Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* verify bls signatures Fix return type and add comment fix(bls): Fixed wrong data size in constants ping to ic_bls12_381 to 0.9.1 * Remove unnecessary cargo patch holder code that was commented out * Initial parser for icp certificates * add some useful methods and lookup funtion * Implement the reconstruct function and enhance a bit the lookup function which needs to be rewritten * Add the lookup_path_list and fix simple lookup function * Fix delegation parser * Update error definitions * Complete Certificate parsing and verification * Add more test and ensure parser/root_hash/lookup are working * New testing dependencies * enhance verification * Improve tests and error handling, add C interface meant to parse certificates * some improvements * fix typo * Initial candid parser for irc21-consent-message-response type * Add license note * Implement candid parser for ConsentMessageResponse and add unit test * Many improvements and add UI for MessageResponse type and full parser along with some unit tests * Add helper lines function * Document code better * new function to compute message * shore: Re-structure the project better by moving certificate related parts into a separate folder * Add parser for call_request argument in apdu instruction * Add parser for consent_msg_request argument in apdu instruction * Update value() method and add canister ranges parsing * Add method to check if a canister is within certain ranges, add test * Implement UI functions and export entry points * add some new files and placeholders for bls parsing * add apdu js interface * adding new nvdata functions to save bls info * update js package and add simple zemu test * add rust ffi for parsing * improve root_key handling and cleaning * root_key as global value * save call hash to be signed * improve sign apdu * add placeholder for certificate verifying function * type fix * Restructure files * prefix state names * Implement checks for payload and consent request plus minor fixes * Fill handler path with processing functions in tx module and parser * use config.toml * Separate icrc21 types into their own module, and implement request_id computation * Add utility functions to compute hashes * Minor updates, and checks * Add type table parsing and use it to parse candid values * Fix icrc21 consentmessage request parsing and update other parts to use type_table * use little endiannes and add extra checks in test * Nonce is optional * Add request_id method and tests along with conversion methods * Use request_id to check also for certificate validation and add simple test * Use inner arg and method name to set ffi struct for certificate verification * Add signing method for bls certificate and update actions * Use proper constants to define type lengths in ffi * Remove unused method to compute request_id * Some improvements and fixing warnings * Add compilation flag to enable/disable bls certificate verification depending on ledger target * Conditional compilation and fix tests and js library * Remove decode trait implementation reducing stack usage * Use ledger-rust bindings to create static resources for call/consent request and update C api and handlers * Update build command in cargo for ledger-rust * Add bls_message to build digest used in certificate signature verification and update from_bytes_into implementation * Use certificate resource and improve certificate handler * Fix bls test key * Fix signing and resource cleaning * Some improvements * Some cleanups * Fix test and add snapshot * Add logs * Add prefix to exported rust functions * Print to std-out in tests * Many clean-ups and fix js instruction to verify certificate * Use constant and implement FromBytes * Remove from_bytes impl in delegation and fix certificate::from_bytes_into * Add timestamp check * Add consent message formatting * Add utilities for testing with cargo insta later * Update test snapshots * Use TryFrom impl and add pubkey test * Ensure resources are freed and state is reset after signing * Define a state at creation level * Enable certificate verification using official key for testing * Add test with/without custom root key * Improve parsing by using from_bytes_into which reduces stack usage * Fix ingress_expiry and method_name checks * Add new constants * use from_bytes_into * Remove table logging * Remove check on root_key as it could be an optional parameters * Update testing data * export C function to rust to handle principal request and use it to verify certificate * Import rslib if BLS feature is enable * Improve CI for rust parser * fix clippy and test * fix clippy and zemu tests * Improve zemu testing * fix clippy * fix zemu * fix flex compilation * filter out nanos for bls testing in zemu * some CI fixes * Re-structuring code to reduce stack usage relying on lazy parsing and ensuring table lenght is sized to a reasonable size * Reduce stack usage * Add test to verify ffi verification flow * fix ffi test * Reduce stack usage and more logging * update dep * Add more logging * update cargo.lock * move from stack to nvm * Disable nanox for now on zemu tests * Remove BLS support for nanoX * Fix hashing computation, now we hash name and value separately and update the global hasher * Ensure jest reporter module gets installed * Ensure jest reporter module gets installed * Fix warnings and compile c api on bls feature only * Add try script for bls verification * Adjust time expiryti offset as requested to 10 minutes and not 12 * Update testing data and snapshots * Update submodules * Fix compilation error with protobuf * Update testing data * remove flow which is not compatible with our hybrid app * remove dead code * Update error type in C code to match Rust new errors * Removed commemted code and add more notes to clarify design desitions * Rename test for bls to avoid snapshots overlapping Ensure state gets restarted in case of errors Remove unnecessary SDK modules Document and more comments consice header Fix typo * Fix canister ranges comparisson and update testing data in ffi-test * Bum app version and update snapshots * Add a new set of tests, and increase time offset to 12 minutes * Minor fix and use call request for sender validation * Add new zemu test to ensure principal verification agains certificate data * Use default device principal in our unit tests * Increate time offset to 12 minutes, so a call request is valid if made within those 12 minutes window since certificate creation * Update sender verification to follow what they suggested --------- Co-authored-by: Carlos Medeiros <[email protected]>
- Loading branch information
1 parent
8e8a2ce
commit 23a4a9a