From 2f6a7096da1bb1ee6b220f9f10d37e1fc8b70dba Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Fri, 3 Jun 2022 14:50:11 +0200 Subject: [PATCH] chore(legacy): Do not allow access to SLIP25 paths. --- legacy/firmware/.changelog.d/2289.changed | 1 + legacy/firmware/crypto.h | 1 + legacy/firmware/fsm_msg_coin.h | 8 ++++++++ tests/ui_tests/fixtures.json | 1 + 4 files changed, 11 insertions(+) create mode 100644 legacy/firmware/.changelog.d/2289.changed diff --git a/legacy/firmware/.changelog.d/2289.changed b/legacy/firmware/.changelog.d/2289.changed new file mode 100644 index 0000000000..2458364607 --- /dev/null +++ b/legacy/firmware/.changelog.d/2289.changed @@ -0,0 +1 @@ +Do not allow access to SLIP25 paths. diff --git a/legacy/firmware/crypto.h b/legacy/firmware/crypto.h index 04e98d3743..2ecb1acef4 100644 --- a/legacy/firmware/crypto.h +++ b/legacy/firmware/crypto.h @@ -37,6 +37,7 @@ #define PATH_MAX_ACCOUNT 100 #define PATH_MAX_CHANGE 1 #define PATH_MAX_ADDRESS_INDEX 1000000 +#define PATH_SLIP25_PURPOSE (PATH_HARDENED | 10025) #define ser_length_size(len) ((len) < 253 ? 1 : (len) < 0x10000 ? 3 : 5) diff --git a/legacy/firmware/fsm_msg_coin.h b/legacy/firmware/fsm_msg_coin.h index 529b657b22..8f02e3472b 100644 --- a/legacy/firmware/fsm_msg_coin.h +++ b/legacy/firmware/fsm_msg_coin.h @@ -35,6 +35,14 @@ void fsm_msgGetPublicKey(const GetPublicKey *msg) { curve = msg->ecdsa_curve_name; } + // Do not allow access to SLIP25 paths. + if (msg->address_n_count > 0 && msg->address_n[0] == PATH_SLIP25_PURPOSE && + config_getSafetyCheckLevel() == SafetyCheckLevel_Strict) { + fsm_sendFailure(FailureType_Failure_DataError, _("Forbidden key path")); + layoutHome(); + return; + } + // derive m/0' to obtain root_fingerprint uint32_t root_fingerprint; uint32_t path[1] = {PATH_HARDENED | 0}; diff --git a/tests/ui_tests/fixtures.json b/tests/ui_tests/fixtures.json index 09fe0b4b52..ed85362c02 100644 --- a/tests/ui_tests/fixtures.json +++ b/tests/ui_tests/fixtures.json @@ -119,6 +119,7 @@ "T1_bitcoin-test_getpublickey.py::test_script_type[InputScriptType.SPENDP2SHWITNESS-ypub6WYmBsV-0710fbb3": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "T1_bitcoin-test_getpublickey.py::test_script_type[InputScriptType.SPENDWITNESS-zpub6qP2VY9x7Mx-84eaa56c": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "T1_bitcoin-test_getpublickey.py::test_script_type[None-xpub6BiVtCp7ozsRo7kaoYNrCNAVJwPYTQHjoXF-c37a47fd": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", +"T1_bitcoin-test_getpublickey.py::test_slip25_path": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "T1_bitcoin-test_getpublickey_curve.py::test_coin_and_curve": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "T1_bitcoin-test_getpublickey_curve.py::test_ed25519_public": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "T1_bitcoin-test_getpublickey_curve.py::test_publickey_curve[ed25519-path4-002e28dc0346d6d30d4e-e6c7a440": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",