ledger-secure-sdk/nano/ledger__account__provide__contact_8c_source.html

/*****************************************************************************

 *   (c) 2026 Ledger SAS.

 *

 *  Licensed under the Apache License, Version 2.0 (the "License");

 *  you may not use this file except in compliance with the License.

 *  You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 *  Unless required by applicable law or agreed to in writing, software

 *  distributed under the License is distributed on an "AS IS" BASIS,

 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 *  See the License for the specific language governing permissions and

 *  limitations under the License.

 *****************************************************************************/


/* Includes ------------------------------------------------------------------*/

#include <string.h>

#include "os_utils.h"

#include "status_words.h"

#include "tlv_library.h"

#include "buffer.h"

#include "bip32.h"

#include "address_book.h"

#include "address_book_entrypoints.h"

#include "address_book_crypto.h"

#include "address_book_common.h"

#include "ledger_account.h"


#if defined(HAVE_ADDRESS_BOOK) && defined(HAVE_ADDRESS_BOOK_LEDGER_ACCOUNT)


/* Private defines------------------------------------------------------------*/

#define STRUCT_VERSION 0x01


/* Private types, structures, unions -----------------------------------------*/

typedef struct {

    ledger_account_t *ledger_account;

    TLV_reception_t   received_tags;

    uint8_t           hmac_proof[CX_SHA256_SIZE];

} s_provide_ledger_account_ctx;


/* Private macros-------------------------------------------------------------*/

#define PROVIDE_LEDGER_ACCOUNT_TAGS(X)                                           \

    X(0x01, TAG_STRUCTURE_TYPE, handle_struct_type, ENFORCE_UNIQUE_TAG)          \

    X(0x02, TAG_STRUCTURE_VERSION, handle_struct_version, ENFORCE_UNIQUE_TAG)    \

    X(0xf0, TAG_CONTACT_NAME, handle_contact_name, ENFORCE_UNIQUE_TAG)           \

    X(0x21, TAG_DERIVATION_PATH, handle_derivation_path, ENFORCE_UNIQUE_TAG)     \

    X(0x23, TAG_CHAIN_ID, handle_chain_id, ENFORCE_UNIQUE_TAG)                   \

    X(0x51, TAG_BLOCKCHAIN_FAMILY, handle_blockchain_family, ENFORCE_UNIQUE_TAG) \

    X(0x29, TAG_HMAC_PROOF, handle_hmac_proof, ENFORCE_UNIQUE_TAG)


/* Private variables ---------------------------------------------------------*/


/* Private functions ---------------------------------------------------------*/


static bool handle_struct_type(const tlv_data_t *data, s_provide_ledger_account_ctx *context)

{

    UNUSED(context);

    if (!tlv_enforce_u8_value(data, TYPE_PROVIDE_LEDGER_ACCOUNT_CONTACT)) {

        PRINTF("[Provide Ledger Account] Invalid STRUCTURE_TYPE value\n");

        return false;

    }

    return true;

}


static bool handle_struct_version(const tlv_data_t *data, s_provide_ledger_account_ctx *context)

{

    UNUSED(context);

    if (!tlv_enforce_u8_value(data, STRUCT_VERSION)) {

        PRINTF("[Provide Ledger Account] Invalid STRUCTURE_VERSION value\n");

        return false;

    }

    return true;

}


static bool handle_contact_name(const tlv_data_t *data, s_provide_ledger_account_ctx *context)

{

    if (!address_book_handle_printable_string(data,

                                              context->ledger_account->account_name,

                                              sizeof(context->ledger_account->account_name))) {

        PRINTF("[Provide Ledger Account] CONTACT_NAME: failed to parse\n");

        return false;

    }

    return true;

}


static bool handle_derivation_path(const tlv_data_t *data, s_provide_ledger_account_ctx *context)

{

    return address_book_handle_derivation_path(data, &context->ledger_account->bip32_path);

}


static bool handle_chain_id(const tlv_data_t *data, s_provide_ledger_account_ctx *context)

{

    return address_book_handle_chain_id(data, &context->ledger_account->chain_id);

}


static bool handle_blockchain_family(const tlv_data_t *data, s_provide_ledger_account_ctx *context)

{

    return address_book_handle_blockchain_family(data, &context->ledger_account->blockchain_family);

}


static bool handle_hmac_proof(const tlv_data_t *data, s_provide_ledger_account_ctx *context)

{

    buffer_t buf = {0};

    if (!get_buffer_from_tlv_data(data, &buf, CX_SHA256_SIZE, CX_SHA256_SIZE)) {

        PRINTF("[Provide Ledger Account] HMAC_PROOF: invalid length (expected %d bytes)\n",

               CX_SHA256_SIZE);

        return false;

    }

    memmove(context->hmac_proof, buf.ptr, CX_SHA256_SIZE);

    return true;

}


DEFINE_TLV_PARSER(PROVIDE_LEDGER_ACCOUNT_TAGS, NULL, provide_ledger_account_tlv_parser)


static bool verify_fields(const s_provide_ledger_account_ctx *context)

