Merge pull request #27 from LedgerHQ/add-nanos-161-sdk

SDK 1.6.1 differences from the 1.6.0

include/bolos_version.h

@@ -1,3 +1,3 @@
 #ifndef BOLOS_VERSION
-#define BOLOS_VERSION "1.6.0"
+#define BOLOS_VERSION "1.6.1"
 #endif

include/checks.h

@@ -0,0 +1,31 @@
+
+/*******************************************************************************
+*   Ledger Nano S - Secure firmware
+*   (c) 2020 Ledger
+*
+*  Licensed under the Apache License, Version 2.0 (the "License");
+*  you may not use this file except in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*      http://www.apache.org/licenses/LICENSE-2.0
+*
+*  Unless required by applicable law or agreed to in writing, software
+*  distributed under the License is distributed on an "AS IS" BASIS,
+*  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+*  See the License for the specific language governing permissions and
+*  limitations under the License.
+********************************************************************************/
+
+#if !defined(CHECKS_H)
+#define CHECKS_H
+
+#if !defined(HAVE_BOLOS)
+
+#define CHECK_NOT_AUDITED_TLV_TAG 0x9F
+#define CHECK_NOT_AUDITED_TLV_VAL 0x01
+#define CHECK_NOT_AUDITED_MAX_LEN 0x40
+
+void check_audited_app(void);
+#endif // !defined(HAVE_BOLOS)
+
+#endif

include/lcx_ecfp.h

@@ -63,6 +63,9 @@ enum cx_curve_e {
   /* STARK */
   CX_CURVE_Stark256,
 
+  /* BLS */
+  CX_CURVE_BLS12_381_G1,
+
   /** High limit (not included) of Weierstrass curve ID */
   CX_CURVE_WEIERSTRASS_END,
 

include/os.h

@@ -1310,6 +1310,9 @@ SYSCALL unsigned int os_seph_features(void);
 /* Grab the SEPROXYHAL's version */
 SYSCALL unsigned int os_seph_version(unsigned char *version PLENGTH(maxlength),
                                      unsigned int maxlength);
+SYSCALL unsigned int
+os_bootloader_version(unsigned char *version PLENGTH(maxlength),
+                      unsigned int maxlength);
 
 /*
  * Copy the serial number in the given buffer and return its length
@@ -1471,9 +1474,9 @@ os_customca_verify(unsigned char *hash PLENGTH(32),
 #endif // BOLOS_SECURITY_ONBOARD_DELAY_S
 
 #ifndef BOLOS_SECURITY_ATTESTATION_DELAY_S
-// Mininal time interval in between two use of the device's private key (SCP
+// Minimal time interval in between two use of the device's private key (SCP
 // opening and endorsement)
-#define BOLOS_SECURITY_ATTESTATION_DELAY_S 15
+#define BOLOS_SECURITY_ATTESTATION_DELAY_S 5
 #endif // BOLOS_SECURITY_ATTESTATION_DELAY_S
 
 void safe_desynch();

include/syscalls.h

@@ -1917,6 +1917,21 @@ os_seph_version_inline(unsigned char *version, unsigned int maxlength) {
   return (unsigned int)(((volatile unsigned int *)parameters)[1]);
 }
 
+#define SYSCALL_os_bootloader_version_ID_IN 0x6000a917UL
+#define SYSCALL_os_bootloader_version_ID_OUT 0x9000a97aUL
+__attribute__((always_inline)) inline unsigned int
+os_bootloader_version_inline(unsigned char *version, unsigned int maxlength) {
+  volatile unsigned int parameters[2 + 2];
+  parameters[0] = (unsigned int)version;
+  parameters[1] = (unsigned int)maxlength;
+  __asm volatile("mov r0, %1\n"
+                 "mov r1, %0\n"
+                 "svc #1" ::"r"(parameters),
+                 "r"(SYSCALL_os_bootloader_version_ID_IN)
+                 : "r0", "r1");
+  return (unsigned int)(((volatile unsigned int *)parameters)[1]);
+}
+
 #define SYSCALL_os_setting_get_ID_IN 0x600070c5UL
 #define SYSCALL_os_setting_get_ID_OUT 0x900070afUL
 __attribute__((always_inline)) inline unsigned int

lib_ux/include/ux.h

@@ -500,15 +500,22 @@ extern bolos_ux_params_t G_ux_params;
 
