mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-22 23:48:12 +00:00
fix(core): Ensure correct order when verifying external inputs in Bitcoin signing.
This commit is contained in:
parent
784a3813f8
commit
426eae4dfc
1
core/.changelog.d/2415.fixed
Normal file
1
core/.changelog.d/2415.fixed
Normal file
@ -0,0 +1 @@
|
|||||||
|
Ensure correct order when verifying external inputs in Bitcoin signing.
|
@ -203,15 +203,15 @@ class Bitcoin:
|
|||||||
# the amounts and scriptPubKeys, because if an invalid value is provided then all
|
# the amounts and scriptPubKeys, because if an invalid value is provided then all
|
||||||
# issued signatures will be invalid.
|
# issued signatures will be invalid.
|
||||||
expected_digest = self.h_external_inputs
|
expected_digest = self.h_external_inputs
|
||||||
for i in self.external:
|
for i in range(self.tx_info.tx.inputs_count):
|
||||||
progress.advance()
|
progress.advance()
|
||||||
|
if i in self.external:
|
||||||
txi = await helpers.request_tx_input(self.tx_req, i, self.coin)
|
txi = await helpers.request_tx_input(self.tx_req, i, self.coin)
|
||||||
writers.write_tx_input_check(h_check, txi)
|
writers.write_tx_input_check(h_check, txi)
|
||||||
if not input_is_external_unverified(txi):
|
if not input_is_external_unverified(txi):
|
||||||
assert txi.script_pubkey is not None # checked in sanitize_tx_input
|
# txi.script_pubkey checked in sanitize_tx_input
|
||||||
|
assert txi.script_pubkey is not None
|
||||||
await self.verify_external_input(i, txi, txi.script_pubkey)
|
await self.verify_external_input(i, txi, txi.script_pubkey)
|
||||||
|
|
||||||
progress.advance(self.tx_info.tx.inputs_count - len(self.external))
|
|
||||||
else:
|
else:
|
||||||
# There are internal non-Taproot inputs. We need to verify all inputs, because we can't
|
# There are internal non-Taproot inputs. We need to verify all inputs, because we can't
|
||||||
# trust any amounts or scriptPubKeys. If we did, then an attacker who provides invalid
|
# trust any amounts or scriptPubKeys. If we did, then an attacker who provides invalid
|
||||||
|
Loading…
Reference in New Issue
Block a user