src_features/signMessage/cmd_signMessage.c

#include <stdbool.h>
#include <ctype.h>
#include "shared_context.h"
#include "apdu_constants.h"
#include "utils.h"
#include "common_ui.h"
#include "sign_message.h"
#include "ui_flow_signMessage.h"

static uint8_t state;
static bool ui_started;
static uint8_t processed_size;
static uint8_t ui_position;

static const char SIGN_MAGIC[] =
    "\x19"
    "Ethereum Signed Message:\n";


static const uint8_t *unprocessed_data(void)
{
    return &G_io_apdu_buffer[OFFSET_CDATA] + processed_size;
}

static size_t unprocessed_length(void)
{
    return G_io_apdu_buffer[OFFSET_LC] - processed_size;
}

static size_t ui_buffer_length(void)
{
    return strlen(UI_191_BUFFER);
}

static size_t remaining_ui_buffer_length(void)
{
    // -1 for the ending NULL byte
    return (sizeof(UI_191_BUFFER) - 1) - ui_buffer_length();
}

static char *remaining_ui_buffer(void)
{
    return &UI_191_BUFFER[ui_buffer_length()];
}

static void reset_ui_buffer(void)
{
    UI_191_BUFFER[0] = '\0';
}

static void switch_to_message(void)
{
    ui_191_switch_to_message();
    ui_position = UI_191_REVIEW;
}

static void switch_to_message_end(void)
{
    ui_191_switch_to_message_end();
    ui_position = UI_191_REVIEW;
}

static void switch_to_sign(void)
{
    ui_191_switch_to_sign();
    ui_position = UI_191_END;
}

static void switch_to_question(void)
{
    ui_191_switch_to_question();
    ui_position = UI_191_QUESTION;
}

const uint8_t *first_apdu_data(const uint8_t *data, uint16_t *length)
{
    if (appState != APP_STATE_IDLE) {
        reset_app_context();
    }
    appState = APP_STATE_SIGNING_MESSAGE;
    data = parseBip32(data, length, &tmpCtx.messageSigningContext.bip32);
    if (data == NULL) {
        return NULL;
    }

    if (*length < sizeof(uint32_t)) {
        PRINTF("Invalid data\n");
        return NULL;
    }

    tmpCtx.messageSigningContext.remainingLength = U4BE(data, 0);
    data += sizeof(uint32_t);
    *length -= sizeof(uint32_t);

    // Initialize message header + length
    cx_keccak_init(&global_sha3, 256);
    cx_hash((cx_hash_t *) &global_sha3,
            0,
            (uint8_t *) SIGN_MAGIC,
            sizeof(SIGN_MAGIC) - 1,
            NULL,
            0);
    snprintf(strings.tmp.tmp2,
             sizeof(strings.tmp.tmp2),
             "%u",
             tmpCtx.messageSigningContext.remainingLength);
    cx_hash((cx_hash_t *) &global_sha3,
            0,
            (uint8_t *) strings.tmp.tmp2,
            strlen(strings.tmp.tmp2),
            NULL,
            0);
    reset_ui_buffer();
    state = STATE_191_HASH_DISPLAY;
    ui_started = false;
    ui_position = UI_191_REVIEW;
    return data;
}

bool feed_hash(const uint8_t *const data, uint8_t length)
{
    if (length > tmpCtx.messageSigningContext.remainingLength)
    {
        PRINTF("Error: Length mismatch ! (%u > %u)!\n",
                length,
                tmpCtx.messageSigningContext.remainingLength);
        return false;
    }
    cx_hash((cx_hash_t *) &global_sha3, 0, data, length, NULL, 0);
    if ((tmpCtx.messageSigningContext.remainingLength -= length) == 0)
    {
        // Finalize hash
        cx_hash((cx_hash_t *) &global_sha3,
                CX_LAST,
                NULL,
                0,
                tmpCtx.messageSigningContext.hash,
                32);
    }
    return true;
}

void feed_display(void)
{
    uint8_t ui_length;
    int c;

