@ -105,10 +105,9 @@ bool stellar_signingInit(const StellarSignTx *msg) {
// non-zero
uint8_t has_timebounds =
( msg - > timebounds_start > 0 | | msg - > timebounds_end > 0 ) ;
// Hash: the "has timebounds?" boolean
stellar_hashupdate_bool ( has_timebounds ) ;
if ( has_timebounds ) {
// Hash: the "has timebounds?" boolean
stellar_hashupdate_bool ( true ) ;
// Timebounds are sent as uint32s since that's all we can display, but they
// must be hashed as 64-bit values
stellar_hashupdate_uint32 ( 0 ) ;
@ -117,10 +116,6 @@ bool stellar_signingInit(const StellarSignTx *msg) {
stellar_hashupdate_uint32 ( 0 ) ;
stellar_hashupdate_uint32 ( msg - > timebounds_end ) ;
}
// No timebounds, hash a false boolean
else {
stellar_hashupdate_bool ( false ) ;
}
// Hash: memo
stellar_hashupdate_uint32 ( msg - > memo_type ) ;
@ -140,10 +135,12 @@ bool stellar_signingInit(const StellarSignTx *msg) {
// Hash and return are the same data structure (32 byte tx hash)
case 3 :
case 4 :
stellar_hashupdate_bytes ( msg - > memo_hash . bytes , msg - > memo_hash . size ) ;
stellar_hashupdate_bytes ( msg - > memo_hash . bytes , 32 ) ;
break ;
default :
break ;
fsm_sendFailure ( FailureType_Failure_DataError ,
_ ( " Stellar invalid memo type " ) ) ;
return false ;
}
// Hash: number of operations
@ -707,6 +704,7 @@ bool stellar_confirmSetOptionsOp(const StellarSetOptionsOp *msg) {
// Hash low threshold
stellar_hashupdate_uint32 ( msg - > low_threshold ) ;
}
stellar_hashupdate_bool ( msg - > has_medium_threshold ) ;
if ( msg - > has_medium_threshold ) {
char str_med_threshold [ 10 + 1 ] = { 0 } ;
@ -720,6 +718,7 @@ bool stellar_confirmSetOptionsOp(const StellarSetOptionsOp *msg) {
// Hash medium threshold
stellar_hashupdate_uint32 ( msg - > medium_threshold ) ;
}
stellar_hashupdate_bool ( msg - > has_high_threshold ) ;
if ( msg - > has_high_threshold ) {
char str_high_threshold [ 10 + 1 ] = { 0 } ;
@ -789,45 +788,42 @@ bool stellar_confirmSetOptionsOp(const StellarSetOptionsOp *msg) {
strlcat ( str_weight_row , str_weight , sizeof ( str_weight_row ) ) ;
// 0 = account, 1 = pre-auth, 2 = hash(x)
char str_signer_type [ 16 ] = { 0 } ;
char * str_signer_type = NULL ;
bool needs_hash_confirm = false ;
if ( msg - > signer_type = = 0 ) {
strlcpy ( str_signer_type , _ ( " account " ) , sizeof ( str_signer_type ) ) ;
strlcat ( str_title , str_signer_type , sizeof ( str_title ) ) ;
const char * * str_addr_rows =
stellar_lineBreakAddress ( msg - > signer_key . bytes ) ;
stellar_layoutTransactionDialog ( str_title , str_weight_row ,
str_addr_rows [ 0 ] , str_addr_rows [ 1 ] ,
str_addr_rows [ 2 ] ) ;
if ( ! protectButton ( ButtonRequestType_ButtonRequest_ProtectCall , false ) ) {
stellar_signingAbort ( _ ( " User canceled " ) ) ;
return false ;
}
}
if ( msg - > signer_type = = 1 ) {
needs_hash_confirm = true ;
strlcpy ( str_signer_type , _ ( " pre-auth hash " ) , sizeof ( str_signer_type ) ) ;
strlcat ( str_title , str_signer_type , sizeof ( str_title ) ) ;
stellar_layoutTransactionDialog ( str_title , str_weight_row , NULL ,
_ ( " (confirm hash on next " ) , _ ( " screen) " ) ) ;
if ( ! protectButton ( ButtonRequestType_ButtonRequest_ProtectCall , false ) ) {
stellar_signingAbort ( _ ( " User canceled " ) ) ;
switch ( msg - > signer_type ) {
case 0 :
strlcat ( str_title , _ ( " account " ) , sizeof ( str_title ) ) ;
const char * * str_addr_rows =
stellar_lineBreakAddress ( msg - > signer_key . bytes ) ;
stellar_layoutTransactionDialog ( str_title , str_weight_row ,
str_addr_rows [ 0 ] , str_addr_rows [ 1 ] ,
str_addr_rows [ 2 ] ) ;
if ( ! protectButton ( ButtonRequestType_ButtonRequest_ProtectCall ,
false ) ) {
stellar_signingAbort ( _ ( " User canceled " ) ) ;
return false ;
}
break ;
case 1 :
case 2 :
str_signer_type =
( msg - > signer_type = = 1 ) ? _ ( " pre-auth hash " ) : _ ( " hash(x) " ) ;
