TRANSFER_NUM_ITEMS) {
                 THROW(APDU_CODE_DATA_INVALID);
             }

diff --git a/deps/ledger-zxlib b/deps/ledger-zxlib
diff --git a/tests_zemu/snapshots/fl-mainmenu/00004.png b/tests_zemu/snapshots/fl-mainmenu/00004.png
diff --git a/tests_zemu/snapshots/s-mainmenu/00005.png b/tests_zemu/snapshots/s-mainmenu/00005.png
diff --git a/tests_zemu/snapshots/s-mainmenu/00009.png b/tests_zemu/snapshots/s-mainmenu/00009.png
diff --git a/tests_zemu/snapshots/sp-mainmenu/00005.png b/tests_zemu/snapshots/sp-mainmenu/00005.png
diff --git a/tests_zemu/snapshots/sp-mainmenu/00009.png b/tests_zemu/snapshots/sp-mainmenu/00009.png
diff --git a/tests_zemu/snapshots/st-mainmenu/00004.png b/tests_zemu/snapshots/st-mainmenu/00004.png
diff --git a/tests_zemu/snapshots/x-mainmenu/00005.png b/tests_zemu/snapshots/x-mainmenu/00005.png
diff --git a/tests_zemu/snapshots/x-mainmenu/00009.png b/tests_zemu/snapshots/x-mainmenu/00009.png
diff --git a/tests_zemu/try.mjs b/tests_zemu/try.mjs
@@ -51,30 +51,43 @@ async function main() {
     '{"networkId":"mainnet01","payload":{"exec":{"data":{"ks":{"pred":"keys-all","keys":["368820f80c324bbc7c2b0610688a7da43e39f91d118732671cd9c7500ff43cca"]}},"code":"(coin.transfer-create \\"alice\\" \\"bob\\" (read-keyset \\"ks\\") 100.1)\\n(coin.transfer \\"bob\\" \\"alice\\" 0.1)"}},"signers":[{"pubKey":"6be2f485a7af75fedb4b7f153a903f7e6000ca4aa501179c91a2450b777bd2a7","clist":[{"args":["alice","bob",100.1],"name":"coin.TRANSFER"},{"args":[],"name":"coin.GAS"}]},{"pubKey":"368820f80c324bbc7c2b0610688a7da43e39f91d118732671cd9c7500ff43cca","clist":[{"args":["bob","alice",0.1],"name":"coin.TRANSFER"}]}],"meta":{"creationTime":1580316382,"ttl":7200,"gasLimit":1200,"chainId":"0","gasPrice":1.0e-5,"sender":"alice"},"nonce":"2020-01-29 16:46:22.916695 UTC"}'
   let messageToSign = Buffer.from(blob)
   console.log(messageToSign.toString())
-  let signatureRequest = app.sign(PATH, messageToSign)
 
-  let signatureResponse = await signatureRequest
-  console.log(signatureResponse.signature.toString('hex'))
+  let signatureRequest
+  let signatureResponse
+  try {
+    signatureRequest = app.sign(PATH, messageToSign)
 
-  await verifySignature(signatureResponse.signature, messageToSign, pubKey)
+    signatureResponse = await signatureRequest
+    console.log(signatureResponse.signature.toString('hex'))
+
+    await verifySignature(signatureResponse.signature, messageToSign, pubKey)
+  } catch (e) {
+    console.log(e)
+  }
 
   // Sign a hash
   console.log('Signing a hash')
   messageToSign = 'ffd8cd79deb956fa3c7d9be0f836f20ac84b140168a087a842be4760e40e2b1c'
   console.log(messageToSign.toString())
-  signatureRequest = app.signHash(PATH, messageToSign)
-
-  signatureResponse = await signatureRequest
-  console.log(signatureResponse.signature.toString('hex'))
-
-  const rawHash =
-    typeof messageToSign == 'string'
-      ? messageToSign.length == 64
-        ? Buffer.from(messageToSign, 'hex')
-        : Buffer.from(messageToSign, 'base64')
-      : Buffer.from(messageToSign)
+  try {
+    signatureRequest = app.signHash(PATH, messageToSign)
+
+    signatureResponse = await signatureRequest
+    console.log(signatureResponse.signature.toString('hex'))
+
+    const rawHash =
+      typeof messageToSign == 'string'
+        ? messageToSign.length == 64
+          ? Buffer.from(messageToSign, 'hex')
+          : Buffer.from(messageToSign, 'base64')
+        : Buffer.from(messageToSign)
+
+    await verifySignature(signatureResponse.signature, rawHash, pubKey, false)
+
+  } catch (e) {
+    console.log(e)
+  }
 
-  await verifySignature(signatureResponse.signature, rawHash, pubKey, false)
 
   console.log('Signing a transfer')
   const txParams = {
@@ -90,14 +103,18 @@ async function main() {
     nonce: '2022-10-13 07:56:50.893257 UTC',
   }
 
-  signatureRequest = app.signTransferTx(txParams.path, txParams)
-  signatureResponse = await signatureRequest
-  const decodedHash = decodeHash(signatureResponse.pact_command.hash)
+  try {
+    signatureRequest = app.signTransferTx(txParams.path, txParams)
+    signatureResponse = await signatureRequest
+    const decodedHash = decodeHash(signatureResponse.pact_command.hash)
 
