Merge pull request #20 from LedgerHQ/develop

Merge develop into master (B2CA-1683)
LedgerHQ · Sep 19, 2024 · 99d5802 · 99d5802
2 parents d2fa96e + 5a09d16
commit 99d5802
Show file tree

Hide file tree

Showing 347 changed files with 646 additions and 869 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,13 @@
+# Compilation files of the application
+build/
+
+# Legacy compilation output
 bin/
 debug/
+
+# Temporary directory with snapshots taken during test runs
+tests/snapshots-tmp/
+
 dep/
 dev-env/
 obj/

diff --git a/Makefile b/Makefile
@@ -20,14 +20,14 @@ $(error Environment variable BOLOS_SDK is not set)
 endif
 include $(BOLOS_SDK)/Makefile.defines
 
-APP_LOAD_PARAMS= --path "44'/12586'" --appFlags 0x240 $(COMMON_LOAD_PARAMS)
+APP_LOAD_PARAMS= --path "44'/12586'" --curve secp256k1 --appFlags 0x240 $(COMMON_LOAD_PARAMS)
 
 # Add and push a new git tag to update the app version
 GIT_DESCRIBE=$(shell git describe --tags --abbrev=8 --always --long --dirty 2>/dev/null)
 VERSION_TAG=$(shell echo $(GIT_DESCRIBE) | sed 's/^v//g')
 APPVERSION_M=1
-APPVERSION_N=1
-APPVERSION_P=2
+APPVERSION_N=2
+APPVERSION_P=0
 APPVERSION=$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)
 APPNAME = "Mina"
 
@@ -37,6 +37,8 @@ ifeq ($(TARGET_NAME),TARGET_NANOS)
 	ICONNAME=icons/nanos_app_mina.gif
 else ifeq ($(TARGET_NAME),TARGET_STAX)
 	ICONNAME=icons/stax_app_mina.gif
+else ifeq ($(TARGET_NAME),TARGET_FLEX)
+	ICONNAME=icons/flex_app_mina.gif
 else
 	ICONNAME=icons/nanox_app_mina.gif
 endif
@@ -112,7 +114,7 @@ DEFINES       += HAVE_WEBUSB WEBUSB_URL_SIZE_B=$(shell echo -n $(WEBUSB_URL) | w
 DEFINES   += UNUSED\(x\)=\(void\)x
 DEFINES   += APPVERSION=\"$(APPVERSION)\"
 
-ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOX TARGET_STAX))
+ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOX TARGET_STAX TARGET_FLEX))
 DEFINES       += HAVE_BLE BLE_COMMAND_TIMEOUT_MS=2000
 DEFINES       += HAVE_BLE_APDU # basic ledger apdu transport over BLE
 endif
@@ -123,7 +125,7 @@ else
     DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=300
 endif
 
-ifeq ($(TARGET_NAME),TARGET_STAX)
+ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_STAX TARGET_FLEX))
     DEFINES += NBGL_QRCODE
     SDK_SOURCE_PATH += qrcode
 else
@@ -212,11 +214,11 @@ include $(BOLOS_SDK)/Makefile.glyphs
 ### variables processed by the common makefile.rules of the SDK to grab source files and include dirs
 APP_SOURCE_PATH  += src
 SDK_SOURCE_PATH  += lib_stusb lib_stusb_impl lib_u2f
-ifneq ($(TARGET_NAME),TARGET_STAX)
+ifneq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_STAX TARGET_FLEX))
 SDK_SOURCE_PATH += lib_ux
 endif
 
-ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOX TARGET_STAX))
+ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOX TARGET_STAX TARGET_FLEX))
 SDK_SOURCE_PATH  += lib_blewbxx lib_blewbxx_impl
 endif
 

diff --git a/README.md b/README.md
@@ -60,6 +60,7 @@ You can choose which device to compile and load for by setting the `BOLOS_SDK` e
 * `BOLOS_SDK=$NANOX_SDK`
 * `BOLOS_SDK=$NANOSP_SDK`
 * `BOLOS_SDK=$STAX_SDK`
+* `BOLOS_SDK=$FLEX_SDK`
 
 By default this variable is set to build/load for Nano S.
 

diff --git a/icons/flex_app_mina.gif b/icons/flex_app_mina.gif
diff --git a/ledger_app.toml b/ledger_app.toml
@@ -1,7 +1,7 @@
 [app]
 build_directory = "./"
 sdk = "C"
-devices = ["nanos", "nanox", "nanos+", "stax"]
+devices = ["nanos", "nanox", "nanos+", "stax", "flex"]
 