needs_hash_confirm = true ;
strlcat ( str_title , str_signer_type , sizeof ( str_title ) ) ;
stellar_layoutTransactionDialog ( str_title , str_weight_row , NULL ,
_ ( " (confirm hash on next " ) ,
_ ( " screen) " ) ) ;
if ( ! protectButton ( ButtonRequestType_ButtonRequest_ProtectCall ,
false ) ) {
stellar_signingAbort ( _ ( " User canceled " ) ) ;
return false ;
}
break ;
default :
stellar_signingAbort ( _ ( " Stellar: invalid signer type " ) ) ;
return false ;
}
}
if ( msg - > signer_type = = 2 ) {
needs_hash_confirm = true ;
strlcpy ( str_signer_type , _ ( " hash(x) " ) , sizeof ( str_signer_type ) ) ;
strlcat ( str_title , str_signer_type , sizeof ( str_title ) ) ;
stellar_layoutTransactionDialog ( str_title , str_weight_row , NULL ,
_ ( " (confirm hash on next " ) , _ ( " screen) " ) ) ;
if ( ! protectButton ( ButtonRequestType_ButtonRequest_ProtectCall , false ) ) {
stellar_signingAbort ( _ ( " User canceled " ) ) ;
return false ;
}
}
// Extra confirmation step for hash signers
@ -850,7 +846,7 @@ bool stellar_confirmSetOptionsOp(const StellarSetOptionsOp *msg) {
// Hash: signer type
stellar_hashupdate_uint32 ( msg - > signer_type ) ;
// key
stellar_hashupdate_bytes ( msg - > signer_key . bytes , msg - > signer_key . size ) ;
stellar_hashupdate_bytes ( msg - > signer_key . bytes , 32 ) ;
// weight
stellar_hashupdate_uint32 ( msg - > signer_weight ) ;
}
@ -973,17 +969,21 @@ bool stellar_confirmAllowTrustOp(const StellarAllowTrustOp *msg) {
// asset type
stellar_hashupdate_uint32 ( msg - > asset_type ) ;
// asset code
if ( msg - > asset_type = = 1 ) {
char code4 [ 4 + 1 ] = { 0 } ;
memzero ( code4 , sizeof ( code4 ) ) ;
strlcpy ( code4 , msg - > asset_code , sizeof ( code4 ) ) ;
stellar_hashupdate_bytes ( ( uint8_t * ) code4 , 4 ) ;
}
if ( msg - > asset_type = = 2 ) {
char code12 [ 12 + 1 ] = { 0 } ;
memzero ( code12 , sizeof ( code12 ) ) ;
strlcpy ( code12 , msg - > asset_code , sizeof ( code12 ) ) ;
stellar_hashupdate_bytes ( ( uint8_t * ) code12 , 12 ) ;
char padded_code [ 12 + 1 ] = { 0 } ;
switch ( msg - > asset_type ) {
case 0 : // native asset (XLM)
break ;
case 1 : // alphanum 4
strlcpy ( padded_code , msg - > asset_code , 4 + 1 ) ;
stellar_hashupdate_bytes ( ( uint8_t * ) padded_code , 4 ) ;
break ;
case 2 : // alphanum 12
strlcpy ( padded_code , msg - > asset_code , 12 + 1 ) ;
stellar_hashupdate_bytes ( ( uint8_t * ) padded_code , 12 ) ;
break ;
default :
stellar_signingAbort ( _ ( " Stellar: invalid asset type " ) ) ;
return false ;
}
// is authorized
stellar_hashupdate_bool ( msg - > is_authorized ) ;
@ -1086,11 +1086,9 @@ bool stellar_confirmManageDataOp(const StellarManageDataOp *msg) {
stellar_hashupdate_string ( ( unsigned char * ) & ( msg - > key ) ,
strnlen ( msg - > key , 64 ) ) ;
// value
stellar_hashupdate_bool ( msg - > has_value ) ;
if ( msg - > has_value ) {
stellar_hashupdate_bool ( true ) ;
stellar_hashupdate_string ( msg - > value . bytes , msg - > value . size ) ;
} else {
stellar_hashupdate_bool ( false ) ;
}
// At this point, the operation is confirmed
@ -1628,36 +1626,36 @@ void stellar_layoutTransactionSummary(const StellarSignTx *msg) {
// Reset lines for displaying memo
memzero ( str_lines , sizeof ( str_lines ) ) ;
// Memo: none
if ( msg - > memo_type = = 0 ) {
strlcpy ( str_lines [ 0 ] , _ ( " [No Memo Set] " ) , sizeof ( str_lines [ 0 ] ) ) ;
strlcpy ( str_lines [ 1 ] , _ ( " Important: " ) , sizeof ( str_lines [ 0 ] ) ) ;
strlcpy ( str_lines [ 2 ] , _ ( " Many exchanges require " ) , sizeof ( str_lines [ 0 ] ) ) ;
strlcpy ( str_lines [ 3 ] , _ ( " a memo when depositing. " ) , sizeof ( str_lines [ 0 ] ) ) ;
}
// Memo: text
if ( msg - > memo_type = = 1 ) {
strlcpy ( str_lines [ 0 ] , _ ( " Memo (TEXT) " ) , sizeof ( str_lines [ 0 ] ) ) ;
// Split 28-character string into two lines of 19 / 9
// todo: word wrap method?
