1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-08 22:40:59 +00:00

feat(legacy): Implement preauthorized GetOwnershipProof.

This commit is contained in:
Andrew Kozlik 2022-12-23 17:07:26 +01:00 committed by matejcik
parent 68bbcbdc4d
commit 89993c8969
3 changed files with 41 additions and 15 deletions

View File

@ -39,6 +39,9 @@
#define PATH_MAX_ADDRESS_INDEX 1000000
#define PATH_SLIP25_PURPOSE (PATH_HARDENED | 10025)
// The number of bip32 levels used in a wallet (chain and address)
#define BIP32_WALLET_DEPTH 2
#define ser_length_size(len) ((len) < 253 ? 1 : (len) < 0x10000 ? 3 : 5)
typedef enum {

View File

@ -513,7 +513,42 @@ void fsm_msgGetOwnershipProof(const GetOwnershipProof *msg) {
CHECK_INITIALIZED
CHECK_PIN
const CoinInfo *coin = fsm_getCoin(msg->has_coin_name, msg->coin_name);
if (!coin) return;
const AuthorizeCoinJoin *authorization = NULL;
if (authorization_type == MessageType_MessageType_AuthorizeCoinJoin) {
authorization = config_getCoinJoinAuthorization();
if (authorization == NULL) {
return;
}
// Check whether the authorization matches the parameters of the request.
size_t coordinator_len = strlen(authorization->coordinator);
if (msg->address_n_count !=
authorization->address_n_count + BIP32_WALLET_DEPTH ||
memcmp(msg->address_n, authorization->address_n,
sizeof(uint32_t) * authorization->address_n_count) != 0 ||
strcmp(msg->coin_name, authorization->coin_name) != 0 ||
msg->script_type != authorization->script_type ||
msg->commitment_data.size < coordinator_len + 1 ||
msg->commitment_data.bytes[0] != coordinator_len ||
memcmp(msg->commitment_data.bytes + 1, authorization->coordinator,
coordinator_len) != 0) {
fsm_sendFailure(FailureType_Failure_ProcessError,
_("Unauthorized operation"));
layoutHome();
return;
}
} else {
CHECK_PIN
if (!fsm_checkCoinPath(coin, msg->script_type, msg->address_n_count,
msg->address_n, msg->has_multisig,
MessageType_MessageType_GetOwnershipProof, false)) {
layoutHome();
return;
}
}
if (msg->has_multisig) {
// The legacy implementation currently only supports singlesig native segwit
@ -524,15 +559,6 @@ void fsm_msgGetOwnershipProof(const GetOwnershipProof *msg) {
return;
}
const CoinInfo *coin = fsm_getCoin(msg->has_coin_name, msg->coin_name);
if (!coin) return;
if (!fsm_checkCoinPath(coin, msg->script_type, msg->address_n_count,
msg->address_n, msg->has_multisig, false)) {
layoutHome();
return;
}
if (!fsm_checkScriptType(coin, msg->script_type)) {
layoutHome();
return;
@ -574,9 +600,8 @@ void fsm_msgGetOwnershipProof(const GetOwnershipProof *msg) {
// In order to set the "user confirmation" bit in the proof, the user must
// actually confirm.
uint8_t flags = 0;
if (msg->user_confirmation) {
flags |= 1;
uint8_t flags = msg->user_confirmation;
if (!authorization && msg->user_confirmation) {
layoutConfirmOwnershipProof();
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, NULL);

View File

@ -159,8 +159,6 @@ static Hasher coinjoin_request_hasher;
/* A marker for in_address_n_count to indicate a mismatch in bip32 paths in
input */
#define BIP32_NOCHANGEALLOWED 1
/* The number of bip32 levels used in a wallet (chain and address) */
#define BIP32_WALLET_DEPTH 2
/* The chain id used for change */
#define BIP32_CHANGE_CHAIN 1
/* The maximum allowed change address. This should be large enough for normal