From 109dffc70e35f8aca35099aa3c99cd0e8426bcbf Mon Sep 17 00:00:00 2001 From: Alexandre Paillier Date: Tue, 18 Oct 2022 11:48:03 +0200 Subject: [PATCH] Better context check for EIP712 sign It was possible to define empty structs without any fields and right after, trigger the EIP712 sign UI flow for blank domain & message hashes. Added checks if there is actually anything relevant to sign. --- src_features/signMessageEIP712/commands_712.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src_features/signMessageEIP712/commands_712.c b/src_features/signMessageEIP712/commands_712.c index 9945bd8..3c0cc9e 100644 --- a/src_features/signMessageEIP712/commands_712.c +++ b/src_features/signMessageEIP712/commands_712.c @@ -13,6 +13,7 @@ #include "schema_hash.h" #include "filtering.h" #include "common_712.h" +#include "ethUtils.h" // allzeroes /** * Send the response to the previous APDU command @@ -185,6 +186,14 @@ bool handle_eip712_sign(const uint8_t *const apdu_buf) { if (eip712_context == NULL) { apdu_response_code = APDU_RESPONSE_CONDITION_NOT_SATISFIED; + } + // if the final hashes are still zero or if there are some unimplemented fields + else if (allzeroes(tmpCtx.messageSigningContext712.domainHash, + sizeof(tmpCtx.messageSigningContext712.domainHash)) || + allzeroes(tmpCtx.messageSigningContext712.messageHash, + sizeof(tmpCtx.messageSigningContext712.messageHash)) || + (path_get_field() != NULL)) { + apdu_response_code = APDU_RESPONSE_CONDITION_NOT_SATISFIED; } else if ((ui_712_get_filtering_mode() == EIP712_FILTERING_FULL) && (ui_712_remaining_filters() != 0)) { PRINTF("%d EIP712 filters are missing\n", ui_712_remaining_filters());