    while ((unprocessed_length() > 0) && (remaining_ui_buffer_length() > 0))
    {
        c = *(char*)unprocessed_data();
        if (isspace(c)) // to replace all white-space characters as spaces
        {
            c = ' ';
        }
        if (isprint(c))
        {
            sprintf(remaining_ui_buffer(), "%c", (char)c);
            processed_size += 1;
        }
        else
        {
            if (remaining_ui_buffer_length() >= 4) // 4 being the fixed length of \x00
            {
                snprintf(remaining_ui_buffer(), remaining_ui_buffer_length(), "\\x%02x", c);
                processed_size += 1;
            }
            else
            {
                // fill the rest of the UI buffer spaces, to consider the buffer full
                while (remaining_ui_buffer_length())
                {
                    sprintf(remaining_ui_buffer(), " ");
                }
            }
        }
    }

    if ((remaining_ui_buffer_length() == 0)
        || (tmpCtx.messageSigningContext.remainingLength == 0))
    {
        if (!ui_started)
        {
            ui_display_sign();
            ui_started = true;
        }
        else
        {
            switch_to_message();
        }
    }

    if ((unprocessed_length() == 0) && (tmpCtx.messageSigningContext.remainingLength > 0))
    {
        *(uint16_t *) G_io_apdu_buffer = __builtin_bswap16(0x9000);
        io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
    }
}

bool handleSignPersonalMessage(uint8_t p1,
                               uint8_t p2,
                               const uint8_t *const payload,
                               uint8_t length)
{
    const uint8_t *data = payload;

    (void)p2;
    processed_size = 0;
    if (p1 == P1_FIRST)
    {
        if ((data = first_apdu_data(data, (uint16_t*)&length)) == NULL)
        {
            return false;
        }
        processed_size = data - payload;
    }
    else if (p1 != P1_MORE)
    {
        PRINTF("Error: Unexpected P1 (%u)!\n", p1);
    }

    if (!feed_hash(data, length))
    {
        return false;
    }

    if (state == STATE_191_HASH_DISPLAY)
    {
        feed_display();
    }
    else // hash only
    {
        if (tmpCtx.messageSigningContext.remainingLength == 0)
        {
            switch_to_sign();
        }
        else
        {
            *(uint16_t *) G_io_apdu_buffer = __builtin_bswap16(0x9000);
            io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
        }
    }
    return true;
}

void dummy_pre_cb(void)
{
    if (ui_position == UI_191_REVIEW)
    {
        if ((state == STATE_191_HASH_DISPLAY) && ((tmpCtx.messageSigningContext.remainingLength > 0) || (unprocessed_length() > 0)))
        {
            switch_to_question();
        }
        else
        {
            // Go to Sign / Cancel
            switch_to_sign();
        }
    }
    else
    {
        ux_flow_prev();
        ui_position = UI_191_REVIEW;
    }
}

void theres_more_click_cb(void)
{
    state = STATE_191_HASH_ONLY;

    if (tmpCtx.messageSigningContext.remainingLength > 0)
    {
        *(uint16_t *) G_io_apdu_buffer = __builtin_bswap16(0x9000);
        io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
    }
    else
    {
        switch_to_sign();
    }
}

void dummy_post_cb(void)
{
    if (ui_position == UI_191_QUESTION)
    {
        reset_ui_buffer();
        if (unprocessed_length() > 0)
        {
            feed_display();
        }
        // TODO: respond to apdu ?
    }
    else // UI_191_END
    {
        switch_to_message_end();
    }
}
EIP-191 clear signing 2022-05-23 16:39:24 +02:00			`#include <stdbool.h>`
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`#include <ctype.h>`
Merge Starkware branch 2020-06-27 13:24:04 +02:00			`#include "shared_context.h"`
			`#include "apdu_constants.h"`
			`#include "utils.h"`
eth: split ux from rest of source 2022-08-24 09:25:01 +02:00			`#include "common_ui.h"`
New implementation 2022-09-02 14:22:11 +02:00			`#include "sign_message.h"`
			`#include "ui_flow_signMessage.h"`

