Merge pull request #35 from Zondax/manualConfirm

Allowlists: UI + confirmation
Zondax · Aug 15, 2020 · b72f89a · b72f89a
2 parents ac5bb92 + 5c0acad
commit b72f89a
Show file tree

Hide file tree

Showing 12 changed files with 215 additions and 161 deletions.
diff --git a/app/Makefile.version b/app/Makefile.version
@@ -1,3 +1,3 @@
 APPVERSION_M=2
 APPVERSION_N=2019
-APPVERSION_P=4
+APPVERSION_P=5
diff --git a/app/script.ld b/app/script.ld
@@ -30,7 +30,7 @@ MEMORY
 }
 
 PAGE_SIZE  = 64;
-STACK_SIZE = 2840;
+STACK_SIZE = 2824;
 END_STACK  = ORIGIN(SRAM) + LENGTH(SRAM);
 
 SECTIONS

diff --git a/app/src/allowlist.c b/app/src/allowlist.c
@@ -18,6 +18,8 @@
 
 #include "os.h"
 #include "cx.h"
+#include "coin.h"
+#include "app_main.h"
 #include "allowlist.h"
 
 typedef struct {
@@ -155,7 +157,6 @@ bool allowlist_list_validate(const uint8_t *new_list_buffer, size_t new_list_buf
         return false;
     }
 
-
     zemu_log_stack("\n");
     // Hash allowlist (len + items)
     uint8_t digest[32];
@@ -202,7 +203,6 @@ bool allowlist_list_validate(const uint8_t *new_list_buffer, size_t new_list_buf
     }
 
     return valid_signature;
-//    return true;
 }
 
 bool allowlist_upgrade(const uint8_t *new_list_buffer, size_t new_list_buffer_len) {
@@ -214,4 +214,51 @@ bool allowlist_upgrade(const uint8_t *new_list_buffer, size_t new_list_buffer_le
     return true;
 }
 
+zxerr_t allowlist_getNumItems(uint8_t *num_items) {
+    zemu_log_stack("allowlist_getNumItems");
+    *num_items = 1;
+    return zxerr_ok;
+}
+
+zxerr_t allowlist_getItem(int8_t displayIdx,
+                          char *outKey, uint16_t outKeyLen,
+                          char *outVal, uint16_t outValLen,
+                          uint8_t pageIdx, uint8_t *pageCount) {
+    zemu_log_stack("allowlist_getItem");
+    if (displayIdx != 0) {
+        return zxerr_no_data;
+    }
+
+    switch (G_io_apdu_buffer[OFFSET_INS]) {
+        case INS_ALLOWLIST_SET_PUBKEY: {
+            snprintf(outKey, outKeyLen, "Set Pubkey");
+
+            char bufferUI[100];
+            if (array_to_hexstr(bufferUI, sizeof(bufferUI), G_io_apdu_buffer+OFFSET_DATA, 32) != 64) {
+                return zxerr_encoding_failed;
+            }
+            pageString(outVal, outValLen, bufferUI, pageIdx, pageCount);
+            return zxerr_ok;
+        }
+        case INS_ALLOWLIST_UPLOAD: {
+            snprintf(outKey, outKeyLen, "Allowlist Upload");
+
+            uint8_t digest[32];
+            allowlist_t *new_list = (allowlist_t *) tx_get_buffer();
+            allowlist_calculate_digest(digest, new_list);
+
+            char bufferUI[100];
+            if (array_to_hexstr(bufferUI, sizeof(bufferUI), digest, sizeof(digest)) != 64) {
+                return zxerr_encoding_failed;
+            }
+            pageString(outVal, outValLen, bufferUI, pageIdx, pageCount);
+            return zxerr_ok;
+        }
+        default:
+            break;
+    }
+
+    return zxerr_no_data;
+}
+
 #endif
diff --git a/app/src/allowlist.h b/app/src/allowlist.h
@@ -14,8 +14,10 @@
 *  limitations under the License.
 ********************************************************************************/
 #pragma once
+
 #include "zxmacros.h"
 #include <stdbool.h>
+#include "zxerror.h"
 
 #define ALLOW_LIST_SIZE                 128
 // Length is limited to 63 because it must be zero terminated
@@ -52,8 +54,17 @@ void allowlist_hash(uint8_t *digest);
 
 bool allowlist_item_validate(const char *address);
 
+bool allowlist_list_validate(const uint8_t *new_list_buffer, size_t new_list_buffer_len);
+
 bool allowlist_upgrade(const uint8_t *new_list_buffer, size_t new_list_buffer_len);
 
+zxerr_t allowlist_getNumItems(uint8_t *num_items);
+
+zxerr_t allowlist_getItem(int8_t displayIdx,
+                          char *outKey, uint16_t outKeyLen,
+                          char *outValue, uint16_t outValueLen,
+                          uint8_t pageIdx, uint8_t *pageCount);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/app/src/apdu_handler.c b/app/src/apdu_handler.c
@@ -24,6 +24,7 @@
 #include "view.h"
 #include "actions.h"
 #include "tx.h"
+#include "addr.h"
 #include "crypto.h"
 #include "coin.h"
 #include "zxmacros.h"
@@ -99,6 +100,7 @@ __Z_INLINE bool process_chunk(volatile uint32_t *tx, uint32_t rx) {
     THROW(APDU_CODE_INVALIDP1P2);
 }
 
