diff --git a/legacy/firmware/crypto.c b/legacy/firmware/crypto.c index dc079795dc..d3b138135a 100644 --- a/legacy/firmware/crypto.c +++ b/legacy/firmware/crypto.c @@ -539,7 +539,7 @@ static bool check_cointype(const CoinInfo *coin, uint32_t slip44, bool full) { bool coin_known_path_check(const CoinInfo *coin, InputScriptType script_type, uint32_t address_n_count, const uint32_t *address_n, - bool full) { + bool has_multisig, bool full) { // If full == true, this function checks that the path is a recognized path // for the given coin. Used by GetAddress to prevent ransom attacks where a // user could be coerced to use an address with an unenumerable path. @@ -560,6 +560,7 @@ bool coin_known_path_check(const CoinInfo *coin, InputScriptType script_type, valid = valid && check_cointype(coin, address_n[1], full); if (full) { valid = valid && (script_type == InputScriptType_SPENDADDRESS); + valid = valid && (!has_multisig); valid = valid && ((address_n[2] & 0x80000000) == 0x80000000); valid = valid && ((address_n[2] & 0x7fffffff) <= PATH_MAX_ACCOUNT); valid = valid && (address_n[3] <= PATH_MAX_CHANGE); @@ -588,6 +589,7 @@ bool coin_known_path_check(const CoinInfo *coin, InputScriptType script_type, } if (full) { + valid = valid && has_multisig; if (address_n_count == 4) { valid = valid && (script_type == InputScriptType_SPENDMULTISIG); valid = valid && (address_n[1] <= 100); @@ -628,6 +630,7 @@ bool coin_known_path_check(const CoinInfo *coin, InputScriptType script_type, } valid = valid && check_cointype(coin, address_n[1], full); if (full) { + valid = valid && has_multisig; valid = valid && (script_type == InputScriptType_SPENDMULTISIG || script_type == InputScriptType_SPENDP2SHWITNESS || script_type == InputScriptType_SPENDWITNESS); diff --git a/legacy/firmware/crypto.h b/legacy/firmware/crypto.h index c889d8962e..c47c707f59 100644 --- a/legacy/firmware/crypto.h +++ b/legacy/firmware/crypto.h @@ -84,6 +84,6 @@ int cryptoIdentityFingerprint(const IdentityType *identity, uint8_t *hash); bool coin_known_path_check(const CoinInfo *coin, InputScriptType script_type, uint32_t address_n_count, const uint32_t *address_n, - bool full); + bool has_multisig, bool full); #endif diff --git a/legacy/firmware/fsm_msg_coin.h b/legacy/firmware/fsm_msg_coin.h index 96687b8fa9..6e01431423 100644 --- a/legacy/firmware/fsm_msg_coin.h +++ b/legacy/firmware/fsm_msg_coin.h @@ -184,8 +184,10 @@ void fsm_msgGetAddress(const GetAddress *msg) { } if (!coin_known_path_check(coin, msg->script_type, msg->address_n_count, - msg->address_n, true)) { - if (config_getSafetyCheckLevel() == SafetyCheckLevel_Strict) { + msg->address_n, msg->has_multisig, true)) { + if (config_getSafetyCheckLevel() == SafetyCheckLevel_Strict && + !coin_known_path_check(coin, msg->script_type, msg->address_n_count, + msg->address_n, msg->has_multisig, false)) { fsm_sendFailure(FailureType_Failure_DataError, _("Forbidden key path")); layoutHome(); return; diff --git a/legacy/firmware/signing.c b/legacy/firmware/signing.c index 008e8d4c9d..5cc29758c8 100644 --- a/legacy/firmware/signing.c +++ b/legacy/firmware/signing.c @@ -686,7 +686,7 @@ bool compile_input_script_sig(TxInputType *tinput) { } } if (!coin_known_path_check(coin, tinput->script_type, tinput->address_n_count, - tinput->address_n, false)) { + tinput->address_n, tinput->has_multisig, false)) { if (config_getSafetyCheckLevel() == SafetyCheckLevel_Strict) { return false; }