 
 /**
- * Macro to process sequentially display a screen. The call finished when the UX is completely displayed.
+ * Macro to process sequentially display a screen. The call finishes when the UX is completely displayed,
+ * and the state of the MCU <-> SE exchanges is the same as before this macro call.
  */
 #define UX_WAIT_DISPLAYED() \
-    do { \
-      UX_DISPLAY_NEXT_ELEMENT(); \
+    while (!UX_DISPLAYED()) { \
+      /* We wait for the MCU event (should indicate display processed for a bagl element) */ \
       io_seproxyhal_spi_recv(G_io_seproxyhal_spi_buffer, sizeof(G_io_seproxyhal_spi_buffer), 0); \
       io_seproxyhal_handle_event(); \
-    /* all items have been displayed */ \
-    } while (!UX_DISPLAYED());
+      UX_DISPLAY_NEXT_ELEMENT(); \
+    } \
+    io_seproxyhal_spi_recv(G_io_seproxyhal_spi_buffer, sizeof(G_io_seproxyhal_spi_buffer), 0); \
+    io_seproxyhal_handle_event(); \
+    /* We send a general status which indicates to the MCU that he can process any pending action (i.e. here, display the whole screen) */ \
+    io_seproxyhal_general_status(); \
+    /* We wait for an ack of the MCU. */ \
+    io_seproxyhal_spi_recv(G_io_seproxyhal_spi_buffer, sizeof(G_io_seproxyhal_spi_buffer), 0);
 
 /**
  * Process button push events. Application's button event handler is called only if the ux app does not deny it (modal frame displayed).

