sign tests in zemu

Zondax · Nov 20, 2024 · 58ff3fb · 58ff3fb
1 parent 0cc4e7e
commit 58ff3fb
Show file tree

Hide file tree

Showing 17 changed files with 204 additions and 131 deletions.
diff --git a/app/rust/src/lib.rs b/app/rust/src/lib.rs
@@ -13,7 +13,7 @@
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 ********************************************************************************/
-// #![no_std]
+#![no_std]
 #![no_builtins]
 #![allow(dead_code)]
 #![deny(unused_crate_dependencies)]
@@ -42,14 +42,14 @@ pub(crate) use utils::prf::{expand_fq, expand_fr};
 
 fn debug(_msg: &str) {}
 
-// #[cfg(all(not(test), not(feature = "clippy"), not(feature = "fuzzing")))]
-// use core::panic::PanicInfo;
+#[cfg(all(not(test), not(feature = "clippy"), not(feature = "fuzzing")))]
+use core::panic::PanicInfo;
 
-// #[cfg(all(not(test), not(feature = "clippy"), not(feature = "fuzzing")))]
-// #[panic_handler]
-// fn panic(_info: &PanicInfo) -> ! {
-//     loop {}
-// }
+#[cfg(all(not(test), not(feature = "clippy"), not(feature = "fuzzing")))]
+#[panic_handler]
+fn panic(_info: &PanicInfo) -> ! {
+    loop {}
+}
 
 extern "C" {
     fn check_app_canary();

diff --git a/app/src/apdu_handler.c b/app/src/apdu_handler.c
@@ -176,16 +176,16 @@ __Z_INLINE void handleSign(volatile uint32_t *flags, volatile uint32_t *tx, uint
 
     __Z_UNUSED const char *error_msg = tx_parse();
     CHECK_APP_CANARY()
-    // if (error_msg != NULL) {
-    //     const int error_msg_length = strnlen(error_msg, sizeof(G_io_apdu_buffer));
-    //     memcpy(G_io_apdu_buffer, error_msg, error_msg_length);
-    //     *tx += (error_msg_length);
-    //     THROW(APDU_CODE_DATA_INVALID);
-    // }
-
-    // view_review_init(tx_getItem, tx_getNumItems, app_sign);
-    // view_review_show(REVIEW_TXN);
-    // *flags |= IO_ASYNCH_REPLY;
+    if (error_msg != NULL) {
+        const int error_msg_length = strnlen(error_msg, sizeof(G_io_apdu_buffer));
+        memcpy(G_io_apdu_buffer, error_msg, error_msg_length);
+        *tx += (error_msg_length);
+        THROW(APDU_CODE_DATA_INVALID);
+    }
+
+    view_review_init(tx_getItem, tx_getNumItems, app_sign);
+    view_review_show(REVIEW_TXN);
+    *flags |= IO_ASYNCH_REPLY;
 }
 
 __Z_INLINE void handle_getversion(__Z_UNUSED volatile uint32_t *flags, volatile uint32_t *tx) {

diff --git a/app/src/coin.h b/app/src/coin.h
@@ -34,6 +34,7 @@ extern "C" {
 
 #define PK_LEN_25519 32u
 #define SK_LEN_25519 64u
+#define EFFECT_HASH_LEN 64u
 
 #define COIN_AMOUNT_DECIMAL_PLACES 6
 #define COIN_TICKER "PEN"

diff --git a/app/src/common/actions.h b/app/src/common/actions.h
@@ -24,6 +24,7 @@
 #include "crypto.h"
 #include "tx.h"
 #include "zxerror.h"
+#include "zxformat.h"
 
 extern uint16_t cmdResponseLen;
 
@@ -66,17 +67,16 @@ __Z_INLINE zxerr_t app_fill_keys() {
 }
 
 __Z_INLINE void app_sign() {
-    const uint8_t *message = tx_get_buffer();
-    const uint16_t messageLength = tx_get_buffer_length();
+    parser_tx_t *tx = tx_get_txObject();
 
