identity_register.c

Go to the documentation of this file.

/*****************************************************************************
 *   (c) 2026 Ledger SAS.
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 *****************************************************************************/
 
/* Includes ------------------------------------------------------------------*/
#include <string.h>
#include "os_utils.h"
#include "os_apdu.h"
#include "status_words.h"
#include "tlv_library.h"
#include "buffer.h"
#include "bip32.h"
#include "address_book.h"
#include "address_book_entrypoints.h"
#include "address_book_crypto.h"
#include "address_book_common.h"
#include "identity.h"
#include "io.h"
#include "nbgl_use_case.h"
 
#if defined(HAVE_ADDRESS_BOOK)
 
/* Private defines------------------------------------------------------------*/
#define STRUCT_VERSION 0x01
 
/* Private enumerations ------------------------------------------------------*/
 
/* Private types, structures, unions -----------------------------------------*/
 
typedef struct {
    s_register_state_t *state;
    TLV_reception_t     received_tags;
} s_identity_ctx;
 
/* Private macros-------------------------------------------------------------*/
#define REGISTER_IDENTITY_TAGS(X)                                                \
    X(0x01, TAG_STRUCTURE_TYPE, handle_struct_type, ENFORCE_UNIQUE_TAG)          \
    X(0x02, TAG_STRUCTURE_VERSION, handle_struct_version, ENFORCE_UNIQUE_TAG)    \
    X(0xf0, TAG_CONTACT_NAME, handle_contact_name, ENFORCE_UNIQUE_TAG)           \
    X(0xf1, TAG_SCOPE, handle_scope, ENFORCE_UNIQUE_TAG)                         \
    X(0xf2, TAG_ACCOUNT_IDENTIFIER, handle_identifier, ENFORCE_UNIQUE_TAG)       \
    X(0x21, TAG_DERIVATION_PATH, handle_derivation_path, ENFORCE_UNIQUE_TAG)     \
    X(0x23, TAG_CHAIN_ID, handle_chain_id, ENFORCE_UNIQUE_TAG)                   \
    X(0x51, TAG_BLOCKCHAIN_FAMILY, handle_blockchain_family, ENFORCE_UNIQUE_TAG) \
    X(0xf6, TAG_GROUP_HANDLE, handle_group_handle, ENFORCE_UNIQUE_TAG)           \
    X(0x29, TAG_HMAC_PROOF, handle_hmac_proof, ENFORCE_UNIQUE_TAG)
 
/* Private variables ---------------------------------------------------------*/
 
/* Private functions ---------------------------------------------------------*/
 
static bool handle_struct_type(const tlv_data_t *data, s_identity_ctx *context)
{
    UNUSED(context);
    if (!tlv_enforce_u8_value(data, TYPE_REGISTER_IDENTITY)) {
        PRINTF("[Register Identity] Invalid STRUCTURE_TYPE value\n");
        return false;
    }
    return true;
}
 
static bool handle_struct_version(const tlv_data_t *data, s_identity_ctx *context)
{
    UNUSED(context);
    if (!tlv_enforce_u8_value(data, STRUCT_VERSION)) {
        PRINTF("[Register Identity] Invalid STRUCTURE_VERSION value\n");
        return false;
    }
    return true;
}
 
static bool handle_contact_name(const tlv_data_t *data, s_identity_ctx *context)
{
    if (!address_book_handle_printable_string(data,
                                              context->state->identity.contact_name,
                                              sizeof(context->state->identity.contact_name))) {
        PRINTF("CONTACT_NAME: failed to parse\n");
        return false;
    }
    return true;
}
 
static bool handle_scope(const tlv_data_t *data, s_identity_ctx *context)
{
    if (!address_book_handle_printable_string(
            data, context->state->identity.scope, sizeof(context->state->identity.scope))) {
        PRINTF("SCOPE: failed to parse\n");
        return false;
    }
    return true;
}
 
static bool handle_identifier(const tlv_data_t *data, s_identity_ctx *context)
{
    buffer_t buf = {0};
    if (!get_buffer_from_tlv_data(data, &buf, 1, IDENTIFIER_MAX_LENGTH)) {
        PRINTF("IDENTIFIER: failed to extract\n");
        return false;
    }
    memmove(context->state->identity.identifier, buf.ptr, buf.size);
    context->state->identity.identifier_len = (uint8_t) buf.size;
    return true;
}
 
static bool handle_derivation_path(const tlv_data_t *data, s_identity_ctx *context)
{
    return address_book_handle_derivation_path(data, &context->state->identity.bip32_path);
}
 
static bool handle_chain_id(const tlv_data_t *data, s_identity_ctx *context)
{
    return address_book_handle_chain_id(data, &context->state->identity.chain_id);
}
 
static bool handle_blockchain_family(const tlv_data_t *data, s_identity_ctx *context)
{
    return address_book_handle_blockchain_family(data, &context->state->identity.blockchain_family);
}
 
