Fbe/swap spl token #242
Fbe/swap spl token #242
Conversation
| return -1; | ||
| } | ||
|
|
||
| if (key_usage != expected_key_usage) { |
There was a problem hiding this comment.
Could be interesting also to check the certificate_name ?
On a previous PR, the Donjon requested also to check th expected curve against public_key.curve.
There was a problem hiding this comment.
Added public_key.curve check
Not sure what to check certificate_name against..
| from typing import Union | ||
| from enum import IntEnum | ||
|
|
||
| def der_encode(value: int) -> bytes: |
There was a problem hiding this comment.
Should be generic?
| return value_bytes | ||
|
|
||
| # https://ledgerhq.atlassian.net/wiki/spaces/TrustServices/pages/3736863735/LNS+Arch+Nano+Trusted+Names+Descriptor+Format+APIs#TLV-description | ||
| class FieldTag(IntEnum): |
There was a problem hiding this comment.
Tags are defined globally, and not only for Solana. A generic file for TLV could be usefull (like you wrote for the C application)
| TAG_SIGNER_ALGO = 0x14 | ||
| TAG_DER_SIGNATURE = 0x15 | ||
|
|
||
| def format_tlv(tag: int, value: Union[int, str, bytes]) -> bytes: |
There was a problem hiding this comment.
This is also generic
| def send_certificate(self, payload: bytes) -> RAPDU: | ||
| return self._client.exchange(cla=self._CLA, | ||
| ins=self._INS, | ||
| p1=0x04, # PubKeyUsage = 0x04 |
There was a problem hiding this comment.
Using a class to add the different possible values, would be clearer, and would allow better maintenability
fbeutin-ledger
force-pushed
the
fbe/swap_spl_token
branch
8 times, most recently
from
11b0863 to
6f3e26f
Compare
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
fbeutin-ledger
force-pushed
the
fbe/swap_spl_token
branch
from
6f3e26f to
3b6f4f5
Compare
fbeutin-ledger
force-pushed
the
fbe/swap_spl_token
branch
from
3b6f4f5 to
8e1d889
Compare
| switch (step) { | ||
| case TLV_TAG: | ||
| tag_start_offset = offset; | ||
| if (!GET_DER_VALUE_AS_UINTX(payload, &offset, &data.tag)) { | ||
| return false; | ||
| } | ||
| step = TLV_LENGTH; | ||
| break; | ||
|
|
||
| case TLV_LENGTH: | ||
| if (!get_der_value_as_uint16(payload, &offset, &data.length)) { | ||
| return false; | ||
| } | ||
| step = TLV_VALUE; | ||
| break; | ||
|
|
||
| case TLV_VALUE: | ||
| if ((offset + data.length) > payload->size) { | ||
| PRINTF("Error: value would go beyond the TLV payload!\n"); | ||
| return false; | ||
| } | ||
| data.value = &payload->bytes[offset]; | ||
| PRINTF("Handling tag 0x%02x length %d value '%.*H'\n", | ||
| data.tag, | ||
| data.length, | ||
| data.length, | ||
| data.value); | ||
| if (!handle_tlv_data(handlers, | ||
| handlers_count, | ||
| &data, | ||
| received_tags_flags, | ||
| tlv_out)) { | ||
| PRINTF("Handler reported an error\n"); | ||
| return false; | ||
| } | ||
| offset += data.length; | ||
| // Feed this TLV into the hash (except the signature itself) | ||
| if (data.tag != signature_tag) { | ||
| CX_ASSERT(cx_hash_no_throw((cx_hash_t *) &hash_ctx, | ||
| 0, | ||
| &payload->bytes[tag_start_offset], | ||
| (offset - tag_start_offset), | ||
| NULL, | ||
| 0)); | ||
| } | ||
| step = TLV_TAG; | ||
| break; | ||
|
|
||
| default: | ||
| return false; | ||
| } |
Check notice
Code scanning / CodeQL
Long switch case Note
| switch (trusted_name_info->struct_version) { | ||
| case 2: | ||
| if (!RECEIVED_REQUIRED_TAGS(received_tags_flags, | ||
| STRUCT_TYPE, | ||
| STRUCT_VERSION, | ||
| TRUSTED_NAME_TYPE, | ||
| TRUSTED_NAME_SOURCE, | ||
| TRUSTED_NAME, | ||
| CHAIN_ID, | ||
| ADDRESS, | ||
| CHALLENGE, | ||
| SIGNER_KEY_ID, | ||
| SIGNER_ALGO, | ||
