Skip to content

Commit 58e3cb1

Browse files
Tarak Ben Youssefpsiemens
Tarak Ben Youssef
authored and
psiemens
committed
signable buffer is prepended by the tx tag - update zemu tests
1 parent eeb94d0 commit 58e3cb1

File tree

4 files changed

+81
-3
lines changed

4 files changed

+81
-3
lines changed

app/src/common/actions.h

+2-2
Original file line numberDiff line numberDiff line change
@@ -25,8 +25,8 @@
2525
extern uint16_t action_addr_len;
2626

2727
__Z_INLINE void app_sign() {
28-
const uint8_t *message = tx_get_buffer();
29-
const uint16_t messageLength = tx_get_buffer_length();
28+
const uint8_t *message = get_signable();
29+
const uint16_t messageLength = get_signable_length();
3030

3131
uint16_t replyLen = 0;
3232
zxerr_t err = crypto_sign(G_io_apdu_buffer, IO_APDU_BUFFER_SIZE - 3, message, messageLength, &replyLen);

app/src/common/tx.c

+21
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,15 @@ storage_t NV_CONST N_appdata_impl __attribute__ ((aligned(64)));
4444

4545
parser_context_t ctx_parsed_tx;
4646

47+
#define DOMAIN_TAG_LENGTH 32
48+
// UTF-8 encoding of "FLOW-V0.0-transaction" padded with zeros to 32 bytes
49+
const uint8_t TX_DOMAIN_TAG[DOMAIN_TAG_LENGTH] = {\
50+
0x46, 0x4C, 0x4F, 0x57, 0x2D, 0x56, 0x30, 0x2E,
51+
0x30, 0x2D, 0x74, 0x72, 0x61, 0x6E, 0x73, 0x61,
52+
0x63, 0x74, 0x69, 0x6F, 0x6E, 0, 0, 0,
53+
0, 0, 0, 0, 0, 0, 0, 0,
54+
};
55+
4756
void tx_initialize() {
4857
buffering_init(
4958
ram_buffer,
@@ -55,17 +64,29 @@ void tx_initialize() {
5564

5665
void tx_reset() {
5766
buffering_reset();
67+
buffering_append(TX_DOMAIN_TAG, DOMAIN_TAG_LENGTH);
5868
}
5969

6070
uint32_t tx_append(unsigned char *buffer, uint32_t length) {
6171
return buffering_append(buffer, length);
6272
}
6373

6474
uint32_t tx_get_buffer_length() {
75+
if (buffering_get_buffer()->pos >= DOMAIN_TAG_LENGTH) {
76+
return buffering_get_buffer()->pos - DOMAIN_TAG_LENGTH;
77+
}
78+
return 0;
79+
}
80+
81+
uint32_t get_signable_length() {
6582
return buffering_get_buffer()->pos;
6683
}
6784

6885
uint8_t *tx_get_buffer() {
86+
return buffering_get_buffer()->data + DOMAIN_TAG_LENGTH;
87+
}
88+
89+
uint8_t *get_signable() {
6990
return buffering_get_buffer()->data;
7091
}
7192

app/src/common/tx.h

+9
Original file line numberDiff line numberDiff line change
@@ -35,10 +35,19 @@ uint32_t tx_append(unsigned char *buffer, uint32_t length);
3535
/// \return
3636
uint32_t tx_get_buffer_length();
3737

38+
/// Returns size of the signable buffer including the domain tag and the transaction
39+
/// \return
40+
uint32_t get_signable_length();
41+
3842
/// Returns the raw json transaction buffer
3943
/// \return
4044
uint8_t *tx_get_buffer();
4145

46+
/// Returns the signable buffer including the domain tag and the transaction
47+
/// \return
48+
uint8_t *get_signable();
49+
50+
4251
/// Parse message stored in transaction buffer
4352
/// This function should be called as soon as full buffer data is loaded.
4453
/// \return It returns NULL if data is valid or error message otherwise.

tests_zemu/tests/test.js

+49-1
Original file line numberDiff line numberDiff line change
@@ -402,8 +402,12 @@ describe('Basic checks', function () {
402402
expect(resp.errorMessage).toEqual("No errors");
403403

404404
// Prepare digest
405+
let tag = Buffer.alloc(32);
406+
tag.write("FLOW-V0.0-transaction");
407+
405408
const hasher = new jsSHA("SHA-256", "UINT8ARRAY");
406-
hasher.update(txBlob)
409+
hasher.update(tag);
410+
hasher.update(txBlob);
407411
const digest = hasher.getHash("HEX");
408412

409413
// Verify signature
@@ -453,7 +457,11 @@ describe('Basic checks', function () {
453457
expect(resp.errorMessage).toEqual("No errors");
454458

455459
// Prepare digest
460+
let tag = Buffer.alloc(32);
461+
tag.write("FLOW-V0.0-transaction");
462+
456463
const hasher = new jsSHA("SHA-256", "UINT8ARRAY");
464+
hasher.update(tag)
457465
hasher.update(txBlob)
458466
const digest = hasher.getHash("HEX");
459467