-    zxerr_t err = crypto_sign(G_io_apdu_buffer, IO_APDU_BUFFER_SIZE - 3, message, messageLength);
+    zxerr_t err = crypto_sign(tx, G_io_apdu_buffer, IO_APDU_BUFFER_SIZE - 3);
 
     if (err != zxerr_ok) {
         set_code(G_io_apdu_buffer, 0, APDU_CODE_SIGN_VERIFY_ERROR);
         io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
     } else {
-        set_code(G_io_apdu_buffer, SK_LEN_25519, APDU_CODE_OK);
-        io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, SK_LEN_25519 + 2);
+        set_code(G_io_apdu_buffer, EFFECT_HASH_LEN, APDU_CODE_OK);
+        io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, EFFECT_HASH_LEN + 2);
     }
 }
 

diff --git a/app/src/common/tx.c b/app/src/common/tx.c
@@ -82,6 +82,10 @@ const char *tx_parse() {
 
 void tx_parse_reset() { MEMZERO(&tx_obj, sizeof(tx_obj)); }
 
+parser_tx_t* tx_get_txObject() {
+    return &tx_obj;
+}
+
 zxerr_t tx_getNumItems(uint8_t *num_items) {
     parser_error_t err = parser_getNumItems(&ctx_parsed_tx, num_items);
 

diff --git a/app/src/common/tx.h b/app/src/common/tx.h
@@ -18,12 +18,16 @@
 #include "coin.h"
 #include "os.h"
 #include "zxerror.h"
+#include "parser_txdef.h"
 
 void tx_initialize();
 
 /// Clears the transaction buffer
 void tx_reset();
 
+/// Returns the transaction object
+parser_tx_t* tx_get_txObject();
+
 /// Appends buffer to the end of the current transaction buffer
 /// Transaction buffer will grow until it reaches the maximum allowed size
 /// \param buffer

diff --git a/app/src/crypto.c b/app/src/crypto.c
@@ -21,6 +21,8 @@
 #include "cx.h"
 #include "keys_def.h"
 #include "zxmacros.h"
+#include "parser_interface.h"
+#include "zxformat.h"
 
 uint32_t hdPath[HDPATH_LEN_DEFAULT];
 
@@ -70,6 +72,7 @@ __Z_INLINE zxerr_t computeSpendKey(keys_t *keys) {
     error = zxerr_ok;
 
 catch_cx_error:
+    MEMZERO(&keys, sizeof(keys));
     MEMZERO(privateKeyData, sizeof(privateKeyData));
 
     return error;
@@ -129,35 +132,33 @@ zxerr_t crypto_fillAddress(uint8_t *buffer, uint16_t bufferLen, uint16_t *cmdRes
     return error;
 }
 
-// zxerr_t crypto_sign(uint8_t *signature, uint16_t signatureMaxlen, const uint8_t *message, uint16_t messageLen) {
-//     if (signature == NULL || message == NULL || signatureMaxlen < ED25519_SIGNATURE_SIZE || messageLen == 0) {
-//         return zxerr_invalid_crypto_settings;
-//     }
-//
-//     cx_ecfp_private_key_t cx_privateKey;
-//     uint8_t privateKeyData[SK_LEN_25519] = {0};
-//
-//     zxerr_t error = zxerr_unknown;
-//     // Generate keys
-//     CATCH_CXERROR(os_derive_bip32_with_seed_no_throw(HDW_NORMAL, CX_CURVE_Ed25519, hdPath, HDPATH_LEN_DEFAULT,
-//                                                       privateKeyData, NULL, NULL, 0));
-//
-//     CATCH_CXERROR(cx_ecfp_init_private_key_no_throw(CX_CURVE_Ed25519, privateKeyData, SCALAR_LEN_ED25519,
-//     &cx_privateKey));
-//
-//     // Sign
-//     CATCH_CXERROR(
-//         cx_eddsa_sign_no_throw(&cx_privateKey, CX_SHA512, message, messageLen, signature, signatureMaxlen));
-//
-//     error = zxerr_ok;
-//
-// catch_cx_error:
-//     MEMZERO(&cx_privateKey, sizeof(cx_privateKey));
-//     MEMZERO(privateKeyData, sizeof(privateKeyData));
-//
-//     if (error != zxerr_ok) {
-//         MEMZERO(signature, signatureMaxlen);
-//     }
-//
-//     return error;
-// }
+zxerr_t crypto_sign(parser_tx_t *tx_obj, uint8_t *signature, uint16_t signatureMaxlen) {
+    if (signature == NULL || tx_obj == NULL || signatureMaxlen < EFFECT_HASH_LEN) {
+        return zxerr_invalid_crypto_settings;
+    }
+
+    keys_t keys = {0};
+    zxerr_t error = zxerr_invalid_crypto_settings;
+
+    CATCH_ZX_ERROR(computeSpendKey(&keys));
+
+    for (uint16_t i = 0; i < tx_obj->plan.actions.qty; i++) {
+        CATCH_ZX_ERROR(compute_action_hash(&tx_obj->actions_plan[i], &keys.skb, &tx_obj->plan.memo.key, &tx_obj->plan.actions.hashes[i]));
+    }
+
+    CATCH_ZX_ERROR(compute_transaction_plan(&tx_obj->plan, tx_obj->effect_hash, sizeof(tx_obj->effect_hash)));
+
+    MEMCPY(signature, tx_obj->effect_hash, EFFECT_HASH_LEN);
+
+    return zxerr_ok;
+
+catch_zx_error: 
+    MEMZERO(&keys, sizeof(keys));
+    MEMZERO(signature, signatureMaxlen);
+
+    if (error != zxerr_ok) {
+        MEMZERO(signature, signatureMaxlen);
+    }
+
+    return error;
+}
diff --git a/app/src/crypto.h b/app/src/crypto.h
@@ -26,6 +26,7 @@ extern "C" {
 #include "coin.h"
 #include "keys_def.h"
 #include "zxerror.h"
+#include "parser_txdef.h"
 
