37#include "os_address_book.h"
40#ifdef HAVE_ADDRESS_BOOK
49#define HMAC_MSG_MAX_SIZE \
50 (GID_SIZE + 1U + (SCOPE_LENGTH - 1U) + 1U + IDENTIFIER_MAX_LENGTH + 1U + 8U)
53#define HMAC_PROOF_MSG_SIZE (GID_SIZE + 1U + (CONTACT_NAME_LENGTH - 1U))
56#define HMAC_LEDGER_MSG_SIZE (1U + (ACCOUNT_NAME_LENGTH - 1U) + 1U + 8U)
81static size_t serialize_hmac_msg(uint8_t *msg,
95 if (offset + GID_SIZE > msg_size) {
98 memmove(&msg[offset], gid, GID_SIZE);
104 uint8_t len = (uint8_t) strlen(str1);
105 if (offset + 1U + (
size_t) len > msg_size) {
110 memmove(&msg[offset], str1, len);
117 if (offset + 1U + (
size_t) raw_len > msg_size) {
120 msg[offset++] = raw_len;
121 memmove(&msg[offset], raw, raw_len);
126 if (include_family) {
127 if (offset + 1U > msg_size) {
130 msg[offset++] = (uint8_t) family;
132 if (offset + 8U > msg_size) {
135 U8BE_ENCODE(msg, offset, chain_id);
154bool address_book_send_hmac_proof(uint8_t type,
const uint8_t hmac_proof[CX_SHA256_SIZE])
159 G_io_tx_buffer[tx++] = type;
160 memmove(&G_io_tx_buffer[tx], hmac_proof, CX_SHA256_SIZE);
161 tx += CX_SHA256_SIZE;
178bool address_book_send_register_identity_response(
const uint8_t group_handle[GROUP_HANDLE_SIZE],
179 const uint8_t hmac_proof[CX_SHA256_SIZE],
180 const uint8_t hmac_rest[CX_SHA256_SIZE])
184 G_io_tx_buffer[tx++] = TYPE_REGISTER_IDENTITY;
185 memmove(&G_io_tx_buffer[tx], group_handle, GROUP_HANDLE_SIZE);
186 tx += GROUP_HANDLE_SIZE;
187 memmove(&G_io_tx_buffer[tx], hmac_proof, CX_SHA256_SIZE);
188 tx += CX_SHA256_SIZE;
189 memmove(&G_io_tx_buffer[tx], hmac_rest, CX_SHA256_SIZE);
190 tx += CX_SHA256_SIZE;
206bool address_book_generate_group_handle(
const path_bip32_t *bip32_path,
207 uint8_t group_handle[GROUP_HANDLE_SIZE])
209 bool success =
false;
210 uint8_t *gid = group_handle;
211 uint8_t *mac = group_handle + GID_SIZE;
213 cx_rng_no_throw(gid, GID_SIZE);
214 if (!sys_address_book_hmac(
215 bip32_path->
path, bip32_path->
length, ADDRESS_BOOK_SALT_GROUP, gid, GID_SIZE, mac)) {
235bool address_book_verify_group_handle(
const path_bip32_t *bip32_path,
236 const uint8_t group_handle[GROUP_HANDLE_SIZE],
237 uint8_t gid_out[GID_SIZE])
239 bool success =
false;
240 const uint8_t *gid = group_handle;
241 const uint8_t *mac = group_handle + GID_SIZE;
243 if (!sys_address_book_hmac_verify(
244 bip32_path->
path, bip32_path->
length, ADDRESS_BOOK_SALT_GROUP, gid, GID_SIZE, mac)) {
245 PRINTF(
"[Address Book] Group handle MAC verification failed\n");
248 memmove(gid_out, gid, GID_SIZE);
267bool address_book_compute_hmac_proof(
const path_bip32_t *bip32_path,
268 const uint8_t gid[GID_SIZE],
270 uint8_t hmac_out[CX_SHA256_SIZE])
272 uint8_t msg[HMAC_PROOF_MSG_SIZE] = {0};
273 bool success =
false;
274 size_t msg_len = serialize_hmac_msg(msg,
sizeof(msg), gid, name, NULL, 0,
false, 0, 0);
276 if (msg_len == SIZE_MAX) {
279 if (!sys_address_book_hmac(bip32_path->
path,
281 ADDRESS_BOOK_SALT_IDENTITY,
