1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-22 15:38:11 +00:00

fix(core): Ensure correct order when verifying external inputs in Bitcoin signing.

This commit is contained in:
Andrew Kozlik 2022-07-25 19:13:24 +02:00 committed by Andrew Kozlik
parent 784a3813f8
commit 426eae4dfc
2 changed files with 9 additions and 8 deletions

View File

@ -0,0 +1 @@
Ensure correct order when verifying external inputs in Bitcoin signing.

View File

@ -203,15 +203,15 @@ class Bitcoin:
# the amounts and scriptPubKeys, because if an invalid value is provided then all # the amounts and scriptPubKeys, because if an invalid value is provided then all
# issued signatures will be invalid. # issued signatures will be invalid.
expected_digest = self.h_external_inputs expected_digest = self.h_external_inputs
for i in self.external: for i in range(self.tx_info.tx.inputs_count):
progress.advance() progress.advance()
txi = await helpers.request_tx_input(self.tx_req, i, self.coin) if i in self.external:
writers.write_tx_input_check(h_check, txi) txi = await helpers.request_tx_input(self.tx_req, i, self.coin)
if not input_is_external_unverified(txi): writers.write_tx_input_check(h_check, txi)
assert txi.script_pubkey is not None # checked in sanitize_tx_input if not input_is_external_unverified(txi):
await self.verify_external_input(i, txi, txi.script_pubkey) # txi.script_pubkey checked in sanitize_tx_input
assert txi.script_pubkey is not None
progress.advance(self.tx_info.tx.inputs_count - len(self.external)) await self.verify_external_input(i, txi, txi.script_pubkey)
else: else:
# There are internal non-Taproot inputs. We need to verify all inputs, because we can't # There are internal non-Taproot inputs. We need to verify all inputs, because we can't
# trust any amounts or scriptPubKeys. If we did, then an attacker who provides invalid # trust any amounts or scriptPubKeys. If we did, then an attacker who provides invalid