mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-23 06:48:16 +00:00
fix(core/Cardano): account index validation in _should_hide_output()
This commit is contained in:
parent
cf871ee754
commit
3197741795
@ -18,8 +18,8 @@ SCHEMA_STAKING_ANY_ACCOUNT = PathSchema("m/1852'/coin_type'/[0-%s]'/2/0" % (HARD
|
||||
|
||||
# the maximum allowed change address. this should be large enough for normal
|
||||
# use and still allow to quickly brute-force the correct bip32 path
|
||||
MAX_CHANGE_ADDRESS_INDEX = const(1_000_000)
|
||||
MAX_ACCOUNT_INDEX = const(100)
|
||||
MAX_SAFE_CHANGE_ADDRESS_INDEX = const(1_000_000)
|
||||
MAX_SAFE_ACCOUNT_INDEX = const(100) | HARDENED
|
||||
ACCOUNT_PATH_INDEX = const(2)
|
||||
BIP_PATH_LENGTH = const(5)
|
||||
|
||||
|
@ -35,8 +35,8 @@ from .helpers.paths import (
|
||||
CERTIFICATE_PATH_NAME,
|
||||
CHANGE_OUTPUT_PATH_NAME,
|
||||
CHANGE_OUTPUT_STAKING_PATH_NAME,
|
||||
MAX_ACCOUNT_INDEX,
|
||||
MAX_CHANGE_ADDRESS_INDEX,
|
||||
MAX_SAFE_ACCOUNT_INDEX,
|
||||
MAX_SAFE_CHANGE_ADDRESS_INDEX,
|
||||
POOL_OWNER_STAKING_PATH_NAME,
|
||||
SCHEMA_ADDRESS,
|
||||
SCHEMA_STAKING,
|
||||
@ -726,9 +726,9 @@ def _should_hide_output(output: List[int], inputs: List[CardanoTxInputType]) ->
|
||||
if (
|
||||
len(output) != BIP_PATH_LENGTH
|
||||
or output[ACCOUNT_PATH_INDEX] != inp[ACCOUNT_PATH_INDEX]
|
||||
or output[(ACCOUNT_PATH_INDEX + 1)] > MAX_ACCOUNT_INDEX
|
||||
or output[ACCOUNT_PATH_INDEX] > MAX_SAFE_ACCOUNT_INDEX
|
||||
or output[-2] >= 2
|
||||
or output[-1] >= MAX_CHANGE_ADDRESS_INDEX
|
||||
or output[-1] >= MAX_SAFE_CHANGE_ADDRESS_INDEX
|
||||
):
|
||||
return False
|
||||
return True
|
||||
|
@ -9,7 +9,7 @@ if not utils.BITCOIN_ONLY:
|
||||
@unittest.skipUnless(not utils.BITCOIN_ONLY, "altcoin")
|
||||
class TestCardanoSignTransaction(unittest.TestCase):
|
||||
def test_should_show_outputs(self):
|
||||
outputs_to_show = [
|
||||
outputs_to_hide = [
|
||||
# output is from the same address as input
|
||||
(
|
||||
[44 | HARDENED, 1815 | HARDENED, 0 | HARDENED, 0, 0],
|
||||
@ -33,8 +33,23 @@ class TestCardanoSignTransaction(unittest.TestCase):
|
||||
[44 | HARDENED, 1815 | HARDENED, 2 | HARDENED, 0, 2],
|
||||
],
|
||||
),
|
||||
# byron input and shelley output
|
||||
(
|
||||
[1852 | HARDENED, 1815 | HARDENED, 0 | HARDENED, 0, 0],
|
||||
[
|
||||
[44 | HARDENED, 1815 | HARDENED, 0 | HARDENED, 0, 0],
|
||||
],
|
||||
),
|
||||
# mixed byron and shelley inputs
|
||||
(
|
||||
[1852 | HARDENED, 1815 | HARDENED, 0 | HARDENED, 0, 0],
|
||||
[
|
||||
[1852 | HARDENED, 1815 | HARDENED, 0 | HARDENED, 0, 0],
|
||||
[44 | HARDENED, 1815 | HARDENED, 0 | HARDENED, 0, 0],
|
||||
],
|
||||
),
|
||||
]
|
||||
outputs_to_hide = [
|
||||
outputs_to_show = [
|
||||
# output is from different account
|
||||
(
|
||||
[44 | HARDENED, 1815 | HARDENED, 2 | HARDENED, 0, 0],
|
||||
@ -68,15 +83,22 @@ class TestCardanoSignTransaction(unittest.TestCase):
|
||||
[44 | HARDENED, 1815 | HARDENED, 0 | HARDENED, 0, 1000001],
|
||||
[[44 | HARDENED, 1815 | HARDENED, 0 | HARDENED, 0, 0]],
|
||||
),
|
||||
# max safe account number exceeded
|
||||
(
|
||||
[1852 | HARDENED, 1815 | HARDENED, 101 | HARDENED, 0, 0],
|
||||
[
|
||||
[1852 | HARDENED, 1815 | HARDENED, 101 | HARDENED, 0, 0]
|
||||
],
|
||||
),
|
||||
]
|
||||
|
||||
for output_path, input_paths in outputs_to_show:
|
||||
for output_path, input_paths in outputs_to_hide:
|
||||
inputs = [
|
||||
CardanoTxInputType(address_n=input_path, prev_hash=b"", prev_index=0) for input_path in input_paths
|
||||
]
|
||||
self.assertTrue(_should_hide_output(output_path, inputs))
|
||||
|
||||
for output_path, input_paths in outputs_to_hide:
|
||||
for output_path, input_paths in outputs_to_show:
|
||||
inputs = [
|
||||
CardanoTxInputType(address_n=input_path, prev_hash=b"", prev_index=0) for input_path in input_paths
|
||||
]
|
||||
|
Loading…
Reference in New Issue
Block a user