static bool handle_group_handle(const tlv_data_t *data, s_identity_ctx *context)
{
    buffer_t buf = {0};
    if (!get_buffer_from_tlv_data(data, &buf, GROUP_HANDLE_SIZE, GROUP_HANDLE_SIZE)) {
        PRINTF("[Register Identity] GROUP_HANDLE: invalid length (expected %d bytes)\n",
               GROUP_HANDLE_SIZE);
        return false;
    }
    memmove(context->state->group_handle, buf.ptr, GROUP_HANDLE_SIZE);
    return true;
}
 
static bool handle_hmac_proof(const tlv_data_t *data, s_identity_ctx *context)
{
    buffer_t buf = {0};
    if (!get_buffer_from_tlv_data(data, &buf, CX_SHA256_SIZE, CX_SHA256_SIZE)) {
        PRINTF("[Register Identity] HMAC_PROOF: invalid length (expected %d bytes)\n",
               CX_SHA256_SIZE);
        return false;
    }
    memmove(context->state->hmac_proof, buf.ptr, CX_SHA256_SIZE);
    return true;
}
 
DEFINE_TLV_PARSER(REGISTER_IDENTITY_TAGS, NULL, identity_tlv_parser)
 
 
static bool verify_fields(const s_identity_ctx *context)
{
    bool result = TLV_CHECK_RECEIVED_TAGS(context->received_tags,
                                          TAG_STRUCTURE_TYPE,
                                          TAG_STRUCTURE_VERSION,
                                          TAG_CONTACT_NAME,
                                          TAG_SCOPE,
                                          TAG_ACCOUNT_IDENTIFIER,
                                          TAG_DERIVATION_PATH,
                                          TAG_BLOCKCHAIN_FAMILY);
    if (!result) {
        PRINTF("Missing mandatory fields in Register Identity descriptor!\n");
        return false;
    }
    if (context->state->identity.blockchain_family == FAMILY_ETHEREUM) {
        result = TLV_CHECK_RECEIVED_TAGS(context->received_tags, TAG_CHAIN_ID);
        if (!result) {
            PRINTF("Missing CHAIN_ID for Ethereum family in Register Identity descriptor!\n");
            return false;
        }
    }
    // GROUP_HANDLE and HMAC_PROOF are optional, but must be provided together
    bool has_group_handle = TLV_CHECK_RECEIVED_TAGS(context->received_tags, TAG_GROUP_HANDLE);
    bool has_hmac_proof   = TLV_CHECK_RECEIVED_TAGS(context->received_tags, TAG_HMAC_PROOF);
    if (has_group_handle != has_hmac_proof) {
        PRINTF("GROUP_HANDLE and HMAC_PROOF must be provided together!\n");
        return false;
    }
    return true;
}
 
static void print_payload(const s_identity_ctx *context)
{
    UNUSED(context);
    char out[50] = {0};
 
    PRINTF("****************************************************************************\n");
    PRINTF("[Register Identity] - Retrieved Descriptor:\n");
    PRINTF("[Register Identity] -    Contact name:        %s\n",
           context->state->identity.contact_name);
    if (context->state->identity.scope[0] != '\0') {
        PRINTF("[Register Identity] -    Contact scope:       %s\n",
               context->state->identity.scope);
    }
    if (bip32_path_format_simple(&context->state->identity.bip32_path, out, sizeof(out))) {
        PRINTF("[Register Identity] -    Derivation path[%d]: %s\n",
               context->state->identity.bip32_path.length,
               out);
    }
    else {
        PRINTF("[Register Identity] -    Derivation path length[%d] (failed to format)\n",
               context->state->identity.bip32_path.length);
    }
    PRINTF("[Register Identity] -    Blockchain family:   %s\n",
           FAMILY_AS_STR(context->state->identity.blockchain_family));
    if (context->state->identity.blockchain_family == FAMILY_ETHEREUM) {
        PRINTF("[Register Identity] -    Chain ID:            %llu\n",
               context->state->identity.chain_id);
    }
}
 
static bool build_and_send_response(void)
{
    uint8_t group_handle[GROUP_HANDLE_SIZE] = {0};
    uint8_t hmac_proof[CX_SHA256_SIZE]      = {0};
    uint8_t hmac_rest[CX_SHA256_SIZE]       = {0};
    bool    ok                              = false;
 