strlcpy ( str_lines [ 1 ] , ( const char * ) msg - > memo_text , 1 9 + 1 ) ;
strlcpy ( str_lines [ 2 ] , ( const char * ) ( msg - > memo_text + 19 ) , 9 + 1 ) ;
}
// Memo: ID
if ( msg - > memo_type = = 2 ) {
strlcpy ( str_lines [ 0 ] , _ ( " Memo (ID) " ) , sizeof ( str_lines [ 0 ] ) ) ;
stellar_format_uint64 ( msg - > memo_id , str_lines [ 1 ] , sizeof ( str_lines [ 1 ] ) ) ;
}
// Memo: hash
if ( msg - > memo_type = = 3 ) {
needs_memo_hash_confirm = 1 ;
strlcpy ( str_lines [ 0 ] , _ ( " Memo (HASH) " ) , sizeof ( str_lines [ 0 ] ) ) ;
}
// Memo: return
if ( msg - > memo_type = = 4 ) {
needs_memo_hash_confirm = 1 ;
strlcpy ( str_lines [ 0 ] , _ ( " Memo (RETURN) " ) , sizeof ( str_lines [ 0 ] ) ) ;
switch ( msg - > memo_type ) {
case 0 : // Memo: none
strlcpy ( str_lines [ 0 ] , _ ( " [No Memo Set] " ) , sizeof ( str_lines [ 0 ] ) ) ;
strlcpy ( str_lines [ 1 ] , _ ( " Important: " ) , sizeof ( str_lines [ 0 ] ) ) ;
strlcpy ( str_lines [ 2 ] , _ ( " Many exchanges require " ) , sizeof ( str_lines [ 0 ] ) ) ;
strlcpy ( str_lines [ 3 ] , _ ( " a memo when depositing. " ) , sizeof ( str_lines [ 0 ] ) ) ;
break ;
case 1 : // Memo: text
strlcpy ( str_lines [ 0 ] , _ ( " Memo (TEXT) " ) , sizeof ( str_lines [ 0 ] ) ) ;
// Split 28-character string into two lines of 19 / 9
// todo: word wrap method?
strlcpy ( str_lines [ 1 ] , ( const char * ) msg - > memo_text , 19 + 1 ) ;
strlcpy ( str_lines [ 2 ] , ( const char * ) ( msg - > memo_text + 19 ) , 9 + 1 ) ;
break ;
case 2 : // Memo: ID
strlcpy ( str_lines [ 0 ] , _ ( " Memo (ID) " ) , sizeof ( str_lines [ 0 ] ) ) ;
stellar_format_uint64 ( msg - > memo_id , str_lines [ 1 ] , sizeof ( str_lines [ 1 ] ) ) ;
break ;
case 3 : // Memo: hash
needs_memo_hash_confirm = 1 ;
strlcpy ( str_lines [ 0 ] , _ ( " Memo (HASH) " ) , sizeof ( str_lines [ 0 ] ) ) ;
break ;
case 4 : // Memo: return
needs_memo_hash_confirm = 1 ;
strlcpy ( str_lines [ 0 ] , _ ( " Memo (RETURN) " ) , sizeof ( str_lines [ 0 ] ) ) ;
break ;
default :
stellar_signingAbort ( _ ( " Stellar invalid memo type " ) ) ;
return ;
}
if ( needs_memo_hash_confirm ) {