Merge pull request #65 from Zondax/dev

Upgrade to SDK 2.0

Author: jleni

.gitignore

@@ -88,3 +88,4 @@ cmake-build-fuzz/
 \fuzz/corpora/*
 
 node_modules/.yarn-integrity
+\.vscode

.gitmodules

@@ -3,7 +3,7 @@
 	url = https://github.com/LedgerHQ/nanos-secure-sdk.git
 [submodule "deps/nanox-secure-sdk"]
 	path = deps/nanox-secure-sdk
-	url = https://github.com/LedgerHQ/nanox-secure-sdk.git
+	url = https://github.com/Zondax/nanox-secure-sdk.git
 [submodule "deps/picohash"]
 	path = deps/picohash
 	url = https://github.com/kazuho/picohash

CMakeLists.txt

@@ -43,7 +43,7 @@ if (ENABLE_FUZZING)
     set(CMAKE_CXX_CLANG_TIDY clang-tidy -checks=-*,bugprone-*,cert-*,clang-analyzer-*,-cert-err58-cpp,misc-*,-bugprone-suspicious-include)
 
     if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang")
-        # require at least clang 12
+        # require at least clang 11
         if (CMAKE_CXX_COMPILER_VERSION VERSION_LESS 11.0)
             message(FATAL_ERROR "Clang version must be at least 11.0!")
         endif ()

app/Makefile

@@ -51,8 +51,8 @@ COIN=ICP
 endif
 
 APPVERSION_M=0
-APPVERSION_N=3
-APPVERSION_P=4
+APPVERSION_N=4
+APPVERSION_P=0
 
 $(info COIN  = [$(COIN)])
 ifeq ($(COIN),ICP)
@@ -135,7 +135,6 @@ SDK_SOURCE_PATH  += lib_blewbxx lib_blewbxx_impl
 else
 # Assume Nano S
 DEFINES       += IO_SEPROXYHAL_BUFFER_SIZE_B=128
-DEFINES       += COMPLIANCE_UX_160 HAVE_UX_LEGACY
 endif
 
 # X specific
@@ -149,8 +148,8 @@ DEFINES   += LEDGER_SPECIFIC
 
 ifneq ($(BOLOS_ENV),)
 $(info BOLOS_ENV is $(BOLOS_ENV))
-CLANGPATH := $(BOLOS_ENV)/clang-arm-fropi/bin/
-GCCPATH := $(BOLOS_ENV)/gcc-arm-none-eabi-5_3-2016q1/bin/
+CLANGPATH := /usr/bin/
+GCCPATH := /usr/bin/
 else
 $(info BOLOS_ENV is not set: falling back to CLANGPATH and GCCPATH)
 endif
@@ -166,7 +165,7 @@ endif
 #########################
 
 CC := $(CLANGPATH)clang
-CFLAGS += -O3 -Os -Wno-unknown-pragmas
+CFLAGS += -O3 -Os -Wno-unknown-pragmas -Wno-implicit-fallthrough
 
 AS := $(GCCPATH)arm-none-eabi-gcc
 AFLAGS +=

app/src/addr.c

@@ -21,6 +21,7 @@
 #include "app_mode.h"
 #include "crypto.h"
 #include "actions.h"
+#include "formatting.h"
 
 zxerr_t addr_getNumItems(uint8_t *num_items) {
     zemu_log_stack("addr_getNumItems");

app/src/base32.c

@@ -21,7 +21,10 @@
 
 #include <string.h>
 
-uint32_t base32_encode(const uint8_t *data, unsigned int length, char *result, uint32_t bufSize) {
+uint32_t base32_encode(const uint8_t *data,
+                       uint32_t length,
+                       char *result,
+                       uint32_t resultLen) {
     if (length < 0 || length > (1 << 28)) {
         return -1;
     }
@@ -30,7 +33,7 @@ uint32_t base32_encode(const uint8_t *data, unsigned int length, char *result, u
         uint32_t buffer = data[0];
         uint32_t next = 1;
         uint32_t bitsLeft = 8;
-        while (count < bufSize && (bitsLeft > 0 || next < length)) {
+        while (count < resultLen && (bitsLeft > 0 || next < length)) {
             if (bitsLeft < 5) {
                 if (next < length) {
                     buffer <<= 8;
@@ -47,7 +50,7 @@ uint32_t base32_encode(const uint8_t *data, unsigned int length, char *result, u
             result[count++] = "abcdefghijklmnopqrstuvwxyz234567"[index];
         }
     }
-    if (count < bufSize) {
+    if (count < resultLen) {
         result[count] = '\000';
     }
     return count;

app/src/common/actions.h

@@ -26,12 +26,10 @@
 extern uint16_t action_addrResponseLen;
 
