d-bis/app-ethereum
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix multiple vulnerabilities

Browse Source
This commit is contained in:
Jorge Martins
2022-07-08 11:12:50 +02:00
parent 4eb7109b86
commit e0218520d8
20 changed files with 166 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src_features/getEth2PublicKey/cmd_getEth2PublicKey.c
View File

@@ -46,29 +46,25 @@ void handleGetEth2PublicKey(uint8_t p1,
uint16_t dataLength,
unsigned int *flags,
unsigned int *tx) {
UNUSED(dataLength);
uint32_t bip32Path[MAX_BIP32_PATH];
uint32_t i;
uint8_t bip32PathLength = *(dataBuffer++);
bip32_path_t bip32;
if (!called_from_swap) {
reset_app_context();
}
if ((bip32PathLength < 0x01) || (bip32PathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
THROW(0x6a80);
}
if ((p1 != P1_CONFIRM) && (p1 != P1_NON_CONFIRM)) {
THROW(0x6B00);
}
if (p2 != 0) {
THROW(0x6B00);
}
for (i = 0; i < bip32PathLength; i++) {
bip32Path[i] = U4BE(dataBuffer, 0);
dataBuffer += 4;
dataBuffer = parseBip32(dataBuffer, &dataLength, &bip32);
if (dataBuffer == NULL) {
THROW(0x6a80);
}
getEth2PublicKey(bip32Path, bip32PathLength, tmpCtx.publicKeyContext.publicKey.W);
getEth2PublicKey(bip32.path, bip32.length, tmpCtx.publicKeyContext.publicKey.W);
#ifndef NO_CONSENT
if (p1 == P1_NON_CONFIRM)

24
src_features/getPublicKey/cmd_getPublicKey.c
View File

@@ -11,35 +11,33 @@ void handleGetPublicKey(uint8_t p1,
uint16_t dataLength,
unsigned int *flags,
unsigned int *tx) {
UNUSED(dataLength);
uint8_t privateKeyData[INT256_LENGTH];
uint32_t bip32Path[MAX_BIP32_PATH];
uint32_t i;
uint8_t bip32PathLength = *(dataBuffer++);
bip32_path_t bip32;
cx_ecfp_private_key_t privateKey;
if (!called_from_swap) {
reset_app_context();
}
if ((bip32PathLength < 0x01) || (bip32PathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
THROW(0x6a80);
}
if ((p1 != P1_CONFIRM) && (p1 != P1_NON_CONFIRM)) {
THROW(0x6B00);
}
if ((p2 != P2_CHAINCODE) && (p2 != P2_NO_CHAINCODE)) {
THROW(0x6B00);
}
for (i = 0; i < bip32PathLength; i++) {
bip32Path[i] = U4BE(dataBuffer, 0);
dataBuffer += 4;
dataBuffer = parseBip32(dataBuffer, &dataLength, &bip32);
if (dataBuffer == NULL) {
THROW(0x6a80);
}
tmpCtx.publicKeyContext.getChaincode = (p2 == P2_CHAINCODE);
io_seproxyhal_io_heartbeat();
os_perso_derive_node_bip32(
CX_CURVE_256K1,
bip32Path,
bip32PathLength,
bip32.path,
bip32.length,
privateKeyData,
(tmpCtx.publicKeyContext.getChaincode ? tmpCtx.publicKeyContext.chainCode : NULL));
cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey);

