Merge pull request #19 from cosmos/main

Several updates
LedgerHQ · Jul 15, 2022 · bad8381 · bad8381
2 parents 403f5b2 + aa13af4
commit bad8381
Show file tree

Hide file tree

Showing 118 changed files with 196 additions and 8,516 deletions.
diff --git a/.github/workflows/ledger.yml b/.github/workflows/ledger.yml
@@ -3,9 +3,13 @@ name: CI
 on:
   # Triggers the workflow on push or pull request events but only for the main branch
   push:
-    branches: [ main ]
+    branches:
+      - main
+      - develop
   pull_request:
-    branches: [ main, develop ]
+    branches:
+      - main
+      - develop
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
@@ -20,6 +24,8 @@ jobs:
 
     steps:
       - uses: actions/checkout@v2
+        with:
+          submodules: true
 
       - name: Build with Clang Static Analyzer
         run: |

diff --git a/.gitmodules b/.gitmodules
@@ -7,3 +7,6 @@
 [submodule "deps/nanosplus-secure-sdk"]
 	path = deps/nanosplus-secure-sdk
 	url = https://github.com/LedgerHQ/nanosplus-secure-sdk
+[submodule "deps/ledger-zxlib"]
+	path = deps/ledger-zxlib
+	url = https://github.com/Zondax/ledger-zxlib.git
diff --git a/app/Makefile b/app/Makefile
@@ -27,8 +27,8 @@ all: bin/app.elf
 	@echo "APPNAME=\"${APPNAME}\"" >> $(OUTPUT_INSTALLER)
 	@echo "APPVERSION=\"${APPVERSION}\"" >> $(OUTPUT_INSTALLER)
 	@echo "APPPATH=\""${APPPATH}"\"" >> $(OUTPUT_INSTALLER)
-	@echo "LOAD_PARAMS=\"${COMMON_LOAD_PARAMS}\"" >> $(OUTPUT_INSTALLER)
-	@echo "DELETE_PARAMS=\"${COMMON_DELETE_PARAMS}\"" >> $(OUTPUT_INSTALLER)
+	@echo "LOAD_PARAMS=($$(echo "${APP_LOAD_PARAMS}" | sed -e "s|"${APPNAME}"|\""${APPNAME}"\"|"))" >> $(OUTPUT_INSTALLER)
+	@echo "DELETE_PARAMS=($$(echo "${COMMON_DELETE_PARAMS}" | sed -e "s|"${APPNAME}"|\""${APPNAME}"\"|"))" >> $(OUTPUT_INSTALLER)
 	@echo "APPHEX=\"" >> $(OUTPUT_INSTALLER)
 	@cat $(CURDIR)/bin/app.hex >> $(OUTPUT_INSTALLER)
 	@echo "\"" >> $(OUTPUT_INSTALLER)

diff --git a/app/Makefile.version b/app/Makefile.version
@@ -3,4 +3,4 @@ APPVERSION_M=2
 # This is the `spec_version` field of `Runtime`
 APPVERSION_N=34
 # This is the patch version of this release
-APPVERSION_P=4
+APPVERSION_P=6
diff --git a/app/src/addr.c b/app/src/addr.c
@@ -28,8 +28,9 @@ zxerr_t addr_getNumItems(uint8_t *num_items) {
     if (app_mode_expert()) {
         zemu_log("num_items 2\n");
         *num_items = 2;
+    } else {
+        zemu_log("num_items 1\n");
     }
-    zemu_log("num_items 1\n");
     return zxerr_ok;
 }
 

diff --git a/app/src/apdu_handler.c b/app/src/apdu_handler.c
@@ -47,7 +47,7 @@ __Z_INLINE void handleGetAddrSecp256K1(volatile uint32_t *flags, volatile uint32
 
     if (requireConfirmation) {
         view_review_init(addr_getItem, addr_getNumItems, app_reply_address);
-        view_review_show();
+        view_review_show(0x03);
         *flags |= IO_ASYNCH_REPLY;
         return;
     }
@@ -80,7 +80,7 @@ __Z_INLINE void handleSignSecp256K1(volatile uint32_t *flags, volatile uint32_t
 
     CHECK_APP_CANARY()
     view_review_init(tx_getItem, tx_getNumItems, app_sign);
-    view_review_show();
+    view_review_show(0x03);
     *flags |= IO_ASYNCH_REPLY;
 }
 
@@ -106,11 +106,17 @@ void handleApdu(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
                 }
 
                 case INS_GET_ADDR_SECP256K1: {
+                    if( os_global_pin_is_validated() != BOLOS_UX_OK ) {
+                        THROW(APDU_CODE_COMMAND_NOT_ALLOWED);
+                    }
                     handleGetAddrSecp256K1(flags, tx, rx);
                     break;
                 }
 
                 case INS_SIGN_SECP256K1: {
+                    if( os_global_pin_is_validated() != BOLOS_UX_OK ) {
+                        THROW(APDU_CODE_COMMAND_NOT_ALLOWED);
+                    }
                     handleSignSecp256K1(flags, tx, rx);
                     break;
                 }

diff --git a/app/src/coin.h b/app/src/coin.h
@@ -50,7 +50,10 @@ typedef enum {
 #define COIN_DEFAULT_DENOM_FACTOR           6
 #define COIN_DEFAULT_DENOM_TRIMMING         6
 
