diff --git a/src/apdu_sign.c b/src/apdu_sign.c index ff88cb83..67141236 100644 --- a/src/apdu_sign.c +++ b/src/apdu_sign.c @@ -219,7 +219,9 @@ int handle_sign(buffer_t *cdata, const bool last, const bool with_hash) { break; case MAGIC_BYTE_UNSAFE_OP: // Parse the operation. It will be verified in `baking_sign_complete`. - TZ_CHECK(parse_operations(cdata, &G.maybe_ops.v, &global.path_with_curve)); + TZ_CHECK(parse_operations(cdata, + &G.maybe_ops.v, + (cx_ecfp_public_key_t *) &global.public_key)); break; default: TZ_FAIL(EXC_PARSE_ERROR); diff --git a/src/keys.c b/src/keys.c index 6c885569..d8c925dd 100644 --- a/src/keys.c +++ b/src/keys.c @@ -100,24 +100,10 @@ cx_err_t generate_public_key(cx_ecfp_public_key_t *public_key, return error; } -/** - * @brief Extract the public key hash from a public key and a curve - * - * Is non-reentrant - * - * @param hash_out: public key hash output - * @param hash_out_size: output size - * @param compressed_out: compressed public key output - * pass NULL if this value is not desired - * @param derivation_type: curve - * @param param public_key: public key - * @return cx_err_t: error, CX_OK if none - */ -static cx_err_t public_key_hash(uint8_t *const hash_out, - size_t const hash_out_size, - cx_ecfp_compressed_public_key_t *compressed_out, - derivation_type_t const derivation_type, - cx_ecfp_public_key_t const *const public_key) { +cx_err_t public_key_hash(uint8_t *const hash_out, + size_t const hash_out_size, + cx_ecfp_compressed_public_key_t *compressed_out, + cx_ecfp_public_key_t const *const public_key) { if ((hash_out == NULL) || (public_key == NULL)) { return CX_INVALID_PARAMETER; } @@ -129,16 +115,15 @@ static cx_err_t public_key_hash(uint8_t *const hash_out, cx_ecfp_compressed_public_key_t *compressed = (cx_ecfp_compressed_public_key_t *) &(tz_ecfp_compressed_public_key_t){0}; - switch (derivation_type) { - case DERIVATION_TYPE_ED25519: - case DERIVATION_TYPE_BIP32_ED25519: { + switch (public_key->curve) { + case CX_CURVE_Ed25519: { compressed->curve = public_key->curve; compressed->W_len = TZ_EDPK_LEN; memcpy(compressed->W, public_key->W + 1, compressed->W_len); break; } - case DERIVATION_TYPE_SECP256K1: - case DERIVATION_TYPE_SECP256R1: { + case CX_CURVE_SECP256K1: + case CX_CURVE_SECP256R1: { compressed->curve = public_key->curve; compressed->W_len = COMPRESSED_PK_LEN; memcpy(compressed->W, public_key->W, compressed->W_len); @@ -146,7 +131,7 @@ static cx_err_t public_key_hash(uint8_t *const hash_out, break; } #ifndef TARGET_NANOS - case DERIVATION_TYPE_BLS12_381: { + case CX_CURVE_BLS12_381_G1: { compressed->curve = public_key->curve; compressed->W_len = BLS_COMPRESSED_PK_LEN; memcpy(compressed->W, public_key->W + 1, compressed->W_len); @@ -177,29 +162,6 @@ static cx_err_t public_key_hash(uint8_t *const hash_out, return error; } -cx_err_t generate_public_key_hash(uint8_t *const hash_out, - size_t const hash_out_size, - cx_ecfp_compressed_public_key_t *compressed_out, - bip32_path_with_curve_t const *const path_with_curve) { - if ((hash_out == NULL) || (path_with_curve == NULL)) { - return CX_INVALID_PARAMETER; - } - - cx_ecfp_public_key_t *pubkey = (cx_ecfp_public_key_t *) &(tz_ecfp_public_key_t){0}; - cx_err_t