Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement blindsigning modes on stax/flex #286

Merged
merged 6 commits into from
Sep 24, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
346 changes: 247 additions & 99 deletions app/src/apdu_sign.c

Large diffs are not rendered by default.

18 changes: 16 additions & 2 deletions app/src/globals.h
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,19 @@ typedef enum {
ST_BLINDSIGN_OFF = 2
} blindsign_state_t;

#ifdef HAVE_BAGL
#define NB_MAX_SCREEN_ALLOWED 20
#endif
#ifdef HAVE_NBGL
#define NB_MAX_SCREEN_ALLOWED 8
typedef enum {
REASON_NONE = 0,
REASON_PARSING_ERROR = 1,
REASON_TOO_MANY_SCREENS = 2
} blindsign_reason_t;

#endif

/**
* @brief Global structure holding state of operations and buffer of the data
* to be processed.
Expand Down Expand Up @@ -101,8 +114,9 @@ typedef struct {
#endif

#ifdef HAVE_NBGL
char error_code[ERROR_CODE_SIZE]; /// Error codes to be displayed in
/// blindsigning.
blindsign_reason_t
blindsign_reason; /// Blindsigning flow Summary or parsing error.
char error_code[ERROR_CODE_SIZE]; /// Error code for parsing error.
#endif
main_step_t step; /// Current operational state of app.
} globals_t;
Expand Down
1 change: 1 addition & 0 deletions app/src/ui_stream.h
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@

typedef uint8_t tz_ui_cb_type_t;
#define TZ_UI_STREAM_CB_NOCB 0x00u
#define TZ_UI_STREAM_CB_SUMMARY 0x0Du
#define TZ_UI_STREAM_CB_BLINDSIGN 0x0Eu
#define TZ_UI_STREAM_CB_VALIDATE 0x0Fu
#define TZ_UI_STREAM_CB_REFILL 0xEFu
Expand Down
20 changes: 17 additions & 3 deletions app/src/ui_stream_common.c
Original file line number Diff line number Diff line change
@@ -1,6 +1,20 @@
//
// Created by ajinkyaraj on 14/09/24.
//
/* Tezos Ledger application - Generic stream display
Copyright 2023 Nomadic Labs <[email protected]>
Copyright 2023 Functori <[email protected]>
Copyright 2023 TriliTech <[email protected]>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License. */
#include "exception.h"
#include "globals.h"
#include "ui_strings.h"
Expand Down
84 changes: 60 additions & 24 deletions app/src/ui_stream_nbgl.c
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,11 @@ bool has_final_screen(void);
void tz_ui_stream_start(void);
void tz_transaction_choice(bool getMorePairs);

void drop_last_screen(void);
void push_str(const char *text, size_t len, char **out);
void switch_to_blindsigning_on_error(void);
void drop_last_screen(void);
void push_str(const char *text, size_t len, char **out);
void switch_to_blindsigning_on_error(void);
static void ui_stream_init(void);
#define SCREEN_DISPLAYED global.keys.apdu.sign.u.clear.screen_displayed

void
tz_reject(void)
Expand Down Expand Up @@ -65,15 +67,39 @@ tz_reject_ui(void)
FUNC_LEAVE();
}

static void
blindsign_skip_callback(void)
{
TZ_PREAMBLE(("Blindsign reason: %d", global.blindsign_reason));

if (global.blindsign_reason == REASON_NONE) {
global.blindsign_reason = REASON_TOO_MANY_SCREENS;
tz_ui_stream_close();
tz_ui_stream_t *s = &global.stream;
s->cb(TZ_UI_STREAM_CB_SUMMARY);
} else if (global.blindsign_reason == REASON_PARSING_ERROR) {
switch_to_blindsigning_on_error();
}
TZ_POSTAMBLE;
}

static void
blindsign_choice(bool confirm)
{
TZ_PREAMBLE(("void"));
if (confirm) {
if (global.blindsign_reason != REASON_TOO_MANY_SCREENS) {
global.step = ST_BLIND_SIGN;
}
tz_reject_ui();
} else {
tz_ui_stream_t *s = &global.stream;
s->cb(TZ_UI_STREAM_CB_BLINDSIGN);

if (global.blindsign_reason == REASON_TOO_MANY_SCREENS) {
s->cb(TZ_UI_STREAM_CB_SUMMARY);
} else {
s->cb(TZ_UI_STREAM_CB_BLINDSIGN);
}
spalmer25 marked this conversation as resolved.
Show resolved Hide resolved
}

TZ_POSTAMBLE;
Expand All @@ -85,22 +111,18 @@ switch_to_blindsigning_on_error(void)
TZ_PREAMBLE(("void"));
TZ_ASSERT(EXC_UNEXPECTED_STATE, global.step == ST_CLEAR_SIGN);
global.keys.apdu.sign.step = SIGN_ST_WAIT_USER_INPUT;
global.step = ST_BLIND_SIGN;

// copy error code
tz_ui_stream_t *s = &global.stream;
size_t bucket = s->current % TZ_UI_STREAM_HISTORY_SCREENS;
const char *err_code = s->screens[bucket].pairs[0].value;
PRINTF("[DEBUG] refill_error: global.step = %d\n %s", global.step,
err_code);
char blindsign_msg[150]
= "Transaction could not be decoded correctly. Learn More:\n"
"bit.ly/ledger-tez\nERROR: ";
memcpy(blindsign_msg + strlen(blindsign_msg), err_code, ERROR_CODE_SIZE);
global.error_code);
char blindsign_msg[60] = "Learn More: bit.ly/ledger-tez\nERROR: ";

strncpy(blindsign_msg + strlen(blindsign_msg), global.error_code,
ERROR_CODE_SIZE);

