signing/multisig: check if pubkey is part of multisig msg

src/apps/wallet/sign_tx/multisig.py

@@ -6,6 +6,13 @@ from trezor.messages.HDNodePathType import HDNodePathType
 from apps.wallet.sign_tx.writers import *
 
 
+def multisig_pubkey_index(multisig: MultisigRedeemScriptType, pubkey: bytes) -> int:
+    for i, hd in enumerate(multisig.pubkeys):
+        if multisig_get_pubkey(hd) == pubkey:
+            return i
+    return -1
+
+
 def multisig_get_pubkey(hd: HDNodePathType) -> bytes:
     p = hd.address_n
     n = hd.node

src/apps/wallet/sign_tx/signing.py

@@ -238,9 +238,10 @@ async def sign_tx(tx: SignTx, root):
                     key_sign = node_derive(root, txi.address_n)
                     key_sign_pub = key_sign.public_key()
                     # for the signing process the script_sig is equal
-                    # to the scriptPubKey (P2PKH) or a redeem script (P2SH)
+                    # to the previous tx's scriptPubKey (P2PKH) or a redeem script (P2SH)
                     if txi_sign.script_type == InputScriptType.SPENDMULTISIG:
-                        txi_sign.script_sig = script_multisig(multisig_get_pubkeys(txi_sign.multisig), txi_sign.multisig.m)
+                        txi_sign.script_sig = script_multisig(multisig_get_pubkeys(txi_sign.multisig),
+                                                              txi_sign.multisig.m)
                     elif txi_sign.script_type == InputScriptType.SPENDADDRESS:
                         txi_sign.script_sig = output_script_p2pkh(
                             ecdsa_hash_pubkey(key_sign_pub))
@@ -270,6 +271,13 @@ async def sign_tx(tx: SignTx, root):
                 raise SigningError(FailureType.ProcessError,
                                    'Transaction has changed during signing')
 
+            # if multisig, check if singing with a key that is included in multisig
+            if txi_sign.multisig:
+                pubkey_idx = multisig_pubkey_index(txi_sign.multisig, key_sign_pub)
+                if pubkey_idx < 0:
+                    raise SigningError(FailureType.DataError,
+                                       'Pubkey not found in multisig script')
+
             # compute the signature from the tx digest
             signature = ecdsa_sign(key_sign, get_tx_hash(h_sign, True))
             tx_ser.signature_index = i_sign