From 0dfbfefd2ad6647a1ae956503b8f64e6acbaafe7 Mon Sep 17 00:00:00 2001
From: Andrew Kozlik <andrew.kozlik@gmail.com>
Date: Fri, 4 Mar 2022 20:02:48 +0100
Subject: [PATCH] refactor(legacy): Factor out multisig fingerprint processing.

---
 legacy/firmware/signing.c | 62 +++++++++++++++++++++++----------------
 1 file changed, 37 insertions(+), 25 deletions(-)

diff --git a/legacy/firmware/signing.c b/legacy/firmware/signing.c
index ee031c5db..c4410d602 100644
--- a/legacy/firmware/signing.c
+++ b/legacy/firmware/signing.c
@@ -622,6 +622,39 @@ void phase2_request_next_input(void) {
   }
 }
 
+static bool extract_input_multisig_fp(TxInfo *tx_info,
+                                      const TxInputType *txinput) {
+  if (txinput->has_multisig && !tx_info->multisig_fp_mismatch) {
+    uint8_t h[32] = {0};
+    if (cryptoMultisigFingerprint(&txinput->multisig, h) == 0) {
+      fsm_sendFailure(FailureType_Failure_ProcessError,
+                      _("Error computing multisig fingerprint"));
+      signing_abort();
+      return false;
+    }
+    if (tx_info->multisig_fp_set) {
+      if (memcmp(tx_info->multisig_fp, h, 32) != 0) {
+        tx_info->multisig_fp_mismatch = true;
+      }
+    } else {
+      memcpy(tx_info->multisig_fp, h, 32);
+      tx_info->multisig_fp_set = true;
+    }
+  } else {  // single signature
+    tx_info->multisig_fp_mismatch = true;
+  }
+
+  return true;
+}
+
+bool check_change_multisig_fp(const TxInfo *tx_info,
+                              const TxOutputType *txoutput) {
+  uint8_t h[32] = {0};
+  return tx_info->multisig_fp_set && !tx_info->multisig_fp_mismatch &&
+         cryptoMultisigFingerprint(&(txoutput->multisig), h) &&
+         memcmp(tx_info->multisig_fp, h, 32) == 0;
+}
+
 void extract_input_bip32_path(TxInfo *tx_info, const TxInputType *tinput) {
   if (tx_info->in_address_n_count == BIP32_NOCHANGEALLOWED) {
     return;
@@ -1174,24 +1207,8 @@ static bool tx_info_add_input(TxInfo *tx_info, const TxInputType *txinput) {
   // Compute multisig fingerprint for change-output detection. In order for an
   // output to be considered a change-output, it must have the same fingerprint
   // as all inputs.
-  if (txinput->has_multisig && !tx_info->multisig_fp_mismatch) {
-    uint8_t h[32] = {0};
-    if (cryptoMultisigFingerprint(&txinput->multisig, h) == 0) {
-      fsm_sendFailure(FailureType_Failure_ProcessError,
-                      _("Error computing multisig fingerprint"));
-      signing_abort();
-      return false;
-    }
-    if (tx_info->multisig_fp_set) {
-      if (memcmp(tx_info->multisig_fp, h, 32) != 0) {
-        tx_info->multisig_fp_mismatch = true;
-      }
-    } else {
-      memcpy(tx_info->multisig_fp, h, 32);
-      tx_info->multisig_fp_set = true;
-    }
-  } else {  // single signature
-    tx_info->multisig_fp_mismatch = true;
+  if (!extract_input_multisig_fp(tx_info, txinput)) {
+    return false;
   }
 
   // Remember the input's BIP-32 path. Change-outputs must use the same path
@@ -1358,13 +1375,8 @@ static bool is_change_output(const TxInfo *tx_info,
   /*
    * For multisig check that all inputs are multisig
    */
-  if (txoutput->has_multisig) {
-    uint8_t h[32] = {0};
-    if (!tx_info->multisig_fp_set || tx_info->multisig_fp_mismatch ||
-        !cryptoMultisigFingerprint(&(txoutput->multisig), h) ||
-        memcmp(tx_info->multisig_fp, h, 32) != 0) {
-      return false;
-    }
+  if (txoutput->has_multisig && !check_change_multisig_fp(tx_info, txoutput)) {
+    return false;
   }
 
   return check_change_bip32_path(tx_info, txoutput);