Merge pull request #48 from iotaledger/chore/guidelines-compliance

fixed guideline-compliance
iotaledger · Jul 26, 2023 · 18ceb06 · 18ceb06
2 parents 337b45e + e089aa3
commit 18ceb06
Show file tree

Hide file tree

Showing 30 changed files with 81 additions and 102 deletions.
diff --git a/glyphs/blue_badge_iota.gif b/glyphs/blue_badge_iota.gif
diff --git a/glyphs/icon_back.gif b/glyphs/icon_back.gif
diff --git a/glyphs/icon_coggle.gif b/glyphs/icon_coggle.gif
diff --git a/glyphs/icon_iota.gif b/glyphs/icon_iota.gif
diff --git a/glyphs/icon_shimmer.gif b/glyphs/icon_shimmer.gif
diff --git a/glyphs/icon_warning.gif b/glyphs/icon_warning.gif
diff --git a/glyphs/x_icon_back.gif b/glyphs/x_icon_back.gif
diff --git a/glyphs/x_icon_check.gif b/glyphs/x_icon_check.gif
diff --git a/glyphs/x_icon_cross.gif b/glyphs/x_icon_cross.gif
diff --git a/glyphs/x_icon_dash.gif b/glyphs/x_icon_dash.gif
diff --git a/glyphs/x_icon_info.gif b/glyphs/x_icon_info.gif
diff --git a/glyphs/x_icon_less.gif b/glyphs/x_icon_less.gif
diff --git a/glyphs/x_icon_load.gif b/glyphs/x_icon_load.gif
diff --git a/glyphs/x_iota_logo.gif b/glyphs/x_iota_logo.gif
diff --git a/icons/blue_app_iota.gif b/icons/blue_app_iota.gif
diff --git a/icons/nanos_app_iota.gif b/icons/nanos_app_iota.gif
diff --git a/icons/nanos_app_shimmer.gif b/icons/nanos_app_shimmer.gif
diff --git a/icons/nanox_app_iota.gif b/icons/nanox_app_iota.gif
diff --git a/icons/nanox_app_shimmer.gif b/icons/nanox_app_shimmer.gif
diff --git a/src/iota/abstraction.c b/src/iota/abstraction.c
@@ -20,8 +20,6 @@
 #pragma GCC diagnostic error "-Wextra"
 #pragma GCC diagnostic error "-Wmissing-prototypes"
 
-extern API_CTX api;
-
 const uint8_t *get_output_address_ptr(const API_CTX *api, uint8_t index)
 {
     MUST(index < api->essence.outputs_count);
@@ -74,22 +72,23 @@ uint64_t get_output_amount(const API_CTX *api, uint8_t index)
     return amount;
 }
 
-uint8_t address_encode_bech32(const uint8_t *addr_with_type, char *bech32,
-                              uint32_t bech32_max_length)
+uint8_t address_encode_bech32(const API_CTX *api, const uint8_t *addr_with_type,
+                              char *bech32, uint32_t bech32_max_length)
 {
-    switch (api.coin) {
+    switch (api->coin) {
     case COIN_IOTA: {
         MUST(address_encode_bech32_hrp(
             addr_with_type, bech32, bech32_max_length,
-            (api.app_mode & 0x80) ? COIN_HRP_IOTA_TESTNET : COIN_HRP_IOTA,
+            (api->app_mode & 0x80) ? COIN_HRP_IOTA_TESTNET : COIN_HRP_IOTA,
             strlen(COIN_HRP_IOTA))); // strlen valid because HRP has the same
                                      // length in testnet
         break;
     }
     case COIN_SHIMMER: {
         MUST(address_encode_bech32_hrp(
             addr_with_type, bech32, bech32_max_length,
-            (api.app_mode & 0x80) ? COIN_HRP_SHIMMER_TESTNET : COIN_HRP_SHIMMER,
+            (api->app_mode & 0x80) ? COIN_HRP_SHIMMER_TESTNET
+                                   : COIN_HRP_SHIMMER,
             strlen(COIN_HRP_SHIMMER))); // strlen valid because HRP has the same
                                         // length in testnet
         break;

diff --git a/src/iota/abstraction.h b/src/iota/abstraction.h
@@ -8,8 +8,8 @@ const uint8_t *get_output_address_ptr(const API_CTX *api, uint8_t index);
 
 uint64_t get_output_amount(const API_CTX *api, uint8_t index);
 