 extern uint32_t hdPath[HDPATH_LEN_DEFAULT];
 
@@ -34,7 +35,7 @@ zxerr_t crypto_fillKeys(uint8_t *output, uint16_t len, uint16_t *cmdResponseLen)
 zxerr_t crypto_fillAddress(uint8_t *buffer, uint16_t bufferLen, uint16_t *addrResponseLen, uint32_t account,
                            uint8_t *randomizer);
 
-zxerr_t crypto_sign(uint8_t *signature, uint16_t signatureMaxlen, const uint8_t *message, uint16_t messageLen);
+zxerr_t crypto_sign(parser_tx_t *tx_obj, uint8_t *signature, uint16_t signatureMaxlen);
 
 zxerr_t crypto_extractSpendingKeyBytes(uint8_t *key_bytes, uint32_t key_bytes_len);
 

diff --git a/app/src/parser_impl.c b/app/src/parser_impl.c
@@ -227,7 +227,6 @@ bool decode_detection_data(pb_istream_t *stream, const pb_field_t *field, void *
 
 parser_error_t _read(parser_context_t *c, parser_tx_t *v) {
     bytes_t data = {0};
-    action_t actions_plan[ACTIONS_QTY] = {0};
     data.ptr = c->buffer;
     data.len = c->bufferLen;
     actions_qty = 0;
@@ -247,7 +246,7 @@ parser_error_t _read(parser_context_t *c, parser_tx_t *v) {
 
     // actions callbacks
     request.actions.funcs.decode = &decode_action;
-    request.actions.arg = &actions_plan;
+    request.actions.arg = &v->actions_plan;
 
     // detection data callbacks
     request.detection_data.clue_plans.funcs.decode = &decode_detection_data;
@@ -270,33 +269,36 @@ parser_error_t _read(parser_context_t *c, parser_tx_t *v) {
     // get transaction parameters
     extract_data_from_tag(&data, &v->plan.transaction_parameters.parameters,
                           penumbra_core_transaction_v1_TransactionPlan_transaction_parameters_tag);
+    v->plan.actions.qty = actions_qty;
+
+    // print transaction parameters
     print_buffer(&v->plan.transaction_parameters.parameters, "real transaction parameters");
 
