ledger_account_edit.c

Go to the documentation of this file.

/*****************************************************************************
 *   (c) 2026 Ledger SAS.
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 *****************************************************************************/
 
/* Includes ------------------------------------------------------------------*/
#include <string.h>
#include "os_apdu.h"
#include "status_words.h"
#include "tlv_library.h"
#include "buffer.h"
#include "bip32.h"
#include "address_book.h"
#include "address_book_entrypoints.h"
#include "address_book_crypto.h"
#include "address_book_common.h"
#include "ledger_account.h"
#include "io.h"
#include "nbgl_use_case.h"
 
#if defined(HAVE_ADDRESS_BOOK) && defined(HAVE_ADDRESS_BOOK_LEDGER_ACCOUNT)
 
/* Private defines------------------------------------------------------------*/
#define STRUCT_VERSION 0x01
 
/* Private enumerations ------------------------------------------------------*/
 
/* Private types, structures, unions -----------------------------------------*/
 
typedef struct {
    edit_ledger_account_t *edit;
    TLV_reception_t        received_tags;
    uint8_t                hmac_proof[CX_SHA256_SIZE];  
} s_edit_ledger_account_ctx;
 
/* Private macros-------------------------------------------------------------*/
#define EDIT_LEDGER_ACCOUNT_TAGS(X)                                           \
    X(0x01, TAG_STRUCTURE_TYPE, handle_struct_type, ENFORCE_UNIQUE_TAG)       \
    X(0x02, TAG_STRUCTURE_VERSION, handle_struct_version, ENFORCE_UNIQUE_TAG) \
    X(0xf0, TAG_CONTACT_NAME, handle_contact_name, ENFORCE_UNIQUE_TAG)        \
    X(0xf3, TAG_PREVIOUS_NAME, handle_previous_name, ENFORCE_UNIQUE_TAG)      \
    X(0x21, TAG_DERIVATION_PATH, handle_derivation_path, ENFORCE_UNIQUE_TAG)  \
    X(0x23, TAG_CHAIN_ID, handle_chain_id, ENFORCE_UNIQUE_TAG)                \
    X(0x29, TAG_HMAC_PROOF, handle_hmac_proof, ENFORCE_UNIQUE_TAG)            \
    X(0x51, TAG_BLOCKCHAIN_FAMILY, handle_blockchain_family, ENFORCE_UNIQUE_TAG)
 
/* Private variables ---------------------------------------------------------*/
 
/* Private functions ---------------------------------------------------------*/
 
static bool handle_struct_type(const tlv_data_t *data, s_edit_ledger_account_ctx *context)
{
    UNUSED(context);
    if (!tlv_enforce_u8_value(data, TYPE_EDIT_LEDGER_ACCOUNT)) {
        PRINTF("[Edit Ledger Account] Invalid STRUCTURE_TYPE value\n");
        return false;
    }
    return true;
}
 
static bool handle_struct_version(const tlv_data_t *data, s_edit_ledger_account_ctx *context)
{
    UNUSED(context);
    if (!tlv_enforce_u8_value(data, STRUCT_VERSION)) {
        PRINTF("[Edit Ledger Account] Invalid STRUCTURE_VERSION value\n");
        return false;
    }
    return true;
}
 
static bool handle_contact_name(const tlv_data_t *data, s_edit_ledger_account_ctx *context)
{
    if (!address_book_handle_printable_string(data,
                                              context->edit->ledger_account.account_name,
                                              sizeof(context->edit->ledger_account.account_name))) {
        PRINTF("CONTACT_NAME: failed to parse\n");
        return false;
    }
    return true;
}
 
static bool handle_previous_name(const tlv_data_t *data, s_edit_ledger_account_ctx *context)
{
    if (!address_book_handle_printable_string(
            data, context->edit->old_account_name, sizeof(context->edit->old_account_name))) {
        PRINTF("PREVIOUS_NAME: failed to parse\n");
        return false;
    }
    return true;
}
 
static bool handle_derivation_path(const tlv_data_t *data, s_edit_ledger_account_ctx *context)
{
    return address_book_handle_derivation_path(data, &context->edit->ledger_account.bip32_path);
}
 