290 explicit_bzero(msg,
sizeof(msg));
303bool address_book_verify_hmac_proof(
const path_bip32_t *bip32_path,
304 const uint8_t gid[GID_SIZE],
306 const uint8_t hmac_expected[CX_SHA256_SIZE])
308 uint8_t msg[HMAC_PROOF_MSG_SIZE] = {0};
309 bool success =
false;
310 size_t msg_len = serialize_hmac_msg(msg,
sizeof(msg), gid, name, NULL, 0,
false, 0, 0);
312 if (msg_len == SIZE_MAX) {
315 if (!sys_address_book_hmac_verify(bip32_path->
path,
317 ADDRESS_BOOK_SALT_IDENTITY,
321 PRINTF(
"HMAC_PROOF mismatch\n");
327 explicit_bzero(msg,
sizeof(msg));
348bool address_book_compute_hmac_rest(
const path_bip32_t *bip32_path,
349 const uint8_t gid[GID_SIZE],
351 const uint8_t *identifier,
352 uint8_t identifier_len,
355 uint8_t hmac_out[CX_SHA256_SIZE])
357 uint8_t msg[HMAC_MSG_MAX_SIZE] = {0};
358 bool success =
false;
359 size_t msg_len = serialize_hmac_msg(
360 msg,
sizeof(msg), gid, scope, identifier, identifier_len,
true, family, chain_id);
362 if (msg_len == SIZE_MAX) {
365 if (!sys_address_book_hmac(bip32_path->
path,
367 ADDRESS_BOOK_SALT_IDENTITY,
376 explicit_bzero(msg,
sizeof(msg));
393bool address_book_verify_hmac_rest(
const path_bip32_t *bip32_path,
394 const uint8_t gid[GID_SIZE],
396 const uint8_t *identifier,
397 uint8_t identifier_len,
400 const uint8_t hmac_expected[CX_SHA256_SIZE])
402 uint8_t msg[HMAC_MSG_MAX_SIZE] = {0};
403 bool success =
false;
404 size_t msg_len = serialize_hmac_msg(
405 msg,
sizeof(msg), gid, scope, identifier, identifier_len,
true, family, chain_id);
407 if (msg_len == SIZE_MAX) {
410 if (!sys_address_book_hmac_verify(bip32_path->
path,
412 ADDRESS_BOOK_SALT_IDENTITY,
416 PRINTF(
"HMAC_REST mismatch\n");
422 explicit_bzero(msg,
sizeof(msg));
426#ifdef HAVE_ADDRESS_BOOK_LEDGER_ACCOUNT
441bool address_book_compute_hmac_proof_ledger_account(
const path_bip32_t *bip32_path,
445 uint8_t hmac_out[CX_SHA256_SIZE])
447 uint8_t msg[HMAC_LEDGER_MSG_SIZE] = {0};
448 bool success =
false;
450 = serialize_hmac_msg(msg,
sizeof(msg), NULL, name, NULL, 0,
true, family, chain_id);
452 if (msg_len == SIZE_MAX) {
455 if (!sys_address_book_hmac(bip32_path->
path,
457 ADDRESS_BOOK_SALT_LEDGER_ACCOUNT,
466 explicit_bzero(msg,
sizeof(msg));
480bool address_book_verify_hmac_proof_ledger_account(
const path_bip32_t *bip32_path,
484 const uint8_t hmac_expected[CX_SHA256_SIZE])
486 uint8_t msg[HMAC_LEDGER_MSG_SIZE] = {0};
487 bool success =
false;
489 = serialize_hmac_msg(msg,
sizeof(msg), NULL, name, NULL, 0,
true, family, chain_id);
491 if (msg_len == SIZE_MAX) {
494 if (!sys_address_book_hmac_verify(bip32_path->
path,
496 ADDRESS_BOOK_SALT_LEDGER_ACCOUNT,
500 PRINTF(
"HMAC proof mismatch\n");
506 explicit_bzero(msg,
sizeof(msg));
Register / Edit Contact Name / Edit Scope / Edit Identifier.
static int io_send_response_pointer(const uint8_t *ptr, size_t size, uint16_t sw)
Random Number Generation.
SHA-2 (Secure Hash Algorithm 2)
uint32_t path[MAX_BIP32_PATH]