error = CX_OK; - - CX_CHECK(generate_public_key(pubkey, path_with_curve)); - - CX_CHECK(public_key_hash(hash_out, - hash_out_size, - compressed_out, - path_with_curve->derivation_type, - pubkey)); - -end: - return error; -} - cx_err_t sign(uint8_t *const out, size_t *out_size, bip32_path_with_curve_t const *const path_with_curve, diff --git a/src/keys.h b/src/keys.h index 0b698547..7d5071fa 100644 --- a/src/keys.h +++ b/src/keys.h @@ -76,23 +76,22 @@ typedef enum { (((signature_type_t) 0 <= type) && (type < SIGNATURE_TYPE_UNSET)) /** - * @brief Converts `derivation_type` to `signature_type` + * @brief Gets the signature_type of a public_key * - * @param derivation_type: derivation_type + * @param public_key: public key * @return signature_type_t: signature_type result */ -static inline signature_type_t derivation_type_to_signature_type( - derivation_type_t const derivation_type) { - switch (derivation_type) { - case DERIVATION_TYPE_SECP256K1: +static inline signature_type_t signature_type_of_public_key( + cx_ecfp_public_key_t const *const public_key) { + switch (public_key->curve) { + case CX_CURVE_SECP256K1: return SIGNATURE_TYPE_SECP256K1; - case DERIVATION_TYPE_SECP256R1: + case CX_CURVE_SECP256R1: return SIGNATURE_TYPE_SECP256R1; - case DERIVATION_TYPE_ED25519: - case DERIVATION_TYPE_BIP32_ED25519: + case CX_CURVE_Ed25519: return SIGNATURE_TYPE_ED25519; #ifndef TARGET_NANOS - case DERIVATION_TYPE_BLS12_381: + case CX_CURVE_BLS12_381_G1: return SIGNATURE_TYPE_BLS12_381; #endif default: @@ -266,19 +265,21 @@ cx_err_t generate_public_key(cx_ecfp_public_key_t *public_key, bip32_path_with_curve_t const *const path_with_curve); /** - * @brief Generates a public key hash from a bip32 path and a curve + * @brief Extract the public key hash from a public key and a curve + * + * Is non-reentrant * * @param hash_out: public key hash output * @param hash_out_size: output size * @param compressed_out: compressed public key output * pass NULL if this value is not desired - * @param path_with_curve: bip32 path and curve + * @param public_key: public key * @return cx_err_t: error, CX_OK if none */ -cx_err_t generate_public_key_hash(uint8_t *const hash_out, - size_t const hash_out_size, - cx_ecfp_compressed_public_key_t *const compressed_out, - bip32_path_with_curve_t const *const path_with_curve); +cx_err_t public_key_hash(uint8_t *const hash_out, + size_t const hash_out_size, + cx_ecfp_compressed_public_key_t *compressed_out, + cx_ecfp_public_key_t const *const public_key); /** * @brief Signs a message with a key diff --git a/src/operations.c b/src/operations.c index 4fd137d8..9be9074b 100644 --- a/src/operations.c +++ b/src/operations.c @@ -93,26 +93,25 @@ static tz_parser_result parse_raw_tezos_header_signature_type( * * @param compressed_pubkey_out: compressed_pubkey output * @param contract_out: contract output - * @param path_with_curve: bip32 path and curve of the key + * @param public_key: public key * @return tz_exc: exception, SW_OK if none */ static inline tz_exc compute_pkh(cx_ecfp_compressed_public_key_t *const compressed_pubkey_out, parsed_contract_t *const contract_out, - bip32_path_with_curve_t const *const