Embedded SDK
Embedded SDK
Loading...
Searching...
No Matches
identity_edit_scope.c
Go to the documentation of this file.
1/*****************************************************************************
2 * (c) 2026 Ledger SAS.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 *****************************************************************************/
16
39/* Includes ------------------------------------------------------------------*/
40#include <string.h>
41#include "os_apdu.h"
42#include "status_words.h"
43#include "tlv_library.h"
44#include "buffer.h"
45#include "bip32.h"
46#include "address_book.h"
47#include "address_book_entrypoints.h"
48#include "address_book_crypto.h"
49#include "address_book_common.h"
50#include "identity.h"
51#include "io.h"
52#include "nbgl_use_case.h"
53
54#if defined(HAVE_ADDRESS_BOOK)
55
56/* Private defines------------------------------------------------------------*/
57#define STRUCT_VERSION 0x01
58
59/* Private types, structures, unions -----------------------------------------*/
60typedef struct {
61 edit_scope_t *edit;
62 TLV_reception_t received_tags;
63 uint8_t hmac_proof[CX_SHA256_SIZE];
64 uint8_t hmac_rest[CX_SHA256_SIZE];
65 uint8_t group_handle[GROUP_HANDLE_SIZE];
66} s_edit_scope_ctx;
67
68/* Private macros-------------------------------------------------------------*/
69#define EDIT_SCOPE_TAGS(X) \
70 X(0x01, TAG_STRUCTURE_TYPE, handle_struct_type, ENFORCE_UNIQUE_TAG) \
71 X(0x02, TAG_STRUCTURE_VERSION, handle_struct_version, ENFORCE_UNIQUE_TAG) \
72 X(0xf0, TAG_CONTACT_NAME, handle_contact_name, ENFORCE_UNIQUE_TAG) \
73 X(0xf1, TAG_SCOPE, handle_scope, ENFORCE_UNIQUE_TAG) \
74 X(0xf2, TAG_ACCOUNT_IDENTIFIER, handle_identifier, ENFORCE_UNIQUE_TAG) \
75 X(0xf5, TAG_PREVIOUS_SCOPE, handle_previous_scope, ENFORCE_UNIQUE_TAG) \
76 X(0xf6, TAG_GROUP_HANDLE, handle_group_handle, ENFORCE_UNIQUE_TAG) \
77 X(0x21, TAG_DERIVATION_PATH, handle_derivation_path, ENFORCE_UNIQUE_TAG) \
78 X(0x23, TAG_CHAIN_ID, handle_chain_id, ENFORCE_UNIQUE_TAG) \
79 X(0x29, TAG_HMAC_PROOF, handle_hmac_proof, ENFORCE_UNIQUE_TAG) \
80 X(0xf7, TAG_HMAC_REST, handle_hmac_rest, ENFORCE_UNIQUE_TAG) \
81 X(0x51, TAG_BLOCKCHAIN_FAMILY, handle_blockchain_family, ENFORCE_UNIQUE_TAG)
82
83/* Private variables ---------------------------------------------------------*/
84
85/* Private functions ---------------------------------------------------------*/
86
94static bool handle_struct_type(const tlv_data_t *data, s_edit_scope_ctx *context)
95{
96 UNUSED(context);
97 if (!tlv_enforce_u8_value(data, TYPE_EDIT_SCOPE)) {
98 PRINTF("[Edit Scope] Invalid STRUCTURE_TYPE value\n");
99 return false;
100 }
101 return true;
102}
103
111static bool handle_struct_version(const tlv_data_t *data, s_edit_scope_ctx *context)
112{
113 UNUSED(context);
114 if (!tlv_enforce_u8_value(data, STRUCT_VERSION)) {
115 PRINTF("[Edit Scope] Invalid STRUCTURE_VERSION value\n");
116 return false;
117 }
118 return true;
119}
120
128static bool handle_contact_name(const tlv_data_t *data, s_edit_scope_ctx *context)
129{
130 if (!address_book_handle_printable_string(data,
131 context->edit->identity.contact_name,
132 sizeof(context->edit->identity.contact_name))) {
133 PRINTF("[Edit Scope] CONTACT_NAME: failed to parse\n");
