From 496b51febfed40b677414d9e51d4540647322ff4 Mon Sep 17 00:00:00 2001
From: Alexandre Paillier <alexandre.paillier@ledger.fr>
Date: Thu, 28 Nov 2024 14:18:26 +0100
Subject: [PATCH] Now handle another key id for trusted names coming from CAL

Adapted Python client
---
 .../src/ledger_app_clients/ethereum/client.py | 16 ++++++----
 .../cmd_provide_trusted_name.c                | 30 +++++++++++--------
 2 files changed, 29 insertions(+), 17 deletions(-)

diff --git a/client/src/ledger_app_clients/ethereum/client.py b/client/src/ledger_app_clients/ethereum/client.py
index 11325fac49..8fdc693af6 100644
--- a/client/src/ledger_app_clients/ethereum/client.py
+++ b/client/src/ledger_app_clients/ethereum/client.py
@@ -255,7 +255,7 @@ def perform_privacy_operation(self,
                                                                           bip32_path,
                                                                           pubkey))
 
-    def _provide_trusted_name_common(self, payload: bytes) -> RAPDU:
+    def _provide_trusted_name_common(self, payload: bytes, name_source: TrustedNameSource) -> RAPDU:
         if self._pki_client is None:
             print(f"Ledger-PKI Not supported on '{self._firmware.name}'")
         else:
@@ -272,10 +272,16 @@ def _provide_trusted_name_common(self, payload: bytes) -> RAPDU:
 
             self._pki_client.send_certificate(PKIPubKeyUsage.PUBKEY_USAGE_COIN_META, bytes.fromhex(cert_apdu))
         payload += format_tlv(FieldTag.STRUCT_TYPE, 3)  # TrustedName
-        payload += format_tlv(FieldTag.SIGNER_KEY_ID, 0)  # test key
+        if name_source == TrustedNameSource.CAL:
+            key_id = 6
+            key = Key.CAL
+        else:
+            key_id = 3
+            key = Key.TRUSTED_NAME
+        payload += format_tlv(FieldTag.SIGNER_KEY_ID, key_id)  # test key
         payload += format_tlv(FieldTag.SIGNER_ALGO, 1)  # secp256k1
         payload += format_tlv(FieldTag.DER_SIGNATURE,
-                              sign_data(Key.TRUSTED_NAME, payload))
+                              sign_data(key, payload))
         chunks = self._cmd_builder.provide_trusted_name(payload)
         for chunk in chunks[:-1]:
             self._exchange(chunk)
@@ -287,7 +293,7 @@ def provide_trusted_name_v1(self, addr: bytes, name: str, challenge: int) -> RAP
         payload += format_tlv(FieldTag.COIN_TYPE, 0x3c)  # ETH in slip-44
         payload += format_tlv(FieldTag.TRUSTED_NAME, name)
         payload += format_tlv(FieldTag.ADDRESS, addr)
-        return self._provide_trusted_name_common(payload)
+        return self._provide_trusted_name_common(payload, TrustedNameSource.ENS)
 
     def provide_trusted_name_v2(self,
                                 addr: bytes,
@@ -311,7 +317,7 @@ def provide_trusted_name_v2(self,
         if not_valid_after is not None:
             assert len(not_valid_after) == 3
             payload += format_tlv(FieldTag.NOT_VALID_AFTER, struct.pack("BBB", *not_valid_after))
-        return self._provide_trusted_name_common(payload)
+        return self._provide_trusted_name_common(payload, name_source)
 
     def set_plugin(self,
                    plugin_name: str,
diff --git a/src_features/provideTrustedName/cmd_provide_trusted_name.c b/src_features/provideTrustedName/cmd_provide_trusted_name.c
index c0db833441..a540c23696 100644
--- a/src_features/provideTrustedName/cmd_provide_trusted_name.c
+++ b/src_features/provideTrustedName/cmd_provide_trusted_name.c
@@ -63,7 +63,7 @@ typedef enum {
     NFT_ID = 0x72,
 } e_tlv_tag;
 
-typedef enum { KEY_ID_TEST = 0x00, KEY_ID_PROD = 0x03 } e_key_id;
+typedef enum { TN_KEY_ID_DOMAIN_SVC = 0x03, TN_KEY_ID_CAL = 0x06 } e_tn_key_id;
 
 typedef struct {
     uint8_t *buf;
@@ -90,7 +90,7 @@ typedef struct {
 } s_trusted_name_info;
 
 typedef struct {
-    e_key_id key_id;
+    e_tn_key_id key_id;
     uint8_t input_sig_size;
     const uint8_t *input_sig;
     cx_sha256_t hash_ctx;
@@ -592,16 +592,22 @@ static bool handle_nft_id(const s_tlv_data *data,
 static bool verify_signature(const s_sig_ctx *sig_ctx) {
     uint8_t hash[INT256_LENGTH];
     cx_err_t error = CX_INTERNAL_ERROR;
-#ifdef HAVE_TRUSTED_NAME_TEST_KEY
-    e_key_id valid_key_id = KEY_ID_TEST;
-#else
-    e_key_id valid_key_id = KEY_ID_PROD;
-#endif
     bool ret_code = false;
+    const uint8_t *pk;
+    size_t pk_size;
 
-    if (sig_ctx->key_id != valid_key_id) {
-        PRINTF("Error: Unknown metadata key ID %u\n", sig_ctx->key_id);
-        return false;
+    switch (sig_ctx->key_id) {
+        case TN_KEY_ID_DOMAIN_SVC:
+            pk = TRUSTED_NAME_PUB_KEY;
+            pk_size = sizeof(TRUSTED_NAME_PUB_KEY);
+            break;
+        case TN_KEY_ID_CAL:
+            pk = LEDGER_SIGNATURE_PUBLIC_KEY;
+            pk_size = sizeof(LEDGER_SIGNATURE_PUBLIC_KEY);
+            break;
+        default:
+            PRINTF("Error: Unknown metadata key ID %u\n", sig_ctx->key_id);
+            return false;
     }
 
     CX_CHECK(
@@ -610,8 +616,8 @@ static bool verify_signature(const s_sig_ctx *sig_ctx) {
     CX_CHECK(check_signature_with_pubkey("Domain Name",
                                          hash,
                                          sizeof(hash),
-                                         TRUSTED_NAME_PUB_KEY,
-                                         sizeof(TRUSTED_NAME_PUB_KEY),
+                                         pk,
+                                         pk_size,
 #ifdef HAVE_LEDGER_PKI
                                          CERTIFICATE_PUBLIC_KEY_USAGE_TRUSTED_NAME,
 #endif