Add reject confirm screen for blindsigning flow

app/src/apdu_sign.c

@@ -51,7 +51,6 @@ static void send_reject(int);
 static void send_continue(void);
 static void send_cancel(void);
 static void refill(void);
-static void pass_from_clear_to_blind(void);
 static void stream_cb(tz_ui_cb_type_t);
 static void handle_first_apdu(command_t *);
 static void handle_first_apdu_clear(command_t *);
@@ -151,82 +150,6 @@ send_continue(void)
 
     TZ_POSTAMBLE;
 }
-#ifdef HAVE_NBGL
-
-static void
-cancel_operation(uint8_t reject_code)
-{
-    TZ_PREAMBLE(("void"));
-    global.keys.apdu.sign.received_last_msg = true;
-    stream_cb(reject_code);
-    global.step = ST_IDLE;
-    nbgl_useCaseStatus("Transaction rejected", false, ui_home_init);
-
-    TZ_POSTAMBLE;
-}
-
-static void
-cancel_operation_blindsign(void)
-{
-    cancel_operation(TZ_UI_STREAM_CB_BLINDSIGN_REJECT);
-}
-
-static void
-blindsign_splash(void)
-{
-    TZ_PREAMBLE(("void"));
-    nbgl_useCaseReviewStart(
-        &C_round_warning_64px, "Blind signing",
-        "This transaction can not be securely interpreted by Ledger Stax. It "
-        "might put your assets at risk.",
-        "Reject transaction", pass_from_clear_to_blind,
-        cancel_operation_blindsign);
-
-    TZ_POSTAMBLE;
-}
-
-static void
-handle_blindsigning(bool confirm)
-{
-    TZ_PREAMBLE(("void"));
-    if (confirm) {
-        if (!N_settings.blindsigning)
-            toggle_blindsigning();
-        nbgl_useCaseReviewStart(&C_round_check_64px, "Blind signing enabled",
-                                NULL, "Reject transaction", blindsign_splash,
-                                cancel_operation_blindsign);
-
-    } else {
-        cancel_operation_blindsign();
-    }
-    TZ_POSTAMBLE;
-}
-
-void
-switch_to_blindsigning(__attribute__((unused)) const char *err_type,
-                       const char                         *err_code)
-{
-    TZ_PREAMBLE(("void"));
-    PRINTF("[DEBUG] refill_error: global.step = %d\n", global.step);
-    TZ_ASSERT(EXC_UNEXPECTED_STATE, global.step == ST_CLEAR_SIGN);
-    global.keys.apdu.sign.step = SIGN_ST_WAIT_USER_INPUT;
-    global.step                = ST_BLIND_SIGN;
-    if (N_settings.blindsigning) {
-        nbgl_useCaseReviewStart(&C_round_warning_64px,
-                                "Blind signing required:\nParsing Error",
-                                err_code, "Reject transaction",
-                                blindsign_splash, cancel_operation_blindsign);
-    } else {
-        nbgl_useCaseChoice(&C_round_warning_64px,
-                           "Enable blind signing to authorize this "
-                           "transaction:\nParsing Error",
-                           err_code, "Enable blind signing",
-                           "Reject transaction", handle_blindsigning);
-    }
-
-    TZ_POSTAMBLE;
-}
-#endif
 
 static void
 refill_blo_im_full(void)
@@ -403,7 +326,7 @@ send_cancel(void)
     TZ_POSTAMBLE;
 }
 
-static void
+void
 pass_from_clear_to_blind(void)
 {
     TZ_PREAMBLE(("void"));
@@ -658,8 +581,7 @@ reviewChoice(bool confirm)
     if (confirm) {
         nbgl_useCaseStatus("TRANSACTION\nSIGNED", true, accept_blindsign_cb);
     } else {
-        nbgl_useCaseStatus("Transaction rejected", false,
-                           reject_blindsign_cb);
+        tz_reject_ui();
     }
 
     FUNC_LEAVE();

app/src/apdu_sign.h

@@ -69,4 +69,5 @@ typedef struct {
 
 #ifdef HAVE_NBGL
 void switch_to_blindsigning(const char *, const char *);
+void tz_reject_ui(void);
 #endif

app/src/ui_stream.h

@@ -177,3 +177,4 @@ void   tz_ui_stream_close(void);
 void   tz_ui_stream(void);
 void   tz_ui_stream_start(void);
 tz_ui_cb_type_t tz_ui_stream_get_cb_type(void);
+void            pass_from_clear_to_blind(void);

app/src/ui_stream_nbgl.c

@@ -28,8 +28,9 @@ bool tz_ui_nav_cb(uint8_t, nbgl_pageContent_t *);
 bool has_final_screen(void);
 void tz_ui_stream_start(void);
 