-uint8_t address_encode_bech32(const uint8_t *addr_with_type, char *bech32,
-                              uint32_t bech32_max_length);
+uint8_t address_encode_bech32(const API_CTX *api, const uint8_t *addr_with_type,
+                              char *bech32, uint32_t bech32_max_length);
 
 uint8_t essence_parse_and_validate(API_CTX *api);
 

diff --git a/src/iota/address.c b/src/iota/address.c
@@ -19,7 +19,7 @@
 #pragma GCC diagnostic error "-Wextra"
 #pragma GCC diagnostic error "-Wmissing-prototypes"
 
-#include "debugprintf.h"
+//#include "debugprintf.h"
 
 uint8_t address_encode_bech32_hrp(const uint8_t *addr_with_type, char *bech32,
                                   uint32_t bech32_max_length, const char *hrp,
@@ -67,18 +67,20 @@ uint8_t address_generate(uint32_t *bip32_path, uint32_t bip32_path_length,
     // convert Ledger pubkey to pubkey bytes
     uint8_t pubkey_bytes[PUBKEY_SIZE_BYTES];
 
-    ret = ed25519_public_key_to_bytes(&pub, pubkey_bytes);
-    MUST(ret);
+    MUST(ed25519_public_key_to_bytes(&pub, pubkey_bytes));
 
     //	debug_print_hex(pubkey_bytes, 32, 16);
 
     // set ed25519 address_type
     addr[0] = ADDRESS_TYPE_ED25519;
 
     cx_blake2b_t blake2b;
-    cx_blake2b_init(&blake2b, BLAKE2B_SIZE_BYTES * 8);
-    cx_hash(&blake2b.header, CX_LAST, pubkey_bytes, PUBKEY_SIZE_BYTES, &addr[1],
-            ADDRESS_SIZE_BYTES);
+
+    MUST(cx_blake2b_init_no_throw(&blake2b, BLAKE2B_SIZE_BYTES * 8) == CX_OK);
+
+    MUST(cx_hash_no_throw(&blake2b.header, CX_LAST, pubkey_bytes,
+                          PUBKEY_SIZE_BYTES, &addr[1],
+                          ADDRESS_SIZE_BYTES) == CX_OK);
 
     return 1;
 }
diff --git a/src/iota/ed25519.c b/src/iota/ed25519.c
@@ -3,6 +3,7 @@
 #include "os.h"
 #include "cx.h"
 
+#include "macros.h"
 #include "ed25519.h"
 
 #include "constants.h"
@@ -13,7 +14,6 @@
 #pragma GCC diagnostic error "-Wextra"
 #pragma GCC diagnostic error "-Wmissing-prototypes"
 
-
 // bip-path
 // 		0x2c'/coin_type'/account'/change'/index'
 
@@ -22,40 +22,39 @@ uint8_t ed25519_get_key_pair(uint32_t *bip32_path, uint32_t bip32_path_length,
                              cx_ecfp_private_key_t *pk,
                              cx_ecfp_public_key_t *pub)
 {
-    uint8_t keySeed[32];
-    uint8_t ret = 1;
+    uint8_t keySeed[64];
 