src/checks.c

@@ -0,0 +1,107 @@
+
+/*******************************************************************************
+*   Ledger Nano S - Secure firmware
+*   (c) 2020 Ledger
+*
+*  Licensed under the Apache License, Version 2.0 (the "License");
+*  you may not use this file except in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*      http://www.apache.org/licenses/LICENSE-2.0
+*
+*  Unless required by applicable law or agreed to in writing, software
+*  distributed under the License is distributed on an "AS IS" BASIS,
+*  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+*  See the License for the specific language governing permissions and
+*  limitations under the License.
+********************************************************************************/
+
+#if !defined(HAVE_BOLOS)
+
+#include "os.h"
+#include "ux.h"
+#include "ux_layouts.h"
+#include "checks.h"
+
+// This label ultimately comes from the application link.
+extern unsigned int const _install_parameters;
+
+// This function is the button callback associated with the 'ui_audited_elements' array below.
+static unsigned int ui_audited_elements_button(unsigned int button_mask, unsigned int button_mask_counter) {
+
+  // As soon as the user presses both buttons, we reinitialize the UX and buttons,
+  // and the hand is given back to the normal process.
+  if ((button_mask & (BUTTON_EVT_RELEASED | BUTTON_LEFT | BUTTON_RIGHT)) == (BUTTON_EVT_RELEASED | BUTTON_LEFT | BUTTON_RIGHT)) {
+    G_ux.stack[0].button_push_callback = NULL;
+  }
+  return 0;
+}
+
+// This array is to be displayed under specific circumstances, right at the launch of an application.
+const bagl_element_t ui_audited_elements[] = {
+  // Erasure of the whole screen,
+  {{BAGL_RECTANGLE                      , 0x00,   0,   0, 128,  32, 0, 0, BAGL_FILL, 0x000000, 0xFFFFFF, 0, 0}, NULL},
+  // First line of text,
+  {
+    {BAGL_LABELINE, 0x01, 0, 12, 128, 32, 0, 0, 0, 0xFFFFFF, 0x000000,
+      BAGL_FONT_OPEN_SANS_EXTRABOLD_11px | BAGL_FONT_ALIGNMENT_CENTER, 0},
+    "Pending",
+  },
+  // Last line of text.
+  {
+    {BAGL_LABELINE, 0x01, 0, 24, 128, 32, 0, 0, 0, 0xFFFFFF, 0x000000,
+      BAGL_FONT_OPEN_SANS_EXTRABOLD_11px | BAGL_FONT_ALIGNMENT_CENTER, 0},
+    "Ledger review",
+  },
+};
+
+// This function is called at the end of the seph initialization.
+// It checks the install parameters of the application to be run, and if this area contains the
+// CHECK_NOT_AUDITED_TLV_TAG tag with the CHECK_NOT_AUDITED_TLV_VAL value, a specific display
+// is triggered before the actual application's splash screen.
+void check_audited_app(void) {
+  unsigned char     data = BOLOS_FALSE;
+  unsigned char*    buffer = &data;
+  unsigned int      length = os_parse_bertlv((unsigned char*)(&_install_parameters),
+                                             CHECK_NOT_AUDITED_MAX_LEN,
+                                             NULL,
+                                             CHECK_NOT_AUDITED_TLV_TAG,
+                                             0x00,
+                                             (void**)&buffer,
+                                             sizeof(data));
+
+  // We trigger the associated behaviour only when the tag was present and the value corresponds to
+  // the expected one.
+  if (   (length)
+      && (CHECK_NOT_AUDITED_TLV_VAL == data))
+  {
+    // We reserve the first slot for this display.
+    ux_stack_push();
+    ux_stack_init(0);
+
+    // We trigger the additional display and wait for it to be completed.
+    UX_DISPLAY(ui_audited_elements, NULL);
+    UX_WAIT_DISPLAYED();
+
+    io_seproxyhal_general_status();
+
+    // We wait for the button callback pointer to wiped, and we process the incoming MCU events in the
+    // meantime. This callback will be wiped within the actual 'ui_audited_elements_button' function,
+    // as soon as the user presses both buttons.
+    do {
+      io_seproxyhal_spi_recv(G_io_seproxyhal_spi_buffer, sizeof(G_io_seproxyhal_spi_buffer), 0);
+      io_seproxyhal_handle_event();
+    } while (io_seproxyhal_spi_is_status_sent() && G_ux.stack[0].button_push_callback);
+
+    // We pop the reserved slot but we do not care about the returned value (since we do not need it for
+    // further displays at the moment) and reinitialize the UX and buttons.
+    ux_stack_pop();
+    io_seproxyhal_init_ux();
+    io_seproxyhal_init_button();
+
+    // Now we can wait for the next MCU status and exit.
+    io_seproxyhal_spi_recv(G_io_seproxyhal_spi_buffer, sizeof(G_io_seproxyhal_spi_buffer), 0);
+  }
+}
+
+#endif // !defined(HAVE_BOLOS)

src/os_io_seproxyhal.c

@@ -35,6 +35,7 @@
 #endif // HAVE_BLUENRG
 
 #include "ux.h"
+#include "checks.h"
 
 #ifdef HAVE_IO_U2F
 #include "u2f_processing.h"
@@ -397,6 +398,10 @@ void io_seproxyhal_init(void) {
 
   io_seproxyhal_init_ux();
   io_seproxyhal_init_button();
+
+#if !defined(HAVE_BOLOS)
+  check_audited_app();
+#endif // !defined(HAVE_BOLOS)
 }
 
 void io_seproxyhal_init_ux(void) {

src/syscalls.c

@@ -1166,6 +1166,15 @@ unsigned int os_seph_version ( unsigned char * version, unsigned int maxlength )
   return (unsigned int)(((volatile unsigned int*)parameters)[1]);
 }
 
+unsigned int os_bootloader_version ( unsigned char * version, unsigned int maxlength ) 
+{
+  volatile unsigned int parameters [2+2];
+  parameters[0] = (unsigned int)version;
+  parameters[1] = (unsigned int)maxlength;
+  SVC_Call(SYSCALL_os_bootloader_version_ID_IN, parameters);
+  return (unsigned int)(((volatile unsigned int*)parameters)[1]);
+}
+
 unsigned int os_setting_get ( unsigned int setting_id, unsigned char * value, unsigned int maxlen ) 
 {
   volatile unsigned int parameters [2+3];