static bool handle_chain_id(const tlv_data_t *data, s_edit_ledger_account_ctx *context)
{
    return address_book_handle_chain_id(data, &context->edit->ledger_account.chain_id);
}
 
static bool handle_blockchain_family(const tlv_data_t *data, s_edit_ledger_account_ctx *context)
{
    return address_book_handle_blockchain_family(data,
                                                 &context->edit->ledger_account.blockchain_family);
}
 
static bool handle_hmac_proof(const tlv_data_t *data, s_edit_ledger_account_ctx *context)
{
    buffer_t buf = {0};
    if (!get_buffer_from_tlv_data(data, &buf, CX_SHA256_SIZE, CX_SHA256_SIZE)) {
        PRINTF("[Edit Ledger Account] HMAC_PROOF: invalid length (expected %d bytes)\n",
               CX_SHA256_SIZE);
        return false;
    }
    memmove(context->hmac_proof, buf.ptr, CX_SHA256_SIZE);
    return true;
}
 
DEFINE_TLV_PARSER(EDIT_LEDGER_ACCOUNT_TAGS, NULL, edit_ledger_account_tlv_parser)
 
 
static bool verify_fields(const s_edit_ledger_account_ctx *context)
{
    bool result = TLV_CHECK_RECEIVED_TAGS(context->received_tags,
                                          TAG_STRUCTURE_TYPE,
                                          TAG_STRUCTURE_VERSION,
                                          TAG_CONTACT_NAME,
                                          TAG_PREVIOUS_NAME,
                                          TAG_DERIVATION_PATH,
                                          TAG_BLOCKCHAIN_FAMILY,
                                          TAG_HMAC_PROOF);
    if (!result) {
        PRINTF("Missing mandatory fields in Edit Ledger Account descriptor!\n");
        return false;
    }
    if (context->edit->ledger_account.blockchain_family == FAMILY_ETHEREUM) {
        result = TLV_CHECK_RECEIVED_TAGS(context->received_tags, TAG_CHAIN_ID);
        if (!result) {
            PRINTF("Missing CHAIN_ID for Ethereum family in Edit Ledger Account descriptor!\n");
            return false;
        }
    }
    return true;
}
 
static void print_payload(const s_edit_ledger_account_ctx *context)
{
    UNUSED(context);
    char out[50] = {0};
 
    PRINTF("****************************************************************************\n");
    PRINTF("[Edit Ledger Account] - Retrieved Descriptor:\n");
    PRINTF("[Edit Ledger Account] -    Old name:            %s\n", context->edit->old_account_name);
    PRINTF("[Edit Ledger Account] -    New name:            %s\n",
           context->edit->ledger_account.account_name);
    if (bip32_path_format_simple(&context->edit->ledger_account.bip32_path, out, sizeof(out))) {
        PRINTF("[Edit Ledger Account] -    Derivation path[%d]: %s\n",
               context->edit->ledger_account.bip32_path.length,
               out);
    }
    else {
        PRINTF("[Edit Ledger Account] -    Derivation path length[%d] (failed to format)\n",
               context->edit->ledger_account.bip32_path.length);
    }
    PRINTF("[Edit Ledger Account] -    Blockchain family:   %s\n",
           FAMILY_AS_STR(context->edit->ledger_account.blockchain_family));
    if (context->edit->ledger_account.blockchain_family == FAMILY_ETHEREUM) {
        PRINTF("[Edit Ledger Account] -    Chain ID:            %llu\n",
               context->edit->ledger_account.chain_id);
    }
}
 
static bool build_and_send_response(void)
{
    uint8_t hmac_proof[CX_SHA256_SIZE] = {0};
 
    if (!address_book_compute_hmac_proof_ledger_account(
            &g_ab_payload.edit_ledger_account.ledger_account.bip32_path,
            (const char *) g_ab_payload.edit_ledger_account.ledger_account.account_name,
            g_ab_payload.edit_ledger_account.ledger_account.blockchain_family,
            g_ab_payload.edit_ledger_account.ledger_account.chain_id,
            hmac_proof)) {
        PRINTF("[Edit Ledger Account] Error: Failed to compute new HMAC proof\n");
        return false;
    }
 