path_with_curve) { + cx_ecfp_public_key_t const *const public_key) { tz_exc exc = SW_OK; cx_err_t error = CX_OK; - TZ_ASSERT_NOT_NULL(path_with_curve); + TZ_ASSERT_NOT_NULL(public_key); TZ_ASSERT_NOT_NULL(compressed_pubkey_out); TZ_ASSERT_NOT_NULL(contract_out); - CX_CHECK(generate_public_key_hash(contract_out->hash, - sizeof(contract_out->hash), - compressed_pubkey_out, - path_with_curve)); + CX_CHECK(public_key_hash(contract_out->hash, + sizeof(contract_out->hash), + compressed_pubkey_out, + public_key)); - contract_out->signature_type = - derivation_type_to_signature_type(path_with_curve->derivation_type); + contract_out->signature_type = signature_type_of_public_key(public_key); TZ_ASSERT(contract_out->signature_type != SIGNATURE_TYPE_UNSET, EXC_MEMORY_ERROR); contract_out->originated = 0; @@ -251,17 +250,17 @@ static tz_parser_result parse_next_type(uint8_t current_byte, * @brief Initialize the operation parser * * @param out: parsing output - * @param path_with_curve: bip32 path and curve of the key + * @param public_key: public key * @param state: parsing state * @return tz_exc: exception, SW_OK if none */ static tz_exc parse_operations_init(struct parsed_operation_group *const out, - bip32_path_with_curve_t const *const path_with_curve, + cx_ecfp_public_key_t const *const public_key, struct parse_state *const state) { tz_exc exc = SW_OK; TZ_ASSERT_NOT_NULL(out); - TZ_ASSERT_NOT_NULL(path_with_curve); + TZ_ASSERT_NOT_NULL(public_key); memset(out, 0, sizeof(*out)); @@ -269,7 +268,7 @@ static tz_exc parse_operations_init(struct parsed_operation_group *const out, TZ_CHECK(compute_pkh((cx_ecfp_compressed_public_key_t *) &out->public_key, &out->signing, - path_with_curve)); + public_key)); // Start out with source = signing, for reveals memcpy(&out->operation.source, &out->signing, sizeof(out->signing)); @@ -490,11 +489,11 @@ static inline tz_parser_result parse_byte(uint8_t byte, tz_exc parse_operations(buffer_t *buf, struct parsed_operation_group *const out, - bip32_path_with_curve_t const *const path_with_curve) { + cx_ecfp_public_key_t const *const public_key) { tz_exc exc = SW_OK; uint8_t byte; - TZ_CHECK(parse_operations_init(out, path_with_curve, &G.parse_state)); + TZ_CHECK(parse_operations_init(out, public_key, &G.parse_state)); while (buffer_read_u8(buf, &byte) == true) { TZ_ASSERT(parse_byte(byte, &G.parse_state, out) != PARSER_ERROR, EXC_PARSE_ERROR); diff --git a/src/operations.h b/src/operations.h index ad00f0ef..b771ca7c 100644 --- a/src/operations.h +++ b/src/operations.h @@ -145,17 +145,16 @@ struct parse_state { * operation of any other type, which is the one it puts into * the group. * - * Some checks are carried out during the parsing using a key using a key + * Some checks are carried out during the parsing using a key * * @param buf: input operation * @param out: parsing output - * @param curve: curve of the key - * @param path_with_curve: bip32 path and curve of the key + * @param public_key: public key * @return tz_exc: exception, SW_OK if none */ tz_exc parse_operations(buffer_t *buf, struct parsed_operation_group *const out, - bip32_path_with_curve_t const *const path_with_curve); + cx_ecfp_public_key_t const *const