-void drop_last_screen(void);
-void push_str(const char *, size_t, char **);
+void        drop_last_screen(void);
+void        push_str(const char *, size_t, char **);
+extern void pass_from_clear_to_blind(void);
 
 void
 tz_cancel_ui(void)
@@ -54,7 +55,11 @@ tz_reject(void)
     global.keys.apdu.sign.step              = SIGN_ST_WAIT_USER_INPUT;
     global.keys.apdu.sign.received_last_msg = true;
 
-    s->cb(TZ_UI_STREAM_CB_REJECT);
+    if (global.step == ST_BLIND_SIGN) {
+        s->cb(TZ_UI_STREAM_CB_BLINDSIGN_REJECT);
+    } else {
+        s->cb(TZ_UI_STREAM_CB_REJECT);
+    }
 
     global.step = ST_IDLE;
     nbgl_useCaseStatus("Transaction rejected", false, ui_home_init);
@@ -73,6 +78,59 @@ tz_reject_ui(void)
     FUNC_LEAVE();
 }
 
+static void
+blindsign_splash(void)
+{
+    TZ_PREAMBLE(("void"));
+    nbgl_useCaseReviewStart(
+        &C_round_warning_64px, "Blind signing",
+        "This transaction can not be securely interpreted by Ledger Stax. It "
+        "might put your assets at risk.",
+        "Reject transaction", pass_from_clear_to_blind, tz_reject_ui);
+
+    TZ_POSTAMBLE;
+}
+
+static void
+handle_blindsigning(bool confirm)
+{
+    TZ_PREAMBLE(("void"));
+    if (confirm) {
+        if (!N_settings.blindsigning)
+            toggle_blindsigning();
+        nbgl_useCaseReviewStart(&C_round_check_64px, "Blind signing enabled",
+                                NULL, "Reject transaction", blindsign_splash,
+                                tz_reject_ui);
+
+    } else {
+        tz_reject_ui();
+    }
+    TZ_POSTAMBLE;
+}
+
+void
+switch_to_blindsigning(__attribute__((unused)) const char *err_type,
+                       const char                         *err_code)
+{
+    TZ_PREAMBLE(("void"));
+    PRINTF("[DEBUG] refill_error: global.step = %d\n", global.step);
+    TZ_ASSERT(EXC_UNEXPECTED_STATE, global.step == ST_CLEAR_SIGN);
+    global.keys.apdu.sign.step = SIGN_ST_WAIT_USER_INPUT;
+    global.step                = ST_BLIND_SIGN;
+    if (N_settings.blindsigning) {
+        nbgl_useCaseReviewStart(
+            &C_round_warning_64px, "Blind signing required:\nParsing Error",
+            err_code, "Reject transaction", blindsign_splash, tz_reject_ui);
+    } else {
+        nbgl_useCaseChoice(&C_round_warning_64px,
+                           "Enable blind signing to authorize this "
+                           "transaction:\nParsing Error",
+                           err_code, "Enable blind signing",
+                           "Reject transaction", handle_blindsigning);
+    }
+
+    TZ_POSTAMBLE;
+}
 void
 expert_mode_splash(void)
 {

tests/integration/stax/utils.py

@@ -191,15 +191,12 @@ def send_payload(app, apdu):
     app.assert_screen("review_request_sign_operation");
 
 def verify_err_reject_response(app, tag):
-    app.assert_screen(tag)
-    app.welcome.client.pause_ticker()
-    app.review.reject()
-    app.assert_screen("reject_review")
-    app.welcome.client.resume_ticker()
-    app.review.tap()
-    assert_home_with_code(app, "9405")
+    verify_reject_response_common(app,tag,"9405")
 
 def verify_reject_response(app, tag):
+    verify_reject_response_common(app, tag,"6985")
+
+def verify_reject_response_common(app, tag, err_code):
     app.assert_screen(tag)
     app.review.reject()
     app.assert_screen("reject_review")
@@ -208,4 +205,4 @@ def verify_reject_response(app, tag):
     app.assert_screen("rejected")
     app.review.tap()
     app.welcome.client.resume_ticker()
-    assert_home_with_code(app, "6985")
+    assert_home_with_code(app, err_code)