Merge remote-tracking branch 'origin/main' into feat/LDG-510--nano-ap…

…p-implement-signtransfer-method
blooo-io · Nov 28, 2024 · b2e46c4 · b2e46c4
2 parents 7397267 + 4de3bf8
commit b2e46c4
Show file tree

Hide file tree

Showing 4 changed files with 50 additions and 17 deletions.
diff --git a/src/handler/verify_address.c b/src/handler/verify_address.c
@@ -134,19 +134,28 @@ int handler_verify_address(buffer_t *cdata, bool is_new_address) {
                                      LEGACY_PRF_KEY | HARDENED_OFFSET};
     }
 
+    // Initialize credential ID and PRF key
     uint8_t credential_id[CREDENTIAL_ID_LEN];
     uint8_t prf_key[32];
 
-    if (get_bls_private_key(prf_key_path, prf_key_path_len, prf_key, sizeof(prf_key)) == -1) {
-        return io_send_sw(SW_VERIFY_ADDRESS_FAIL);
+    int rtn = get_bls_private_key(prf_key_path, prf_key_path_len, prf_key, sizeof(prf_key));
+    switch (rtn) {
+        case -1:  // derivation path error
+            return io_send_sw(SW_DERIVATION_PATH_FAIL);
+        case -2:  // key initialization error
+            return io_send_sw(SW_KEY_INIT_FAIL);
+        case -3:  // BLS key generation error
+            return io_send_sw(SW_BLS_KEY_GEN_FAIL);
+        default:
+            break;
     }
 
     if (get_credential_id(prf_key,
                           sizeof(prf_key),
                           G_context.verify_address_info.credential_counter,
                           credential_id,
                           sizeof(credential_id)) != CX_OK) {
-        return io_send_sw(SW_VERIFY_ADDRESS_FAIL);
+        return io_send_sw(SW_CREDENTIAL_ID_GEN_FAIL);
     }
 
     // Empty prf_key
@@ -164,7 +173,7 @@ int handler_verify_address(buffer_t *cdata, bool is_new_address) {
                                 G_context.verify_address_info.address,
                                 address_len);
     if (rtn < 0) {
-        return io_send_sw(SW_VERIFY_ADDRESS_FAIL);
+        return io_send_sw(SW_ADDRESS_ENCODING_FAIL);
     }
 
     return ui_display_verify_address();

diff --git a/src/helper/util.c b/src/helper/util.c
@@ -55,7 +55,7 @@ int get_private_key_from_path(uint32_t *path, size_t path_len, cx_ecfp_private_k
     if (rtn == 0 &&
         cx_ecfp_init_private_key_no_throw(CX_CURVE_Ed25519, private_key_data, 32, private_key) !=
             CX_OK) {
-        rtn = -1;
+        rtn = -2;
     }
     explicit_bzero(private_key_data, sizeof(private_key_data));
     return rtn;
@@ -113,15 +113,24 @@ int get_bls_private_key(uint32_t *path,
                         size_t private_key_len) {
     cx_ecfp_private_key_t private_key_seed;
 
-    if (get_private_key_from_path(path, path_len, &private_key_seed) == -1) {
-        return -1;
+    int rtn = get_private_key_from_path(path, path_len, &private_key_seed);
+    switch (rtn) {
+        case -1:  // derivation path error
+            return -1;
+        case -2:  // key initialization error
+            return -2;
+        default:
+            break;
     }
-
-    if (bls_key_gen_from_seed(private_key_seed.d,
-                              sizeof(private_key_seed.d),
-                              private_key,
-                              private_key_len) == -1) {
-        return -1;
+    rtn = bls_key_gen_from_seed(private_key_seed.d,
+                                sizeof(private_key_seed.d),
+                                private_key,
+                                private_key_len);
+    switch (rtn) {
+        case -1:  // BLS key generation error
+            return -3;
+        default:
+            break;
     }
 
     explicit_bzero(&private_key_seed, sizeof(private_key_seed));

diff --git a/src/helper/util.h b/src/helper/util.h
@@ -19,7 +19,16 @@ static const uint8_t r[32] = {0x73, 0xed, 0xa7, 0x53, 0x29, 0x9d, 0x7d, 0x48, 0x
 int get_identity_index_account_display();
 
 /**
- * Get the BLS private key from the path.
+ * Derive a BLS private key from a BIP32 path by first deriving an Ed25519 seed
+ * and then converting it to a BLS key.
+ *
+ * @param[in] path              Pointer to the BIP32 path
+ * @param[in] path_len          Length of the BIP32 path
+ * @param[out] private_key      Buffer to store the derived BLS private key
+ * @param[in] private_key_len   Length of the private key buffer
+ *
+ * @return 0 on success, -1 on derivation path error, -2 on key initialization error,
+ *         -3 on BLS key generation error
  */
 int get_bls_private_key(uint32_t *path,
                         size_t path_len,
@@ -48,13 +57,13 @@ int address_to_base58(const uint8_t *address,
                       size_t encoded_address_len);
 
 /**
- * Derive a private key from a BIP32 path.
+ * Derive an Ed25519 private key from a BIP32 path using SLIP-0010 derivation.
  *
  * @param[in] path          Pointer to the BIP32 path
  * @param[in] path_len      Length of the BIP32 path
- * @param[out] private_key  Pointer to the private key
+ * @param[out] private_key  Pointer to store the derived private key
  *
- * @return 0 on success, -1 on error
+ * @return 0 on success, -1 on derivation error, -2 on key initialization error
  */
 int get_private_key_from_path(uint32_t *path, size_t path_len, cx_ecfp_private_key_t *private_key);
 

diff --git a/src/sw.h b/src/sw.h
@@ -64,3 +64,9 @@
  * Status word for error in verify address.
  */
 #define SW_VERIFY_ADDRESS_FAIL 0xB009
+
+#define SW_BLS_KEY_GEN_FAIL       0xB00A
+#define SW_KEY_INIT_FAIL          0xB00B
+#define SW_CREDENTIAL_ID_GEN_FAIL 0xB00C
+#define SW_ADDRESS_ENCODING_FAIL  0xB00D
+#define SW_DERIVATION_PATH_FAIL   0xB00E