44
src_features/performPrivacyOperation/cmd_performPrivacyOperation.c
View File

@@ -29,39 +29,35 @@ void handlePerformPrivacyOperation(uint8_t p1,
uint16_t dataLength,
unsigned int *flags,
unsigned int *tx) {
UNUSED(dataLength);
uint8_t privateKeyData[INT256_LENGTH];
uint8_t privateKeyDataSwapped[INT256_LENGTH];
uint32_t bip32Path[MAX_BIP32_PATH];
uint8_t bip32PathLength = *(dataBuffer++);
bip32_path_t bip32;
cx_err_t status = CX_OK;
if (p2 == P2_PUBLIC_ENCRYPTION_KEY) {
if (dataLength < 1 + 4 * bip32PathLength) {
THROW(0x6700);
}
} else if (p2 == P2_SHARED_SECRET) {
if (dataLength < 1 + 4 * bip32PathLength + 32) {
THROW(0x6700);
}
} else {
THROW(0x6B00);
}
cx_ecfp_private_key_t privateKey;
if ((bip32PathLength < 0x01) || (bip32PathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
THROW(0x6a80);
}
if ((p1 != P1_CONFIRM) && (p1 != P1_NON_CONFIRM)) {
THROW(0x6B00);
}
for (uint8_t i = 0; i < bip32PathLength; i++) {
bip32Path[i] = U4BE(dataBuffer, 0);
dataBuffer += 4;
if ((p2 != P2_PUBLIC_ENCRYPTION_KEY) && (p2 != P2_SHARED_SECRET)) {
THROW(0x6700);
}
dataBuffer = parseBip32(dataBuffer, &dataLength, &bip32);
if (dataBuffer == NULL) {
THROW(0x6a80);
}
if ((p2 == P2_SHARED_SECRET) && (dataLength < 32)) {
THROW(0x6700);
}
cx_ecfp_private_key_t privateKey;
os_perso_derive_node_bip32(
CX_CURVE_256K1,
bip32Path,
bip32PathLength,
bip32.path,
bip32.length,
privateKeyData,
(tmpCtx.publicKeyContext.getChaincode ? tmpCtx.publicKeyContext.chainCode : NULL));
cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey);

27
src_features/signMessage/cmd_signMessage.c
View File

@@ -119,39 +119,26 @@ void handleSignPersonalMessage(uint8_t p1,
unsigned int *tx) {
UNUSED(tx);
uint8_t hashMessage[INT256_LENGTH];
if (p1 == P1_FIRST) {
char tmp[11] = {0};
uint32_t i;
if (dataLength < 1) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
if (appState != APP_STATE_IDLE) {
reset_app_context();
}
appState = APP_STATE_SIGNING_MESSAGE;
tmpCtx.messageSigningContext.pathLength = workBuffer[0];
if ((tmpCtx.messageSigningContext.pathLength < 0x01) ||
(tmpCtx.messageSigningContext.pathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
workBuffer = parseBip32(workBuffer, &dataLength, &tmpCtx.messageSigningContext.bip32);
if (workBuffer == NULL) {
THROW(0x6a80);
}
workBuffer++;
dataLength--;
for (i = 0; i < tmpCtx.messageSigningContext.pathLength; i++) {
if (dataLength < sizeof(uint32_t)) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
tmpCtx.messageSigningContext.bip32Path[i] = U4BE(workBuffer, 0);
workBuffer += sizeof(uint32_t);
dataLength -= sizeof(uint32_t);
}
if (dataLength < sizeof(uint32_t)) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
tmpCtx.messageSigningContext.remainingLength = U4BE(workBuffer, 0);
workBuffer += sizeof(uint32_t);
dataLength -= sizeof(uint32_t);

4
src_features/signMessage/ui_common_signMessage.c
View File

@@ -9,8 +9,8 @@ unsigned int io_seproxyhal_touch_signMessage_ok(__attribute__((unused)) const ba
uint32_t tx = 0;
io_seproxyhal_io_heartbeat();
os_perso_derive_node_bip32(CX_CURVE_256K1,
tmpCtx.messageSigningContext.bip32Path,
tmpCtx.messageSigningContext.pathLength,
tmpCtx.messageSigningContext.bip32.path,
tmpCtx.messageSigningContext.bip32.length,
privateKeyData,
NULL);
io_seproxyhal_io_heartbeat();

