fix(legacy): Don't allow unknown paths in GetAddress.

2025-04-19 16:49:02 +00:00 · 2021-06-23 17:28:50 +02:00 · 2021-06-23 17:28:50 +02:00 · 9b0e980c44
commit 9b0e980c44
parent 3e9f8a32ac
3 changed files with 23 additions and 2 deletions
--- a/legacy/firmware/.changelog.d/noissue.security
+++ b/legacy/firmware/.changelog.d/noissue.security
@ -0,0 +1 @@
+Don't show addresses that have an unrecognized path.
--- a/legacy/firmware/crypto.c
+++ b/legacy/firmware/crypto.c
@ -540,6 +540,14 @@ static bool check_cointype(const CoinInfo *coin, uint32_t slip44, bool full) {
 bool coin_known_path_check(const CoinInfo *coin, InputScriptType script_type,
                           uint32_t address_n_count, const uint32_t *address_n,
                           bool full) {
+  // If full == true, this function checks that the path is a recognized path
+  // for the given coin. Used by GetAddress to prevent ransom attacks where a
+  // user could be coerced to use an address with an unenumerable path.
+  // If full == false, this function checks that a coin without strong replay
+  // protection doesn't access paths that are known to be used by another coin.
+  // Used by SignTx to ensure that a user cannot be coerced into signing a
+  // testnet transaction or a Litecoin transaction which in fact spends Bitcoin.
+
  bool valid = true;
  // m/44' : BIP44 Legacy
  // m / purpose' / coin_type' / account' / change / address_index
@ -740,6 +748,6 @@ bool coin_known_path_check(const CoinInfo *coin, InputScriptType script_type,
    return valid;
  }

-  // we don't check unknown paths
-  return true;
+  // we allow unknown paths when a full check is not required
+  return !full;
 }
--- a/tests/device_tests/test_msg_getaddress_show.py
+++ b/tests/device_tests/test_msg_getaddress_show.py
@ -17,6 +17,7 @@
 import pytest

 from trezorlib import btc, messages, tools
+from trezorlib.exceptions import TrezorFailure

 VECTORS = (  # path, script_type, address
    (
@ -51,6 +52,17 @@ def test_show(client, path, script_type, address):
    )


+def test_show_unrecognized_path(client):
+    with pytest.raises(TrezorFailure):
+        btc.get_address(
+            client,
+            "Bitcoin",
+            tools.parse_path("m/24684621h/516582h/5156h/21/856"),
+            script_type=messages.InputScriptType.SPENDWITNESS,
+            show_display=True,
+        )
+
+
@pytest.mark.multisig
 def test_show_multisig_3(client):
    node = btc.get_public_node(
				`@ -0,0 +1 @@`
				`Don't show addresses that have an unrecognized path.`