// Show error msg and ask user to proceed to blindsign
nbgl_useCaseChoice(&C_Important_Circle_64px,
"The transaction cannot be trusted", blindsign_msg,
"The transaction cannot be decoded", blindsign_msg,
"Reject transaction", "Proceed to Blindsign",
blindsign_choice);
TZ_POSTAMBLE;
Expand Down Expand Up @@ -202,7 +224,13 @@ tz_ui_stream_cb(void)
tz_ui_stream_t *s = &global.stream;
tz_ui_stream_display_t *c = &s->current_screen;

nbgl_useCaseReviewStreamingContinue(&c->list, tz_transaction_choice);
if (N_settings.blindsign_status == ST_BLINDSIGN_ON) {
nbgl_useCaseReviewStreamingContinueExt(
&c->list, tz_transaction_choice, blindsign_skip_callback);
} else {
nbgl_useCaseReviewStreamingContinue(&c->list,
tz_transaction_choice);
}
}
FUNC_LEAVE();
}
Expand Down Expand Up @@ -246,24 +274,33 @@ tz_transaction_choice(bool getMorePairs)

FUNC_LEAVE();
}

void
tz_ui_stream_init(void (*cb)(tz_ui_cb_type_t cb_type))
static void
ui_stream_init(void)
{
tz_ui_stream_t *s = &global.stream;

FUNC_ENTER(("cb=%p", cb));
memset(s, 0x0, sizeof(*s));
memset(global.error_code, '\0', sizeof(global.error_code));
s->cb = cb;
s->full = false;
s->last = 0;
s->current = -1;
s->total = -1;
s->pressed_right = false;

ui_strings_init();
}
void
tz_ui_stream_init(void (*cb)(tz_ui_cb_type_t cb_type))
{
tz_ui_stream_t *s = &global.stream;
memset(s, 0x0, sizeof(*s));
FUNC_ENTER(("cb=%p", cb));
ui_stream_init();
s->cb = cb;
global.blindsign_reason = REASON_NONE;
memset(&global.error_code, '\0', ERROR_CODE_SIZE);
nbgl_operationType_t op_type = TYPE_TRANSACTION;
if (N_settings.blindsign_status == ST_BLINDSIGN_ON) {
op_type |= SKIPPABLE_OPERATION;
}
nbgl_useCaseReviewStreamingStart(op_type, &C_tezos,
"Review request to sign operation", NULL,
tz_transaction_choice);
Expand All @@ -279,8 +316,6 @@ tz_ui_stream_start(void)
FUNC_LEAVE();
}



bool
tz_ui_nav_cb(void)
{
Expand Down Expand Up @@ -494,6 +529,7 @@ tz_ui_stream_pushl(tz_ui_cb_type_t cb_type, const char *title,
|| (!append && (++(s->screens[bucket].nb_pairs) == max_pairs))
|| (append && (offset == 0))) {
s->total++;
SCREEN_DISPLAYED++;
if ((s->total > 0)
&& ((s->total % TZ_UI_STREAM_HISTORY_SCREENS)
== (s->last % TZ_UI_STREAM_HISTORY_SCREENS))) {
Expand Down
1 change: 1 addition & 0 deletions app/src/ui_strings.c
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,7 @@ ui_strings_push(const char *in, size_t len, char **out)
PRINT_STRINGS;

/* Preconditions */
PRINTF("[DEBUG] in = %p, out = %p\n", in, *out);
TZ_ASSERT(EXC_MEMORY_ERROR, (*out == NULL));
TZ_ASSERT_NOTNULL(in);
TZ_ASSERT(EXC_MEMORY_ERROR, (len > 0));
Expand Down
Empty file modified tests/integration/touch/snapshots/flex/home.png
100644 → 100755
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Empty file modified tests/integration/touch/snapshots/flex/info.png
100644 → 100755
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
File renamed without changes
File renamed without changes
File renamed without changes
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
spalmer25 marked this conversation as resolved.
Show resolved Hide resolved
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
spalmer25 marked this conversation as resolved.
Show resolved Hide resolved
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Empty file modified tests/integration/touch/snapshots/stax/home.png
100644 → 100755
Empty file modified tests/integration/touch/snapshots/stax/info.png
100644 → 100755
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
Diff not rendered.
22 changes: 8 additions & 14 deletions tests/integration/touch/test_basic.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,32 +14,26 @@
# limitations under the License.

from utils import tezos_app, BlindsigningStatus
import os
spalmer25 marked this conversation as resolved.
Show resolved Hide resolved

if __name__ == "__main__":
app = tezos_app(__file__)

app.remove_info_page()
app.assert_home()

app.welcome.settings()
app.assert_expert_mode()

app.settings.toggle_expert_mode()
app.assert_expert_mode(expert_mode=True)

app.settings.toggle_expert_mode()
app.assert_expert_mode()
app.set_expert_mode(initial_status=False)
app.set_expert_mode(initial_status=True)
app.set_blindsigning_status(BlindsigningStatus.Large_Tx_only)
app.set_blindsigning_status(BlindsigningStatus.ON)
app.set_blindsigning_status(BlindsigningStatus.OFF)

app.welcome.settings()
app.settings.next()
app.assert_blindsigning_status(blindsignStatus=BlindsigningStatus.Large_Tx_only)
app.settings.set_blindigning(2)
app.assert_blindsigning_status(blindsignStatus=BlindsigningStatus.ON)
app.settings.set_blindigning(3)
app.assert_blindsigning_status(blindsignStatus=BlindsigningStatus.OFF)
app.settings.next()
app.assert_info()

app.settings.exit()
app.settings.multi_page_exit()
app.assert_home()

app.quit()
Loading