     // getting the seed to derive and configuring it with SLIP10
-    os_perso_derive_node_bip32_seed_key(
-        HDW_ED25519_SLIP10, CX_CURVE_Ed25519, bip32_path, bip32_path_length,
-        keySeed, NULL, (unsigned char *)"ed25519 seed", 12);
-
-    BEGIN_TRY
-    {
-        TRY
-        {
-            // initializing the private key and public key instance
-            // with selected curve ED25519
-            cx_ecfp_init_private_key(CX_CURVE_Ed25519, keySeed, sizeof(keySeed),
-                                     pk);
-            cx_ecfp_init_public_key(CX_CURVE_Ed25519, NULL, 0, pub);
-
-            // generating the key pair
-            cx_ecfp_generate_pair(CX_CURVE_Ed25519, pub, pk, 1);
+    cx_err_t err = CX_OK;
+    do {
+        err = os_derive_bip32_with_seed_no_throw(
+            HDW_ED25519_SLIP10, CX_CURVE_Ed25519, bip32_path, bip32_path_length,
+            keySeed, NULL, (unsigned char *)"ed25519 seed", 12);
+        if (err != CX_OK) {
+            break;
         }
-        CATCH_ALL
-        {
-            ret = 0;
+
+        // initializing the private key and public key instance
+        // with selected curve ED25519
+        err = cx_ecfp_init_private_key_no_throw(CX_CURVE_Ed25519, keySeed, 32,
+                                                pk);
+        if (err != CX_OK) {
+            break;
         }
-        FINALLY
-        {
-            // resetting the variables to avoid leak
-            explicit_bzero(keySeed, sizeof(keySeed));
+
+        err = cx_ecfp_init_public_key_no_throw(CX_CURVE_Ed25519, NULL, 0, pub);
+        if (err != CX_OK) {
+            break;
         }
-    }
-    END_TRY;
 
-    return ret;
+        // generating the key pair
+        err = cx_ecfp_generate_pair_no_throw(CX_CURVE_Ed25519, pub, pk, 1);
+    } while (0);
+
+    // resetting the variables to avoid leak
+    explicit_bzero(keySeed, sizeof(keySeed));
+
+    return err == CX_OK;
 }
 
 // reversing the public key and changing the last byte
@@ -71,33 +70,10 @@ uint8_t ed25519_public_key_to_bytes(cx_ecfp_public_key_t *pub, uint8_t *output)
 }
 
 uint8_t ed25519_sign(cx_ecfp_private_key_t *privateKey, const uint8_t *msg,
-                     uint32_t msg_length, unsigned char *output,
-                     uint32_t *output_length)
+                     uint32_t msg_length, unsigned char *output)
 {
-    uint8_t ret = 1;
-
-    BEGIN_TRY
-    {
-        TRY
-        {
-            *output_length =
-                cx_eddsa_sign(privateKey, 0, CX_SHA512, msg, msg_length, NULL,
-                              0, output, CX_SHA512_SIZE, NULL);
-        }
-        CATCH_ALL
-        {
-            ret = 0;
-        }
-        FINALLY
-        {
-        }
-    }
-    END_TRY;
-
+    MUST(cx_eddsa_sign_no_throw(privateKey, CX_SHA512, msg, msg_length, output,
+                                CX_SHA512_SIZE) == CX_OK);
 
-    if (*output_length != SIGNATURE_SIZE_BYTES) {
-        ret = 0;
-    }
-
-    return ret;
+    return 1;
 }
diff --git a/src/iota/ed25519.h b/src/iota/ed25519.h
@@ -7,5 +7,4 @@ uint8_t ed25519_get_key_pair(uint32_t *bip32_path, uint32_t bip32_path_length,
                              cx_ecfp_private_key_t *pk,
                              cx_ecfp_public_key_t *pub);
 uint8_t ed25519_sign(cx_ecfp_private_key_t *privateKey, const uint8_t *msg,
-                     uint32_t msg_length, unsigned char *output,
-                     uint32_t *output_length);
+                     uint32_t msg_length, unsigned char *output);
diff --git a/src/iota/essence_chrysalis.c b/src/iota/essence_chrysalis.c
@@ -28,7 +28,6 @@
 #pragma GCC diagnostic error "-Wextra"
 #pragma GCC diagnostic error "-Wmissing-prototypes"
 
-
 static inline uint8_t get_uint32(const uint8_t *data, uint32_t *idx,
                                  uint32_t *v)
 {
@@ -284,17 +283,19 @@ static uint8_t essence_verify_remainder_address(
     return 1;
 }
 