    if (g_ab_payload.reg.active) {
        // group_handle and HMAC_PROOF were already verified before the UI — use the
        // pre-extracted GID directly and only compute the new HMAC_REST.
        if (!address_book_compute_hmac_rest(&g_ab_payload.reg.identity.bip32_path,
                                            g_ab_payload.reg.gid,
                                            g_ab_payload.reg.identity.scope,
                                            g_ab_payload.reg.identity.identifier,
                                            g_ab_payload.reg.identity.identifier_len,
                                            g_ab_payload.reg.identity.blockchain_family,
                                            g_ab_payload.reg.identity.chain_id,
                                            hmac_rest)) {
            PRINTF("[Register Identity] Error: Failed to compute HMAC_REST for new address\n");
            goto end;
        }
        // Echo back the verified group_handle and hmac_proof; only hmac_rest is new
        memmove(group_handle, g_ab_payload.reg.group_handle, GROUP_HANDLE_SIZE);
        memmove(hmac_proof, g_ab_payload.reg.hmac_proof, CX_SHA256_SIZE);
    }
    else {
        if (!address_book_generate_group_handle(&g_ab_payload.reg.identity.bip32_path,
                                                group_handle)) {
            PRINTF("[Register Identity] Error: Failed to generate group handle\n");
            goto end;
        }
        // group_handle layout: gid(32) | MAC(K_group, gid)(32) — use only the GID prefix here
        const uint8_t *gid = group_handle;
        if (!address_book_compute_hmac_proof(&g_ab_payload.reg.identity.bip32_path,
                                             gid,
                                             g_ab_payload.reg.identity.contact_name,
                                             hmac_proof)) {
            PRINTF("[Register Identity] Error: Failed to compute HMAC_PROOF\n");
            goto end;
        }
        if (!address_book_compute_hmac_rest(&g_ab_payload.reg.identity.bip32_path,
                                            gid,
                                            g_ab_payload.reg.identity.scope,
                                            g_ab_payload.reg.identity.identifier,
                                            g_ab_payload.reg.identity.identifier_len,
                                            g_ab_payload.reg.identity.blockchain_family,
                                            g_ab_payload.reg.identity.chain_id,
                                            hmac_rest)) {
            PRINTF("[Register Identity] Error: Failed to compute HMAC_REST\n");
            goto end;
        }
    }
    ok = address_book_send_register_identity_response(group_handle, hmac_proof, hmac_rest);
 
end:
    explicit_bzero(group_handle, sizeof(group_handle));
    explicit_bzero(hmac_proof, sizeof(hmac_proof));
    explicit_bzero(hmac_rest, sizeof(hmac_rest));
    return ok;
}
 
static void review_choice(bool confirm)
{
    if (confirm) {
        bool ok = build_and_send_response();
        if (!ok) {
            PRINTF("[Register Identity] Error: Failed to build and send HMAC proof\n");
        }
        address_book_finalize_review(ok,
                                     "Saved to your Contacts",
                                     "Error during registration",
                                     finalize_ui_register_identity);
    }
    else {
        address_book_handle_review_rejected(finalize_ui_register_identity);
    }
}
 
static void ui_display(void)
{
    memset(&g_ab_ui.list, 0, sizeof(g_ab_ui.list));
    g_ab_ui.list.nbPairs  = 4;  // name + scope + identifier + network
    g_ab_ui.list.callback = get_register_identity_tagValue;
    address_book_display_review(&LARGE_ADDRESS_BOOK_ICON,
                                "Review contact details",
#ifdef SCREEN_SIZE_WALLET
                                "Confirm contact details?",
#else
                                "Confirm contact details",
#endif
                                review_choice);
}
 
/* Exported functions --------------------------------------------------------*/
 
bolos_err_t register_identity(uint8_t *buffer_in, size_t buffer_in_length)
{
    const buffer_t payload = {.ptr = buffer_in, .size = buffer_in_length};
    s_identity_ctx ctx     = {0};
 
    // Init the structure
    memset(&g_ab_payload.reg, 0, sizeof(g_ab_payload.reg));
    ctx.state = &g_ab_payload.reg;
 
    // Parse using SDK TLV parser — handlers write directly into g_ab_payload.reg via ctx.state
    if (!identity_tlv_parser(&payload, &ctx, &ctx.received_tags)) {
        PRINTF("[Register Identity] Failed to parse TLV payload\n");
        return SWO_INCORRECT_DATA;
    }
    if (!verify_fields(&ctx)) {
        return SWO_INCORRECT_DATA;
    }
    print_payload(&ctx);
 
    // Validate group-handle integrity and caller ownership before showing the UI.
    // These are input checks (wallet-supplied data) — failing here returns an error
    // immediately; only internal crypto operations remain post-confirm.
    if (TLV_CHECK_RECEIVED_TAGS(ctx.received_tags, TAG_GROUP_HANDLE)) {
        g_ab_payload.reg.active = true;
        if (!address_book_verify_group_handle(&g_ab_payload.reg.identity.bip32_path,
                                              g_ab_payload.reg.group_handle,
                                              g_ab_payload.reg.gid)) {
            PRINTF("[Register Identity] Error: Group handle verification failed\n");
            return SWO_SECURITY_CONDITION_NOT_SATISFIED;
        }
        if (!address_book_verify_hmac_proof(&g_ab_payload.reg.identity.bip32_path,
                                            g_ab_payload.reg.gid,
                                            g_ab_payload.reg.identity.contact_name,
                                            g_ab_payload.reg.hmac_proof)) {
            PRINTF("[Register Identity] Error: HMAC_PROOF verification failed\n");
            return SWO_SECURITY_CONDITION_NOT_SATISFIED;
        }
    }
 
    // Check the Identity validity according to the Coin application logic
    if (!handle_check_register_identity(&g_ab_payload.reg.identity)) {
        PRINTF("[Register Identity] Error: Identity rejected by coin application\n");
        return SWO_WRONG_PARAMETER_VALUE;
    }
 
    // Display confirmation UI
    ui_display();
    return SWO_NO_RESPONSE;
}
 
#endif  // HAVE_ADDRESS_BOOK