 [tests]
 pytest_directory = "./tests/"
diff --git a/src/crypto.c b/src/crypto.c
@@ -141,39 +141,53 @@ void field_copy(Field b, const Field a)
 
 void field_add(Field c, const Field a, const Field b)
 {
-    cx_math_addm(c, a, b, FIELD_MODULUS, FIELD_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_addm_no_throw(c, a, b, FIELD_MODULUS, FIELD_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_addm fail");
 }
 
 void field_sub(Field c, const Field a, const Field b)
 {
-    cx_math_subm(c, a, b, FIELD_MODULUS, FIELD_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_subm_no_throw(c, a, b, FIELD_MODULUS, FIELD_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_subm fail");
 }
 
 void field_mul(Field c, const Field a, const Field b)
 {
-    cx_math_multm(c, a, b, FIELD_MODULUS, FIELD_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_multm_no_throw(c, a, b, FIELD_MODULUS, FIELD_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_multm fail");
 }
 
 void field_sq(Field b, const Field a)
 {
-    cx_math_multm(b, a, a, FIELD_MODULUS, FIELD_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_multm_no_throw(b, a, a, FIELD_MODULUS, FIELD_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_multm fail");
 }
 
 void field_inv(Field c, const Field a)
 {
-    cx_math_invprimem(c, a, FIELD_MODULUS, FIELD_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_invprimem_no_throw(c, a, FIELD_MODULUS, FIELD_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_invprimem fail");
 }
 
 void field_negate(Field c, const Field a)
 {
     // Ledger API expects inputs to be in range [0, FIELD_MODULUS)
-    cx_math_subm(c, FIELD_ZERO, a, FIELD_MODULUS, FIELD_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_subm_no_throw(c, FIELD_ZERO, a, FIELD_MODULUS, FIELD_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_subm fail");
 }
 
 // c = a^e mod m
 void field_pow(Field c, const Field a, const Field e)
 {
-    cx_math_powm(c, a, e, FIELD_BYTES, FIELD_MODULUS, FIELD_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_powm_no_throw(c, a, e, FIELD_BYTES, FIELD_MODULUS, FIELD_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_powm fail");
 }
 
 bool field_eq(const Field a, const Field b)
@@ -219,34 +233,46 @@ void scalar_copy(Scalar b, const Scalar a)
 
 void scalar_add(Scalar c, const Scalar a, const Scalar b)
 {
-    cx_math_addm(c, a, b, GROUP_ORDER, SCALAR_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_addm_no_throw(c, a, b, GROUP_ORDER, SCALAR_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_addm_no_throw fail");
 }
 
 void scalar_sub(Scalar c, const Scalar a, const Scalar b)
 {
-    cx_math_subm(c, a, b, GROUP_ORDER, SCALAR_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_subm_no_throw(c, a, b, GROUP_ORDER, SCALAR_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_subm_no_throw fail");
 }
 
 void scalar_mul(Scalar c, const Scalar a, const Scalar b)
 {
-    cx_math_multm(c, a, b, GROUP_ORDER, SCALAR_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_multm_no_throw(c, a, b, GROUP_ORDER, SCALAR_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_multm_no_throw fail");
 }
 
 void scalar_sq(Scalar b, const Scalar a)
 {
-    cx_math_multm(b, a, a, GROUP_ORDER, SCALAR_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_multm_no_throw(b, a, a, GROUP_ORDER, SCALAR_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_multm_no_throw fail");
 }
 
 void scalar_negate(Field b, const Field a)
 {
     // Ledger API expects inputs to be in range [0, GROUP_ORDER)
-    cx_math_subm(b, SCALAR_ZERO, a, GROUP_ORDER, SCALAR_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_subm_no_throw(b, SCALAR_ZERO, a, GROUP_ORDER, SCALAR_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_subm_no_throw fail");
 }
 
 // c = a^e mod m
 void scalar_pow(Scalar c, const Scalar a, const Scalar e)
 {
-    cx_math_powm(c, a, e, SCALAR_BYTES, GROUP_ORDER, SCALAR_BYTES);
+    cx_err_t cx_err;
+    cx_err = cx_math_powm_no_throw(c, a, e, SCALAR_BYTES, GROUP_ORDER, SCALAR_BYTES);
+    LEDGER_ASSERT(cx_err == CX_OK, "cx_math_powm_no_throw fail");
 }
 
 bool scalar_eq(const Scalar a, const Scalar b)
@@ -601,9 +627,16 @@ bool message_derive(Scalar out, const Keypair *kp, const ROInput *input, const u
 
     // blake2b hash
     cx_blake2b_t ctx;
-    cx_blake2b_init(&ctx, 256);
-    cx_hash(&ctx.header, 0, derive_msg, derive_len, NULL, 0);
-    cx_hash(&ctx.header, CX_LAST, NULL, 0, out, ctx.ctx.outlen);
+    if(CX_OK != cx_blake2b_init_no_throw(&ctx, 256)){
+        return false;
+    }
+
+    if(CX_OK != cx_hash_no_throw(&ctx.header, 0, derive_msg, derive_len, NULL, 0)){
+        return false;
+    }
+    if(CX_OK != cx_hash_no_throw(&ctx.header, CX_LAST, NULL, 0, out, ctx.ctx.outlen)){
+        return false;
+    }
 
     // Swap from little-endian to big-endian in place
     for (size_t i = SCALAR_BYTES; i > SCALAR_BYTES/2; i--) {

diff --git a/src/get_address_nbgl.c b/src/get_address_nbgl.c
@@ -25,37 +25,17 @@ static uint8_t set_result_get_address(void)
     return tx;
 }
 