			`static uint8_t state;`
			`static bool ui_started;`
			`static uint8_t processed_size;`
			`static uint8_t ui_position;`
Merge Starkware branch 2020-06-27 13:24:04 +02:00
Fix compilation warnings (#159) * Fix easy warnings for sdk 2.0 * Add attribute unused to bagl_elemt_t in callback functions * Add attribute unused to io_event function * Clang-format * Use elfs from CI in tests (#167) * Add Nano X build * Use CI's build artifacts for CI's tests * Add network display (#152) * Add network name display instead of chainID * Add display of correct ticker along with network * Add FTM * Clang-format * Add comment in python script * Rename SIZE_MAX to MAX_SIZE * Change %u to %d in printf * Remove needless PIC * Update comment about get_chain_id() * Update example script to follow EIP155 * Remove unused PIC calls * Add whitespace between ticker and amount when using EIP155 * Remove decimal config per network, set back 18 everywhere * Adapt u32_from_BE to swith cases * Remove chainid from signTx.py * Switch to switch in stead of if in get_chain_id * Revert "Remove chainid from signTx.py" This reverts commit 454e09f280ec3e3ec1c7d7cc0027247ef4390088. * Change Ethereum chainid to 1 * Rename chainid_step to network_step * Adapt finalizeParsing to new chainid for Ethereum * Update snapshots * clang-format * Fix network display logic for clones * Fix tests * Add clone tests Co-authored-by: TamtamHero <10632523+TamtamHero@users.noreply.github.com> Co-authored-by: Jean P <10632523+TamtamHero@users.noreply.github.com> 2021-07-05 11:01:51 +02:00			`static const char SIGN_MAGIC[] =`
Apply clang-format 2020-12-01 16:20:13 +01:00			`"\x19"`
			`"Ethereum Signed Message:\n";`
Merge Starkware branch 2020-06-27 13:24:04 +02:00
New implementation 2022-09-02 14:22:11 +02:00
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`static const uint8_t *unprocessed_data(void)`
New implementation 2022-09-02 14:22:11 +02:00			`{`
			`return &G_io_apdu_buffer[OFFSET_CDATA] + processed_size;`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00			`}`

Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`static size_t unprocessed_length(void)`
New implementation 2022-09-02 14:22:11 +02:00			`{`
			`return G_io_apdu_buffer[OFFSET_LC] - processed_size;`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00			`}`

Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`static size_t ui_buffer_length(void)`
			`{`
			`return strlen(UI_191_BUFFER);`
			`}`

			`static size_t remaining_ui_buffer_length(void)`
New implementation 2022-09-02 14:22:11 +02:00			`{`
			`// -1 for the ending NULL byte`
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`return (sizeof(UI_191_BUFFER) - 1) - ui_buffer_length();`
			`}`

			`static char *remaining_ui_buffer(void)`
			`{`
			`return &UI_191_BUFFER[ui_buffer_length()];`
			`}`

			`static void reset_ui_buffer(void)`
			`{`
			`UI_191_BUFFER[0] = '\0';`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00			`}`

New implementation 2022-09-02 14:22:11 +02:00			`static void switch_to_message(void)`
			`{`
			`ui_191_switch_to_message();`
			`ui_position = UI_191_REVIEW;`
Eip191 review (#314) * Avoid using a global for is_ascii * Fix unused var, missing init, and use size_t for length * Use snprintf where possible 2022-06-10 09:45:12 +02:00			`}`

New implementation 2022-09-02 14:22:11 +02:00			`static void switch_to_message_end(void)`
			`{`
			`ui_191_switch_to_message_end();`
			`ui_position = UI_191_REVIEW;`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00			`}`

New implementation 2022-09-02 14:22:11 +02:00			`static void switch_to_sign(void)`
			`{`
			`ui_191_switch_to_sign();`
			`ui_position = UI_191_END;`
			`}`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`static void switch_to_question(void)`
			`{`
			`ui_191_switch_to_question();`
			`ui_position = UI_191_QUESTION;`
			`}`
Fix multiple vulnerabilities 2022-07-08 11:12:50 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`const uint8_t first_apdu_data(const uint8_t data, uint16_t *length)`
			`{`
			`if (appState != APP_STATE_IDLE) {`
			`reset_app_context();`
			`}`
			`appState = APP_STATE_SIGNING_MESSAGE;`
			`data = parseBip32(data, length, &tmpCtx.messageSigningContext.bip32);`
			`if (data == NULL) {`
			`return NULL;`
			`}`
Fix multiple vulnerabilities 2022-07-08 11:12:50 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`if (*length < sizeof(uint32_t)) {`
			`PRINTF("Invalid data\n");`
			`return NULL;`
			`}`