public_key); /** * @brief Checks parsing has been completed successfully diff --git a/src/to_string.c b/src/to_string.c index d36f7b27..2866fd36 100644 --- a/src/to_string.c +++ b/src/to_string.c @@ -38,20 +38,17 @@ static int pkh_to_string(char *const dest, tz_exc bip32_path_with_curve_to_pkh_string(char *const out, size_t const out_size, - bip32_path_with_curve_t const *const key) { + cx_ecfp_public_key_t const *const public_key) { tz_exc exc = SW_OK; cx_err_t error = CX_OK; uint8_t hash[KEY_HASH_SIZE]; TZ_ASSERT_NOT_NULL(out); - TZ_ASSERT_NOT_NULL(key); + TZ_ASSERT_NOT_NULL(public_key); - CX_CHECK(generate_public_key_hash(hash, sizeof(hash), NULL, key)); + CX_CHECK(public_key_hash(hash, sizeof(hash), NULL, public_key)); - TZ_ASSERT(pkh_to_string(out, - out_size, - derivation_type_to_signature_type(key->derivation_type), - hash) >= 0, + TZ_ASSERT(pkh_to_string(out, out_size, signature_type_of_public_key(public_key), hash) >= 0, EXC_WRONG_LENGTH); end: diff --git a/src/to_string.h b/src/to_string.h index fe2ab07d..e9c7b457 100644 --- a/src/to_string.h +++ b/src/to_string.h @@ -37,12 +37,12 @@ * * @param out: result output * @param out_size: output size - * @param key: bip32 path and curve of the key + * @param public_key: public key * @return tz_exc: exception, SW_OK if none */ tz_exc bip32_path_with_curve_to_pkh_string(char *const out, size_t const out_size, - bip32_path_with_curve_t const *const key); + cx_ecfp_public_key_t const *const public_key); /** * @brief Converts a chain id to string diff --git a/src/ui_bagl.c b/src/ui_bagl.c index e84f6ec5..dd993146 100644 --- a/src/ui_bagl.c +++ b/src/ui_bagl.c @@ -212,6 +212,9 @@ tz_exc calculate_idle_screen_chain_id(void) { tz_exc calculate_idle_screen_authorized_key(void) { tz_exc exc = SW_OK; + cx_err_t error = CX_OK; + + cx_ecfp_public_key_t *authorized_pk = (cx_ecfp_public_key_t *) &(tz_ecfp_public_key_t){0}; memset(&home_context.authorized_key, 0, sizeof(home_context.authorized_key)); @@ -221,12 +224,15 @@ tz_exc calculate_idle_screen_authorized_key(void) { "No Key Authorized"), EXC_WRONG_LENGTH); } else { + CX_CHECK(generate_public_key(authorized_pk, &g_hwm.baking_key)); + TZ_CHECK(bip32_path_with_curve_to_pkh_string(home_context.authorized_key, sizeof(home_context.authorized_key), - &g_hwm.baking_key)); + authorized_pk)); } end: + TZ_CONVERT_CX(); return exc; } diff --git a/src/ui_delegation_bagl.c b/src/ui_delegation_bagl.c index b0536d7d..07c262da 100644 --- a/src/ui_delegation_bagl.c +++ b/src/ui_delegation_bagl.c @@ -63,7 +63,7 @@ int prompt_delegation(ui_callback_t const ok_cb, ui_callback_t const cxl_cb) { TZ_CHECK(bip32_path_with_curve_to_pkh_string(delegation_context.address, sizeof(delegation_context.address), - &global.path_with_curve)); + (cx_ecfp_public_key_t *) &global.public_key)); TZ_ASSERT(microtez_to_string(delegation_context.fee, sizeof(delegation_context.fee), diff --git a/src/ui_delegation_nbgl.c b/src/ui_delegation_nbgl.c index f66d9539..dc3c2e52 100644 --- a/src/ui_delegation_nbgl.c +++ b/src/ui_delegation_nbgl.c @@ -87,7 +87,7 @@ int prompt_delegation(ui_callback_t const ok_cb, ui_callback_t const