     // print actions
     for (uint16_t i = 0; i < ACTIONS_QTY; i++) {
-        switch (actions_plan[i].action_type) {
+        switch (v->actions_plan[i].action_type) {
             case penumbra_core_transaction_v1_ActionPlan_spend_tag:
-                print_buffer(&actions_plan[i].action.spend.note.address.inner, "real spend action note address inner");
-                print_buffer(&actions_plan[i].action.spend.note.value.asset_id.inner, "real spend action note value asset id inner");
-                print_buffer(&actions_plan[i].action.spend.note.rseed, "real spend action note rseed");
-                print_buffer(&actions_plan[i].action.spend.randomizer, "real spend action proof randomizer");
-                print_buffer(&actions_plan[i].action.spend.value_blinding, "real spend action proof value_blinding");
-                print_buffer(&actions_plan[i].action.spend.proof_blinding_r, "real spend action proof proof_blinding_r");
-                print_buffer(&actions_plan[i].action.spend.proof_blinding_s, "real spend action proof proof_blinding_s");
+                print_buffer(&v->actions_plan[i].action.spend.note.address.inner, "real spend action note address inner");
+                print_buffer(&v->actions_plan[i].action.spend.note.value.asset_id.inner, "real spend action note value asset id inner");
+                print_buffer(&v->actions_plan[i].action.spend.note.rseed, "real spend action note rseed");
+                print_buffer(&v->actions_plan[i].action.spend.randomizer, "real spend action proof randomizer");
+                print_buffer(&v->actions_plan[i].action.spend.value_blinding, "real spend action proof value_blinding");
+                print_buffer(&v->actions_plan[i].action.spend.proof_blinding_r, "real spend action proof proof_blinding_r");
+                print_buffer(&v->actions_plan[i].action.spend.proof_blinding_s, "real spend action proof proof_blinding_s");
 
                 // printf("position: %lu\n", actions_plan[i].action.spend.position);
                 // printf("amount hi: %lu\n", actions_plan[i].action.spend.note.value.amount.hi);
                 // printf("amount lo: %lu\n", actions_plan[i].action.spend.note.value.amount.lo);
                 break;
             case penumbra_core_transaction_v1_ActionPlan_output_tag:
-                print_buffer(&actions_plan[i].action.output.value.asset_id.inner, "real output action note value asset id inner");
+                print_buffer(&v->actions_plan[i].action.output.value.asset_id.inner, "real output action note value asset id inner");
                 // printf("output value amount hi: %lu\n", actions_plan[i].action.output.value.amount.hi);
                 // printf("output value amount lo: %lu\n", actions_plan[i].action.output.value.amount.lo);
-                print_buffer(&actions_plan[i].action.output.dest_address.inner, "real output action note dest address inner");
-                print_buffer(&actions_plan[i].action.output.rseed, "real output action note rseed");
-                print_buffer(&actions_plan[i].action.output.value_blinding, "real output action note value_blinding");
-                print_buffer(&actions_plan[i].action.output.proof_blinding_r, "real output action note proof_blinding_r");
-                print_buffer(&actions_plan[i].action.output.proof_blinding_s, "real output action note proof_blinding_s");
+                print_buffer(&v->actions_plan[i].action.output.dest_address.inner, "real output action note dest address inner");
+                print_buffer(&v->actions_plan[i].action.output.rseed, "real output action note rseed");
+                print_buffer(&v->actions_plan[i].action.output.value_blinding, "real output action note value_blinding");
+                print_buffer(&v->actions_plan[i].action.output.proof_blinding_r, "real output action note proof_blinding_r");
+                print_buffer(&v->actions_plan[i].action.output.proof_blinding_s, "real output action note proof_blinding_s");
                 break;
         }
     }
@@ -307,19 +309,6 @@ parser_error_t _read(parser_context_t *c, parser_tx_t *v) {
     print_buffer(&v->plan.memo.plaintext.return_address.inner, "real memo return address inner");
     print_buffer(&v->plan.memo.plaintext.return_address.alt_bech32m, "real memo return address alt bech32m");
 
-    for (uint16_t i = 0; i < actions_qty; i++) {
-        CHECK_ERROR(compute_action_hash(&actions_plan[i], c->sk_bytes, &v->plan.memo.key, &v->plan.actions.hashes[i]));
-    }
-    v->plan.actions.qty = actions_qty;
-
-    CHECK_ERROR(compute_transaction_plan(&v->plan, v->effect_hash, sizeof(v->effect_hash)));
-
-    // TODO: only for testing
-    bytes_t effect_hash;
-    effect_hash.ptr = v->effect_hash;
-    effect_hash.len = sizeof(v->effect_hash);
-    print_buffer(&effect_hash, "effect_hash");
-
     return parser_ok;
 }
 

diff --git a/app/src/parser_interface.c b/app/src/parser_interface.c
@@ -37,44 +37,44 @@ void print_buffer_interface(uint8_t *buffer, size_t len, const char *title) {
 #endif
 }
 