134 return false;
135 }
136 return true;
137}
138
148static bool handle_scope(const tlv_data_t *data, s_edit_scope_ctx *context)
149{
150 if (!address_book_handle_printable_string(
151 data, context->edit->identity.scope, sizeof(context->edit->identity.scope))) {
152 PRINTF("[Edit Scope] SCOPE: failed to parse\n");
153 return false;
154 }
155 return true;
156}
157
165static bool handle_identifier(const tlv_data_t *data, s_edit_scope_ctx *context)
166{
167 buffer_t buf = {0};
168 if (!get_buffer_from_tlv_data(data, &buf, 1, IDENTIFIER_MAX_LENGTH)) {
169 PRINTF("[Edit Scope] IDENTIFIER: failed to extract\n");
170 return false;
171 }
172 memmove(context->edit->identity.identifier, buf.ptr, buf.size);
173 context->edit->identity.identifier_len = (uint8_t) buf.size;
174 return true;
175}
176
186static bool handle_previous_scope(const tlv_data_t *data, s_edit_scope_ctx *context)
187{
188 if (!address_book_handle_printable_string(
189 data, context->edit->old_scope, sizeof(context->edit->old_scope))) {
190 PRINTF("[Edit Scope] PREVIOUS_SCOPE: failed to parse\n");
191 return false;
192 }
193 return true;
194}
195
203static bool handle_group_handle(const tlv_data_t *data, s_edit_scope_ctx *context)
204{
205 buffer_t buf = {0};
206 if (!get_buffer_from_tlv_data(data, &buf, GROUP_HANDLE_SIZE, GROUP_HANDLE_SIZE)) {
207 PRINTF("[Edit Scope] GROUP_HANDLE: invalid length (expected %d bytes)\n",
208 GROUP_HANDLE_SIZE);
209 return false;
210 }
211 memmove(context->group_handle, buf.ptr, GROUP_HANDLE_SIZE);
212 return true;
213}
214
222static bool handle_derivation_path(const tlv_data_t *data, s_edit_scope_ctx *context)
223{
224 return address_book_handle_derivation_path(data, &context->edit->identity.bip32_path);
225}
226
234static bool handle_chain_id(const tlv_data_t *data, s_edit_scope_ctx *context)
235{
236 return address_book_handle_chain_id(data, &context->edit->identity.chain_id);
237}
238
246static bool handle_blockchain_family(const tlv_data_t *data, s_edit_scope_ctx *context)
247{
248 return address_book_handle_blockchain_family(data, &context->edit->identity.blockchain_family);
249}
250
258static bool handle_hmac_proof(const tlv_data_t *data, s_edit_scope_ctx *context)
259{
260 buffer_t buf = {0};
261 if (!get_buffer_from_tlv_data(data, &buf, CX_SHA256_SIZE, CX_SHA256_SIZE)) {
262 PRINTF("[Edit Scope] HMAC_PROOF: invalid length (expected %d bytes)\n", CX_SHA256_SIZE);
263 return false;
264 }
265 memmove(context->hmac_proof, buf.ptr, CX_SHA256_SIZE);
266 return true;
267}
268
276static bool handle_hmac_rest(const tlv_data_t *data, s_edit_scope_ctx *context)
277{
278 buffer_t buf = {0};
279 if (!get_buffer_from_tlv_data(data, &buf, CX_SHA256_SIZE, CX_SHA256_SIZE)) {
280 PRINTF("[Edit Scope] HMAC_REST: invalid length (expected %d bytes)\n", CX_SHA256_SIZE);
281 return false;
282 }
283 memmove(context->hmac_rest, buf.ptr, CX_SHA256_SIZE);
284 return true;
285}
286
287DEFINE_TLV_PARSER(EDIT_SCOPE_TAGS, NULL, edit_scope_tlv_parser)
288
289
295static bool verify_fields(const s_edit_scope_ctx *context)
296{
297 bool result = TLV_CHECK_RECEIVED_TAGS(context->received_tags,
298 TAG_STRUCTURE_TYPE,
299 TAG_STRUCTURE_VERSION,
300 TAG_CONTACT_NAME,
301 TAG_SCOPE,