-  console.log(signatureResponse.pact_command.sigs[0].sig.toString('hex'))
-  console.log(decodedHash.toString('hex'))
+    console.log(signatureResponse.pact_command.sigs[0].sig.toString('hex'))
+    console.log(decodedHash.toString('hex'))
 
-  await verifySignature(signatureResponse.pact_command.sigs[0].sig, decodedHash, pubKey, false)
+    await verifySignature(signatureResponse.pact_command.sigs[0].sig, decodedHash, pubKey, false)
+  } catch (e) {
+    console.log(e)
+  }
 }
 
 ;(async () => {

diff --git a/tests_zemu/try_legacy.mjs b/tests_zemu/try_legacy.mjs
@@ -48,26 +48,38 @@ async function main() {
     '{"networkId":"mainnet01","payload":{"exec":{"data":{"ks":{"pred":"keys-all","keys":["368820f80c324bbc7c2b0610688a7da43e39f91d118732671cd9c7500ff43cca"]}},"code":"(coin.transfer-create \\"alice\\" \\"bob\\" (read-keyset \\"ks\\") 100.1)\\n(coin.transfer \\"bob\\" \\"alice\\" 0.1)"}},"signers":[{"pubKey":"6be2f485a7af75fedb4b7f153a903f7e6000ca4aa501179c91a2450b777bd2a7","clist":[{"args":["alice","bob",100.1],"name":"coin.TRANSFER"},{"args":[],"name":"coin.GAS"}]},{"pubKey":"368820f80c324bbc7c2b0610688a7da43e39f91d118732671cd9c7500ff43cca","clist":[{"args":["bob","alice",0.1],"name":"coin.TRANSFER"}]}],"meta":{"creationTime":1580316382,"ttl":7200,"gasLimit":1200,"chainId":"0","gasPrice":1.0e-5,"sender":"alice"},"nonce":"2020-01-29 16:46:22.916695 UTC"}'
   let messageToSign = Buffer.from(blob)
   console.log(messageToSign.toString())
-  let signatureRequest = app.signTransaction(PATH, messageToSign)
 
-  let signatureResponse = await signatureRequest
-  console.log(signatureResponse.signature.toString('hex'))
+  let signatureRequest
+  let signatureResponse
+  try {
+    signatureRequest = app.signTransaction(PATH, messageToSign)
 
-  await verifySignature(signatureResponse.signature, messageToSign, publicKey)
+    signatureResponse = await signatureRequest
+    console.log(signatureResponse.signature.toString('hex'))
+
+    await verifySignature(signatureResponse.signature, messageToSign, publicKey)
+  } catch (e) {
+    console.log(e)
+  }
 
   // Sign a hash
   console.log('Signing a hash')
   messageToSign = 'ffd8cd79deb956fa3c7d9be0f836f20ac84b140168a087a842be4760e40e2b1c'
   console.log(messageToSign.toString())
-  signatureRequest = app.signHash(PATH, messageToSign)
 
-  signatureResponse = await signatureRequest
-  console.log(messageToSign.toString())
-  console.log(signatureResponse.signature.toString('hex'))
+  try {
+    signatureRequest = app.signHash(PATH, messageToSign)
 
-  await verifySignature(signatureResponse.signature, messageToSign, publicKey, false)
+    signatureResponse = await signatureRequest
+    console.log(messageToSign.toString())
+    console.log(signatureResponse.signature.toString('hex'))
+
+    await verifySignature(signatureResponse.signature, messageToSign, publicKey, false)
+  } catch (e) {
+    console.log(e)
+  }
 
-  // Sign a hash
+  // Sign a transfer
   console.log('Signing a transfer')
   const txParams = {
     path: PATH,
@@ -82,19 +94,23 @@ async function main() {
     nonce: '2022-10-13 07:56:50.893257 UTC',
   }
 
-  signatureRequest = app['signTransferTx'](txParams)
-  signatureResponse = await signatureRequest
+  try {
+    signatureRequest = app['signTransferTx'](txParams)
+    signatureResponse = await signatureRequest
 
-  // Convert hex string signature to Uint8Array
-  const signatureHex = signatureResponse.pact_command.sigs[0].sig
-  const signatureBytes = new Uint8Array(Buffer.from(signatureHex, 'hex'))
+    // Convert hex string signature to Uint8Array
+    const signatureHex = signatureResponse.pact_command.sigs[0].sig
+    const signatureBytes = new Uint8Array(Buffer.from(signatureHex, 'hex'))
 
-  const hashBytes = decodeHash(signatureResponse.pact_command.hash)
+    const hashBytes = decodeHash(signatureResponse.pact_command.hash)
 
-  console.log(signatureResponse.pact_command.sigs[0].sig.toString('hex'))
-  console.log(hashBytes.toString('hex'))
+    console.log(signatureResponse.pact_command.sigs[0].sig.toString('hex'))
+    console.log(hashBytes.toString('hex'))
 
-  await verifySignature(signatureBytes, hashBytes, publicKey, false)
+    await verifySignature(signatureBytes, hashBytes, publicKey, false)
+  } catch (e) {
+    console.log(e)
+  }
 }
 
 ;(async () => {