-#define COIN_DENOM_MAXSIZE                  50
+// Coin denoms may be up to 128 characters long
+// https://github.com/cosmos/cosmos-sdk/blob/master/types/coin.go#L780
+// https://github.com/cosmos/ibc-go/blob/main/docs/architecture/adr-001-coin-source-tracing.md
+#define COIN_DENOM_MAXSIZE                  129
 #define COIN_AMOUNT_MAXSIZE                 50
 
 #define COIN_MAX_CHAINID_LEN                20

diff --git a/app/src/crypto.c b/app/src/crypto.c
@@ -39,6 +39,7 @@ zxerr_t crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t
         return zxerr_invalid_crypto_settings;
     }
 
+    zxerr_t err = zxerr_ok;
     BEGIN_TRY
     {
         TRY {
@@ -52,8 +53,7 @@ zxerr_t crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t
             cx_ecfp_generate_pair(CX_CURVE_256K1, &cx_publicKey, &cx_privateKey, 1);
         }
         CATCH_OTHER(e) {
-            CLOSE_TRY;
-            return zxerr_ledger_api_error;
+            err = zxerr_ledger_api_error;
         }
         FINALLY {
             MEMZERO(&cx_privateKey, sizeof(cx_privateKey));
@@ -62,6 +62,10 @@ zxerr_t crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t
     }
     END_TRY;
 
+    if (err != zxerr_ok) {
+        return err;
+    }
+
     // Format pubkey
     for (int i = 0; i < 32; i++) {
         pubKey[i] = cx_publicKey.W[64 - i];
@@ -73,7 +77,7 @@ zxerr_t crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t
     //////////////////////
     MEMCPY(pubKey, cx_publicKey.W, PK_LEN_SECP256K1);
 
-    return zxerr_ok;
+    return err;
 }
 
 zxerr_t crypto_sign(uint8_t *signature,
@@ -91,6 +95,8 @@ zxerr_t crypto_sign(uint8_t *signature,
     uint8_t privateKeyData[32];
     unsigned int info = 0;
     int signatureLength = 0;
+
+    zxerr_t err = zxerr_ok;
     BEGIN_TRY
     {
         TRY
@@ -114,8 +120,7 @@ zxerr_t crypto_sign(uint8_t *signature,
                                             &info);
         }
         CATCH_OTHER(e) {
-            CLOSE_TRY;
-            return zxerr_ledger_api_error;
+            err = zxerr_ledger_api_error;
         }
         FINALLY {
             MEMZERO(&cx_privateKey, sizeof(cx_privateKey));
@@ -125,7 +130,7 @@ zxerr_t crypto_sign(uint8_t *signature,
     END_TRY;
 
     *sigSize = signatureLength;
-    return zxerr_ok;
+    return err;
 }
 
 #else
@@ -186,7 +191,7 @@ zxerr_t crypto_fillAddress(uint8_t *buffer, uint16_t buffer_len, uint16_t *addrR
     }
 
     // extract pubkey
-    zxerr_t err = crypto_extractPublicKey(hdPath, buffer, buffer_len);
+    CHECK_ZXERR(crypto_extractPublicKey(hdPath, buffer, buffer_len))
 
     // Hash it
     uint8_t hashed1_pk[CX_SHA256_SIZE];
@@ -196,9 +201,9 @@ zxerr_t crypto_fillAddress(uint8_t *buffer, uint16_t buffer_len, uint16_t *addrR
     ripemd160_32(hashed2_pk, hashed1_pk);
 
     char *addr = (char *) (buffer + PK_LEN_SECP256K1);
-    bech32EncodeFromBytes(addr, buffer_len - PK_LEN_SECP256K1, bech32_hrp, hashed2_pk, CX_RIPEMD160_SIZE, 1);
+    CHECK_ZXERR(bech32EncodeFromBytes(addr, buffer_len - PK_LEN_SECP256K1, bech32_hrp, hashed2_pk, CX_RIPEMD160_SIZE, 1))
 
     *addrResponseLen = PK_LEN_SECP256K1 + strlen(addr);
 
-    return err;
+    return zxerr_ok;
 }
diff --git a/deps/ledger-zxlib b/deps/ledger-zxlib
diff --git a/deps/ledger-zxlib/.editorconfig b/deps/ledger-zxlib/.editorconfig
diff --git a/deps/ledger-zxlib/.github/workflows/main.yml b/deps/ledger-zxlib/.github/workflows/main.yml
diff --git a/deps/ledger-zxlib/.gitignore b/deps/ledger-zxlib/.gitignore
diff --git a/deps/ledger-zxlib/CMakeLists.txt b/deps/ledger-zxlib/CMakeLists.txt