302 TAG_ACCOUNT_IDENTIFIER,
303 TAG_PREVIOUS_SCOPE,
304 TAG_GROUP_HANDLE,
305 TAG_DERIVATION_PATH,
306 TAG_BLOCKCHAIN_FAMILY,
307 TAG_HMAC_PROOF,
308 TAG_HMAC_REST);
309 if (!result) {
310 PRINTF("[Edit Scope] Missing mandatory fields!\n");
311 return false;
312 }
313 if (context->edit->identity.blockchain_family == FAMILY_ETHEREUM) {
314 result = TLV_CHECK_RECEIVED_TAGS(context->received_tags, TAG_CHAIN_ID);
315 if (!result) {
316 PRINTF("[Edit Scope] Missing CHAIN_ID for Ethereum!\n");
317 return false;
318 }
319 }
320 return true;
321}
322
329static void print_payload(const s_edit_scope_ctx *context)
330{
331 UNUSED(context);
332 PRINTF("****************************************************************************\n");
333 PRINTF("[Edit Scope] - Retrieved Descriptor:\n");
334 PRINTF("[Edit Scope] - Contact name: %s\n", context->edit->identity.contact_name);
335 PRINTF("[Edit Scope] - Old scope: %s\n", context->edit->old_scope);
336 PRINTF("[Edit Scope] - New scope: %s\n", context->edit->identity.scope);
337 PRINTF("[Edit Scope] - Blockchain family: %s\n",
338 FAMILY_AS_STR(context->edit->identity.blockchain_family));
339 if (context->edit->identity.blockchain_family == FAMILY_ETHEREUM) {
340 PRINTF("[Edit Scope] - Chain ID: %llu\n", context->edit->identity.chain_id);
341 }
342}
343
352static bool build_and_send_response(void)
353{
354 uint8_t hmac_rest[CX_SHA256_SIZE] = {0};
355
356 if (!address_book_compute_hmac_rest(&g_ab_payload.edit_scope.identity.bip32_path,
357 g_ab_payload.edit_scope.identity.gid,
358 g_ab_payload.edit_scope.identity.scope,
359 g_ab_payload.edit_scope.identity.identifier,
360 g_ab_payload.edit_scope.identity.identifier_len,
361 g_ab_payload.edit_scope.identity.blockchain_family,
362 g_ab_payload.edit_scope.identity.chain_id,
363 hmac_rest)) {
364 PRINTF("[Edit Scope] Error: Failed to compute new HMAC_REST\n");
365 return false;
366 }
367
368 bool ok = address_book_send_hmac_proof(TYPE_EDIT_SCOPE, hmac_rest);
369 explicit_bzero(hmac_rest, sizeof(hmac_rest));
370 return ok;
371}
372
378static void review_choice(bool confirm)
379{
380 if (confirm) {
381 bool ok = build_and_send_response();
382 const char *successMsg
383 = (g_ab_payload.edit_scope.identity.blockchain_family == FAMILY_BITCOIN)
384 ? "Scope changed"
385 : "Address name changed";
386 if (ok) {
387 on_edit_scope_applied(&g_ab_payload.edit_scope);
388 }
389 else {
390 PRINTF("[Edit Scope] Error: Failed to build and send HMAC proof\n");
391 }
392 address_book_finalize_review(ok, successMsg, "Error during update", finalize_ui_edit_scope);
393 }
394 else {
395 address_book_handle_review_rejected(finalize_ui_edit_scope);
396 }
397}
398
402static void ui_display(void)
403{
404 uint8_t nbPairs = 0;
405 bool isBitcoin = (g_ab_payload.edit_scope.identity.blockchain_family == FAMILY_BITCOIN);
406
407 memset(&g_ab_ui.list, 0, sizeof(g_ab_ui.list));
408 memset(g_ab_ui.pairs, 0, sizeof(g_ab_ui.pairs));
409 g_ab_ui.pairs[nbPairs].item = "Contact name";
410 g_ab_ui.pairs[nbPairs].value = g_ab_payload.edit_scope.identity.contact_name;
411 nbPairs++;
412 g_ab_ui.pairs[nbPairs].item = isBitcoin ? "Old scope" : "Old address name";
413 g_ab_ui.pairs[nbPairs].value = g_ab_payload.edit_scope.old_scope;
414 nbPairs++;