+#if defined(APP_RESTRICTED)
 __Z_INLINE bool process_chunk_update(volatile uint32_t *tx, uint32_t rx) {
     const uint8_t payloadType = G_io_apdu_buffer[OFFSET_PAYLOAD_TYPE];
 
@@ -127,6 +129,7 @@ __Z_INLINE bool process_chunk_update(volatile uint32_t *tx, uint32_t rx) {
 
     return payloadType == 2;
 }
+#endif
 
 __Z_INLINE void handle_getversion(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
     G_io_apdu_buffer[0] = 0;
@@ -135,7 +138,7 @@ __Z_INLINE void handle_getversion(volatile uint32_t *flags, volatile uint32_t *t
     G_io_apdu_buffer[0] = 0x01;
 #endif
 
-    #if defined(APP_RESTRICTED)
+#if defined(APP_RESTRICTED)
     G_io_apdu_buffer[0] = 0x02;
 #endif
 
@@ -166,7 +169,10 @@ __Z_INLINE void handleGetAddr(volatile uint32_t *flags, volatile uint32_t *tx, u
 
     if (requireConfirmation) {
         app_fill_address();
-        view_address_show(addr_ed22519);
+
+        view_review_init(addr_getItem, addr_getNumItems, app_reply_address, app_reject);
+        view_review_show();
+
         *flags |= IO_ASYNCH_REPLY;
         return;
     }
@@ -194,7 +200,8 @@ __Z_INLINE void handleSign(volatile uint32_t *flags, volatile uint32_t *tx, uint
     }
 
     CHECK_APP_CANARY()
-    view_sign_show();
+    view_review_init(tx_getItem, tx_getNumItems, app_sign, app_reject);
+    view_review_show();
     *flags |= IO_ASYNCH_REPLY;
 }
 
@@ -213,7 +220,18 @@ __Z_INLINE void handleAllowlistGetMasterkey(volatile uint32_t *flags, volatile u
     THROW(APDU_CODE_OK);
 }
 
-__Z_INLINE void handleAllowlistSetMasterkey(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
+void app_allowlist_SetPublicKey() {
+    if (!allowlist_pubkey_set(G_io_apdu_buffer + OFFSET_DATA, 32)) {
+        set_code(G_io_apdu_buffer, 0, APDU_CODE_EXECUTION_ERROR);
+        io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
+    }
+    zemu_log_stack("allowlist: pubkey updated");
+
+    set_code(G_io_apdu_buffer, 0, APDU_CODE_OK);
+    io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
+}
+
+__Z_INLINE void handleAllowlistSetPublicKey(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
     if (allowlist_pubkey_is_set()) {
         // Can only be set once
         THROW(APDU_CODE_COMMAND_NOT_ALLOWED);  // 0x6986
@@ -225,12 +243,9 @@ __Z_INLINE void handleAllowlistSetMasterkey(volatile uint32_t *flags, volatile u
 
     zemu_log_stack("allowlist: try update pubkey");
 
-    if (!allowlist_pubkey_set(G_io_apdu_buffer + OFFSET_DATA, 32)) {
-        THROW(APDU_CODE_EXECUTION_ERROR);    // 6400
-    }
-
-    zemu_log_stack("allowlist: pubkey updated");
-    THROW(APDU_CODE_OK);
+    view_review_init(allowlist_getItem, allowlist_getNumItems, app_allowlist_SetPublicKey, app_reject);
+    view_review_show();
+    *flags |= IO_ASYNCH_REPLY;
 }
 
 __Z_INLINE void handleAllowlistGetHash(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
@@ -243,6 +258,18 @@ __Z_INLINE void handleAllowlistGetHash(volatile uint32_t *flags, volatile uint32
     THROW(APDU_CODE_OK);
 }
 
+void app_allowlist_Upload() {
+    zemu_log_stack("allowlist: try update");
+    if (!allowlist_upgrade(tx_get_buffer(), tx_get_buffer_length())) {
+        set_code(G_io_apdu_buffer, 0, APDU_CODE_EXECUTION_ERROR);
+        io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
+    }
+
+    zemu_log_stack("allowlist: updated");
+    set_code(G_io_apdu_buffer, 0, APDU_CODE_OK);
+    io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
+}
+
 __Z_INLINE void handleAllowlistUpload(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
     if (!allowlist_pubkey_is_set()) {
         zemu_log_stack("allowlist: pubkey has not been set");
@@ -255,13 +282,14 @@ __Z_INLINE void handleAllowlistUpload(volatile uint32_t *flags, volatile uint32_
     }
     CHECK_APP_CANARY()
 
-    zemu_log_stack("allowlist: try update");
-    if (!allowlist_upgrade(tx_get_buffer(), tx_get_buffer_length())) {
+    if (!allowlist_list_validate(tx_get_buffer(), tx_get_buffer_length())) {
+        // conditions to update allowlist are not satisfied
         THROW(APDU_CODE_EXECUTION_ERROR);
     }
 
-    zemu_log_stack("allowlist: updated");
-    THROW(APDU_CODE_OK);
+    view_review_init(allowlist_getItem, allowlist_getNumItems, app_allowlist_Upload, app_reject);
+    view_review_show();
+    *flags |= IO_ASYNCH_REPLY;
 }
 #endif
 
@@ -304,7 +332,7 @@ void handleApdu(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
                     }
 
                     case INS_ALLOWLIST_SET_PUBKEY: {
-                        handleAllowlistSetMasterkey(flags, tx, rx);
+                        handleAllowlistSetPublicKey(flags, tx, rx);
                         break;
                     }