mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-18 11:21:11 +00:00
feat(legacy): Strict path validation for CoSi.
This commit is contained in:
parent
b88e57a7c8
commit
3553086e84
@ -235,6 +235,22 @@ void fsm_msgGetECDHSessionKey(const GetECDHSessionKey *msg) {
|
|||||||
layoutHome();
|
layoutHome();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool fsm_checkCosiPath(uint32_t address_n_count,
|
||||||
|
const uint32_t *address_n) {
|
||||||
|
// The path should typically match "m / 10018' / [0-9]'", but we allow
|
||||||
|
// any path from the SLIP-18 domain "m / 10018' / *".
|
||||||
|
if (address_n_count >= 1 && address_n[0] == PATH_HARDENED + 10018) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (config_getSafetyCheckLevel() == SafetyCheckLevel_Strict) {
|
||||||
|
fsm_sendFailure(FailureType_Failure_DataError, _("Forbidden key path"));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return fsm_layoutPathWarning();
|
||||||
|
}
|
||||||
|
|
||||||
void fsm_msgCosiCommit(const CosiCommit *msg) {
|
void fsm_msgCosiCommit(const CosiCommit *msg) {
|
||||||
RESP_INIT(CosiCommitment);
|
RESP_INIT(CosiCommitment);
|
||||||
|
|
||||||
@ -242,6 +258,11 @@ void fsm_msgCosiCommit(const CosiCommit *msg) {
|
|||||||
|
|
||||||
CHECK_PARAM(msg->has_data, _("No data provided"));
|
CHECK_PARAM(msg->has_data, _("No data provided"));
|
||||||
|
|
||||||
|
if (!fsm_checkCosiPath(msg->address_n_count, msg->address_n)) {
|
||||||
|
layoutHome();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
layoutCosiCommitSign(msg->address_n, msg->address_n_count, msg->data.bytes,
|
layoutCosiCommitSign(msg->address_n, msg->address_n_count, msg->data.bytes,
|
||||||
msg->data.size, false);
|
msg->data.size, false);
|
||||||
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
|
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
|
||||||
@ -285,6 +306,11 @@ void fsm_msgCosiSign(const CosiSign *msg) {
|
|||||||
CHECK_PARAM(msg->has_global_pubkey && msg->global_pubkey.size == 32,
|
CHECK_PARAM(msg->has_global_pubkey && msg->global_pubkey.size == 32,
|
||||||
_("Invalid global pubkey"));
|
_("Invalid global pubkey"));
|
||||||
|
|
||||||
|
if (!fsm_checkCosiPath(msg->address_n_count, msg->address_n)) {
|
||||||
|
layoutHome();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
layoutCosiCommitSign(msg->address_n, msg->address_n_count, msg->data.bytes,
|
layoutCosiCommitSign(msg->address_n, msg->address_n_count, msg->data.bytes,
|
||||||
msg->data.size, true);
|
msg->data.size, true);
|
||||||
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
|
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
|
||||||
|
@ -1178,6 +1178,7 @@ void layoutNEMLevy(const NEMMosaicDefinition *definition, uint8_t network) {
|
|||||||
|
|
||||||
static inline bool is_slip18(const uint32_t *address_n,
|
static inline bool is_slip18(const uint32_t *address_n,
|
||||||
size_t address_n_count) {
|
size_t address_n_count) {
|
||||||
|
// m / 10018' / [0-9]'
|
||||||
return address_n_count == 2 && address_n[0] == (PATH_HARDENED + 10018) &&
|
return address_n_count == 2 && address_n[0] == (PATH_HARDENED + 10018) &&
|
||||||
(address_n[1] & PATH_HARDENED) &&
|
(address_n[1] & PATH_HARDENED) &&
|
||||||
(address_n[1] & PATH_UNHARDEN_MASK) <= 9;
|
(address_n[1] & PATH_UNHARDEN_MASK) <= 9;
|
||||||
|
Loading…
Reference in New Issue
Block a user