415 g_ab_ui.pairs[nbPairs].item = isBitcoin ? "New scope" : "New address name";
416 g_ab_ui.pairs[nbPairs].value = g_ab_payload.edit_scope.identity.scope;
417 nbPairs++;
418 g_ab_ui.list.pairs = g_ab_ui.pairs;
419 g_ab_ui.list.nbPairs = nbPairs;
420 address_book_display_review(&LARGE_ADDRESS_BOOK_ICON,
421 "Review change to contact details",
422#ifdef SCREEN_SIZE_WALLET
423 "Confirm change?",
424#else
425 "Confirm change",
426#endif
427 review_choice);
428}
429
430/* Exported functions --------------------------------------------------------*/
431
439bolos_err_t edit_scope(uint8_t *buffer_in, size_t buffer_in_length)
440{
441 const buffer_t payload = {.ptr = buffer_in, .size = buffer_in_length};
442 s_edit_scope_ctx ctx = {0};
443
444 // Init the structure
445 ctx.edit = &g_ab_payload.edit_scope;
446 memset(&g_ab_payload.edit_scope, 0, sizeof(g_ab_payload.edit_scope));
447
448 // Parse using SDK TLV parser
449 if (!edit_scope_tlv_parser(&payload, &ctx, &ctx.received_tags)) {
450 PRINTF("[Edit Scope] TLV parsing failed\n");
451 return SWO_INCORRECT_DATA;
452 }
453 if (!verify_fields(&ctx)) {
454 return SWO_INCORRECT_DATA;
455 }
456 print_payload(&ctx);
457
458 // Verify the group handle and extract the gid
459 if (!address_book_verify_group_handle(&g_ab_payload.edit_scope.identity.bip32_path,
460 ctx.group_handle,
461 g_ab_payload.edit_scope.identity.gid)) {
462 PRINTF("[Edit Scope] Group handle verification failed\n");
463 return SWO_SECURITY_CONDITION_NOT_SATISFIED;
464 }
465
466 // Verify that the wallet holds a valid HMAC_PROOF for the contact name
467 if (!address_book_verify_hmac_proof(&g_ab_payload.edit_scope.identity.bip32_path,
468 g_ab_payload.edit_scope.identity.gid,
469 g_ab_payload.edit_scope.identity.contact_name,
470 ctx.hmac_proof)) {
471 PRINTF("[Edit Scope] HMAC_PROOF verification failed\n");
472 return SWO_SECURITY_CONDITION_NOT_SATISFIED;
473 }
474
475 // Verify that the wallet holds a valid HMAC_REST for the previous scope
476 if (!address_book_verify_hmac_rest(&g_ab_payload.edit_scope.identity.bip32_path,
477 g_ab_payload.edit_scope.identity.gid,
478 g_ab_payload.edit_scope.old_scope,
479 g_ab_payload.edit_scope.identity.identifier,
480 g_ab_payload.edit_scope.identity.identifier_len,
481 g_ab_payload.edit_scope.identity.blockchain_family,
482 g_ab_payload.edit_scope.identity.chain_id,
483 ctx.hmac_rest)) {
484 PRINTF("[Edit Scope] HMAC_REST verification failed\n");
485 return SWO_SECURITY_CONDITION_NOT_SATISFIED;
486 }
487
488 // Display confirmation UI
489 ui_display();
490 return SWO_NO_RESPONSE;
491}
492
493#endif // HAVE_ADDRESS_BOOK
address_book.h
FAMILY_BITCOIN
@ FAMILY_BITCOIN
Definition address_book.h:25
FAMILY_ETHEREUM
@ FAMILY_ETHEREUM
Definition address_book.h:26
FAMILY_AS_STR
#define FAMILY_AS_STR(x)
Definition address_book.h:34
address_book_common.h
address_book_crypto.h
address_book_entrypoints.h
identity.h
Register / Edit Contact Name / Edit Scope / Edit Identifier.
nbgl_use_case.h
API of the Advanced BOLOS Graphical Library, for typical application use-cases.
buffer_t
Definition buffer.h:21
buffer_t::ptr
uint8_t * ptr
Definition buffer.h:22
buffer_t::size
size_t size
Pointer to byte buffer.
Definition buffer.h:23
Generated by doxygen 1.9.8