30
src_features/signMessageEIP712/cmd_signMessage712.c
View File

@@ -9,8 +9,6 @@ void handleSignEIP712Message(uint8_t p1,
uint16_t dataLength,
unsigned int *flags,
unsigned int *tx) {
uint8_t i;
UNUSED(tx);
if ((p1 != 00) || (p2 != 00)) {
THROW(0x6B00);
@@ -18,31 +16,13 @@ void handleSignEIP712Message(uint8_t p1,
if (appState != APP_STATE_IDLE) {
reset_app_context();
}
if (dataLength < 1) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
tmpCtx.messageSigningContext712.pathLength = workBuffer[0];
if ((tmpCtx.messageSigningContext712.pathLength < 0x01) ||
(tmpCtx.messageSigningContext712.pathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
THROW(0x6a80);
}
workBuffer++;
dataLength--;
for (i = 0; i < tmpCtx.messageSigningContext712.pathLength; i++) {
if (dataLength < 4) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
tmpCtx.messageSigningContext712.bip32Path[i] = U4BE(workBuffer, 0);
workBuffer += 4;
dataLength -= 4;
}
if (dataLength < 32 + 32) {
PRINTF("Invalid data\n");
workBuffer = parseBip32(workBuffer, &dataLength, &tmpCtx.messageSigningContext.bip32);
if (workBuffer == NULL || dataLength < 32 + 32) {
THROW(0x6a80);
}
memmove(tmpCtx.messageSigningContext712.domainHash, workBuffer, 32);
memmove(tmpCtx.messageSigningContext712.messageHash, workBuffer + 32, 32);

4
src_features/signMessageEIP712/ui_common_signMessage712.c
View File

@@ -34,8 +34,8 @@ unsigned int io_seproxyhal_touch_signMessage712_v0_ok(__attribute__((unused))
PRINTF("EIP712 hash to sign %.*H\n", 32, hash);
io_seproxyhal_io_heartbeat();
os_perso_derive_node_bip32(CX_CURVE_256K1,
tmpCtx.messageSigningContext712.bip32Path,
tmpCtx.messageSigningContext712.pathLength,
tmpCtx.messageSigningContext712.bip32.path,
tmpCtx.messageSigningContext712.bip32.length,
privateKeyData,
NULL);
io_seproxyhal_io_heartbeat();

30
src_features/signTx/cmd_signTx.c
View File

@@ -12,43 +12,33 @@ void handleSign(uint8_t p1,
unsigned int *tx) {
UNUSED(tx);
parserStatus_e txResult;
uint32_t i;
if (os_global_pin_is_validated() != BOLOS_UX_OK) {
PRINTF("Device is PIN-locked");
THROW(0x6982);
}
if (p1 == P1_FIRST) {
if (dataLength < 1) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
if (appState != APP_STATE_IDLE) {
reset_app_context();
}
appState = APP_STATE_SIGNING_TX;
tmpCtx.transactionContext.pathLength = workBuffer[0];
if ((tmpCtx.transactionContext.pathLength < 0x01) ||
(tmpCtx.transactionContext.pathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
workBuffer = parseBip32(workBuffer, &dataLength, &tmpCtx.transactionContext.bip32);
if (workBuffer == NULL) {
THROW(0x6a80);
}
workBuffer++;
dataLength--;
for (i = 0; i < tmpCtx.transactionContext.pathLength; i++) {
if (dataLength < 4) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
tmpCtx.transactionContext.bip32Path[i] = U4BE(workBuffer, 0);
workBuffer += 4;
dataLength -= 4;
}
tmpContent.txContent.dataPresent = false;
dataContext.tokenContext.pluginStatus = ETH_PLUGIN_RESULT_UNAVAILABLE;
initTx(&txContext, &global_sha3, &tmpContent.txContent, customProcessor, NULL);
if (dataLength < 1) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
// EIP 2718: TransactionType might be present before the TransactionPayload.
uint8_t txType = *workBuffer;
if (txType >= MIN_TX_TYPE && txType <= MAX_TX_TYPE) {

4
src_features/signTx/logic_signTx.c
View File

@@ -282,8 +282,8 @@ static void get_public_key(uint8_t *out, uint8_t outLength) {
}
os_perso_derive_node_bip32(CX_CURVE_256K1,
tmpCtx.transactionContext.bip32Path,
tmpCtx.transactionContext.pathLength,
tmpCtx.transactionContext.bip32.path,
tmpCtx.transactionContext.bip32.length,
privateKeyData,
NULL);
cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey);