			`tmpCtx.messageSigningContext.remainingLength = U4BE(data, 0);`
			`data += sizeof(uint32_t);`
			`*length -= sizeof(uint32_t);`

			`// Initialize message header + length`
			`cx_keccak_init(&global_sha3, 256);`
			`cx_hash((cx_hash_t *) &global_sha3,`
			`0,`
			`(uint8_t *) SIGN_MAGIC,`
			`sizeof(SIGN_MAGIC) - 1,`
			`NULL,`
			`0);`
			`snprintf(strings.tmp.tmp2,`
			`sizeof(strings.tmp.tmp2),`
			`"%u",`
			`tmpCtx.messageSigningContext.remainingLength);`
			`cx_hash((cx_hash_t *) &global_sha3,`
			`0,`
			`(uint8_t *) strings.tmp.tmp2,`
			`strlen(strings.tmp.tmp2),`
			`NULL,`
			`0);`
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`reset_ui_buffer();`
New implementation 2022-09-02 14:22:11 +02:00			`state = STATE_191_HASH_DISPLAY;`
			`ui_started = false;`
			`ui_position = UI_191_REVIEW;`
			`return data;`
			`}`
Fix multiple vulnerabilities 2022-07-08 11:12:50 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`bool feed_hash(const uint8_t *const data, uint8_t length)`
			`{`
			`if (length > tmpCtx.messageSigningContext.remainingLength)`
			`{`
			`PRINTF("Error: Length mismatch ! (%u > %u)!\n",`
			`length,`
			`tmpCtx.messageSigningContext.remainingLength);`
			`return false;`
			`}`
			`cx_hash((cx_hash_t *) &global_sha3, 0, data, length, NULL, 0);`
			`if ((tmpCtx.messageSigningContext.remainingLength -= length) == 0)`
			`{`
			`// Finalize hash`
Apply clang-format 2020-12-01 16:20:13 +01:00			`cx_hash((cx_hash_t *) &global_sha3,`
New implementation 2022-09-02 14:22:11 +02:00			`CX_LAST,`
Apply clang-format 2020-12-01 16:20:13 +01:00			`NULL,`
New implementation 2022-09-02 14:22:11 +02:00			`0,`
			`tmpCtx.messageSigningContext.hash,`
			`32);`
			`}`
			`return true;`
			`}`

Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`void feed_display(void)`
New implementation 2022-09-02 14:22:11 +02:00			`{`
			`uint8_t ui_length;`
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`int c;`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`while ((unprocessed_length() > 0) && (remaining_ui_buffer_length() > 0))`
New implementation 2022-09-02 14:22:11 +02:00			`{`
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`c = (char)unprocessed_data();`
			`if (isspace(c)) // to replace all white-space characters as spaces`
			`{`
			`c = ' ';`
			`}`
			`if (isprint(c))`
			`{`
			`sprintf(remaining_ui_buffer(), "%c", (char)c);`
			`processed_size += 1;`
			`}`
			`else`
			`{`
			`if (remaining_ui_buffer_length() >= 4) // 4 being the fixed length of \x00`
			`{`
			`snprintf(remaining_ui_buffer(), remaining_ui_buffer_length(), "\\x%02x", c);`
			`processed_size += 1;`
			`}`
			`else`
			`{`
			`// fill the rest of the UI buffer spaces, to consider the buffer full`
			`while (remaining_ui_buffer_length())`
			`{`
			`sprintf(remaining_ui_buffer(), " ");`
			`}`
			`}`
			`}`
New implementation 2022-09-02 14:22:11 +02:00			`}`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`if ((remaining_ui_buffer_length() == 0)`
			`\|\| (tmpCtx.messageSigningContext.remainingLength == 0))`
New implementation 2022-09-02 14:22:11 +02:00			`{`
			`if (!ui_started)`
			`{`
			`ui_display_sign();`
			`ui_started = true;`
			`}`
			`else`
			`{`
			`switch_to_message();`
			`}`
Merge Starkware branch 2020-06-27 13:24:04 +02:00			`}`
New implementation 2022-09-02 14:22:11 +02:00
			`if ((unprocessed_length() == 0) && (tmpCtx.messageSigningContext.remainingLength > 0))`
			`{`
			`(uint16_t ) G_io_apdu_buffer = __builtin_bswap16(0x9000);`
			`io_exchange(CHANNEL_APDU \| IO_RETURN_AFTER_TX, 2);`
Remove trailing whitespaces 2020-10-07 16:56:40 +02:00			`}`
New implementation 2022-09-02 14:22:11 +02:00			`}`