@@ -504,7 +512,11 @@ describe('Basic checks', function () {
504512
expect(resp.errorMessage).toEqual("No errors");
505513

506514
// Prepare digest
515+
let tag = Buffer.alloc(32);
516+
tag.write("FLOW-V0.0-transaction");
517+
507518
const hasher = new jsSHA("SHA-256", "UINT8ARRAY");
519+
hasher.update(tag)
508520
hasher.update(txBlob)
509521
const digest = hasher.getHash("HEX");
510522

@@ -555,7 +567,11 @@ describe('Basic checks', function () {
555567
expect(resp.errorMessage).toEqual("No errors");
556568

557569
// Prepare digest
570+
let tag = Buffer.alloc(32);
571+
tag.write("FLOW-V0.0-transaction");
572+
558573
const hasher = new jsSHA("SHA3-256", "UINT8ARRAY");
574+
hasher.update(tag)
559575
hasher.update(txBlob)
560576
const digest = hasher.getHash("HEX");
561577

@@ -606,7 +622,11 @@ describe('Basic checks', function () {
606622
expect(resp.errorMessage).toEqual("No errors");
607623

608624
// Prepare digest
625+
let tag = Buffer.alloc(32);
626+
tag.write("FLOW-V0.0-transaction");
627+
609628
const hasher = new jsSHA("SHA3-256", "UINT8ARRAY");
629+
hasher.update(tag)
610630
hasher.update(txBlob)
611631
const digest = hasher.getHash("HEX");
612632

@@ -657,7 +677,11 @@ describe('Basic checks', function () {
657677
expect(resp.errorMessage).toEqual("No errors");
658678

659679
// Prepare digest
680+
let tag = Buffer.alloc(32);
681+
tag.write("FLOW-V0.0-transaction");
682+
660683
const hasher = new jsSHA("SHA3-256", "UINT8ARRAY");
684+
hasher.update(tag)
661685
hasher.update(txBlob)
662686
const digest = hasher.getHash("HEX");
663687

@@ -769,7 +793,11 @@ describe('Basic checks', function () {
769793
expect(resp.errorMessage).toEqual("No errors");
770794

771795
// Prepare digest
796+
let tag = Buffer.alloc(32);
797+
tag.write("FLOW-V0.0-transaction");
798+
772799
const hasher = new jsSHA("SHA-256", "UINT8ARRAY");
800+
hasher.update(tag)
773801
hasher.update(txBlob)
774802
const digest = hasher.getHash("HEX");
775803

@@ -820,7 +848,11 @@ describe('Basic checks', function () {
820848
expect(resp.errorMessage).toEqual("No errors");
821849

822850
// Prepare digest
851+
let tag = Buffer.alloc(32);
852+
tag.write("FLOW-V0.0-transaction");
853+
823854
const hasher = new jsSHA("SHA-256", "UINT8ARRAY");
855+
hasher.update(tag)
824856
hasher.update(txBlob)
825857
const digest = hasher.getHash("HEX");
826858

@@ -871,7 +903,11 @@ describe('Basic checks', function () {
871903
expect(resp.errorMessage).toEqual("No errors");
872904

873905
// Prepare digest
906+
let tag = Buffer.alloc(32);
907+
tag.write("FLOW-V0.0-transaction");
908+
874909
const hasher = new jsSHA("SHA-256", "UINT8ARRAY");
910+
hasher.update(tag)
875911
hasher.update(txBlob)
876912
const digest = hasher.getHash("HEX");
877913

@@ -922,7 +958,11 @@ describe('Basic checks', function () {
922958
expect(resp.errorMessage).toEqual("No errors");
923959

924960
// Prepare digest
961+
let tag = Buffer.alloc(32);
962+
tag.write("FLOW-V0.0-transaction");
963+
925964
const hasher = new jsSHA("SHA3-256", "UINT8ARRAY");
965+
hasher.update(tag)
926966
hasher.update(txBlob)
927967
const digest = hasher.getHash("HEX");
928968

@@ -973,7 +1013,11 @@ describe('Basic checks', function () {
9731013
expect(resp.errorMessage).toEqual("No errors");
9741014

9751015
// Prepare digest
1016+
let tag = Buffer.alloc(32);
1017+
tag.write("FLOW-V0.0-transaction");
1018+
9761019
const hasher = new jsSHA("SHA3-256", "UINT8ARRAY");
1020+
hasher.update(tag)
9771021
hasher.update(txBlob)
9781022
const digest = hasher.getHash("HEX");
9791023

@@ -1024,7 +1068,11 @@ describe('Basic checks', function () {
10241068
expect(resp.errorMessage).toEqual("No errors");
10251069

10261070
// Prepare digest
1071+
let tag = Buffer.alloc(32);
1072+
tag.write("FLOW-V0.0-transaction");
1073+
10271074
const hasher = new jsSHA("SHA3-256", "UINT8ARRAY");
1075+
hasher.update(tag)
10281076
hasher.update(txBlob)
10291077
const digest = hasher.getHash("HEX");
10301078

0 commit comments

Comments
 (0)