4
src_features/signTx/ui_common_signTx.c
View File

@@ -10,8 +10,8 @@ unsigned int io_seproxyhal_touch_tx_ok(__attribute__((unused)) const bagl_elemen
uint32_t tx = 0;
io_seproxyhal_io_heartbeat();
os_perso_derive_node_bip32(CX_CURVE_256K1,
tmpCtx.transactionContext.bip32Path,
tmpCtx.transactionContext.pathLength,
tmpCtx.transactionContext.bip32.path,
tmpCtx.transactionContext.bip32.length,
privateKeyData,
NULL);
cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey);

25
src_features/stark_getPublicKey/cmd_stark_getPublicKey.c
View File

@@ -12,29 +12,28 @@ void handleStarkwareGetPublicKey(uint8_t p1,
uint16_t dataLength,
unsigned int *flags,
unsigned int *tx) {
UNUSED(dataLength);
uint8_t privateKeyData[32];
uint32_t bip32Path[MAX_BIP32_PATH];
uint32_t i;
uint8_t bip32PathLength = *(dataBuffer++);
bip32_path_t bip32;
cx_ecfp_private_key_t privateKey;
uint8_t privateKeyData[32];
reset_app_context();
if ((bip32PathLength < 0x01) || (bip32PathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
THROW(0x6a80);
}
if ((p1 != P1_CONFIRM) && (p1 != P1_NON_CONFIRM)) {
THROW(0x6B00);
}
if (p2 != 0) {
THROW(0x6B00);
}
for (i = 0; i < bip32PathLength; i++) {
bip32Path[i] = U4BE(dataBuffer, 0);
dataBuffer += 4;
dataBuffer = parseBip32(dataBuffer, &dataLength, &bip32);
if (dataBuffer == NULL) {
THROW(0x6a80);
}
io_seproxyhal_io_heartbeat();
starkDerivePrivateKey(bip32Path, bip32PathLength, privateKeyData);
starkDerivePrivateKey(bip32.path, bip32.length, privateKeyData);
cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey);
io_seproxyhal_io_heartbeat();
cx_ecfp_generate_pair(CX_CURVE_Stark256, &tmpCtx.publicKeyContext.publicKey, &privateKey, 1);

21
src_features/stark_sign/cmd_stark_sign.c
View File

@@ -20,7 +20,7 @@ void handleStarkwareSignMessage(uint8_t p1,
__attribute__((unused)) unsigned int *tx) {
uint8_t privateKeyData[INT256_LENGTH];
uint32_t i;
uint8_t bip32PathLength = *(dataBuffer);
uint8_t bip32PathLength;
uint8_t offset = 1;
cx_ecfp_private_key_t privateKey;
poorstream_t bitstream;
@@ -29,10 +29,19 @@ void handleStarkwareSignMessage(uint8_t p1,
uint8_t protocol = 2;
uint8_t preOffset, postOffset;
uint8_t zeroTest;
// Initial checks
if (appState != APP_STATE_IDLE) {
reset_app_context();
}
if (dataLength < 1) {
PRINTF("Invalid data\n");
THROW(0x6a80);
}
bip32PathLength = *(dataBuffer);
if ((bip32PathLength < 0x01) || (bip32PathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
THROW(0x6a80);
@@ -70,10 +79,10 @@ void handleStarkwareSignMessage(uint8_t p1,
if (p2 != 0) {
THROW(0x6B00);
}
tmpCtx.transactionContext.pathLength = bip32PathLength;
tmpCtx.transactionContext.bip32.length = bip32PathLength;
for (i = 0; i < bip32PathLength; i++) {
tmpCtx.transactionContext.bip32Path[i] = U4BE(dataBuffer, offset);
PRINTF("Storing path %d %d\n", i, tmpCtx.transactionContext.bip32Path[i]);
tmpCtx.transactionContext.bip32.path[i] = U4BE(dataBuffer, offset);
PRINTF("Storing path %d %d\n", i, tmpCtx.transactionContext.bip32.path[i]);
offset += 4;
}
// Discard the path to use part of dataBuffer as a temporary buffer
@@ -205,7 +214,9 @@ void handleStarkwareSignMessage(uint8_t p1,
cx_ecfp_public_key_t publicKey;
// Check if the transfer is a self transfer
io_seproxyhal_io_heartbeat();
starkDerivePrivateKey(tmpCtx.transactionContext.bip32Path, bip32PathLength, privateKeyData);
starkDerivePrivateKey(tmpCtx.transactionContext.bip32.path,
bip32PathLength,
privateKeyData);
cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey);
io_seproxyhal_io_heartbeat();
cx_ecfp_generate_pair(CX_CURVE_Stark256, &publicKey, &privateKey, 1);