| SIGNATURE)) { | ||
| PRINTF("Error: missing required fields in struct version 2\n"); | ||
| return MISSING_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->challenge != expected_challenge) { | ||
| // No risk printing it as DEBUG cannot be used in prod | ||
| PRINTF("Error: wrong challenge, received %u expected %u\n", | ||
| trusted_name_info->challenge, | ||
| expected_challenge); | ||
| return WRONG_CHALLENGE; | ||
| } | ||
| if (trusted_name_info->struct_type != STRUCT_TYPE_TRUSTED_NAME) { | ||
| PRINTF("Error: unexpected struct type %d\n", trusted_name_info->struct_type); | ||
| return WRONG_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->name_type != TYPE_ADDRESS) { | ||
| PRINTF("Error: unsupported name type %d\n", trusted_name_info->name_type); | ||
| return WRONG_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->name_source != TYPE_DYN_RESOLVER) { | ||
| PRINTF("Error: unsupported name source %d\n", trusted_name_info->name_source); | ||
| return WRONG_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->sig_algorithm != ALGO_SECP256K1) { | ||
| PRINTF("Error: unsupported sig algorithm %d\n", trusted_name_info->sig_algorithm); | ||
| return WRONG_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->key_id != valid_key_id) { | ||
| PRINTF("Error: wrong metadata key ID %u\n", trusted_name_info->key_id); | ||
| return WRONG_TLV_KEY_ID; | ||
| } | ||
| break; | ||
| default: | ||
| PRINTF("Error: unsupported struct version %d\n", trusted_name_info->struct_version); | ||
| return WRONG_TLV_CONTENT; | ||
| } |
Check notice
Code scanning / CodeQL
Long switch case Note
| switch (trusted_name_info->struct_version) { | ||
| case 2: | ||
| if (!RECEIVED_REQUIRED_TAGS(received_tags_flags, | ||
| STRUCT_TYPE, | ||
| STRUCT_VERSION, | ||
| TRUSTED_NAME_TYPE, | ||
| TRUSTED_NAME_SOURCE, | ||
| TRUSTED_NAME, | ||
| CHAIN_ID, | ||
| ADDRESS, | ||
| CHALLENGE, | ||
| SIGNER_KEY_ID, | ||
| SIGNER_ALGO, | ||
| SIGNATURE)) { | ||
| PRINTF("Error: missing required fields in struct version 2\n"); | ||
| return MISSING_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->challenge != expected_challenge) { | ||
| // No risk printing it as DEBUG cannot be used in prod | ||
| PRINTF("Error: wrong challenge, received %u expected %u\n", | ||
| trusted_name_info->challenge, | ||
| expected_challenge); | ||
| return WRONG_CHALLENGE; | ||
| } | ||
| if (trusted_name_info->struct_type != STRUCT_TYPE_TRUSTED_NAME) { | ||
| PRINTF("Error: unexpected struct type %d\n", trusted_name_info->struct_type); | ||
| return WRONG_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->name_type != TYPE_ADDRESS) { | ||
| PRINTF("Error: unsupported name type %d\n", trusted_name_info->name_type); | ||
| return WRONG_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->name_source != TYPE_DYN_RESOLVER) { | ||
| PRINTF("Error: unsupported name source %d\n", trusted_name_info->name_source); | ||
| return WRONG_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->sig_algorithm != ALGO_SECP256K1) { | ||
| PRINTF("Error: unsupported sig algorithm %d\n", trusted_name_info->sig_algorithm); | ||
| return WRONG_TLV_CONTENT; | ||
| } | ||
| if (trusted_name_info->key_id != valid_key_id) { | ||
| PRINTF("Error: wrong metadata key ID %u\n", trusted_name_info->key_id); | ||
| return WRONG_TLV_KEY_ID; | ||
| } | ||
| break; | ||
| default: | ||
| PRINTF("Error: unsupported struct version %d\n", trusted_name_info->struct_version); | ||
| return WRONG_TLV_CONTENT; | ||
| } |
Check notice
Code scanning / CodeQL
No trivial switch statements Note
No description provided.