diff --git a/legacy/firmware/.changelog.d/1656.changed.1 b/legacy/firmware/.changelog.d/1656.changed.1 new file mode 100644 index 000000000..e73c934c4 --- /dev/null +++ b/legacy/firmware/.changelog.d/1656.changed.1 @@ -0,0 +1 @@ +Show warning dialog in SignMessage if a non-standard path is used. diff --git a/legacy/firmware/fsm_msg_coin.h b/legacy/firmware/fsm_msg_coin.h index d5d3f21f8..9f246a3b6 100644 --- a/legacy/firmware/fsm_msg_coin.h +++ b/legacy/firmware/fsm_msg_coin.h @@ -151,6 +151,32 @@ void fsm_msgTxAck(TxAck *msg) { signing_txack(&(msg->tx)); } +static bool fsm_checkCoinPath(const CoinInfo *coin, InputScriptType script_type, + uint32_t address_n_count, + const uint32_t *address_n, bool has_multisig) { + if (!coin_path_check(coin, script_type, address_n_count, address_n, + has_multisig, CoinPathCheckLevel_SCRIPT_TYPE)) { + if (config_getSafetyCheckLevel() == SafetyCheckLevel_Strict && + !coin_path_check(coin, script_type, address_n_count, address_n, + has_multisig, CoinPathCheckLevel_KNOWN)) { + fsm_sendFailure(FailureType_Failure_DataError, _("Forbidden key path")); + layoutHome(); + return false; + } + + layoutDialogSwipe(&bmp_icon_warning, _("Abort"), _("Continue"), NULL, + _("Wrong address path"), _("for selected coin."), NULL, + _("Continue at your"), _("own risk!"), NULL); + if (!protectButton(ButtonRequestType_ButtonRequest_UnknownDerivationPath, + false)) { + fsm_sendFailure(FailureType_Failure_ActionCancelled, NULL); + layoutHome(); + return false; + } + } + return true; +} + void fsm_msgGetAddress(const GetAddress *msg) { RESP_INIT(Address); @@ -199,27 +225,9 @@ void fsm_msgGetAddress(const GetAddress *msg) { strlcpy(desc, _("Address:"), sizeof(desc)); } - if (!coin_path_check(coin, msg->script_type, msg->address_n_count, - msg->address_n, msg->has_multisig, - CoinPathCheckLevel_SCRIPT_TYPE)) { - if (config_getSafetyCheckLevel() == SafetyCheckLevel_Strict && - !coin_path_check(coin, msg->script_type, msg->address_n_count, - msg->address_n, msg->has_multisig, - CoinPathCheckLevel_KNOWN)) { - fsm_sendFailure(FailureType_Failure_DataError, _("Forbidden key path")); - layoutHome(); - return; - } - - layoutDialogSwipe(&bmp_icon_warning, _("Abort"), _("Continue"), NULL, - _("Wrong address path"), _("for selected coin."), NULL, - _("Continue at your"), _("own risk!"), NULL); - if (!protectButton(ButtonRequestType_ButtonRequest_UnknownDerivationPath, - false)) { - fsm_sendFailure(FailureType_Failure_ActionCancelled, NULL); - layoutHome(); - return; - } + if (!fsm_checkCoinPath(coin, msg->script_type, msg->address_n_count, + msg->address_n, msg->has_multisig)) { + return; } uint32_t multisig_xpub_magic = coin->xpub_magic; @@ -264,6 +272,12 @@ void fsm_msgSignMessage(const SignMessage *msg) { const CoinInfo *coin = fsm_getCoin(msg->has_coin_name, msg->coin_name); if (!coin) return; + + if (!fsm_checkCoinPath(coin, msg->script_type, msg->address_n_count, + msg->address_n, false)) { + return; + } + HDNode *node = fsm_getDerivedNode(coin->curve_name, msg->address_n, msg->address_n_count, NULL); if (!node) return; diff --git a/tests/device_tests/test_msg_signmessage.py b/tests/device_tests/test_msg_signmessage.py index d9fe41750..93031b9bd 100644 --- a/tests/device_tests/test_msg_signmessage.py +++ b/tests/device_tests/test_msg_signmessage.py @@ -352,7 +352,6 @@ def test_signmessage_pagination_trailing_newline(client): ) -@pytest.mark.skip_t1 def test_signmessage_path_warning(client): message = "This is an example of a signed message."