cxl_cb) { TZ_CHECK(bip32_path_with_curve_to_pkh_string(delegation_context.tagValueRef[ADDRESS_IDX], MAX_LENGTH, - &global.path_with_curve)); + (cx_ecfp_public_key_t *) &global.public_key)); TZ_ASSERT(microtez_to_string(delegation_context.tagValueRef[FEE_IDX], MAX_LENGTH, diff --git a/src/ui_nbgl.c b/src/ui_nbgl.c index d1ebe52a..17bd365b 100644 --- a/src/ui_nbgl.c +++ b/src/ui_nbgl.c @@ -68,6 +68,9 @@ static const nbgl_contentInfoList_t infoList = {.nbInfos = INFO_NB, */ static void initInfo(void) { tz_exc exc = SW_OK; + cx_err_t error = CX_OK; + + cx_ecfp_public_key_t* authorized_pk = (cx_ecfp_public_key_t*) &(tz_ecfp_public_key_t){0}; for (tz_infoIndex_t idx = 0; idx < INFO_NB; idx++) { infoContents[idx] = infoContentsBridge[idx]; @@ -82,9 +85,11 @@ static void initInfo(void) { TZ_ASSERT(copy_string(infoContentsBridge[PKH_IDX], MAX_LENGTH, "No Key Authorized"), EXC_WRONG_LENGTH); } else { + CX_CHECK(generate_public_key(authorized_pk, &g_hwm.baking_key)); + TZ_CHECK(bip32_path_with_curve_to_pkh_string(infoContentsBridge[PKH_IDX], MAX_LENGTH, - &g_hwm.baking_key)); + authorized_pk)); } TZ_ASSERT(hwm_to_string(infoContentsBridge[HWM_IDX], MAX_LENGTH, &g_hwm.hwm.main) >= 0, @@ -105,6 +110,7 @@ static void initInfo(void) { EXC_WRONG_LENGTH); end: + TZ_CONVERT_CX(); TZ_EXC_PRINT(exc); } diff --git a/src/ui_pubkey_bagl.c b/src/ui_pubkey_bagl.c index f974bcf1..8b00252c 100644 --- a/src/ui_pubkey_bagl.c +++ b/src/ui_pubkey_bagl.c @@ -60,7 +60,7 @@ int prompt_pubkey(bool authorize, ui_callback_t ok_cb, ui_callback_t cxl_cb) { TZ_CHECK(bip32_path_with_curve_to_pkh_string(address_context.public_key_hash, sizeof(address_context.public_key_hash), - &global.path_with_curve)); + (cx_ecfp_public_key_t *) &global.public_key)); ux_prepare_confirm_callbacks(ok_cb, cxl_cb); if (authorize) { diff --git a/src/ui_pubkey_nbgl.c b/src/ui_pubkey_nbgl.c index 796eacd0..1287b877 100644 --- a/src/ui_pubkey_nbgl.c +++ b/src/ui_pubkey_nbgl.c @@ -71,7 +71,7 @@ int prompt_pubkey(bool authorize, ui_callback_t ok_cb, ui_callback_t cxl_cb) { TZ_CHECK(bip32_path_with_curve_to_pkh_string(address_context.buffer, sizeof(address_context.buffer), - &global.path_with_curve)); + (cx_ecfp_public_key_t*) &global.public_key)); const char* text; if (authorize) { diff --git a/src/ui_setup_bagl.c b/src/ui_setup_bagl.c index 9f6fe513..3b6e84c6 100644 --- a/src/ui_setup_bagl.c +++ b/src/ui_setup_bagl.c @@ -69,7 +69,7 @@ int prompt_setup(ui_callback_t const ok_cb, ui_callback_t const cxl_cb) { TZ_CHECK(bip32_path_with_curve_to_pkh_string(setup_context.address, sizeof(setup_context.address), - &global.path_with_curve)); + (cx_ecfp_public_key_t *) &global.public_key)); TZ_ASSERT(chain_id_to_string_with_aliases(setup_context.chain, sizeof(setup_context.chain), diff --git a/src/ui_setup_nbgl.c b/src/ui_setup_nbgl.c index 25812182..010e7bab 100644 --- a/src/ui_setup_nbgl.c +++ b/src/ui_setup_nbgl.c @@ -148,7 +148,7 @@ int prompt_setup(ui_callback_t const ok_cb, ui_callback_t const cxl_cb) { TZ_CHECK(bip32_path_with_curve_to_pkh_string(setup_context.tagValueRef[ADDRESS_IDX], MAX_LENGTH, - &global.path_with_curve)); + (cx_ecfp_public_key_t *) &global.public_key)); TZ_ASSERT(chain_id_to_string_with_aliases(setup_context.tagValueRef[CHAIN_IDX], MAX_LENGTH,