-static void essence_hash(API_CTX *api)
+static uint8_t essence_hash(API_CTX *api)
 {
     // Block below cannot be fuzzed without going through crypto APIs
 #ifndef FUZZING
     cx_blake2b_t blake2b;
-    cx_blake2b_init(&blake2b, BLAKE2B_SIZE_BYTES * 8);
-    cx_hash(&blake2b.header, CX_LAST, api->data.buffer, api->essence.length,
-            api->essence.hash, ADDRESS_SIZE_BYTES);
+    MUST(cx_blake2b_init_no_throw(&blake2b, BLAKE2B_SIZE_BYTES * 8) == CX_OK);
+    MUST(cx_hash_no_throw(&blake2b.header, CX_LAST, api->data.buffer,
+                          api->essence.length, api->essence.hash,
+                          ADDRESS_SIZE_BYTES) == CX_OK);
 #else
     (void)api;
 #endif
+    return 1;
 }
 
 uint8_t essence_parse_and_validate_chryslis(API_CTX *api)
@@ -357,7 +358,7 @@ uint8_t essence_parse_and_validate_chryslis(API_CTX *api)
         api->essence.outputs_count));
 
     // everything fine - calculate the hash
-    essence_hash(api);
+    MUST(essence_hash(api));
 
     // check if it's a sweeping transaction
     if (check_for_internal_transfer(api)) {

diff --git a/src/iota/essence_stardust.c b/src/iota/essence_stardust.c
@@ -255,17 +255,19 @@ static uint8_t essence_verify_remainder_address(
     return 1;
 }
 
-static void essence_hash(API_CTX *api)
+static uint8_t essence_hash(API_CTX *api)
 {
     // Block below cannot be fuzzed without going through crypto APIs
 #ifndef FUZZING
     cx_blake2b_t blake2b;
-    cx_blake2b_init(&blake2b, BLAKE2B_SIZE_BYTES * 8);
-    cx_hash(&blake2b.header, CX_LAST, api->data.buffer, api->essence.length,
-            api->essence.hash, ADDRESS_SIZE_BYTES);
+    MUST(cx_blake2b_init_no_throw(&blake2b, BLAKE2B_SIZE_BYTES * 8) == CX_OK);
+    MUST(cx_hash_no_throw(&blake2b.header, CX_LAST, api->data.buffer,
+                          api->essence.length, api->essence.hash,
+                          ADDRESS_SIZE_BYTES) == CX_OK);
 #else
     (void)api;
 #endif
+    return 1;
 }
 
 uint8_t essence_parse_and_validate_stardust(API_CTX *api)
@@ -324,7 +326,7 @@ uint8_t essence_parse_and_validate_stardust(API_CTX *api)
                                     api->essence.inputs_count));
 
     // everything fine - calculate the hash
-    essence_hash(api);
+    MUST(essence_hash(api));
 
     // check if it's a sweeping transaction
     if (check_for_internal_transfer(api)) {

diff --git a/src/iota/signing.c b/src/iota/signing.c
@@ -13,7 +13,6 @@
 #include "iota/ed25519.h"
 #endif
 
-
 #pragma GCC diagnostic error "-Wall"
 #pragma GCC diagnostic error "-Wextra"
 #pragma GCC diagnostic error "-Wmissing-prototypes"
@@ -30,23 +29,18 @@ static uint16_t sign_signature(SIGNATURE_BLOCK *pBlock,
     bip32_signing_path[BIP32_ADDRESS_INDEX] = input_bip32_index->bip32_index;
     bip32_signing_path[BIP32_CHANGE_INDEX] = input_bip32_index->bip32_change;
 
-    uint32_t signature_length = 0;
-
     uint8_t ret = 0;
     // create key pair and convert pub key to bytes
     ret = ed25519_get_key_pair(bip32_signing_path, BIP32_PATH_LEN, &pk, &pub);
     ret = ret && ed25519_sign(&pk, essence_hash, BLAKE2B_SIZE_BYTES,
-                              pBlock->signature, &signature_length);
+                              pBlock->signature);
 