{

    bool result = TLV_CHECK_RECEIVED_TAGS(context->received_tags,

                                          TAG_STRUCTURE_TYPE,

                                          TAG_STRUCTURE_VERSION,

                                          TAG_CONTACT_NAME,

                                          TAG_DERIVATION_PATH,

                                          TAG_BLOCKCHAIN_FAMILY,

                                          TAG_HMAC_PROOF);

    if (!result) {

        PRINTF("[Provide Ledger Account] Missing mandatory fields!\n");

        return false;

    }

    if (context->ledger_account->blockchain_family == FAMILY_ETHEREUM) {

        result = TLV_CHECK_RECEIVED_TAGS(context->received_tags, TAG_CHAIN_ID);

        if (!result) {

            PRINTF("[Provide Ledger Account] Missing CHAIN_ID for Ethereum family!\n");

            return false;

        }

    }

    return true;

}


static void print_payload(const s_provide_ledger_account_ctx *context)

{

    UNUSED(context);

    char out[50] = {0};


    PRINTF("****************************************************************************\n");

    PRINTF("[Provide Ledger Account] - Retrieved Descriptor:\n");

    PRINTF("[Provide Ledger Account] -    Account name:        %s\n",

           context->ledger_account->account_name);

    if (bip32_path_format_simple(&context->ledger_account->bip32_path, out, sizeof(out))) {

        PRINTF("[Provide Ledger Account] -    Derivation path[%d]: %s\n",

               context->ledger_account->bip32_path.length,

               out);

    }

    else {

        PRINTF("[Provide Ledger Account] -    Derivation path length[%d] (failed to format)\n",

               context->ledger_account->bip32_path.length);

    }

    PRINTF("[Provide Ledger Account] -    Blockchain family:   %s\n",

           FAMILY_AS_STR(context->ledger_account->blockchain_family));

    if (context->ledger_account->blockchain_family == FAMILY_ETHEREUM) {

        PRINTF("[Provide Ledger Account] -    Chain ID:            %llu\n",

               context->ledger_account->chain_id);

    }

}


/* Exported functions --------------------------------------------------------*/


bolos_err_t provide_ledger_account_contact(uint8_t *buffer_in, size_t buffer_in_length)

{

    const buffer_t               payload = {.ptr = buffer_in, .size = buffer_in_length};

    s_provide_ledger_account_ctx ctx     = {0};


    // Init the structure

    ctx.ledger_account = &g_ab_payload.ledger_account;

    memset(&g_ab_payload.ledger_account, 0, sizeof(g_ab_payload.ledger_account));


    // Parse using SDK TLV parser

    if (!provide_ledger_account_tlv_parser(&payload, &ctx, &ctx.received_tags)) {

        PRINTF("[Provide Ledger Account] TLV parsing failed\n");

        return SWO_INCORRECT_DATA;

    }

    if (!verify_fields(&ctx)) {

        return SWO_INCORRECT_DATA;

    }

    print_payload(&ctx);


    // Verify HMAC Proof of Registration: HMAC(bip32_path, account_name, family, chain_id)

    if (!address_book_verify_hmac_proof_ledger_account(

            &g_ab_payload.ledger_account.bip32_path,

            g_ab_payload.ledger_account.account_name,

            g_ab_payload.ledger_account.blockchain_family,

            g_ab_payload.ledger_account.chain_id,

            ctx.hmac_proof)) {

        PRINTF("[Provide Ledger Account] HMAC proof verification failed\n");

        return SWO_SECURITY_CONDITION_NOT_SATISFIED;

    }


    // Pass verified contact to the coin app for storage

    if (!handle_provide_ledger_account(&g_ab_payload.ledger_account)) {

        PRINTF("[Provide Ledger Account] Rejected by coin application\n");

        return SWO_WRONG_PARAMETER_VALUE;

    }


    return SWO_SUCCESS;

}


#endif  // HAVE_ADDRESS_BOOK && HAVE_ADDRESS_BOOK_LEDGER_ACCOUNT

address_book.h

FAMILY_ETHEREUM
@ FAMILY_ETHEREUM
Definition address_book.h:26

FAMILY_AS_STR
#define FAMILY_AS_STR(x)
Definition address_book.h:34

address_book_common.h

address_book_crypto.h

address_book_entrypoints.h

bip32_path_format_simple
bool bip32_path_format_simple(path_bip32_t *bip32, char *out, size_t out_len)
Format a BIP32 path as a string.
Definition bip32.c:92

bip32.h

buffer.h

ledger_account.h

provide_ledger_account_contact
bolos_err_t provide_ledger_account_contact(uint8_t *buffer_in, size_t buffer_in_length)

TYPE_PROVIDE_LEDGER_ACCOUNT_CONTACT
#define TYPE_PROVIDE_LEDGER_ACCOUNT_CONTACT
Definition ledger_account.h:28

buffer_t
Definition buffer.h:21

buffer_t::ptr
uint8_t * ptr
Definition buffer.h:22

ledger_account_t
Data extracted from a Register Ledger Account TLV payload.
Definition ledger_account.h:36