 __Z_INLINE void app_sign() {
-    const uint8_t *message = tx_get_buffer();
-    const uint16_t messageLength = tx_get_buffer_length();
     uint16_t replyLen = 0;
 
     MEMZERO(G_io_apdu_buffer, IO_APDU_BUFFER_SIZE);
-    zxerr_t err = crypto_sign(G_io_apdu_buffer, IO_APDU_BUFFER_SIZE - 3, message, messageLength, &replyLen);
+    zxerr_t err = crypto_sign(G_io_apdu_buffer, IO_APDU_BUFFER_SIZE - 3, &replyLen);
 
     if (err != zxerr_ok || replyLen == 0) {
         set_code(G_io_apdu_buffer, 0, APDU_CODE_SIGN_VERIFY_ERROR);
@@ -43,6 +41,7 @@ __Z_INLINE void app_sign() {
 }
 
 __Z_INLINE void app_reject() {
+    MEMZERO(G_io_apdu_buffer, IO_APDU_BUFFER_SIZE);
     set_code(G_io_apdu_buffer, 0, APDU_CODE_COMMAND_NOT_ALLOWED);
     io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
 }

app/src/common/app_main.c

@@ -33,6 +33,8 @@
 unsigned char G_io_seproxyhal_spi_buffer[IO_SEPROXYHAL_BUFFER_SIZE_B];
 
 unsigned char io_event(unsigned char channel) {
+    UNUSED(channel);
+
     switch (G_io_seproxyhal_spi_buffer[0]) {
         case SEPROXYHAL_TAG_FINGER_EVENT: //
             UX_FINGER_EVENT(G_io_seproxyhal_spi_buffer);
@@ -111,6 +113,7 @@ void extractHDPath(uint32_t rx, uint32_t offset) {
 }
 
 bool process_chunk(volatile uint32_t *tx, uint32_t rx) {
+    UNUSED(tx);
     const uint8_t payloadType = G_io_apdu_buffer[OFFSET_PAYLOAD_TYPE];
 
     if (G_io_apdu_buffer[OFFSET_P2] != 0) {
@@ -146,7 +149,9 @@ bool process_chunk(volatile uint32_t *tx, uint32_t rx) {
 }
 
 void handle_generic_apdu(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
-    if (rx > 4 && os_memcmp(G_io_apdu_buffer, "\xE0\x01\x00\x00", 4) == 0) {
+    UNUSED(flags);
+
+    if (rx > 4 && MEMCMP(G_io_apdu_buffer, "\xE0\x01\x00\x00", 4) == 0) {
         // Respond to get device info command
         uint8_t *p = G_io_apdu_buffer;
         // Target ID        4 bytes

app/src/common/app_main.h

@@ -47,6 +47,8 @@ void handleApdu(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx);
 void handle_generic_apdu(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx);
 
 __Z_INLINE void handle_getversion(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
+    UNUSED(flags);
+    UNUSED(rx);
 #ifdef DEBUG
     G_io_apdu_buffer[0] = 0xFF;
 #else

app/src/crypto.c

@@ -72,6 +72,9 @@ zxerr_t crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t
             cx_ecfp_init_public_key(CX_CURVE_256K1, NULL, 0, &cx_publicKey);
             cx_ecfp_generate_pair(CX_CURVE_256K1, &cx_publicKey, &cx_privateKey, 1);
         }
+        CATCH_OTHER(e) {
+            return zxerr_ledger_api_error;
+        }
         FINALLY {
             MEMZERO(&cx_privateKey, sizeof(cx_privateKey));
             MEMZERO(privateKeyData, 32);
@@ -88,8 +91,8 @@ typedef struct {
     uint8_t s[32];
     uint8_t v;
 
-//    // DER signature max size should be 73
-//    // https://bitcoin.stackexchange.com/questions/77191/what-is-the-maximum-size-of-a-der-encoded-ecdsa-signature#77192
+    // DER signature max size should be 73
+    // https://bitcoin.stackexchange.com/questions/77191/what-is-the-maximum-size-of-a-der-encoded-ecdsa-signature#77192
     uint8_t der_signature[73];
 
 } __attribute__((packed)) signature_t;
@@ -189,8 +192,6 @@ zxerr_t crypto_getDigest(uint8_t *digest, txtype_e txtype){
 
 zxerr_t crypto_sign(uint8_t *signatureBuffer,
                     uint16_t signatureMaxlen,
-                    const uint8_t *message,
-                    uint16_t messageLen,
                     uint16_t *sigSize) {
     if (signatureMaxlen < SIGN_PREHASH_SIZE + sizeof(signature_t)){
         return zxerr_buffer_too_small;