     // always delete from stack
     explicit_bzero(&pk, sizeof(pk));
 
     // ed25519_get_key_pair and ed25519_sign must succeed
     MUST(ret);
 
-    // length of signature must not be 0
-    MUST(signature_length);
-
     MUST(ed25519_public_key_to_bytes(&pub, pBlock->public_key));
 
     return (uint16_t)sizeof(SIGNATURE_BLOCK);

diff --git a/src/ui/nano/flow_user_confirm_new_address.c b/src/ui/nano/flow_user_confirm_new_address.c
@@ -59,11 +59,15 @@ UX_STEP_CB(
     }
 );
 
+// if paging flow is the first step then page 2 is shown when
+// jumping to the first step via FLOW_LOOP (on nanosplus and nanox).
+// Using the OK step as first step and starting
+// with the ux_step_new_address step fixes the issue on all devices
 UX_FLOW(
     ux_flow_new_address,
+    &ux_step_ok,
     &ux_step_new_address,
     &ux_step_na_bip32,
-    &ux_step_ok,
     FLOW_LOOP
 );
 
@@ -97,8 +101,8 @@ static void cb_address_preinit()
 
     // generate bech32 address including the address_type
     // we only have a single address in the buffer starting at index 0
-    address_encode_bech32(flow_data.api->data.buffer, flow_data.scratch[0],
-                          sizeof(flow_data.scratch[0]));
+    address_encode_bech32(flow_data.api, flow_data.api->data.buffer,
+                          flow_data.scratch[0], sizeof(flow_data.scratch[0]));
 }
 
 static void cb_bip32_preinit()

diff --git a/src/ui/nano/flow_user_confirm_transaction.c b/src/ui/nano/flow_user_confirm_transaction.c
@@ -416,8 +416,8 @@ static void cb_address_preinit()
 
     // generate bech32 address including the address_type
     // since the struct is packed, the address follows directly the address_type
-    address_encode_bech32(address_with_type_ptr, flow_data.scratch[0],
-                          sizeof(flow_data.scratch[0]));
+    address_encode_bech32(flow_data.api, address_with_type_ptr,
+                          flow_data.scratch[0], sizeof(flow_data.scratch[0]));
 }
 
 static void cb_output_preinit()

diff --git a/src/ui/ui_common.c b/src/ui/ui_common.c
@@ -47,9 +47,9 @@ static size_t str_add_commas(char *dst, const char *src, size_t num_len)
 /** @brief Writes signed integer to string.
  *  @return the number of chars that have been written
  */
-static size_t format_s64(char *s, const size_t n, const uint64_t val)
+static size_t format_u64(char *s, const size_t n, const uint64_t val)
 {
-    // we cannot display the full range of int64 with this function
+    // we cannot display the full range of uint64 with this function
     if (val >= MAX_INT_DEC * MAX_INT_DEC) {
         THROW(INVALID_PARAMETER);
     }
@@ -67,9 +67,10 @@ static size_t format_s64(char *s, const size_t n, const uint64_t val)
 
 void format_value_full(char *s, const unsigned int n, const uint64_t val)
 {
-    char buffer[n];
+    // longest u64 string in buffer can be: "18446744073709551615\0"
+    char buffer[21];
 
-    const size_t num_len = format_s64(buffer, sizeof(buffer), val);
+    const size_t num_len = format_u64(buffer, sizeof(buffer), val);
     const size_t num_len_comma = num_len + (num_len - 1) / 3;
 
     // if the length with commas plus the unit does not fit
@@ -86,9 +87,10 @@ void format_value_full(char *s, const unsigned int n, const uint64_t val)
 void format_value_full_decimals(char *s, const unsigned int n,
                                 const uint64_t val)
 {
-    char buffer[n];
+    // longest u64 string in buffer can be: "18446744073709551615\0"
+    char buffer[21];
 
-    const size_t num_len = format_s64(buffer, sizeof(buffer), val);
+    const size_t num_len = format_u64(buffer, sizeof(buffer), val);
 
     // not enough space
     if (n < num_len + 2) {