-static void approve_callback(void)
-{
-    nbgl_useCaseStatus("ADDRESS\nVERIFIED", true, ui_idle);
-}
-
-static void cancel_callback(void)
-{
-    sendResponse(0, false);
-    nbgl_useCaseStatus("Address rejected", false, ui_idle);
-}
-
 static void confirmation_callback(bool confirm) {
     if (confirm) {
         sendResponse(set_result_get_address(), true),
-        approve_callback();
+        nbgl_useCaseReviewStatus(STATUS_TYPE_ADDRESS_VERIFIED, ui_idle);
     }
     else {
-        cancel_callback();
+        sendResponse(0, false);
+        nbgl_useCaseReviewStatus(STATUS_TYPE_ADDRESS_REJECTED, ui_idle);
     }
 }
 
-static void continue_light_notify_callback(void) {
-    transactionContext.tagValuePair[0].item = "Path";
-    transactionContext.tagValuePair[0].value = _bip44_path;
-
-    transactionContext.tagValueList.nbPairs = 1;
-    transactionContext.tagValueList.pairs = transactionContext.tagValuePair;
-
-    nbgl_useCaseAddressConfirmationExt(_address, confirmation_callback, &transactionContext.tagValueList);
-}
-
 void ui_get_address(uint8_t *dataBuffer) {
     _address[0] = '\0';
     _account = read_uint32_be(dataBuffer);
@@ -65,11 +45,25 @@ void ui_get_address(uint8_t *dataBuffer) {
     strncat(_bip44_path, "'/0/0", 6);                                      // at least 27 - 21 = 6 bytes free (just enough)
 
     gen_address(_account, _address);
+
+    transactionContext.tagValuePair[0].item = "Path";
+    transactionContext.tagValuePair[0].value = _bip44_path;
+
+    transactionContext.tagValueList.nbPairs = 1;
+    transactionContext.tagValueList.pairs = transactionContext.tagValuePair;
+
     #ifdef HAVE_ON_DEVICE_UNIT_TESTS
         nbgl_useCaseSpinner("Unit tests ...");
     #else
-       nbgl_useCaseReviewStart(&C_Mina_64px, "Verify Mina\naddress", "", "Cancel", continue_light_notify_callback, cancel_callback);
+        nbgl_useCaseAddressReview(_address,
+                                  &transactionContext.tagValueList,
+                                  &C_Mina_64px,
+                                  "Verify Mina address",
+                                  NULL,
+                                  confirmation_callback);
     #endif
+
+
 }
 
 #endif // HAVE_NBGL
diff --git a/src/menu_nbgl.c b/src/menu_nbgl.c
@@ -2,32 +2,39 @@
 #include "menu.h"
 #include "nbgl_use_case.h"
 
+#define SETTING_INFO_NB 3
+static const char* const infoTypes[SETTING_INFO_NB] = {"Version", "Developer", "Copyright"};
+static const char* const infoContents[SETTING_INFO_NB] = {APPVERSION, "Jspada", "(c) 2024 Ledger"};
 
-static const char* const infoTypes[] = {"Version", "Developer", "Copyright"};
-static const char* const infoContents[] = {APPVERSION, "Jspada", "(c) 2023 Ledger"};
+static const nbgl_contentInfoList_t infoList = {
+    .nbInfos = SETTING_INFO_NB,
+    .infoTypes = infoTypes,
+    .infoContents = infoContents,
+};
 
-static bool navigation_cb(uint8_t page, nbgl_pageContent_t* content) {
-    UNUSED(page);
-    content->type = INFOS_LIST;
-    content->infosList.nbInfos = 3;
-    content->infosList.infoTypes = infoTypes;
-    content->infosList.infoContents = infoContents;
-    return true;
-}
-
-static void exit(void) {
+static void app_quit(void) {
     os_sched_exit(-1);
 }
 
-void ui_menu_about(void) {
-    nbgl_useCaseSettings(APPNAME, 0, 1, false, ui_idle, navigation_cb, NULL);
-}
-
 void ui_idle(void) {
 #ifdef HAVE_ON_DEVICE_UNIT_TESTS
-    nbgl_useCaseHome("Mina unit tests", &C_Mina_64px, NULL, false, ui_menu_about, exit);
-#else // HAVE_ON_DEVICE_UNIT_TESTS
-    nbgl_useCaseHome(APPNAME, &C_Mina_64px, NULL, false, ui_menu_about, exit);
+    nbgl_useCaseHomeAndSettings("Mina unit tests",
+                                &C_Mina_64px,
+                                NULL,
+                                INIT_HOME_PAGE,
+                                NULL,
+                                &infoList,
+                                NULL,
+                                app_quit);
+#else // app_quit
+    nbgl_useCaseHomeAndSettings(APPNAME,
+                                &C_Mina_64px,
+                                NULL,
+                                INIT_HOME_PAGE,
+                                NULL,
+                                &infoList,
+                                NULL,
+                                app_quit);
 #endif // HAVE_ON_DEVICE_UNIT_TESTS
 }
 #endif // HAVE_NBGL