    bool ok = address_book_send_hmac_proof(TYPE_EDIT_LEDGER_ACCOUNT, hmac_proof);
    explicit_bzero(hmac_proof, sizeof(hmac_proof));
    return ok;
}
 
static void review_choice(bool confirm)
{
    if (confirm) {
        bool ok = build_and_send_response();
        if (ok) {
            on_edit_ledger_account_applied(&g_ab_payload.edit_ledger_account);
        }
        else {
            PRINTF("[Edit Ledger Account] Error: Failed to build and send HMAC proof\n");
        }
        address_book_finalize_review(
            ok, "Account name changed", "Error during update", finalize_ui_edit_ledger_account);
    }
    else {
        address_book_handle_review_rejected(finalize_ui_edit_ledger_account);
    }
}
 
static void ui_display(void)
{
    uint8_t nbPairs = 0;
    memset(&g_ab_ui.list, 0, sizeof(g_ab_ui.list));
    memset(g_ab_ui.pairs, 0, sizeof(g_ab_ui.pairs));
    g_ab_ui.pairs[nbPairs].item  = "Old name";
    g_ab_ui.pairs[nbPairs].value = g_ab_payload.edit_ledger_account.old_account_name;
    nbPairs++;
    g_ab_ui.pairs[nbPairs].item  = "New name";
    g_ab_ui.pairs[nbPairs].value = g_ab_payload.edit_ledger_account.ledger_account.account_name;
    nbPairs++;
    g_ab_ui.list.pairs   = g_ab_ui.pairs;
    g_ab_ui.list.nbPairs = nbPairs;
    address_book_display_review(NULL,
                                "Edit account name",
#ifdef SCREEN_SIZE_WALLET
                                "Confirm edit?",
#else
                                "Confirm edit",
#endif
                                review_choice);
}
 
/* Exported functions --------------------------------------------------------*/
 
bolos_err_t edit_ledger_account(uint8_t *buffer_in, size_t buffer_in_length)
{
    const buffer_t            payload = {.ptr = buffer_in, .size = buffer_in_length};
    s_edit_ledger_account_ctx ctx     = {0};
 
    // Init the structure
    ctx.edit = &g_ab_payload.edit_ledger_account;
    memset(&g_ab_payload.edit_ledger_account, 0, sizeof(g_ab_payload.edit_ledger_account));
 
    // Parse using SDK TLV parser
    if (!edit_ledger_account_tlv_parser(&payload, &ctx, &ctx.received_tags)) {
        PRINTF("[Edit Ledger Account] TLV parsing failed\n");
        return SWO_INCORRECT_DATA;
    }
    if (!verify_fields(&ctx)) {
        return SWO_INCORRECT_DATA;
    }
    print_payload(&ctx);
 
    // Verify that the host holds a valid proof from the previous registration
    if (!address_book_verify_hmac_proof_ledger_account(
            &g_ab_payload.edit_ledger_account.ledger_account.bip32_path,
            g_ab_payload.edit_ledger_account.old_account_name,
            g_ab_payload.edit_ledger_account.ledger_account.blockchain_family,
            g_ab_payload.edit_ledger_account.ledger_account.chain_id,
            ctx.hmac_proof)) {
        PRINTF("[Edit Ledger Account] HMAC proof verification failed\n");
        return SWO_SECURITY_CONDITION_NOT_SATISFIED;
    }
 
    // Coin-app validation: derive and cache the address
    if (!handle_check_edit_ledger_account(&g_ab_payload.edit_ledger_account)) {
        PRINTF("[Edit Ledger Account] Coin-app rejected edit\n");
        return SWO_INCORRECT_DATA;
    }
 
    // Display confirmation UI
    ui_display();
    return SWO_NO_RESPONSE;
}
 
#endif  // HAVE_ADDRESS_BOOK && HAVE_ADDRESS_BOOK_LEDGER_ACCOUNT