			`bool handleSignPersonalMessage(uint8_t p1,`
			`uint8_t p2,`
			`const uint8_t *const payload,`
			`uint8_t length)`
			`{`
			`const uint8_t *data = payload;`

			`(void)p2;`
			`processed_size = 0;`
			`if (p1 == P1_FIRST)`
			`{`
			`if ((data = first_apdu_data(data, (uint16_t*)&length)) == NULL)`
			`{`
			`return false;`
			`}`
			`processed_size = data - payload;`
Merge Starkware branch 2020-06-27 13:24:04 +02:00			`}`
New implementation 2022-09-02 14:22:11 +02:00			`else if (p1 != P1_MORE)`
			`{`
			`PRINTF("Error: Unexpected P1 (%u)!\n", p1);`
Apply clang-format 2020-12-01 16:20:13 +01:00			`}`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`if (!feed_hash(data, length))`
			`{`
			`return false;`
			`}`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`if (state == STATE_191_HASH_DISPLAY)`
			`{`
			`feed_display();`
			`}`
			`else // hash only`
			`{`
			`if (tmpCtx.messageSigningContext.remainingLength == 0)`
			`{`
			`switch_to_sign();`
			`}`
			`else`
			`{`
			`(uint16_t ) G_io_apdu_buffer = __builtin_bswap16(0x9000);`
			`io_exchange(CHANNEL_APDU \| IO_RETURN_AFTER_TX, 2);`
			`}`
			`}`
			`return true;`
			`}`
EIP-191 clear signing 2022-05-23 16:39:24 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`void dummy_pre_cb(void)`
			`{`
			`if (ui_position == UI_191_REVIEW)`
			`{`
			`if ((state == STATE_191_HASH_DISPLAY) && ((tmpCtx.messageSigningContext.remainingLength > 0) \|\| (unprocessed_length() > 0)))`
			`{`
			`switch_to_question();`
			`}`
			`else`
			`{`
			`// Go to Sign / Cancel`
			`switch_to_sign();`
			`}`
			`}`
			`else`
			`{`
			`ux_flow_prev();`
			`ui_position = UI_191_REVIEW;`
			`}`
			`}`
Merge Starkware branch 2020-06-27 13:24:04 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`void theres_more_click_cb(void)`
			`{`
			`state = STATE_191_HASH_ONLY;`
Merge Starkware branch 2020-06-27 13:24:04 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`if (tmpCtx.messageSigningContext.remainingLength > 0)`
			`{`
			`(uint16_t ) G_io_apdu_buffer = __builtin_bswap16(0x9000);`
			`io_exchange(CHANNEL_APDU \| IO_RETURN_AFTER_TX, 2);`
			`}`
Fix skip issue 2022-09-06 09:41:16 +02:00			`else`
			`{`
			`switch_to_sign();`
			`}`
New implementation 2022-09-02 14:22:11 +02:00			`}`
Merge Starkware branch 2020-06-27 13:24:04 +02:00
New implementation 2022-09-02 14:22:11 +02:00			`void dummy_post_cb(void)`
			`{`
			`if (ui_position == UI_191_QUESTION)`
			`{`
Handling of EIP191 non ASCII messages 2022-09-08 10:20:44 +02:00			`reset_ui_buffer();`
New implementation 2022-09-02 14:22:11 +02:00			`if (unprocessed_length() > 0)`
			`{`
			`feed_display();`
			`}`
			`// TODO: respond to apdu ?`
			`}`
			`else // UI_191_END`
			`{`
			`switch_to_message_end();`
Apply clang-format 2020-12-01 16:20:13 +01:00			`}`
Merge Starkware branch 2020-06-27 13:24:04 +02:00			`}`