-parser_error_t compute_transaction_plan(transaction_plan_t *plan, uint8_t *effect_hash, uint16_t effect_hash_len) {
-    if (plan == NULL || effect_hash == NULL) return parser_unexpected_error;
+zxerr_t compute_transaction_plan(transaction_plan_t *plan, uint8_t *effect_hash, uint16_t effect_hash_len) {
+    if (plan == NULL || effect_hash == NULL) return zxerr_unknown;
 
     if (rs_compute_transaction_plan(plan, effect_hash, effect_hash_len) != parser_ok) {
-        return parser_unexpected_error;
+        return zxerr_unknown;
     }
 
-    return parser_ok;
+    return zxerr_ok;
 }
 
-parser_error_t compute_action_hash(action_t *action, spend_key_bytes_t *sk_bytes, bytes_t *memo_key,action_hash_t *output) {
+zxerr_t compute_action_hash(action_t *action, spend_key_bytes_t *sk_bytes, bytes_t *memo_key,action_hash_t *output) {
     if (action == NULL || output == NULL) 
-        return parser_unexpected_error;
+        return zxerr_unknown;
 
     switch (action->action_type) {
         case penumbra_core_transaction_v1_ActionPlan_spend_tag:
             if (sk_bytes == NULL)
-                return parser_unexpected_error;
+                return zxerr_unknown;
             if (rs_spend_action_hash(sk_bytes, &action->action.spend, (uint8_t *)output, 64) != parser_ok) 
-                return parser_unexpected_error;
+                return zxerr_encoding_failed;
             break;
         case penumbra_core_transaction_v1_ActionPlan_output_tag:
             if (sk_bytes == NULL)
-                return parser_unexpected_error; 
+                return zxerr_unknown; 
             if (rs_output_action_hash(sk_bytes, &action->action.output, memo_key, (uint8_t *)output, 64) != parser_ok)
-                return parser_unexpected_error;
+                return zxerr_encoding_failed;
             break;
         case penumbra_core_transaction_v1_ActionPlan_delegate_tag:
         case penumbra_core_transaction_v1_ActionPlan_undelegate_tag:
             if (rs_generic_action_hash(&action->action_data, action->action_type, (uint8_t *)output, 64) != parser_ok)
-                return parser_unexpected_error;
+                return zxerr_encoding_failed;
             break;
         default:
-            return parser_unexpected_error;
+            return zxerr_unknown;
     }
 
     // TODO: only for testing
     print_buffer_interface((uint8_t *)output, 64, "spend action hash");
 
-    return parser_ok;
+    return zxerr_ok;
 }
diff --git a/app/src/parser_interface.h b/app/src/parser_interface.h
@@ -28,8 +28,8 @@ extern "C" {
 #include "zxerror.h"
 #include "zxmacros.h"
 
-parser_error_t compute_transaction_plan(transaction_plan_t *plan, uint8_t *effect_hash, uint16_t effect_hash_len);
-parser_error_t compute_action_hash(action_t *action, spend_key_bytes_t *sk_bytes, bytes_t *memo_key, action_hash_t *output);
+zxerr_t compute_transaction_plan(transaction_plan_t *plan, uint8_t *effect_hash, uint16_t effect_hash_len);
+zxerr_t compute_action_hash(action_t *action, spend_key_bytes_t *sk_bytes, bytes_t *memo_key, action_hash_t *output);
 
 #ifdef __cplusplus
 }

diff --git a/app/src/parser_txdef.h b/app/src/parser_txdef.h
@@ -166,6 +166,7 @@ typedef struct {
 
 typedef struct {
     transaction_plan_t plan;
+    action_t actions_plan[ACTIONS_QTY];
     uint8_t effect_hash[64];
 } parser_tx_t;