4
src_features/stark_sign/ui_common_stark_sign.c
View File

@@ -10,8 +10,8 @@ unsigned int io_seproxyhal_touch_stark_ok(__attribute__((unused)) const bagl_ele
uint8_t signature[72];
uint32_t tx = 0;
io_seproxyhal_io_heartbeat();
starkDerivePrivateKey(tmpCtx.transactionContext.bip32Path,
tmpCtx.transactionContext.pathLength,
starkDerivePrivateKey(tmpCtx.transactionContext.bip32.path,
tmpCtx.transactionContext.bip32.length,
privateKeyData);
io_seproxyhal_io_heartbeat();
stark_sign(signature,

29
src_features/stark_unsafe_sign/cmd_stark_unsafe_sign.c
View File

@@ -12,37 +12,34 @@ void handleStarkwareUnsafeSign(uint8_t p1,
uint16_t dataLength,
unsigned int *flags,
__attribute__((unused)) unsigned int *tx) {
uint32_t i;
uint8_t privateKeyData[INT256_LENGTH];
cx_ecfp_public_key_t publicKey;
cx_ecfp_private_key_t privateKey;
uint8_t bip32PathLength = *(dataBuffer);
uint8_t offset = 1;
// Initial checks
if (appState != APP_STATE_IDLE) {
reset_app_context();
}
if ((bip32PathLength < 0x01) || (bip32PathLength > MAX_BIP32_PATH)) {
PRINTF("Invalid path\n");
THROW(0x6a80);
}
if ((p1 != 0) || (p2 != 0)) {
THROW(0x6B00);
}
if (dataLength != 32 + 4 * bip32PathLength + 1) {
dataBuffer = parseBip32(dataBuffer, &dataLength, &tmpCtx.transactionContext.bip32);
if (dataBuffer == NULL) {
THROW(0x6a80);
}
if (dataLength != 32) {
THROW(0x6700);
}
tmpCtx.transactionContext.pathLength = bip32PathLength;
for (i = 0; i < bip32PathLength; i++) {
tmpCtx.transactionContext.bip32Path[i] = U4BE(dataBuffer, offset);
PRINTF("Storing path %d %d\n", i, tmpCtx.transactionContext.bip32Path[i]);
offset += 4;
}
memmove(dataContext.starkContext.w2, dataBuffer + offset, 32);
memmove(dataContext.starkContext.w2, dataBuffer, 32);
io_seproxyhal_io_heartbeat();
starkDerivePrivateKey(tmpCtx.transactionContext.bip32Path, bip32PathLength, privateKeyData);
starkDerivePrivateKey(tmpCtx.transactionContext.bip32.path,
tmpCtx.transactionContext.bip32.length,
privateKeyData);
cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey);
io_seproxyhal_io_heartbeat();
cx_ecfp_generate_pair(CX_CURVE_Stark256, &publicKey, &privateKey, 1);

4
src_features/stark_unsafe_sign/ui_common_stark_unsafe_sign.c
View File

@@ -13,8 +13,8 @@ unsigned int io_seproxyhal_touch_stark_unsafe_sign_ok(__attribute__((unused))
unsigned int info = 0;
uint32_t tx = 0;
io_seproxyhal_io_heartbeat();
starkDerivePrivateKey(tmpCtx.transactionContext.bip32Path,
tmpCtx.transactionContext.pathLength,
starkDerivePrivateKey(tmpCtx.transactionContext.bip32.path,
tmpCtx.transactionContext.bip32.length,
privateKeyData);
io_seproxyhal_io_heartbeat();
cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey);