From 91d99cf169f77c2521bd0e964a68c4bac43ceab0 Mon Sep 17 00:00:00 2001 From: Ariel Mendelzon Date: Fri, 24 May 2024 02:13:38 +1200 Subject: [PATCH 1/5] Decoupling business layer from hardware layer in Signer component (#177) - Added HAL headers - Added HAL implementation for Ledger - Refactored necessary common sources - Refactored necessary Signer sources - Updated Signer Makefile to include HAL code - Removed HSM_SIMULATOR define in favor of HSM_PLATFORM_* defines - Included X86 (partial) implemenations of some HAL modules (exceptions, logging, hashing) - Renamed UI communication module to avoid name clashing with HAL - Changed platform define in Makefile --- ledger/src/common/src/apdu.h | 30 +- ledger/src/common/src/memutil.h | 5 +- ledger/src/common/src/runtime.h | 21 +- ledger/src/hal/include/hal/communication.h | 75 +++++ ledger/src/hal/include/hal/endorsement.h | 72 +++++ ledger/src/hal/include/hal/exceptions.h | 219 ++++++++++++++ ledger/src/hal/include/hal/hash.h | 177 ++++++++++++ .../src/dbg.h => hal/include/hal/log.h} | 26 +- ledger/src/hal/include/hal/nvmem.h | 43 +++ ledger/src/hal/include/hal/platform.h | 45 +++ ledger/src/hal/include/hal/seed.h | 76 +++++ .../{signer/src => hal/src/common}/sha256.c | 0 .../{signer/src => hal/src/common}/sha256.h | 0 .../src/ledger/communication.c} | 50 ++-- ledger/src/hal/src/ledger/endorsement.c | 70 +++++ ledger/src/hal/src/ledger/hash.c | 86 ++++++ .../hsm-ledger.h => hal/src/ledger/nvmem.c} | 11 +- ledger/src/hal/src/ledger/platform.c | 41 +++ .../src/sign.c => hal/src/ledger/seed.c} | 104 +++---- ledger/src/hal/src/ledger/sha256.c | 1 + ledger/src/hal/src/ledger/sha256.h | 1 + ledger/src/signer/Makefile | 9 +- ledger/src/signer/src/attestation.c | 109 ++++--- ledger/src/signer/src/auth.c | 28 +- ledger/src/signer/src/auth.h | 2 + ledger/src/signer/src/auth_path.c | 4 +- ledger/src/signer/src/auth_receipt.c | 12 +- ledger/src/signer/src/auth_receipt.h | 5 +- ledger/src/signer/src/auth_trie.c | 18 +- ledger/src/signer/src/auth_trie.h | 7 +- ledger/src/signer/src/auth_tx.c | 137 ++++----- ledger/src/signer/src/auth_tx.h | 13 +- ledger/src/signer/src/bc_advance.c | 29 +- ledger/src/signer/src/bc_ancestor.c | 4 +- ledger/src/signer/src/bc_block.h | 7 +- ledger/src/signer/src/bc_diff.c | 4 +- ledger/src/signer/src/bc_diff.h | 2 +- ledger/src/signer/src/bc_err.c | 2 +- ledger/src/signer/src/bc_err.h | 2 + ledger/src/signer/src/bc_hash.h | 24 +- ledger/src/signer/src/bc_nu.h | 2 +- ledger/src/signer/src/bc_state.c | 10 +- ledger/src/signer/src/bc_state.h | 2 +- ledger/src/signer/src/common_requirements.h | 31 ++ ledger/src/signer/src/heartbeat.c | 30 +- ledger/src/signer/src/heartbeat.h | 3 - ledger/src/signer/src/hsm.c | 87 ++++-- ledger/src/signer/src/hsm.h | 8 +- ledger/src/signer/src/keccak256.c | 267 ------------------ ledger/src/signer/src/keccak256.h | 81 ------ ledger/src/signer/src/main.c | 12 +- ledger/src/signer/src/mem.h | 10 +- ledger/src/signer/src/nvm.h | 9 +- ledger/src/signer/src/sign.h | 67 ----- ledger/src/signer/src/srlp.c | 22 +- ledger/src/tcpsigner/communication.c | 1 - ledger/src/tcpsigner/communication.h | 1 - ledger/src/ui/Makefile | 1 + ledger/src/ui/src/bootloader.c | 4 +- ledger/src/ui/src/common_requirements.h | 36 +++ .../src/ui/src/signer_authorization_status.c | 1 - .../src/ui/src/{communication.c => ui_comm.c} | 14 +- .../src/ui/src/{communication.h => ui_comm.h} | 12 +- ledger/src/ui/src/ui_heartbeat.c | 5 +- .../src/ui/test/bootloader/test_bootloader.c | 8 +- .../test/communication/test_communication.c | 2 +- .../ui/test/ui_heartbeat/test_ui_heartbeat.c | 2 +- lint-c | 2 +- 68 files changed, 1460 insertions(+), 841 deletions(-) create mode 100644 ledger/src/hal/include/hal/communication.h create mode 100644 ledger/src/hal/include/hal/endorsement.h create mode 100644 ledger/src/hal/include/hal/exceptions.h create mode 100644 ledger/src/hal/include/hal/hash.h rename ledger/src/{signer/src/dbg.h => hal/include/hal/log.h} (82%) create mode 100644 ledger/src/hal/include/hal/nvmem.h create mode 100644 ledger/src/hal/include/hal/platform.h create mode 100644 ledger/src/hal/include/hal/seed.h rename ledger/src/{signer/src => hal/src/common}/sha256.c (100%) rename ledger/src/{signer/src => hal/src/common}/sha256.h (100%) rename ledger/src/{signer/src/hsm-ledger.c => hal/src/ledger/communication.c} (54%) create mode 100644 ledger/src/hal/src/ledger/endorsement.c create mode 100644 ledger/src/hal/src/ledger/hash.c rename ledger/src/{signer/src/hsm-ledger.h => hal/src/ledger/nvmem.c} (88%) create mode 100644 ledger/src/hal/src/ledger/platform.c rename ledger/src/{signer/src/sign.c => hal/src/ledger/seed.c} (64%) create mode 120000 ledger/src/hal/src/ledger/sha256.c create mode 120000 ledger/src/hal/src/ledger/sha256.h create mode 100644 ledger/src/signer/src/common_requirements.h delete mode 100644 ledger/src/signer/src/keccak256.c delete mode 100644 ledger/src/signer/src/keccak256.h delete mode 100644 ledger/src/signer/src/sign.h delete mode 120000 ledger/src/tcpsigner/communication.c delete mode 120000 ledger/src/tcpsigner/communication.h create mode 100644 ledger/src/ui/src/common_requirements.h rename ledger/src/ui/src/{communication.c => ui_comm.c} (90%) rename ledger/src/ui/src/{communication.h => ui_comm.h} (90%) diff --git a/ledger/src/common/src/apdu.h b/ledger/src/common/src/apdu.h index 80c7e15b..b2b42040 100644 --- a/ledger/src/common/src/apdu.h +++ b/ledger/src/common/src/apdu.h @@ -29,6 +29,8 @@ #ifndef __APDU_H #define __APDU_H +#include "common_requirements.h" + // CLA for the entire protocol #define CLA 0x80 @@ -40,25 +42,29 @@ #define CLAPOS 0 // APDU buffer getters -#define APDU_CLA() (G_io_apdu_buffer[CLAPOS]) -#define APDU_CMD() (G_io_apdu_buffer[CMDPOS]) -#define APDU_OP() (G_io_apdu_buffer[OP]) -#define APDU_TXLEN() (G_io_apdu_buffer[TXLEN]) -#define APDU_AT(pos) (G_io_apdu_buffer[pos]) +#define APDU_CLA() (communication_get_msg_buffer()[CLAPOS]) +#define APDU_CMD() (communication_get_msg_buffer()[CMDPOS]) +#define APDU_OP() (communication_get_msg_buffer()[OP]) +#define APDU_TXLEN() (communication_get_msg_buffer()[TXLEN]) +#define APDU_AT(pos) (communication_get_msg_buffer()[pos]) // APDU buffer setters -#define SET_APDU_CLA() (G_io_apdu_buffer[CLAPOS] = CLA) -#define SET_APDU_CMD(cmd) (G_io_apdu_buffer[CMDPOS] = (cmd)) -#define SET_APDU_OP(op) (G_io_apdu_buffer[OP] = (op)) -#define SET_APDU_TXLEN(len) (G_io_apdu_buffer[TXLEN] = (len)) -#define SET_APDU_AT(pos, value) (G_io_apdu_buffer[pos] = (value)) +#define SET_APDU_CLA() (communication_get_msg_buffer()[CLAPOS] = CLA) +#define SET_APDU_CMD(cmd) (communication_get_msg_buffer()[CMDPOS] = (cmd)) +#define SET_APDU_OP(op) (communication_get_msg_buffer()[OP] = (op)) +#define SET_APDU_TXLEN(len) (communication_get_msg_buffer()[TXLEN] = (len)) +#define SET_APDU_AT(pos, value) (communication_get_msg_buffer()[pos] = (value)) // Get pointer to payload within APDU buffer. // No args, so it can be treated like an array pointer. -#define APDU_DATA_PTR (G_io_apdu_buffer + DATA) +#define APDU_DATA_PTR (communication_get_msg_buffer() + DATA) +// Total size of APDU +#define APDU_TOTAL_SIZE (communication_get_msg_buffer_size()) +// Size of APDU elements +#define APDU_ELEMENT_SIZE (sizeof(communication_get_msg_buffer()[0])) // Total size of APDU data part -#define APDU_TOTAL_DATA_SIZE (sizeof(G_io_apdu_buffer) - DATA) +#define APDU_TOTAL_DATA_SIZE (communication_get_msg_buffer_size() - DATA) // Total size of APDU data part for outputting // (need to leave space for result code) #define APDU_RESULT_CODE_SIZE 2 diff --git a/ledger/src/common/src/memutil.h b/ledger/src/common/src/memutil.h index e480d730..890ff97c 100644 --- a/ledger/src/common/src/memutil.h +++ b/ledger/src/common/src/memutil.h @@ -26,9 +26,8 @@ #define __MEMUTIL_H #include -#include -#include "os.h" +#include "common_requirements.h" #define MEMMOVE_ZERO_OFFSET 0 @@ -54,7 +53,7 @@ __attribute__((always_inline)) static inline int safe_memmove( return false; } else { - os_memmove( + platform_memmove( (unsigned char *)dst + dst_off, (unsigned char *)src + src_off, n); return true; } diff --git a/ledger/src/common/src/runtime.h b/ledger/src/common/src/runtime.h index 45f6eeb6..0746bfba 100644 --- a/ledger/src/common/src/runtime.h +++ b/ledger/src/common/src/runtime.h @@ -25,10 +25,27 @@ #ifndef __RUNTIME_H #define __RUNTIME_H -#ifdef HSM_SIMULATOR +#if defined(HSM_PLATFORM_LEDGER) + +// We can't include any HAL headers here because +// the Ledger UI does not know anything about it +#include "os.h" + +#define NON_VOLATILE const + +#elif defined(HSM_PLATFORM_X86) + +#include "hal/platform.h" +#include "hal/exceptions.h" + +#include "ui_deps.h" + +#define PIC(x) (x) + #define NON_VOLATILE + #else -#define NON_VOLATILE const +#error "HSM Platform undefined" #endif #endif // __RUNTIME_H \ No newline at end of file diff --git a/ledger/src/hal/include/hal/communication.h b/ledger/src/hal/include/hal/communication.h new file mode 100644 index 00000000..5af34d65 --- /dev/null +++ b/ledger/src/hal/include/hal/communication.h @@ -0,0 +1,75 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#ifndef __HAL_COMMUNICATION_H +#define __HAL_COMMUNICATION_H + +#include +#include +#include + +/** + * @brief Initializes the communication module + * + * @param msg_buffer The buffer to use for communication + * @param msg_buffer_size The size of the message buffer in bytes + * + * @returns whether the initialisation succeeded + */ +bool communication_init(unsigned char* msg_buffer, size_t msg_buffer_size); + +/** + * @brief Get a pointer to the message buffer + * + * @returns a pointer to the message buffer + */ +unsigned char* communication_get_msg_buffer(); + +/** + * @brief Get the message buffer size + * + * @returns the message buffer size + */ +size_t communication_get_msg_buffer_size(); + +/** + * @brief Exchanges bytes with the host. This function blocks until the host + * sends a message. + * + * The message exchanges data with the host using the msg_buffer. If there are + * any bytes to transmit, they are transmitted first. After that the function + * blocks until a new message is received from the host. + * + * @param tx The number of bytes sent to the host + * + * @returns the number of bytes received from the host + */ +unsigned short communication_io_exchange(unsigned short tx); + +/** + * @brief Finalizes the communication module + */ +void communication_finalize(void); + +#endif // __HAL_COMMUNICATION_H diff --git a/ledger/src/hal/include/hal/endorsement.h b/ledger/src/hal/include/hal/endorsement.h new file mode 100644 index 00000000..bbb60a42 --- /dev/null +++ b/ledger/src/hal/include/hal/endorsement.h @@ -0,0 +1,72 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#ifndef __HAL_ENDORSEMENT_H +#define __HAL_ENDORSEMENT_H + +#include +#include +#include + +/** + * @brief Endorses the given message + * + * @param msg The message to attest + * @param msg_size The size of the message to attest + * @param signature_out Where the signature should be output + * @param signature_out_length [in/out] the length of the output buffer / + * length of the produced signature + * + * @returns whether endorsement succeeded + */ +bool endorsement_sign(uint8_t* msg, + size_t msg_size, + uint8_t* signature_out, + uint8_t* signature_out_length); + +/** + * @brief Grabs the hash of the currently running code + * + * @param code_hash_out Where the code hash should be output + * @param code_hash_out_length [in/out] the length of the output buffer / + * length of the produced code hash + * + * @returns whether code hash gathering succeeded + */ +bool endorsement_get_code_hash(uint8_t* code_hash_out, + uint8_t* code_hash_out_length); + +/** + * @brief Grabs the endorsement public key + * + * @param public_key_out Where the public key should be output + * @param public_key_out_length [in/out] the length of the output buffer / + * length of the produced public key + * + * @returns whether public key gathering succeeded + */ +bool endorsement_get_public_key(uint8_t* public_key_out, + uint8_t* public_key_out_length); + +#endif // __HAL_ENDORSEMENT_H \ No newline at end of file diff --git a/ledger/src/hal/include/hal/exceptions.h b/ledger/src/hal/include/hal/exceptions.h new file mode 100644 index 00000000..5b5fe8eb --- /dev/null +++ b/ledger/src/hal/include/hal/exceptions.h @@ -0,0 +1,219 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +/***************************************************************************** + * Ledger Nano S - Secure firmware + * (c) 2016, 2017 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + *****************************************************************************/ + +#ifndef __HAL_EXCEPTIONS_H +#define __HAL_EXCEPTIONS_H + +#if defined(HSM_PLATFORM_LEDGER) + +#include "os.h" // This includes the exception engine + +#elif defined(HSM_PLATFORM_X86) + +/** + * Modified try...catch exception implementation (taken from nanos-secure-sdk) + * (https://github.com/LedgerHQ/nanos-secure-sdk/blob/nanos-1314/include/os.h) + */ + +#include +#include + +/* ----------------------------------------------------------------------- */ +/* - TYPES - */ +/* ----------------------------------------------------------------------- */ + +// error type definition +typedef unsigned short exception_t; + +// convenience declaration +typedef struct try_context_s try_context_t; + +// structure to reduce the code size generated for the close try (on stm7) +struct try_context_s { + // current exception context + jmp_buf jmp_buf; + + // previous exception contexts (if null, then will fail the same way as + // before, segv, therefore don't mind chaining) + try_context_t* previous; + + // current exception if any + exception_t ex; +}; + +extern try_context_t* G_try_last_open_context; + +/* ----------------------------------------------------------------------- */ +/* - EXCEPTIONS - */ +/* ----------------------------------------------------------------------- */ + +// workaround to make sure defines are replaced by their value for example +#define CPP_CONCAT(x, y) CPP_CONCAT_x(x, y) +#define CPP_CONCAT_x(x, y) x##y + +// ----------------------------------------------------------------------- +// - BEGIN TRY +// ----------------------------------------------------------------------- + +#define BEGIN_TRY_L(L) \ + { \ + try_context_t __try##L; + +// ----------------------------------------------------------------------- +// - TRY +// ----------------------------------------------------------------------- +#define TRY_L(L) \ + __try \ + ##L.previous = G_try_last_open_context; \ + __try \ + ##L.ex = setjmp(__try##L.jmp_buf); \ + G_try_last_open_context = &__try##L; \ + if (__try##L.ex == 0) { +// ----------------------------------------------------------------------- +// - EXCEPTION CATCH +// ----------------------------------------------------------------------- +#define CATCH_L(L, x) \ + goto CPP_CONCAT(__FINALLY, L); \ + } \ + else if (__try##L.ex == x) { \ + G_try_last_open_context = __try##L.previous; + +// ----------------------------------------------------------------------- +// - EXCEPTION CATCH OTHER +// ----------------------------------------------------------------------- +#define CATCH_OTHER_L(L, e) \ + goto CPP_CONCAT(__FINALLY, L); \ + } \ + else { \ + exception_t e; \ + e = __try##L.ex; \ + __try \ + ##L.ex = 0; \ + G_try_last_open_context = __try##L.previous; + +// ----------------------------------------------------------------------- +// - EXCEPTION CATCH ALL +// ----------------------------------------------------------------------- +#define CATCH_ALL_L(L) \ + goto CPP_CONCAT(__FINALLY, L); \ + } \ + else { \ + __try \ + ##L.ex = 0; \ + G_try_last_open_context = __try##L.previous; + +// ----------------------------------------------------------------------- +// - FINALLY +// ----------------------------------------------------------------------- +#define FINALLY_L(L) \ + goto CPP_CONCAT(__FINALLY, L); \ + } \ + CPP_CONCAT(__FINALLY, L) : G_try_last_open_context = __try##L.previous; + +// ----------------------------------------------------------------------- +// - END TRY +// ----------------------------------------------------------------------- +#define END_TRY_L(L) \ + if (__try##L.ex != 0) { \ + THROW_L(L, __try##L.ex); \ + } \ + } + +// ----------------------------------------------------------------------- +// - CLOSE TRY +// ----------------------------------------------------------------------- +#define CLOSE_TRY_L(L) \ + G_try_last_open_context = G_try_last_open_context->previous + +// ----------------------------------------------------------------------- +// - EXCEPTION THROW +// ----------------------------------------------------------------------- +/* +#ifndef BOLOS_RELEASE + +void os_longjmp(jmp_buf b, unsigned int exception); +#define THROW_L(L, x) \ + os_longjmp(G_try_last_open_context->jmp_buf, x) + +#else +*/ +#define THROW_L(L, x) longjmp(G_try_last_open_context->jmp_buf, x) +/* +#endif // BOLOS_RELEASE +*/ + +// Default macros when nesting is not used. +#define THROW_OS(x) THROW_L(EX, x) +#define BEGIN_TRY BEGIN_TRY_L(EX) +#define TRY TRY_L(EX) +#define CATCH(x) CATCH_L(EX, x) +#define CATCH_OTHER(e) CATCH_OTHER_L(EX, e) +#define CATCH_ALL CATCH_ALL_L(EX) +#define FINALLY FINALLY_L(EX) +#define CLOSE_TRY CLOSE_TRY_L(EX) +#define END_TRY END_TRY_L(EX) + +#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION + +#include + +#define IGNORE_WHEN_FUZZING(e) \ + (e == MERKLE_PROOF_MISMATCH || e == CB_TXN_HASH_MISMATCH || \ + e == MM_HASH_MISMATCH || e == CHAIN_MISMATCH || \ + e == ANCESTOR_TIP_MISMATCH || \ + e == 0x6A94) // Validations in Merkle Proof. Not assigned a name. + +#define THROW(e) \ + { \ + if (!IGNORE_WHEN_FUZZING(e)) { \ + THROW_OS(e); \ + } \ + } + +#else + +#define THROW(e) THROW_OS(e) + +#endif + +#endif // HSM_PLATFORM_X86 + +#endif // __HAL_EXCEPTIONS_H diff --git a/ledger/src/hal/include/hal/hash.h b/ledger/src/hal/include/hal/hash.h new file mode 100644 index 00000000..d9074581 --- /dev/null +++ b/ledger/src/hal/include/hal/hash.h @@ -0,0 +1,177 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#ifndef __HAL_HASH_H +#define __HAL_HASH_H + +#include +#include +#include + +#define HASH_SIZE 32 + +// BEGINNING of platform-dependent code +#if defined(HSM_PLATFORM_LEDGER) + +#include "os.h" +#include "sha256.h" + +typedef cx_sha256_t hash_sha256_ctx_t; +typedef cx_sha3_t hash_keccak256_ctx_t; +typedef SHA256_CTX hash_sha256_ms_ctx_t; + +#elif defined(HSM_PLATFORM_X86) + +#include "sha256.h" +#include "keccak256.h" + +typedef SHA256_CTX hash_sha256_ctx_t; +typedef SHA3_CTX hash_keccak256_ctx_t; +typedef SHA256_CTX hash_sha256_ms_ctx_t; + +#else +#error "HSM Platform undefined" +#endif +// END of platform-dependent code + +// *** sha256 *** + +/** + * @brief Initialize a sha256 hash context + * + * @param[inout] ctx the context to initialize + * + * @returns whether the initialisation succeeded + */ +bool hash_sha256_init(hash_sha256_ctx_t* ctx); + +/** + * @brief Update a sha256 hash context with given data + * + * @param[inout] ctx the context to update + * @param[in] data pointer to message to hash + * @param[in] len length of message in bytes + * + * @returns whether the update succeeded + */ +bool hash_sha256_update(hash_sha256_ctx_t* ctx, + const uint8_t* data, + size_t len); + +/** + * @brief Compute the final sha256 hash for the given context + * + * @param[inout] ctx the context to finalise + * @param[out] out_hash The final hash obtained from the incremental hash + * + * @returns whether the finalisation succeeded + */ +bool hash_sha256_final(hash_sha256_ctx_t* ctx, uint8_t* out_hash); + +// *** sha256 with midstate support *** + +/** + * @brief Initialize a sha256 ms hash context + * + * @param[inout] ctx the context to initialize + * + * @returns whether the initialisation succeeded + */ +bool hash_sha256_ms_init(hash_sha256_ms_ctx_t* ctx); + +/** + * @brief Set sha256 ms hash context to the given mid state + * + * @details + * Mid state must be 52 bytes long: + * - midstate[0:8]: ignore + * - midstate[8:16]: counter, as a big-endian uint64_t + * - midstate[16:48]: current hash, as 8 big-endian uint32_t integers + * - midstate[48:52]: ignore + * + * @param[inout] ctx the context to set + * @param[in] midstate pointer to midstate buffer + * + * @returns whether the midstate succeeded + */ +bool hash_sha256_ms_midstate(hash_sha256_ms_ctx_t* ctx, uint8_t* midstate); + +/** + * @brief Update a sha256 ms hash context with given data + * + * @param[inout] ctx the context to update + * @param[in] data pointer to message to hash + * @param[in] len length of message in bytes + * + * @returns whether the update succeeded + */ +bool hash_sha256_ms_update(hash_sha256_ms_ctx_t* ctx, + const uint8_t* data, + size_t len); + +/** + * @brief Compute the final sha256 ms hash for the given context + * + * @param[inout] ctx the context to finalise + * @param[out] out_hash The final hash obtained from the incremental hash + * + * @returns whether the finalisation succeeded + */ +bool hash_sha256_ms_final(hash_sha256_ms_ctx_t* ctx, uint8_t* out_hash); + +// *** keccak256 *** + +/** + * @brief Initialize a keccak256 hash context + * + * @param[inout] ctx the context to initialize + * + * @returns whether the initialisation succeeded + */ +bool hash_keccak256_init(hash_keccak256_ctx_t* ctx); + +/** + * @brief Update a keccak256 hash context with given data + * + * @param[inout] ctx the context to update + * @param[in] data pointer to message to hash + * @param[in] len length of message in bytes + * + * @returns whether the update succeeded + */ +bool hash_keccak256_update(hash_keccak256_ctx_t* ctx, + const uint8_t* data, + size_t len); + +/** + * @brief Compute the final keccak256 hash for the given context + * + * @param[inout] ctx the context to finalise + * @param[out] out_hash The final hash obtained from the incremental hash + * + * @returns whether the finalisation succeeded + */ +bool hash_keccak256_final(hash_keccak256_ctx_t* ctx, uint8_t* out_hash); + +#endif // __HAL_HASH_H diff --git a/ledger/src/signer/src/dbg.h b/ledger/src/hal/include/hal/log.h similarity index 82% rename from ledger/src/signer/src/dbg.h rename to ledger/src/hal/include/hal/log.h index 4e73f45d..c970ca51 100644 --- a/ledger/src/signer/src/dbg.h +++ b/ledger/src/hal/include/hal/log.h @@ -22,10 +22,10 @@ * IN THE SOFTWARE. */ -#ifndef __DBG_H -#define __DBG_H +#ifndef __LOG_H +#define __LOG_H -#ifdef HSM_SIMULATOR +#if defined(HSM_PLATFORM_X86) #include #include @@ -33,7 +33,11 @@ #include "bigdigits.h" #include "srlp.h" -#define LOG(...) printf(__VA_ARGS__); +/** Set a prefix for all logs */ +void LOG_SET_PREFIX(char *prefix); + +/** Works just like printf */ +void LOG(const char *format, ...); /** Print buffer in hex format with prefix */ void LOG_HEX(const char *prefix, void *buffer, size_t size); @@ -44,20 +48,14 @@ void LOG_BIGD_HEX(const char *prefix, size_t len, const char *suffix); -/** Print N copies of a given char */ -void LOG_N_CHARS(const char c, unsigned int times); - -/** Print the given SRLP context (see srlp.h) */ -void LOG_SRLP_CTX(uint8_t v, rlp_ctx_t ctx[], uint8_t ptr); - -#else +#elif defined(HSM_PLATFORM_LEDGER) #define LOG(...) #define LOG_HEX(...) #define LOG_BIGD_HEX(...) -#define LOG_N_CHARS(...) -#define LOG_SRLP_CTX(...) +#else +#error "HSM Platform undefined" #endif -#endif // __DBG_H +#endif // __LOG_H diff --git a/ledger/src/hal/include/hal/nvmem.h b/ledger/src/hal/include/hal/nvmem.h new file mode 100644 index 00000000..383c7f37 --- /dev/null +++ b/ledger/src/hal/include/hal/nvmem.h @@ -0,0 +1,43 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#ifndef __HAL_NVMEM_H +#define __HAL_NVMEM_H + +#include +#include +#include + +/** + * @brief Write to non volatile memory + * + * @param dst The destination address in non volatile memory + * @param src The source address to write from + * @param length The amount of bytes to write + * + * @returns whether the write succeeded + */ +bool nvmem_write(void *dst, void *src, unsigned int length); + +#endif // __HAL_NVMEM_H \ No newline at end of file diff --git a/ledger/src/hal/include/hal/platform.h b/ledger/src/hal/include/hal/platform.h new file mode 100644 index 00000000..7c144072 --- /dev/null +++ b/ledger/src/hal/include/hal/platform.h @@ -0,0 +1,45 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#ifndef __HAL_PLATFORM_H +#define __HAL_PLATFORM_H + +#include +#include + +/** + * @brief Perform the platform-specific version of memmove + * + * @param dst destination buffer + * @param src source buffer + * @param length number of bytes to copy + */ +void platform_memmove(void *dst, const void *src, unsigned int length); + +/** + * @brief Request exiting/closing to the underlying platform + */ +void platform_request_exit(); + +#endif // __HAL_PLATFORM_H diff --git a/ledger/src/hal/include/hal/seed.h b/ledger/src/hal/include/hal/seed.h new file mode 100644 index 00000000..3af7c5f2 --- /dev/null +++ b/ledger/src/hal/include/hal/seed.h @@ -0,0 +1,76 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#ifndef __HAL_SEED_H +#define __HAL_SEED_H + +#include +#include + +#define SEED_PUBLIC_KEY_SIZE 65 + +/** + * @brief Returns whether there's a generated seed + * + * @returns whether there's a generated seed + */ +bool seed_available(); + +/** + * @brief Derives the main node using the given derivation path and + * computes and outputs its public key in uncompressed format + * + * @param path the BIP32 path to use for derivation + * @param path_length the BIP32 path length in parts (not bytes) + * @param pubkey_out where the public key should be output + * @param pubkey_out_length [in/out] the length of the output buffer / + * length of the produced public key + * + * @returns whether the derivation succeeded + */ +bool seed_derive_pubkey(uint32_t* path, + uint8_t path_length, + uint8_t* pubkey_out, + uint8_t* pubkey_out_length); + +/** + * @brief Signs the given hash with the private key obtained + * by deriving the main node using the given derivation path, and + * outputs the signature in DER format. + * + * @param path the BIP32 path to use for derivation + * @param hash32 the 32 byte hash to sign + * @param sig_out where the public key should be output + * @param sig_out_length [in/out] the length of the output buffer / + * length of the produced signature + * + * @returns whether the signing succeeded + */ +bool seed_sign(uint32_t* path, + uint8_t path_length, + uint8_t* hash32, + uint8_t* sig_out, + uint8_t* sig_out_length); + +#endif // __HAL_SEED_H diff --git a/ledger/src/signer/src/sha256.c b/ledger/src/hal/src/common/sha256.c similarity index 100% rename from ledger/src/signer/src/sha256.c rename to ledger/src/hal/src/common/sha256.c diff --git a/ledger/src/signer/src/sha256.h b/ledger/src/hal/src/common/sha256.h similarity index 100% rename from ledger/src/signer/src/sha256.h rename to ledger/src/hal/src/common/sha256.h diff --git a/ledger/src/signer/src/hsm-ledger.c b/ledger/src/hal/src/ledger/communication.c similarity index 54% rename from ledger/src/signer/src/hsm-ledger.c rename to ledger/src/hal/src/ledger/communication.c index 376052e4..2f12023a 100644 --- a/ledger/src/signer/src/hsm-ledger.c +++ b/ledger/src/hal/src/ledger/communication.c @@ -23,37 +23,27 @@ */ #include "os.h" -#include "hsm.h" -#include "err.h" +#include "hal/communication.h" -void hsm_ledger_main_loop() { - volatile unsigned int rx = 0; - volatile unsigned int tx = 0; +static unsigned char* msg_buffer; +static size_t msg_buffer_size; - // DESIGN NOTE: the bootloader ignores the way APDU are fetched. The only - // goal is to retrieve APDU. - // When APDU are to be fetched from multiple IOs, like NFC+USB+BLE, make - // sure the io_event is called with a - // switch event, before the apdu is replied to the bootloader. This avoid - // APDU injection faults. - while (!hsm_exit_requested()) { - BEGIN_TRY { - TRY { - // ensure no race in catch_other if io_exchange throws - // an error - rx = tx; - tx = 0; - rx = io_exchange(CHANNEL_APDU, rx); +// HAL implementation +bool communication_init(unsigned char* _msg_buffer, size_t _msg_buffer_size) { + // Setup the exchange buffer + msg_buffer = _msg_buffer; + msg_buffer_size = _msg_buffer_size; + return true; +} + +unsigned char* communication_get_msg_buffer() { + return msg_buffer; +} + +size_t communication_get_msg_buffer_size() { + return msg_buffer_size; +} - tx = hsm_process_apdu(rx); - THROW(0x9000); - } - CATCH_OTHER(e) { - tx = hsm_process_exception(e, tx); - } - FINALLY { - } - } - END_TRY; - } +unsigned short communication_io_exchange(unsigned short tx) { + return io_exchange(CHANNEL_APDU, tx); } diff --git a/ledger/src/hal/src/ledger/endorsement.c b/ledger/src/hal/src/ledger/endorsement.c new file mode 100644 index 00000000..cbc7a37d --- /dev/null +++ b/ledger/src/hal/src/ledger/endorsement.c @@ -0,0 +1,70 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#include "os.h" +#include "hal/endorsement.h" + +#define MAX_SIGNATURE_LENGTH 72 +#define MAX_CODE_HASH_LENGTH 32 +#define MAX_PUBLIC_KEY_LENGTH 65 + +// Index of the ledger endorsement scheme +#define ENDORSEMENT_SCHEME_INDEX 2 + +bool endorsement_sign(uint8_t* msg, + size_t msg_size, + uint8_t* signature_out, + uint8_t* signature_out_length) { + + if (*signature_out_length < MAX_SIGNATURE_LENGTH) { + return false; + } + + *signature_out_length = + os_endorsement_key2_derive_sign_data(msg, msg_size, signature_out); + + return true; +} + +bool endorsement_get_code_hash(uint8_t* code_hash_out, + uint8_t* code_hash_out_length) { + + if (*code_hash_out_length < MAX_CODE_HASH_LENGTH) { + return false; + } + + *code_hash_out_length = os_endorsement_get_code_hash(code_hash_out); + return true; +} + +bool endorsement_get_public_key(uint8_t* public_key_out, + uint8_t* public_key_out_length) { + if (*public_key_out_length < MAX_PUBLIC_KEY_LENGTH) { + return false; + } + + *public_key_out_length = + os_endorsement_get_public_key(ENDORSEMENT_SCHEME_INDEX, public_key_out); + return true; +} \ No newline at end of file diff --git a/ledger/src/hal/src/ledger/hash.c b/ledger/src/hal/src/ledger/hash.c new file mode 100644 index 00000000..0169015c --- /dev/null +++ b/ledger/src/hal/src/ledger/hash.c @@ -0,0 +1,86 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#include "hal/hash.h" +#include "sha256.h" +#include "os.h" + +// *** sha256 *** +bool hash_sha256_init(hash_sha256_ctx_t* ctx) { + cx_sha256_init(ctx); + return true; +} + +bool hash_sha256_update(hash_sha256_ctx_t* ctx, + const uint8_t* data, + size_t len) { + cx_hash((cx_hash_t*)(ctx), 0, (unsigned char*)data, len, NULL); + return true; +} + +bool hash_sha256_final(hash_sha256_ctx_t* ctx, uint8_t* out_hash) { + cx_hash((cx_hash_t*)(ctx), CX_LAST, NULL, 0, out_hash); + return true; +} + +// *** sha256 with midstate support *** +bool hash_sha256_ms_init(hash_sha256_ms_ctx_t* ctx) { + sha256_init(ctx); + return true; +} + +bool hash_sha256_ms_midstate(hash_sha256_ms_ctx_t* ctx, uint8_t* midstate) { + sha256_midstate(ctx, midstate); + return true; +} + +bool hash_sha256_ms_update(hash_sha256_ms_ctx_t* ctx, + const uint8_t* data, + size_t len) { + sha256_update(ctx, data, len); + return true; +} + +bool hash_sha256_ms_final(hash_sha256_ms_ctx_t* ctx, uint8_t* out_hash) { + sha256_final(ctx, out_hash); + return true; +} + +// *** keccak256 *** +bool hash_keccak256_init(hash_keccak256_ctx_t* ctx) { + cx_keccak_init(ctx, 256); + return true; +} + +bool hash_keccak256_update(hash_keccak256_ctx_t* ctx, + const uint8_t* data, + size_t len) { + cx_hash((cx_hash_t*)(ctx), 0, (unsigned char*)data, len, NULL); + return true; +} + +bool hash_keccak256_final(hash_keccak256_ctx_t* ctx, uint8_t* out_hash) { + cx_hash((cx_hash_t*)(ctx), CX_LAST, NULL, 0, out_hash); + return true; +} \ No newline at end of file diff --git a/ledger/src/signer/src/hsm-ledger.h b/ledger/src/hal/src/ledger/nvmem.c similarity index 88% rename from ledger/src/signer/src/hsm-ledger.h rename to ledger/src/hal/src/ledger/nvmem.c index 2079a4a7..f0c68904 100644 --- a/ledger/src/signer/src/hsm-ledger.h +++ b/ledger/src/hal/src/ledger/nvmem.c @@ -22,9 +22,10 @@ * IN THE SOFTWARE. */ -#ifndef __HSM_LEDGER_H -#define __HSM_LEDGER_H +#include "os.h" +#include "hal/nvmem.h" -void hsm_ledger_main_loop(); - -#endif // __HSM_LEDGER_H +bool nvmem_write(void *dst, void *src, unsigned int length) { + nvm_write(dst, src, length); + return true; +} diff --git a/ledger/src/hal/src/ledger/platform.c b/ledger/src/hal/src/ledger/platform.c new file mode 100644 index 00000000..ecea2a79 --- /dev/null +++ b/ledger/src/hal/src/ledger/platform.c @@ -0,0 +1,41 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#include "hal/platform.h" +#include "hal/exceptions.h" + +void platform_memmove(void *dst, const void *src, unsigned int length) { + os_memmove(dst, src, length); +} + +void platform_request_exit() { + BEGIN_TRY_L(exit) { + TRY_L(exit) { + os_sched_exit(-1); + } + FINALLY_L(exit) { + } + } + END_TRY_L(exit); +} \ No newline at end of file diff --git a/ledger/src/signer/src/sign.c b/ledger/src/hal/src/ledger/seed.c similarity index 64% rename from ledger/src/signer/src/sign.c rename to ledger/src/hal/src/ledger/seed.c index ea7cc82e..df87a24e 100644 --- a/ledger/src/signer/src/sign.c +++ b/ledger/src/hal/src/ledger/seed.c @@ -26,33 +26,25 @@ #include "os.h" #include "cx.h" +#include "hal/seed.h" -#include "sign.h" -#include "defs.h" -#include "memutil.h" +#define PRIVATE_KEY_LENGTH 32 +#define HASH_SIZE 32 +#define MAX_SIGNATURE_LENGTH 72 -/* - * Derive the public key for a given path. - * Store the public key into the given destination buffer. - * - * @arg[in] path derivation path - * @arg[in] path_length length of the derivation path - * @arg[in] dest destination buffer - * @arg[in] dest destination buffer size - * @ret size of the public key derived, - * or DO_PUBKEY_ERROR in case of error - */ -int do_pubkey(unsigned int* path, - unsigned char path_length, - unsigned char* dest, - size_t dest_size) { +bool seed_available() { + return os_perso_isonboarded() == 1; +} + +bool seed_derive_pubkey(uint32_t* path, + uint8_t path_length, + uint8_t* pubkey_out, + uint8_t* pubkey_out_length) { volatile unsigned char private_key_data[PRIVATE_KEY_LENGTH]; volatile cx_ecfp_private_key_t private_key; volatile cx_ecfp_public_key_t public_key; - volatile int pubkey_size; - BEGIN_TRY { TRY { // Derive and init private key @@ -74,16 +66,12 @@ int do_pubkey(unsigned int* path, 1); // Cleanup private key explicit_bzero((void*)&private_key, sizeof(private_key)); + if (*pubkey_out_length < public_key.W_len) + THROW(1); // Output the public key - pubkey_size = public_key.W_len; - SAFE_MEMMOVE(dest, - dest_size, - MEMMOVE_ZERO_OFFSET, - (void*)public_key.W, - public_key.W_len, - MEMMOVE_ZERO_OFFSET, - public_key.W_len, - { pubkey_size = DO_PUBKEY_ERROR; }) + *pubkey_out_length = public_key.W_len; + os_memmove( + (void*)pubkey_out, (const void*)public_key.W, public_key.W_len); // Cleanup public key explicit_bzero((void*)&public_key, sizeof(public_key)); } @@ -92,45 +80,28 @@ int do_pubkey(unsigned int* path, explicit_bzero((void*)private_key_data, sizeof(private_key_data)); explicit_bzero((void*)&private_key, sizeof(private_key)); explicit_bzero((void*)&public_key, sizeof(public_key)); - // Signal error deriving public key - pubkey_size = DO_PUBKEY_ERROR; + return false; } FINALLY { } } END_TRY; - // Return public key size - return pubkey_size; + + return true; } -/* - * Sign a message with a given path. - * Store the signature into the given destination buffer. - * - * @arg[in] path derivation path - * @arg[in] path_length length of the derivation path - * @arg[in] message message buffer - * @arg[in] message_size message size - * @arg[in] dest destination buffer - * @arg[in] dest destination buffer size - * @ret size of the signature produced, - * or DO_SIGN_ERROR in case of error - */ -int do_sign(unsigned int* path, - unsigned char path_length, - unsigned char* message, - size_t message_size, - unsigned char* dest, - size_t dest_size) { +bool seed_sign(uint32_t* path, + uint8_t path_length, + uint8_t* hash32, + uint8_t* sig_out, + uint8_t* sig_out_length) { volatile unsigned char private_key_data[PRIVATE_KEY_LENGTH]; volatile cx_ecfp_private_key_t private_key; - volatile int sig_size; - // Check the destination buffer won't be overflowed by the signature - if (dest_size < MAX_SIGNATURE_LENGTH) { - return DO_SIGN_ERROR; + if (*sig_out_length < MAX_SIGNATURE_LENGTH) { + return false; } BEGIN_TRY { @@ -147,12 +118,12 @@ int do_sign(unsigned int* path, (cx_ecfp_private_key_t*)&private_key); // Cleanup private key data explicit_bzero((void*)private_key_data, sizeof(private_key_data)); - sig_size = cx_ecdsa_sign((void*)&private_key, - CX_RND_RFC6979 | CX_LAST, - CX_SHA256, - message, - message_size, - dest); + *sig_out_length = (uint8_t)cx_ecdsa_sign((void*)&private_key, + CX_RND_RFC6979 | CX_LAST, + CX_SHA256, + hash32, + HASH_SIZE, + sig_out); // Cleanup private key explicit_bzero((void*)&private_key, sizeof(private_key)); } @@ -160,13 +131,12 @@ int do_sign(unsigned int* path, // Cleanup key data and fail explicit_bzero((void*)private_key_data, sizeof(private_key_data)); explicit_bzero((void*)&private_key, sizeof(private_key)); - // Signal error signing - sig_size = DO_SIGN_ERROR; + return false; } FINALLY { } } END_TRY; - // Return signature size - return sig_size; -} \ No newline at end of file + + return true; +} diff --git a/ledger/src/hal/src/ledger/sha256.c b/ledger/src/hal/src/ledger/sha256.c new file mode 120000 index 00000000..a21d1a59 --- /dev/null +++ b/ledger/src/hal/src/ledger/sha256.c @@ -0,0 +1 @@ +../common/sha256.c \ No newline at end of file diff --git a/ledger/src/hal/src/ledger/sha256.h b/ledger/src/hal/src/ledger/sha256.h new file mode 120000 index 00000000..65492ab2 --- /dev/null +++ b/ledger/src/hal/src/ledger/sha256.h @@ -0,0 +1 @@ +../common/sha256.h \ No newline at end of file diff --git a/ledger/src/signer/Makefile b/ledger/src/signer/Makefile index aff44a18..4fcbab34 100755 --- a/ledger/src/signer/Makefile +++ b/ledger/src/signer/Makefile @@ -44,13 +44,13 @@ include $(BOLOS_SDK)/Makefile.defines # Main app configuration APPNAME = "RSK Sign" -APPVERSION = 4 +APPVERSION = 5 # No flags APPFLAGS = 0x00 PROG = "app" # Build configuration -APP_SOURCE_PATH += src ../common/src +APP_SOURCE_PATH += src ../common/src ../hal/src/ledger SDK_SOURCE_PATH += lib_stusb lib_stusb_impl DEFINES += APPVERSION=\"$(APPVERSION)\" @@ -65,6 +65,7 @@ DEFINES += HAVE_IO_USB HAVE_L4_USBLIB IO_USB_MAX_ENDPOINTS=3 IO_HID_EP_LENGTH=64 CC := $(CLANGPATH)clang CFLAGS += -O0 -I$(GCC_INCLUDE) CFLAGS += -Werror +CFLAGS += -DHSM_PLATFORM_LEDGER # Convert min required difficulty to what the compiler expects ifneq ($(TARGET_DIFFICULTY),) @@ -128,3 +129,7 @@ delete: # Import generic rules from the SDK include $(BOLOS_SDK)/Makefile.rules + +# This is to prevent individual subdirectory inclusion by using the +# SDK provided APP_SOURCE_PATH variable +INCLUDES_PATH += ../hal/include diff --git a/ledger/src/signer/src/attestation.c b/ledger/src/signer/src/attestation.c index b91dbf41..9c9130c4 100644 --- a/ledger/src/signer/src/attestation.c +++ b/ledger/src/signer/src/attestation.c @@ -24,7 +24,11 @@ #include -#include "os.h" +#include "hal/seed.h" +#include "hal/endorsement.h" +#include "hal/platform.h" +#include "hal/exceptions.h" + #include "attestation.h" #include "apdu.h" #include "defs.h" @@ -43,58 +47,40 @@ const char att_msg_prefix[ATT_MSG_PREFIX_LENGTH] = ATT_MSG_PREFIX; static void hash_public_key(const char* path, size_t path_size, att_t* att_ctx) { - BEGIN_TRY { - TRY { - // Derive public key - - // Skip first byte of path when copying (path size byte) - SAFE_MEMMOVE(att_ctx->path, - sizeof(att_ctx->path), - MEMMOVE_ZERO_OFFSET, - (unsigned int*)path, - path_size, - 1, - sizeof(att_ctx->path), - THROW(ERR_ATT_INTERNAL)); - - // Derive and init private key - os_perso_derive_node_bip32(CX_CURVE_256K1, - att_ctx->path, - DERIVATION_PATH_PARTS, - att_ctx->priv_key_data, - NULL); - cx_ecdsa_init_private_key(CX_CURVE_256K1, - att_ctx->priv_key_data, - PRIVATE_KEY_LENGTH, - &att_ctx->priv_key); - // Cleanup private key data - explicit_bzero(att_ctx->priv_key_data, - sizeof(att_ctx->priv_key_data)); - // Derive public key - cx_ecfp_generate_pair( - CX_CURVE_256K1, &att_ctx->pub_key, &att_ctx->priv_key, 1); - // Cleanup private key - explicit_bzero(&att_ctx->priv_key, sizeof(att_ctx->priv_key)); - - // Hash - SHA256_UPDATE( - &att_ctx->hash_ctx, att_ctx->pub_key.W, att_ctx->pub_key.W_len); - - // Cleanup public key - explicit_bzero(&att_ctx->pub_key, sizeof(att_ctx->pub_key)); - } - CATCH_OTHER(e) { - // Cleanup key data and fail - explicit_bzero(att_ctx->priv_key_data, - sizeof(att_ctx->priv_key_data)); - explicit_bzero(&att_ctx->priv_key, sizeof(att_ctx->priv_key)); - explicit_bzero(&att_ctx->pub_key, sizeof(att_ctx->pub_key)); - THROW(ERR_ATT_INTERNAL); - } - FINALLY { - } + // Derive public key + + // Skip first byte of path when copying (path size byte) + SAFE_MEMMOVE(att_ctx->path, + sizeof(att_ctx->path), + MEMMOVE_ZERO_OFFSET, + (unsigned int*)path, + path_size, + 1, + sizeof(att_ctx->path), + { goto hash_public_key_error; }); + + att_ctx->pubkey_length = sizeof(att_ctx->pubkey); + if (!seed_derive_pubkey(att_ctx->path, + sizeof(att_ctx->path) / sizeof(att_ctx->path[0]), + att_ctx->pubkey, + &att_ctx->pubkey_length)) { + goto hash_public_key_error; } - END_TRY; + + // Hash + SHA256_UPDATE(&att_ctx->hash_ctx, att_ctx->pubkey, att_ctx->pubkey_length); + + // Cleanup public key + explicit_bzero(&att_ctx->pubkey, sizeof(att_ctx->pubkey)); + att_ctx->pubkey_length = 0; + + return; + +hash_public_key_error: + // Cleanup public key + explicit_bzero(&att_ctx->pubkey, sizeof(att_ctx->pubkey)); + att_ctx->pubkey_length = 0; + THROW(ERR_ATT_INTERNAL); } /* @@ -139,15 +125,19 @@ static unsigned int generate_message_to_sign(att_t* att_ctx) { */ unsigned int get_attestation(volatile unsigned int rx, att_t* att_ctx) { unsigned int message_size; + uint8_t code_hash_size; switch (APDU_OP()) { case OP_ATT_GET: - // Generate the message to sign + // Generate the message to attest message_size = generate_message_to_sign(att_ctx); - // Sign message - int endorsement_size = os_endorsement_key2_derive_sign_data( - att_ctx->msg, message_size, APDU_DATA_PTR); + // Attest message + uint8_t endorsement_size = APDU_TOTAL_DATA_SIZE_OUT; + if (!endorsement_sign( + att_ctx->msg, message_size, APDU_DATA_PTR, &endorsement_size)) { + THROW(ERR_ATT_INTERNAL); + } return TX_FOR_DATA_SIZE(endorsement_size); case OP_ATT_GET_MESSAGE: @@ -165,9 +155,14 @@ unsigned int get_attestation(volatile unsigned int rx, att_t* att_ctx) { return TX_FOR_DATA_SIZE(message_size); case OP_ATT_APP_HASH: - return TX_FOR_DATA_SIZE(os_endorsement_get_code_hash(APDU_DATA_PTR)); + code_hash_size = APDU_TOTAL_DATA_SIZE_OUT; + if (!endorsement_get_code_hash(APDU_DATA_PTR, &code_hash_size)) { + THROW(ERR_ATT_INTERNAL); + } + return TX_FOR_DATA_SIZE(code_hash_size); default: THROW(ERR_ATT_PROT_INVALID); break; } + return 0; } diff --git a/ledger/src/signer/src/auth.c b/ledger/src/signer/src/auth.c index c821bc97..54508bab 100644 --- a/ledger/src/signer/src/auth.c +++ b/ledger/src/signer/src/auth.c @@ -24,14 +24,15 @@ #include -#include "os.h" +#include "hal/platform.h" +#include "hal/exceptions.h" + #include "auth.h" #include "err.h" -#include "sign.h" #include "mem.h" #include "compiletime.h" -#include "dbg.h" +#include "hal/log.h" /* * Transition to the given state, performing corresponding @@ -59,6 +60,7 @@ void auth_transition_to(uint8_t state) { */ unsigned int auth_sign(volatile unsigned int rx) { unsigned int tx; + uint8_t sig_size; // Sanity check: tx hash size and // last auth signed tx hash size @@ -95,12 +97,15 @@ unsigned int auth_sign(volatile unsigned int rx) { if (auth.state != STATE_AUTH_SIGN) THROW(ERR_AUTH_INVALID_STATE); // Invalid state - tx = do_sign(auth.path, - DERIVATION_PATH_PARTS, - auth.sig_hash, - sizeof(auth.sig_hash), - APDU_DATA_PTR, - APDU_TOTAL_DATA_SIZE_OUT); + sig_size = APDU_TOTAL_DATA_SIZE_OUT; + if (!seed_sign(auth.path, + sizeof(auth.path) / sizeof(auth.path[0]), + auth.sig_hash, + APDU_DATA_PTR, + &sig_size)) { + THROW(ERR_INTERNAL); + } + tx = sig_size; // Save the BTC tx hash to NVM if this signature required authorization if (auth.auth_required) { @@ -122,11 +127,6 @@ unsigned int auth_sign(volatile unsigned int rx) { } } - // Error signing? - if (tx == DO_SIGN_ERROR) { - THROW(ERR_INTERNAL); - } - SET_APDU_OP(P1_SUCCESS); auth_transition_to(STATE_AUTH_START); return TX_FOR_DATA_SIZE(tx); diff --git a/ledger/src/signer/src/auth.h b/ledger/src/signer/src/auth.h index 644b465c..8a9b4ece 100644 --- a/ledger/src/signer/src/auth.h +++ b/ledger/src/signer/src/auth.h @@ -28,6 +28,8 @@ #include #include +#include "hal/seed.h" + #include "auth_path.h" #include "auth_tx.h" #include "auth_receipt.h" diff --git a/ledger/src/signer/src/auth_path.c b/ledger/src/signer/src/auth_path.c index a3a00f40..a0640a19 100644 --- a/ledger/src/signer/src/auth_path.c +++ b/ledger/src/signer/src/auth_path.c @@ -22,7 +22,8 @@ * IN THE SOFTWARE. */ -#include "os.h" +#include "hal/platform.h" +#include "hal/exceptions.h" #include "auth.h" #include "pathAuth.h" @@ -106,4 +107,5 @@ unsigned int auth_sign_handle_path(volatile unsigned int rx) { // If no path match, then bail out // signalling invalid path THROW(ERR_AUTH_INVALID_PATH); + return 0; } diff --git a/ledger/src/signer/src/auth_receipt.c b/ledger/src/signer/src/auth_receipt.c index 5baaa59b..48c0dc4c 100644 --- a/ledger/src/signer/src/auth_receipt.c +++ b/ledger/src/signer/src/auth_receipt.c @@ -24,7 +24,8 @@ #include -#include "os.h" +#include "hal/platform.h" +#include "hal/exceptions.h" #include "auth.h" #include "auth_constants.h" @@ -34,7 +35,7 @@ #include "flags.h" #include "util.h" -#include "dbg.h" +#include "hal/log.h" // ----------------------------------------------------------------------- // RLP parser callbacks @@ -238,7 +239,7 @@ unsigned int auth_sign_handle_receipt(volatile unsigned int rx) { if (!HAS_FLAG(auth.receipt.flags, IS_INIT)) { rlp_start(&callbacks); - keccak_init(&auth.receipt.hash_ctx); + hash_keccak256_init(&auth.receipt.hash_ctx); SET_FLAG(auth.receipt.flags, IS_INIT); } @@ -249,12 +250,13 @@ unsigned int auth_sign_handle_receipt(volatile unsigned int rx) { } auth.receipt.remaining_bytes -= APDU_DATA_SIZE(rx); - keccak_update(&auth.receipt.hash_ctx, APDU_DATA_PTR, APDU_DATA_SIZE(rx)); + hash_keccak256_update( + &auth.receipt.hash_ctx, APDU_DATA_PTR, APDU_DATA_SIZE(rx)); if (auth.receipt.remaining_bytes == 0) { if (HAS_FLAG(auth.receipt.flags, IS_MATCH)) { // Finalize the hash calculation - keccak_final(&auth.receipt.hash_ctx, auth.receipt_hash); + hash_keccak256_final(&auth.receipt.hash_ctx, auth.receipt_hash); // Log hash for debugging purposes LOG_HEX( diff --git a/ledger/src/signer/src/auth_receipt.h b/ledger/src/signer/src/auth_receipt.h index 8639f892..b978bac5 100644 --- a/ledger/src/signer/src/auth_receipt.h +++ b/ledger/src/signer/src/auth_receipt.h @@ -27,8 +27,9 @@ #include +#include "hal/hash.h" + #include "srlp.h" -#include "keccak256.h" #define RECEIPT_MAX_DEPTH (4) #define RECEIPT_MAX_BUFFER_SIZE (32) @@ -43,7 +44,7 @@ typedef struct { uint8_t aux[RECEIPT_MAX_BUFFER_SIZE]; uint8_t aux_offset; - SHA3_CTX hash_ctx; + hash_keccak256_ctx_t hash_ctx; } receipt_auth_ctx_t; /* diff --git a/ledger/src/signer/src/auth_trie.c b/ledger/src/signer/src/auth_trie.c index f188b4e0..0d247205 100644 --- a/ledger/src/signer/src/auth_trie.c +++ b/ledger/src/signer/src/auth_trie.c @@ -24,14 +24,16 @@ #include -#include "os.h" +#include "hal/hash.h" +#include "hal/platform.h" +#include "hal/exceptions.h" #include "auth.h" #include "mem.h" #include "memutil.h" #include "bc_state.h" -#include "dbg.h" +#include "hal/log.h" #define REQUEST_MORE_IF_NEED() \ { \ @@ -57,7 +59,7 @@ static void trie_cb(const trie_cb_event_t event) { // Update node hash - keccak_update( + hash_keccak256_update( &auth.trie.hash_ctx, auth.trie.ctx.raw, auth.trie.ctx.raw_size); switch (event) { @@ -141,12 +143,12 @@ static void trie_cb(const trie_cb_event_t event) { case TRIE_EV_LEFT_NODE_EMBEDDED_START: case TRIE_EV_RIGHT_NODE_EMBEDDED_START: FAIL_IF_LEAF(); - keccak_init(&auth.trie.aux_hash_ctx); + hash_keccak256_init(&auth.trie.aux_hash_ctx); break; case TRIE_EV_LEFT_NODE_EMBEDDED_DATA: case TRIE_EV_RIGHT_NODE_EMBEDDED_DATA: FAIL_IF_LEAF(); - keccak_update( + hash_keccak256_update( &auth.trie.aux_hash_ctx, auth.trie.ctx.raw, auth.trie.ctx.raw_size); break; case TRIE_EV_LEFT_NODE_END: @@ -156,7 +158,7 @@ static void trie_cb(const trie_cb_event_t event) { FAIL_IF_LEAF(); if (event == TRIE_EV_LEFT_NODE_EMBEDDED_END || event == TRIE_EV_RIGHT_NODE_EMBEDDED_END) - keccak_final(&auth.trie.aux_hash_ctx, auth.trie.child_hash); + hash_keccak256_final(&auth.trie.aux_hash_ctx, auth.trie.child_hash); if (!memcmp(auth.trie.node_hash, auth.trie.child_hash, sizeof(auth.trie.node_hash))) @@ -197,7 +199,7 @@ unsigned int auth_sign_handle_merkleproof(volatile unsigned int rx) { THROW(ERR_AUTH_INVALID_DATA_SIZE); } trie_init(&auth.trie.ctx, &trie_cb, APDU_DATA_PTR[apdu_offset++]); - keccak_init(&auth.trie.hash_ctx); + hash_keccak256_init(&auth.trie.hash_ctx); auth.trie.state = AUTH_TRIE_STATE_NODE; auth.trie.num_linked = 0; @@ -213,7 +215,7 @@ unsigned int auth_sign_handle_merkleproof(volatile unsigned int rx) { // Reusing an existing error code due to legacy protocol THROW(ERR_AUTH_RECEIPT_ROOT_MISMATCH); } else if (trie_result() == TRIE_ST_DONE) { - keccak_final(&auth.trie.hash_ctx, auth.trie.node_hash); + hash_keccak256_final(&auth.trie.hash_ctx, auth.trie.node_hash); LOG("MP@%u ", auth.trie.current_node); LOG_HEX( "hash: ", auth.trie.node_hash, sizeof(auth.trie.node_hash)); diff --git a/ledger/src/signer/src/auth_trie.h b/ledger/src/signer/src/auth_trie.h index 9c45d4ab..963d0b60 100644 --- a/ledger/src/signer/src/auth_trie.h +++ b/ledger/src/signer/src/auth_trie.h @@ -27,8 +27,9 @@ #include +#include "hal/hash.h" + #include "trie.h" -#include "keccak256.h" #include "defs.h" #define AUTH_TRIE_STATE_NODE_LENGTH (0) @@ -42,8 +43,8 @@ typedef struct { uint8_t state; trie_ctx_t ctx; - SHA3_CTX hash_ctx; - SHA3_CTX aux_hash_ctx; + hash_keccak256_ctx_t hash_ctx; + hash_keccak256_ctx_t aux_hash_ctx; uint8_t num_linked; uint8_t offset; diff --git a/ledger/src/signer/src/auth_tx.c b/ledger/src/signer/src/auth_tx.c index ceb3b073..666b50bc 100644 --- a/ledger/src/signer/src/auth_tx.c +++ b/ledger/src/signer/src/auth_tx.c @@ -22,14 +22,16 @@ * IN THE SOFTWARE. */ -#include "os.h" +#include "hal/hash.h" +#include "hal/platform.h" +#include "hal/exceptions.h" #include "auth.h" #include "svarint.h" #include "mem.h" #include "memutil.h" -#include "dbg.h" +#include "hal/log.h" // IMPORTANT: This callback only executes for the scriptSig at the desired input // (the one that is requested to sign) @@ -49,19 +51,20 @@ static void btcscript_cb(const btcscript_cb_event_t event) { svarint_encode(auth.tx.script_ctx.operand_size, redeemscript_length, sizeof(redeemscript_length)); - sha256_update(&auth.tx.sig_hash_ctx, - redeemscript_length, - redeemscript_length_size); + hash_sha256_update(&auth.tx.sig_hash_ctx, + redeemscript_length, + redeemscript_length_size); } else if (event == BTCSCRIPT_EV_OPERAND && auth.tx.redeemscript_found) { - sha256_update(&auth.tx.sig_hash_ctx, - &auth.tx.script_ctx.operand_byte, - sizeof(auth.tx.script_ctx.operand_byte)); + hash_sha256_update(&auth.tx.sig_hash_ctx, + &auth.tx.script_ctx.operand_byte, + sizeof(auth.tx.script_ctx.operand_byte)); } } static void btctx_cb(const btctx_cb_event_t event) { // Update txhash - sha256_update(&auth.tx.tx_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); + hash_sha256_update( + &auth.tx.tx_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); // The bridge currently only generates pegout transactions with // versions 1 or 2. Validate that. @@ -89,7 +92,7 @@ static void btctx_cb(const btctx_cb_event_t event) { } else { // All other scriptSigs get replaced by an empty scriptSig // when calculating the sigHash - sha256_update(&auth.tx.sig_hash_ctx, (uint8_t[]){0x00}, 1); + hash_sha256_update(&auth.tx.sig_hash_ctx, (uint8_t[]){0x00}, 1); } } else if (event == BTCTX_EV_VIN_SCRIPT_DATA && auth.tx.ctx.inout_current == auth.input_index_to_sign) { @@ -118,28 +121,29 @@ static void btctx_cb(const btctx_cb_event_t event) { } } } else if (event != BTCTX_EV_VIN_SCRIPT_DATA) { - sha256_update( + hash_sha256_update( &auth.tx.sig_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); } } static void btctx_cb_segwit(const btctx_cb_event_t event) { // Update txhash - sha256_update(&auth.tx.tx_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); + hash_sha256_update( + &auth.tx.tx_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); if (event == BTCTX_EV_VERSION) { - sha256_update( + hash_sha256_update( &auth.tx.sig_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); } if (event == BTCTX_EV_VIN_COUNT) { - sha256_init(&auth.tx.prevouts_hash_ctx); - sha256_init(&auth.tx.sequence_hash_ctx); + hash_sha256_init(&auth.tx.prevouts_hash_ctx); + hash_sha256_init(&auth.tx.sequence_hash_ctx); auth.tx.aux_offset = 0; } if (event == BTCTX_EV_VIN_TXH_DATA || event == BTCTX_EV_VIN_TXIX) { - sha256_update( + hash_sha256_update( &auth.tx.prevouts_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); if (auth.tx.ctx.inout_current == auth.input_index_to_sign) { @@ -156,7 +160,7 @@ static void btctx_cb_segwit(const btctx_cb_event_t event) { } if (event == BTCTX_EV_VIN_SEQNO) { - sha256_update( + hash_sha256_update( &auth.tx.sequence_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); if (auth.tx.ctx.inout_current == auth.input_index_to_sign) { @@ -172,45 +176,45 @@ static void btctx_cb_segwit(const btctx_cb_event_t event) { } if (event == BTCTX_EV_VOUT_COUNT) { - sha256_final(&auth.tx.prevouts_hash_ctx, auth.tx.aux_hash); - sha256_init(&auth.tx.prevouts_hash_ctx); - sha256_update(&auth.tx.prevouts_hash_ctx, - auth.tx.aux_hash, - sizeof(auth.tx.aux_hash)); - sha256_final(&auth.tx.prevouts_hash_ctx, auth.tx.aux_hash); - sha256_update( + hash_sha256_final(&auth.tx.prevouts_hash_ctx, auth.tx.aux_hash); + hash_sha256_init(&auth.tx.prevouts_hash_ctx); + hash_sha256_update(&auth.tx.prevouts_hash_ctx, + auth.tx.aux_hash, + sizeof(auth.tx.aux_hash)); + hash_sha256_final(&auth.tx.prevouts_hash_ctx, auth.tx.aux_hash); + hash_sha256_update( &auth.tx.sig_hash_ctx, auth.tx.aux_hash, sizeof(auth.tx.aux_hash)); - sha256_final(&auth.tx.sequence_hash_ctx, auth.tx.aux_hash); - sha256_init(&auth.tx.sequence_hash_ctx); - sha256_update(&auth.tx.sequence_hash_ctx, - auth.tx.aux_hash, - sizeof(auth.tx.aux_hash)); - sha256_final(&auth.tx.sequence_hash_ctx, auth.tx.aux_hash); - sha256_update( + hash_sha256_final(&auth.tx.sequence_hash_ctx, auth.tx.aux_hash); + hash_sha256_init(&auth.tx.sequence_hash_ctx); + hash_sha256_update(&auth.tx.sequence_hash_ctx, + auth.tx.aux_hash, + sizeof(auth.tx.aux_hash)); + hash_sha256_final(&auth.tx.sequence_hash_ctx, auth.tx.aux_hash); + hash_sha256_update( &auth.tx.sig_hash_ctx, auth.tx.aux_hash, sizeof(auth.tx.aux_hash)); // Previously saved outpoint of input to sign - sha256_update(&auth.tx.sig_hash_ctx, - auth.tx.ip_prevout, - sizeof(auth.tx.ip_prevout)); + hash_sha256_update(&auth.tx.sig_hash_ctx, + auth.tx.ip_prevout, + sizeof(auth.tx.ip_prevout)); - sha256_init(&auth.tx.outputs_hash_ctx); + hash_sha256_init(&auth.tx.outputs_hash_ctx); } if (event == BTCTX_EV_VOUT_VALUE || event == BTCTX_EV_VOUT_SLENGTH || event == BTCTX_EV_VOUT_SCRIPT_DATA) { - sha256_update( + hash_sha256_update( &auth.tx.outputs_hash_ctx, auth.tx.ctx.raw, auth.tx.ctx.raw_size); } if (event == BTCTX_EV_LOCKTIME) { - sha256_final(&auth.tx.outputs_hash_ctx, auth.tx.outputs_hash); - sha256_init(&auth.tx.outputs_hash_ctx); - sha256_update(&auth.tx.outputs_hash_ctx, - auth.tx.outputs_hash, - sizeof(auth.tx.outputs_hash)); - sha256_final(&auth.tx.outputs_hash_ctx, auth.tx.outputs_hash); + hash_sha256_final(&auth.tx.outputs_hash_ctx, auth.tx.outputs_hash); + hash_sha256_init(&auth.tx.outputs_hash_ctx); + hash_sha256_update(&auth.tx.outputs_hash_ctx, + auth.tx.outputs_hash, + sizeof(auth.tx.outputs_hash)); + hash_sha256_final(&auth.tx.outputs_hash_ctx, auth.tx.outputs_hash); SAFE_MEMMOVE(auth.tx.lock_time, sizeof(auth.tx.lock_time), @@ -251,8 +255,8 @@ unsigned int auth_sign_handle_btctx(volatile unsigned int rx) { auth.tx.remaining_bytes -= BTCTX_LENGTH_SIZE + SIGHASH_COMP_MODE_SIZE + EXTRADATA_SIZE; // Init both hash operations - sha256_init(&auth.tx.tx_hash_ctx); - sha256_init(&auth.tx.sig_hash_ctx); + hash_sha256_init(&auth.tx.tx_hash_ctx); + hash_sha256_init(&auth.tx.sig_hash_ctx); apdu_offset = BTCTX_LENGTH_SIZE; // Following three bytes indicate the sighash computation // mode (1 byte) and extradata size (2 bytes LE, for segwit) @@ -297,10 +301,10 @@ unsigned int auth_sign_handle_btctx(volatile unsigned int rx) { } // Finalize TX hash computation - sha256_final(&auth.tx.tx_hash_ctx, auth.tx_hash); - sha256_init(&auth.tx.tx_hash_ctx); - sha256_update(&auth.tx.tx_hash_ctx, auth.tx_hash, 32); - sha256_final(&auth.tx.tx_hash_ctx, auth.tx_hash); + hash_sha256_final(&auth.tx.tx_hash_ctx, auth.tx_hash); + hash_sha256_init(&auth.tx.tx_hash_ctx); + hash_sha256_update(&auth.tx.tx_hash_ctx, auth.tx_hash, 32); + hash_sha256_final(&auth.tx.tx_hash_ctx, auth.tx_hash); for (int j = 0; j < 16; j++) { uint8_t aux = auth.tx_hash[j]; auth.tx_hash[j] = auth.tx_hash[31 - j]; @@ -319,7 +323,8 @@ unsigned int auth_sign_handle_btctx(volatile unsigned int rx) { } } else { // Hash extradata - sha256_update(&auth.tx.sig_hash_ctx, APDU_DATA_PTR, APDU_DATA_SIZE(rx)); + hash_sha256_update( + &auth.tx.sig_hash_ctx, APDU_DATA_PTR, APDU_DATA_SIZE(rx)); auth.tx.remaining_bytes -= APDU_DATA_SIZE(rx); if (auth.tx.remaining_bytes == 0) { auth.tx.finalise = true; @@ -329,26 +334,26 @@ unsigned int auth_sign_handle_btctx(volatile unsigned int rx) { if (auth.tx.finalise) { if (auth.tx.sighash_computation_mode == SIGHASH_COMPUTE_MODE_SEGWIT) { // Remaining tx items to hash for segwit - sha256_update(&auth.tx.sig_hash_ctx, - auth.tx.ip_seqno, - sizeof(auth.tx.ip_seqno)); - sha256_update(&auth.tx.sig_hash_ctx, - auth.tx.outputs_hash, - sizeof(auth.tx.outputs_hash)); - sha256_update(&auth.tx.sig_hash_ctx, - auth.tx.lock_time, - sizeof(auth.tx.lock_time)); + hash_sha256_update(&auth.tx.sig_hash_ctx, + auth.tx.ip_seqno, + sizeof(auth.tx.ip_seqno)); + hash_sha256_update(&auth.tx.sig_hash_ctx, + auth.tx.outputs_hash, + sizeof(auth.tx.outputs_hash)); + hash_sha256_update(&auth.tx.sig_hash_ctx, + auth.tx.lock_time, + sizeof(auth.tx.lock_time)); } // Add SIGHASH_ALL hash type at the end - sha256_update(&auth.tx.sig_hash_ctx, - (uint8_t[])SIGHASH_ALL_BYTES, - sizeof(SIGHASH_ALL_SIZE)); - sha256_final(&auth.tx.sig_hash_ctx, auth.sig_hash); - - sha256_init(&auth.tx.sig_hash_ctx); - sha256_update(&auth.tx.sig_hash_ctx, auth.sig_hash, 32); - sha256_final(&auth.tx.sig_hash_ctx, auth.sig_hash); + hash_sha256_update(&auth.tx.sig_hash_ctx, + (uint8_t[])SIGHASH_ALL_BYTES, + sizeof(SIGHASH_ALL_SIZE)); + hash_sha256_final(&auth.tx.sig_hash_ctx, auth.sig_hash); + + hash_sha256_init(&auth.tx.sig_hash_ctx); + hash_sha256_update(&auth.tx.sig_hash_ctx, auth.sig_hash, 32); + hash_sha256_final(&auth.tx.sig_hash_ctx, auth.sig_hash); // Log hashes for debugging purposes LOG_HEX("TX hash: ", auth.tx_hash, sizeof(auth.tx_hash)); diff --git a/ledger/src/signer/src/auth_tx.h b/ledger/src/signer/src/auth_tx.h index 9766b9a8..dfd690a5 100644 --- a/ledger/src/signer/src/auth_tx.h +++ b/ledger/src/signer/src/auth_tx.h @@ -27,7 +27,8 @@ #include -#include "sha256.h" +#include "hal/hash.h" + #include "btctx.h" #include "btcscript.h" @@ -48,8 +49,8 @@ typedef struct { bool finalise; btctx_ctx_t ctx; btcscript_ctx_t script_ctx; - SHA256_CTX tx_hash_ctx; - SHA256_CTX sig_hash_ctx; + hash_sha256_ctx_t tx_hash_ctx; + hash_sha256_ctx_t sig_hash_ctx; uint8_t sighash_computation_mode; @@ -58,11 +59,11 @@ typedef struct { bool segwit_processing_extradata; uint16_t segwit_extradata_size; union { - SHA256_CTX prevouts_hash_ctx; - SHA256_CTX outputs_hash_ctx; + hash_sha256_ctx_t prevouts_hash_ctx; + hash_sha256_ctx_t outputs_hash_ctx; uint8_t lock_time[BTCTX_LOCKTIME_SIZE]; }; - SHA256_CTX sequence_hash_ctx; + hash_sha256_ctx_t sequence_hash_ctx; union { uint8_t aux_hash[BTCTX_HASH_SIZE]; uint8_t outputs_hash[BTCTX_HASH_SIZE]; diff --git a/ledger/src/signer/src/bc_advance.c b/ledger/src/signer/src/bc_advance.c index 5f975712..d95a61d3 100644 --- a/ledger/src/signer/src/bc_advance.c +++ b/ledger/src/signer/src/bc_advance.c @@ -24,10 +24,8 @@ #include -#include "os.h" - #include "bc.h" -#include "dbg.h" +#include "hal/log.h" #include "defs.h" #include "ints.h" #include "mem.h" @@ -55,15 +53,14 @@ // 0x000001d5, 0, 0, 0, 0, 0, 0 }; // Here we take it from an external definition (see Makefile for details) -#ifdef PARAM_MIN_REQUIRED_DIFFICULTY +#if defined(HSM_PLATFORM_LEDGER) && defined(PARAM_MIN_REQUIRED_DIFFICULTY) static const DIGIT_T MIN_REQUIRED_DIFFICULTY[BIGINT_LEN] = PARAM_MIN_REQUIRED_DIFFICULTY; +#elif defined(HSM_PLATFORM_X86) +DIGIT_T MIN_REQUIRED_DIFFICULTY[BIGINT_LEN]; #else -#ifndef HSM_SIMULATOR #error "Minimum required difficulty not defined!" #endif -DIGIT_T MIN_REQUIRED_DIFFICULTY[BIGINT_LEN]; -#endif // ----------------------------------------------------------------------- // Blockchain advance validation state @@ -192,15 +189,15 @@ static void compute_cb_txn_hash() { memset(block.wa_buf + CB_MIDSTATE_PREFIX + CB_MIDSTATE_DATA, 0, CB_MIDSTATE_SUFFIX); - sha256_init(&block.mid_ctx); - sha256_midstate(&block.mid_ctx, block.wa_buf); - sha256_update(&block.mid_ctx, - block.cb_txn + CB_MIDSTATE_DATA, - block.cb_off - CB_MIDSTATE_DATA); - sha256_final(&block.mid_ctx, block.wa_buf); - sha256_init(&block.mid_ctx); - sha256_update(&block.mid_ctx, block.wa_buf, HASH_SIZE); - sha256_final(&block.mid_ctx, block.wa_buf); + hash_sha256_ms_init(&block.mid_ctx); + hash_sha256_ms_midstate(&block.mid_ctx, block.wa_buf); + hash_sha256_ms_update(&block.mid_ctx, + block.cb_txn + CB_MIDSTATE_DATA, + block.cb_off - CB_MIDSTATE_DATA); + hash_sha256_ms_final(&block.mid_ctx, block.wa_buf); + hash_sha256_ms_init(&block.mid_ctx); + hash_sha256_ms_update(&block.mid_ctx, block.wa_buf, HASH_SIZE); + hash_sha256_ms_final(&block.mid_ctx, block.wa_buf); REV_HASH(block.wa_buf); } diff --git a/ledger/src/signer/src/bc_ancestor.c b/ledger/src/signer/src/bc_ancestor.c index db7d4d56..f5fbda44 100644 --- a/ledger/src/signer/src/bc_ancestor.c +++ b/ledger/src/signer/src/bc_ancestor.c @@ -24,10 +24,8 @@ #include -#include "os.h" - #include "bc.h" -#include "dbg.h" +#include "hal/log.h" #include "defs.h" #include "ints.h" #include "mem.h" diff --git a/ledger/src/signer/src/bc_block.h b/ledger/src/signer/src/bc_block.h index 3c1bc557..14d9db61 100644 --- a/ledger/src/signer/src/bc_block.h +++ b/ledger/src/signer/src/bc_block.h @@ -27,8 +27,9 @@ #include +#include "hal/hash.h" + #include "bigdigits.h" -#include "sha256.h" #include "bc.h" #include "bc_hash.h" @@ -73,8 +74,8 @@ typedef struct { }; union { - sha256_ctx_t ctx; // Global sha256 context - SHA256_CTX mid_ctx; // Sha256 supporting midstate + hash_sha256_ctx_t ctx; // Global sha256 context + hash_sha256_ms_ctx_t mid_ctx; // Sha256 supporting midstate }; union { diff --git a/ledger/src/signer/src/bc_diff.c b/ledger/src/signer/src/bc_diff.c index 3f3bb0b1..a765da17 100644 --- a/ledger/src/signer/src/bc_diff.c +++ b/ledger/src/signer/src/bc_diff.c @@ -25,7 +25,7 @@ #include #include "bc_diff.h" -#include "dbg.h" +#include "hal/log.h" #include "memutil.h" // Maximum difficulty for block difficulty capping (network dependent) @@ -33,7 +33,7 @@ static const DIGIT_T MAX_BLOCK_DIFFICULTY[BIGINT_LEN] = BCDIFF_MBD_TESTNET; #elif defined(REGTEST) static const DIGIT_T MAX_BLOCK_DIFFICULTY[BIGINT_LEN] = BCDIFF_MBD_REGTEST; -#elif defined(HSM_SIMULATOR) +#elif defined(HSM_PLATFORM_X86) DIGIT_T MAX_BLOCK_DIFFICULTY[BIGINT_LEN]; #else static const DIGIT_T MAX_BLOCK_DIFFICULTY[BIGINT_LEN] = BCDIFF_MBD_MAINNET; diff --git a/ledger/src/signer/src/bc_diff.h b/ledger/src/signer/src/bc_diff.h index 9fec7c38..e268f398 100644 --- a/ledger/src/signer/src/bc_diff.h +++ b/ledger/src/signer/src/bc_diff.h @@ -39,7 +39,7 @@ #define BCDIFF_MBD_REGTEST {0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; // 20 -#ifdef HSM_SIMULATOR +#ifdef HSM_PLATFORM_X86 extern DIGIT_T MAX_BLOCK_DIFFICULTY[BIGINT_LEN]; #endif diff --git a/ledger/src/signer/src/bc_err.c b/ledger/src/signer/src/bc_err.c index 6178d19a..37f38451 100644 --- a/ledger/src/signer/src/bc_err.c +++ b/ledger/src/signer/src/bc_err.c @@ -24,7 +24,7 @@ #include "bc_err.h" -#ifdef HSM_SIMULATOR +#ifdef HSM_PLATFORM_X86 #include diff --git a/ledger/src/signer/src/bc_err.h b/ledger/src/signer/src/bc_err.h index 4c0c3376..5b197986 100644 --- a/ledger/src/signer/src/bc_err.h +++ b/ledger/src/signer/src/bc_err.h @@ -25,6 +25,8 @@ #ifndef __BC_ERR_H #define __BC_ERR_H +#include "hal/exceptions.h" + // Error codes returned by blockchain protocols typedef enum { UNKNOWN = 0, diff --git a/ledger/src/signer/src/bc_hash.h b/ledger/src/signer/src/bc_hash.h index 413dcff9..2750dfcf 100644 --- a/ledger/src/signer/src/bc_hash.h +++ b/ledger/src/signer/src/bc_hash.h @@ -37,22 +37,20 @@ // - Ledger (the real thing): use BOLOS_SDK, version 1.3 // ----------------------------------------------------------------------- -#include "os.h" +#include -typedef cx_sha256_t sha256_ctx_t; -typedef cx_sha3_t keccak_ctx_t; +#include "hal/hash.h" -#define SHA256_INIT(ctx) cx_sha256_init(ctx) -#define SHA256_UPDATE(ctx, data, len) \ - cx_hash((cx_hash_t*)(ctx), 0, data, len, NULL) -#define SHA256_FINAL(ctx, hash) \ - cx_hash((cx_hash_t*)(ctx), CX_LAST, NULL, 0, hash) +typedef hash_sha256_ctx_t sha256_ctx_t; +typedef hash_keccak256_ctx_t keccak_ctx_t; -#define KECCAK_INIT(ctx) cx_keccak_init(ctx, 256) -#define KECCAK_UPDATE(ctx, data, len) \ - cx_hash((cx_hash_t*)(ctx), 0, (uint8_t*)data, len, NULL) -#define KECCAK_FINAL(ctx, hash) \ - cx_hash((cx_hash_t*)(ctx), CX_LAST, NULL, 0, hash) +#define SHA256_INIT(ctx) hash_sha256_init(ctx) +#define SHA256_UPDATE(ctx, data, len) hash_sha256_update(ctx, data, len) +#define SHA256_FINAL(ctx, hash) hash_sha256_final(ctx, hash) + +#define KECCAK_INIT(ctx) hash_keccak256_init(ctx) +#define KECCAK_UPDATE(ctx, data, len) hash_keccak256_update(ctx, data, len) +#define KECCAK_FINAL(ctx, hash) hash_keccak256_final(ctx, hash) // Convenience macros to deal with frequent hash ops #define HEQ(h0, h1) (memcmp(h0, h1, HASH_SIZE) == 0) diff --git a/ledger/src/signer/src/bc_nu.h b/ledger/src/signer/src/bc_nu.h index a2ad7dad..78d87343 100644 --- a/ledger/src/signer/src/bc_nu.h +++ b/ledger/src/signer/src/bc_nu.h @@ -71,7 +71,7 @@ typedef enum { #define SET_NETWORK_UPGRADE(bn, x) \ { *(x) = NU_IRIS; } #define GET_NETWORK_IDENTIFIER() NETID_REGTEST -#elif defined(HSM_SIMULATOR) +#elif defined(HSM_PLATFORM_X86) #include "hsmsim_nu.h" #define SET_NETWORK_UPGRADE(bn, x) hsmsim_set_network_upgrade(bn, x) #define GET_NETWORK_IDENTIFIER() hsmsim_get_network_identifier() diff --git a/ledger/src/signer/src/bc_state.c b/ledger/src/signer/src/bc_state.c index 106b385c..633a5857 100644 --- a/ledger/src/signer/src/bc_state.c +++ b/ledger/src/signer/src/bc_state.c @@ -28,7 +28,7 @@ #include "runtime.h" #include "defs.h" #include "err.h" -#include "dbg.h" +#include "hal/log.h" #include "nvm.h" #include "memutil.h" @@ -42,14 +42,13 @@ // ----------------------------------------------------------------------- // Here we take it from an external definition (see Makefile for details) -#ifdef PARAM_INITIAL_BLOCK_HASH +#if defined(HSM_PLATFORM_LEDGER) && defined(PARAM_INITIAL_BLOCK_HASH) static const uint8_t INITIAL_BLOCK_HASH[] = PARAM_INITIAL_BLOCK_HASH; +#elif defined(HSM_PLATFORM_X86) +uint8_t INITIAL_BLOCK_HASH[HASH_LENGTH]; #else -#ifndef HSM_SIMULATOR #error "Initial block hash not defined!" #endif -uint8_t INITIAL_BLOCK_HASH[HASH_LENGTH]; -#endif /* * Initialize blockchain state. @@ -238,6 +237,7 @@ unsigned int bc_get_state(volatile unsigned int rx) { } FAIL(PROT_INVALID); + return 0; } /* diff --git a/ledger/src/signer/src/bc_state.h b/ledger/src/signer/src/bc_state.h index 7165d993..0551af4c 100644 --- a/ledger/src/signer/src/bc_state.h +++ b/ledger/src/signer/src/bc_state.h @@ -32,7 +32,7 @@ #include #include -#include "os.h" +#include "hal/platform.h" #include "bigdigits.h" #include "nvm.h" diff --git a/ledger/src/signer/src/common_requirements.h b/ledger/src/signer/src/common_requirements.h new file mode 100644 index 00000000..13dd7e6f --- /dev/null +++ b/ledger/src/signer/src/common_requirements.h @@ -0,0 +1,31 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#ifndef __COMMON_REQUIREMENTS_H +#define __COMMON_REQUIREMENTS_H + +#include "hal/communication.h" +#include "hal/platform.h" + +#endif // __COMMON_REQUIREMENTS_H diff --git a/ledger/src/signer/src/heartbeat.c b/ledger/src/signer/src/heartbeat.c index 19ab4ad4..6e01605d 100644 --- a/ledger/src/signer/src/heartbeat.c +++ b/ledger/src/signer/src/heartbeat.c @@ -24,7 +24,10 @@ #include -#include "os.h" +#include "hal/endorsement.h" +#include "hal/platform.h" +#include "hal/exceptions.h" + #include "heartbeat.h" #include "apdu.h" #include "defs.h" @@ -75,6 +78,8 @@ unsigned int get_heartbeat(volatile unsigned int rx, COMPILE_TIME_ASSERT(MAX_HEARTBEAT_MESSAGE_SIZE <= APDU_TOTAL_DATA_SIZE_OUT); + uint8_t out_size; + switch (APDU_OP()) { case OP_HBT_UD_VALUE: // Should receive a user-defined value @@ -138,8 +143,13 @@ unsigned int get_heartbeat(volatile unsigned int rx, check_state(heartbeat_ctx, STATE_HEARTBEAT_READY); // Sign message - int endorsement_size = os_endorsement_key2_derive_sign_data( - heartbeat_ctx->msg, heartbeat_ctx->msg_offset, APDU_DATA_PTR); + uint8_t endorsement_size = APDU_TOTAL_DATA_SIZE_OUT; + if (!endorsement_sign(heartbeat_ctx->msg, + heartbeat_ctx->msg_offset, + APDU_DATA_PTR, + &endorsement_size)) { + THROW(ERR_HBT_INTERNAL); + } return TX_FOR_DATA_SIZE(endorsement_size); case OP_HBT_GET_MESSAGE: @@ -156,13 +166,21 @@ unsigned int get_heartbeat(volatile unsigned int rx, return TX_FOR_DATA_SIZE(heartbeat_ctx->msg_offset); case OP_HBT_APP_HASH: - return TX_FOR_DATA_SIZE(os_endorsement_get_code_hash(APDU_DATA_PTR)); + out_size = APDU_TOTAL_DATA_SIZE_OUT; + if (!endorsement_get_code_hash(APDU_DATA_PTR, &out_size)) { + THROW(ERR_HBT_INTERNAL); + } + return TX_FOR_DATA_SIZE(out_size); case OP_HBT_PUBKEY: - return TX_FOR_DATA_SIZE(os_endorsement_get_public_key( - ENDORSEMENT_SCHEME_INDEX, APDU_DATA_PTR)); + out_size = APDU_TOTAL_DATA_SIZE_OUT; + if (!endorsement_get_public_key(APDU_DATA_PTR, &out_size)) { + THROW(ERR_HBT_INTERNAL); + } + return TX_FOR_DATA_SIZE(out_size); default: reset_heartbeat(heartbeat_ctx); THROW(ERR_HBT_PROT_INVALID); break; } + return 0; } diff --git a/ledger/src/signer/src/heartbeat.h b/ledger/src/signer/src/heartbeat.h index ba8de8c9..4b68a1ee 100644 --- a/ledger/src/signer/src/heartbeat.h +++ b/ledger/src/signer/src/heartbeat.h @@ -55,9 +55,6 @@ typedef enum { // to include in the message #define LAST_SIGNED_TX_BYTES 8 // bytes -// Index of the endorsement scheme -#define ENDORSEMENT_SCHEME_INDEX 2 - // Maximum heartbeat message to sign size #define MAX_HEARTBEAT_MESSAGE_SIZE 80 diff --git a/ledger/src/signer/src/hsm.c b/ledger/src/signer/src/hsm.c index 4f47062c..f9d0e1eb 100644 --- a/ledger/src/signer/src/hsm.c +++ b/ledger/src/signer/src/hsm.c @@ -24,9 +24,12 @@ #include +#include "hal/communication.h" +#include "hal/seed.h" +#include "hal/platform.h" +#include "hal/exceptions.h" + #include "hsm.h" -#include "os.h" -#include "os_io_seproxyhal.h" #include "defs.h" #include "instructions.h" @@ -37,7 +40,6 @@ #include "pathAuth.h" #include "auth.h" -#include "sign.h" #include "bc_state.h" #include "bc_advance.h" @@ -46,12 +48,12 @@ #include "attestation.h" #include "heartbeat.h" -#include "dbg.h" +#include "hal/log.h" // Macro that throws an error unless // the device is onboarded -#define REQUIRE_ONBOARDED() \ - if (os_perso_isonboarded() != 1) \ +#define REQUIRE_ONBOARDED() \ + if (!seed_available()) \ THROW(ERR_DEVICE_NOT_ONBOARDED); // Operation being currently executed @@ -85,19 +87,13 @@ static void reset_if_starting(unsigned char cmd) { // Exit the application static void app_exit(void) { - BEGIN_TRY_L(exit) { - TRY_L(exit) { - os_sched_exit(-1); - _hsm_exit_requested = true; - } - FINALLY_L(exit) { - } - } - END_TRY_L(exit); + platform_request_exit(); + _hsm_exit_requested = true; } -unsigned int hsm_process_apdu(volatile unsigned int rx) { +static unsigned int hsm_process_apdu(volatile unsigned int rx) { unsigned int tx = 0; + uint8_t pubkey_length; // No apdu received if (rx == 0) { @@ -107,7 +103,8 @@ unsigned int hsm_process_apdu(volatile unsigned int rx) { // Zero out commonly read APDU buffer offsets, // to avoid reading uninitialized memory if (rx < MIN_APDU_BYTES) { - explicit_bzero(G_io_apdu_buffer + rx, MIN_APDU_BYTES - rx); + explicit_bzero(communication_get_msg_buffer() + rx, + MIN_APDU_BYTES - rx); } // Invalid CLA @@ -127,7 +124,7 @@ unsigned int hsm_process_apdu(volatile unsigned int rx) { case RSK_IS_ONBOARD: reset_if_starting(RSK_IS_ONBOARD); uint8_t output_index = CMDPOS; - SET_APDU_AT(output_index++, os_perso_isonboarded()); + SET_APDU_AT(output_index++, seed_available() ? 1 : 0); SET_APDU_AT(output_index++, VERSION_MAJOR); SET_APDU_AT(output_index++, VERSION_MINOR); SET_APDU_AT(output_index++, VERSION_PATCH); @@ -164,16 +161,17 @@ unsigned int hsm_process_apdu(volatile unsigned int rx) { MEMMOVE_ZERO_OFFSET, sizeof(auth.path), THROW(ERR_INVALID_PATH)); - tx = do_pubkey(auth.path, - DERIVATION_PATH_PARTS, - G_io_apdu_buffer, - sizeof(G_io_apdu_buffer)); - // Error deriving? - if (tx == DO_PUBKEY_ERROR) { + pubkey_length = communication_get_msg_buffer_size(); + if (!seed_derive_pubkey(auth.path, + sizeof(auth.path) / sizeof(auth.path[0]), + communication_get_msg_buffer(), + &pubkey_length)) { THROW(ERR_INTERNAL); } + tx = pubkey_length; + break; case INS_SIGN: @@ -253,7 +251,8 @@ unsigned int hsm_process_apdu(volatile unsigned int rx) { return tx; } -unsigned int hsm_process_exception(unsigned short code, unsigned int tx) { +static unsigned int hsm_process_exception(unsigned short code, + unsigned int tx) { unsigned short sw = 0; // Always reset the full state when an error occurs @@ -275,7 +274,7 @@ unsigned int hsm_process_exception(unsigned short code, unsigned int tx) { // Append resulting code to APDU // (check for a potential overflow first) - if (tx + 2 > sizeof(G_io_apdu_buffer)) { + if (tx + 2 > communication_get_msg_buffer_size()) { tx = 0; sw = 0x6983; } @@ -285,6 +284,10 @@ unsigned int hsm_process_exception(unsigned short code, unsigned int tx) { return tx; } +static bool hsm_exit_requested() { + return _hsm_exit_requested; +} + void hsm_init() { // Initialize current operation // (0 = no operation being executed) @@ -297,6 +300,34 @@ void hsm_init() { bc_init_state(); } -bool hsm_exit_requested() { - return _hsm_exit_requested; +void hsm_main_loop() { + volatile unsigned int rx = 0; + volatile unsigned int tx = 0; + + // DESIGN NOTE: the bootloader ignores the way APDU are fetched. The only + // goal is to retrieve APDU. + // When APDU are to be fetched from multiple IOs, like NFC+USB+BLE, make + // sure the io_event is called with a + // switch event, before the apdu is replied to the bootloader. This avoid + // APDU injection faults. + while (!hsm_exit_requested()) { + BEGIN_TRY { + TRY { + // ensure no race in catch_other if io_exchange throws + // an error + rx = tx; + tx = 0; + rx = communication_io_exchange(rx); + + tx = hsm_process_apdu(rx); + THROW(0x9000); + } + CATCH_OTHER(e) { + tx = hsm_process_exception(e, tx); + } + FINALLY { + } + } + END_TRY; + } } diff --git a/ledger/src/signer/src/hsm.h b/ledger/src/signer/src/hsm.h index 72a5bda2..be9a5048 100644 --- a/ledger/src/signer/src/hsm.h +++ b/ledger/src/signer/src/hsm.h @@ -29,10 +29,12 @@ void hsm_init(); -unsigned int hsm_process_apdu(volatile unsigned int rx); +void hsm_main_loop(); -unsigned int hsm_process_exception(unsigned short code, unsigned int tx); +// unsigned int hsm_process_apdu(volatile unsigned int rx); -bool hsm_exit_requested(); +// unsigned int hsm_process_exception(unsigned short code, unsigned int tx); + +// bool hsm_exit_requested(); #endif // __HSM_H diff --git a/ledger/src/signer/src/keccak256.c b/ledger/src/signer/src/keccak256.c deleted file mode 100644 index e5084372..00000000 --- a/ledger/src/signer/src/keccak256.c +++ /dev/null @@ -1,267 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -/** - * Third party library taken from: - * https://github.com/firefly/wallet/blob/29adeaf7029142063b7a6878e049efd4c6534982/source/libs/ethers/src/keccak256.c - */ - -/* sha3 - an implementation of Secure Hash Algorithm 3 (Keccak). - * based on the - * The Keccak SHA-3 submission. Submission to NIST (Round 3), 2011 - * by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche - * - * Copyright: 2013 Aleksey Kravchenko - * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the "Software"), - * to deal in the Software without restriction, including without limitation - * the rights to use, copy, modify, merge, publish, distribute, sublicense, - * and/or sell copies of the Software, and to permit persons to whom the - * Software is furnished to do so. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. Use this program at your own risk! - */ - -#include "keccak256.h" - -//#include - -#include -#include - -#define BLOCK_SIZE ((1600 - 256 * 2) / 8) - -#define I64(x) x##LL -#define ROTL64(qword, n) ((qword) << (n) ^ ((qword) >> (64 - (n)))) -#define le2me_64(x) (x) -#define IS_ALIGNED_64(p) (0 == (7 & ((const char*)(p) - (const char*)0))) -#define me64_to_le_str(to, from, length) memcpy((to), (from), (length)) - -/* constants */ - -//const uint8_t round_constant_info[] PROGMEM = { -//const uint8_t constants[] PROGMEM = { -const uint8_t constants[] = { - - 1, 26, 94, 112, 31, 33, 121, 85, 14, 12, 53, 38, 63, 79, 93, 83, 82, 72, 22, 102, 121, 88, 33, 116, -//}; - -//const uint8_t pi_transform[] PROGMEM = { - 1, 6, 9, 22, 14, 20, 2, 12, 13, 19, 23, 15, 4, 24, 21, 8, 16, 5, 3, 18, 17, 11, 7, 10, -//}; - -//const uint8_t rhoTransforms[] PROGMEM = { - 1, 62, 28, 27, 36, 44, 6, 55, 20, 3, 10, 43, 25, 39, 41, 45, 15, 21, 8, 18, 2, 61, 56, 14, -}; - -#define TYPE_ROUND_INFO 0 -#define TYPE_PI_TRANSFORM 24 -#define TYPE_RHO_TRANSFORM 48 - -uint8_t getConstant(uint8_t type, uint8_t index) { - return constants[type + index]; -} - -static uint64_t get_round_constant(uint8_t round) { - uint64_t result = 0; - - uint8_t roundInfo = getConstant(TYPE_ROUND_INFO, round); - if (roundInfo & (1 << 6)) { result |= ((uint64_t)1 << 63); } - if (roundInfo & (1 << 5)) { result |= ((uint64_t)1 << 31); } - if (roundInfo & (1 << 4)) { result |= ((uint64_t)1 << 15); } - if (roundInfo & (1 << 3)) { result |= ((uint64_t)1 << 7); } - if (roundInfo & (1 << 2)) { result |= ((uint64_t)1 << 3); } - if (roundInfo & (1 << 1)) { result |= ((uint64_t)1 << 1); } - if (roundInfo & (1 << 0)) { result |= ((uint64_t)1 << 0); } - - return result; -} - - -/* Initializing a sha3 context for given number of output bits */ -void keccak_init(SHA3_CTX *ctx) { - /* NB: The Keccak capacity parameter = bits * 2 */ - - memset(ctx, 0, sizeof(SHA3_CTX)); -} - -/* Keccak theta() transformation */ -static void keccak_theta(uint64_t *A) { - uint64_t C[5], D[5]; - - for (uint8_t i = 0; i < 5; i++) { - C[i] = A[i]; - for (uint8_t j = 5; j < 25; j += 5) { C[i] ^= A[i + j]; } - } - - for (uint8_t i = 0; i < 5; i++) { - D[i] = ROTL64(C[(i + 1) % 5], 1) ^ C[(i + 4) % 5]; - } - - for (uint8_t i = 0; i < 5; i++) { - //for (uint8_t j = 0; j < 25; j += 5) { - for (uint8_t j = 0; j < 25; j += 5) { A[i + j] ^= D[i]; } - } -} - - -/* Keccak pi() transformation */ -static void keccak_pi(uint64_t *A) { - uint64_t A1 = A[1]; - for (uint8_t i = 1; i < 24; i++) { - A[getConstant(TYPE_PI_TRANSFORM, i - 1)] = A[getConstant(TYPE_PI_TRANSFORM, i)]; - } - A[10] = A1; - /* note: A[ 0] is left as is */ -} - -/* -ketch uses 30084 bytes (93%) of program storage space. Maximum is 32256 bytes. -Global variables use 743 bytes (36%) of dynamic memory, leaving 1305 bytes for local variables. Maximum is 2048 bytes. - -*/ -/* Keccak chi() transformation */ -static void keccak_chi(uint64_t *A) { - for (uint8_t i = 0; i < 25; i += 5) { - uint64_t A0 = A[0 + i], A1 = A[1 + i]; - A[0 + i] ^= ~A1 & A[2 + i]; - A[1 + i] ^= ~A[2 + i] & A[3 + i]; - A[2 + i] ^= ~A[3 + i] & A[4 + i]; - A[3 + i] ^= ~A[4 + i] & A0; - A[4 + i] ^= ~A0 & A1; - } -} - - -static void sha3_permutation(uint64_t *state) { - for (uint8_t round = 0; round < 24; round++) { - keccak_theta(state); - - /* apply Keccak rho() transformation */ - for (uint8_t i = 1; i < 25; i++) { - state[i] = ROTL64(state[i], getConstant(TYPE_RHO_TRANSFORM, i - 1)); - } - - keccak_pi(state); - keccak_chi(state); - - /* apply iota(state, round) */ - *state ^= get_round_constant(round); - } -} - -/** - * The core transformation. Process the specified block of data. - * - * @param hash the algorithm state - * @param block the message block to process - * @param block_size the size of the processed block in bytes - */ -static void sha3_process_block(uint64_t hash[25], const uint64_t *block) { - for (uint8_t i = 0; i < 17; i++) { - hash[i] ^= le2me_64(block[i]); - } - - /* make a permutation of the hash */ - sha3_permutation(hash); -} - -//#define SHA3_FINALIZED 0x80000000 -//#define SHA3_FINALIZED 0x8000 - -/** - * Calculate message hash. - * Can be called repeatedly with chunks of the message to be hashed. - * - * @param ctx the algorithm context containing current hashing state - * @param msg message chunk - * @param size length of the message chunk - */ -void keccak_update(SHA3_CTX *ctx, const unsigned char *msg, uint16_t size) -{ - uint16_t idx = (uint16_t)ctx->rest; - - //if (ctx->rest & SHA3_FINALIZED) return; /* too late for additional input */ - ctx->rest = (unsigned)((ctx->rest + size) % BLOCK_SIZE); - - /* fill partial block */ - if (idx) { - uint16_t left = BLOCK_SIZE - idx; - memcpy((char*)ctx->message + idx, msg, (size < left ? size : left)); - if (size < left) return; - - /* process partial block */ - sha3_process_block(ctx->hash, ctx->message); - msg += left; - size -= left; - } - - while (size >= BLOCK_SIZE) { - uint64_t* aligned_message_block; - if (IS_ALIGNED_64(msg)) { - // the most common case is processing of an already aligned message without copying it - aligned_message_block = (uint64_t*)(void*)msg; - } else { - memcpy(ctx->message, msg, BLOCK_SIZE); - aligned_message_block = ctx->message; - } - - sha3_process_block(ctx->hash, aligned_message_block); - msg += BLOCK_SIZE; - size -= BLOCK_SIZE; - } - - if (size) { - memcpy(ctx->message, msg, size); /* save leftovers */ - } -} - -/** -* Store calculated hash into the given array. -* -* @param ctx the algorithm context containing current hashing state -* @param result calculated hash in binary form -*/ -void keccak_final(SHA3_CTX *ctx, unsigned char* result) -{ - uint16_t digest_length = 100 - BLOCK_SIZE / 2; - -// if (!(ctx->rest & SHA3_FINALIZED)) { - /* clear the rest of the data queue */ - memset((char*)ctx->message + ctx->rest, 0, BLOCK_SIZE - ctx->rest); - ((char*)ctx->message)[ctx->rest] |= 0x01; - ((char*)ctx->message)[BLOCK_SIZE - 1] |= 0x80; - - /* process final block */ - sha3_process_block(ctx->hash, ctx->message); -// ctx->rest = SHA3_FINALIZED; /* mark context as finalized */ -// } - - if (result) { - me64_to_le_str(result, ctx->hash, digest_length); - } -} diff --git a/ledger/src/signer/src/keccak256.h b/ledger/src/signer/src/keccak256.h deleted file mode 100644 index c2d15d7b..00000000 --- a/ledger/src/signer/src/keccak256.h +++ /dev/null @@ -1,81 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -/** - * Third party library taken from: - * https://github.com/firefly/wallet/blob/29adeaf7029142063b7a6878e049efd4c6534982/source/libs/ethers/src/keccak256.h - */ - -/* sha3 - an implementation of Secure Hash Algorithm 3 (Keccak). - * based on the - * The Keccak SHA-3 submission. Submission to NIST (Round 3), 2011 - * by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche - * - * Copyright: 2013 Aleksey Kravchenko - * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the "Software"), - * to deal in the Software without restriction, including without limitation - * the rights to use, copy, modify, merge, publish, distribute, sublicense, - * and/or sell copies of the Software, and to permit persons to whom the - * Software is furnished to do so. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. Use this program at your own risk! - */ - -#ifndef __KECCAK256_H_ -#define __KECCAK256_H_ - -#include - -#define sha3_max_permutation_size 25 -#define sha3_max_rate_in_qwords 24 - -typedef struct SHA3_CTX { - /* 1600 bits algorithm hashing state */ - uint64_t hash[sha3_max_permutation_size]; - /* 1536-bit buffer for leftovers */ - uint64_t message[sha3_max_rate_in_qwords]; - /* count of bytes in the message[] buffer */ - uint16_t rest; -} SHA3_CTX; - - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - - -void keccak_init(SHA3_CTX *ctx); -void keccak_update(SHA3_CTX *ctx, const unsigned char *msg, uint16_t size); -void keccak_final(SHA3_CTX *ctx, unsigned char* result); - - -#ifdef __cplusplus -} -#endif /* __cplusplus */ - -#endif /* __KECCAK256_H_ */ diff --git a/ledger/src/signer/src/main.c b/ledger/src/signer/src/main.c index 4599f973..7bdaebe8 100644 --- a/ledger/src/signer/src/main.c +++ b/ledger/src/signer/src/main.c @@ -43,7 +43,9 @@ #include "os_io_seproxyhal.h" #include "hsm.h" -#include "hsm-ledger.h" + +// HAL includes +#include "hal/communication.h" unsigned char G_io_seproxyhal_spi_buffer[IO_SEPROXYHAL_BUFFER_SIZE_B]; @@ -240,11 +242,17 @@ __attribute__((section(".boot"))) int main(int argc, char **argv) { // APDU buffer initialization os_memset(G_io_apdu_buffer, 0, sizeof(G_io_apdu_buffer)); + // HAL modules initialization + communication_init(G_io_apdu_buffer, sizeof(G_io_apdu_buffer)); + // HSM context initialization hsm_init(); // HSM main loop - hsm_ledger_main_loop(); + hsm_main_loop(); + + // HAL modules finalisation + // Nothing for now } CATCH_OTHER(e) { } diff --git a/ledger/src/signer/src/mem.h b/ledger/src/signer/src/mem.h index 97731a5d..99ebd045 100644 --- a/ledger/src/signer/src/mem.h +++ b/ledger/src/signer/src/mem.h @@ -25,6 +25,9 @@ #ifndef __MEM_H #define __MEM_H +#include "hal/seed.h" +#include "hal/hash.h" + #include "bc_block.h" #include "bc_state.h" #include "btctx.h" @@ -41,13 +44,12 @@ #define MAX_ATT_MESSAGE_SIZE 50 typedef struct att_s { - sha256_ctx_t hash_ctx; // Attestation public keys hashing context + hash_sha256_ctx_t hash_ctx; // Attestation public keys hashing context uint8_t msg[MAX_ATT_MESSAGE_SIZE]; // Attestation message unsigned int path[DERIVATION_PATH_PARTS]; - cx_ecfp_public_key_t pub_key; - cx_ecfp_private_key_t priv_key; - unsigned char priv_key_data[PRIVATE_KEY_LENGTH]; + uint8_t pubkey[SEED_PUBLIC_KEY_SIZE]; + uint8_t pubkey_length; } att_t; typedef union { diff --git a/ledger/src/signer/src/nvm.h b/ledger/src/signer/src/nvm.h index 88128753..d3d90788 100644 --- a/ledger/src/signer/src/nvm.h +++ b/ledger/src/signer/src/nvm.h @@ -25,12 +25,9 @@ #ifndef __NVM_H #define __NVM_H -// ----------------------------------------------------------------------- -// Portable non-volatile memory access. -// ----------------------------------------------------------------------- +#include "hal/nvmem.h" -#include "os.h" -#define NVM_RESET(dst, size) nvm_write((void*)(dst), NULL, size) -#define NVM_WRITE(dst, src, size) nvm_write((void*)(dst), (void*)(src), size) +#define NVM_RESET(dst, size) nvmem_write((void*)(dst), NULL, size) +#define NVM_WRITE(dst, src, size) nvmem_write((void*)(dst), (void*)(src), size) #endif // __NVM_H diff --git a/ledger/src/signer/src/sign.h b/ledger/src/signer/src/sign.h deleted file mode 100644 index 4968a36b..00000000 --- a/ledger/src/signer/src/sign.h +++ /dev/null @@ -1,67 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#ifndef __SIGN_H -#define __SIGN_H - -#define DO_SIGN_ERROR (0) -#define DO_PUBKEY_ERROR (0) - -/* - * Derive the public key for a given path. - * Store the public key into the given destination buffer. - * - * @arg[in] path derivation path - * @arg[in] path_length length of the derivation path - * @arg[in] dest destination buffer - * @arg[in] dest destination buffer size - * @ret size of the public key derived, - * or DO_PUBKEY_ERROR in case of error - */ -int do_pubkey(unsigned int* path, - unsigned char path_length, - unsigned char* dest, - size_t dest_size); - -/* - * Sign a message with a given path. - * Store the signature into the given destination buffer. - * - * @arg[in] path derivation path - * @arg[in] path_length length of the derivation path - * @arg[in] message message buffer - * @arg[in] message_size message size - * @arg[in] dest destination buffer - * @arg[in] dest destination buffer size - * @ret size of the signature produced, - * or DO_SIGN_ERROR in case of error - */ -int do_sign(unsigned int* path, - unsigned char path_length, - unsigned char* message, - size_t message_size, - unsigned char* dest, - size_t dest_size); - -#endif // __SIGN_H diff --git a/ledger/src/signer/src/srlp.c b/ledger/src/signer/src/srlp.c index b24b6549..b01cb638 100644 --- a/ledger/src/signer/src/srlp.c +++ b/ledger/src/signer/src/srlp.c @@ -26,11 +26,11 @@ #include #include -#include "srlp.h" - -#include "os.h" +#include "hal/platform.h" +#include "hal/log.h" -#include "dbg.h" +#include "srlp.h" +#include "runtime.h" // This code tinkers with function pointers referenced from // const data structures, so we need to use the PIC macro. @@ -181,6 +181,20 @@ void rlp_start(const rlp_callbacks_t* cbs) { } \ } +/** Print the given SRLP context (see srlp.h) */ +#ifdef DEBUG_SRLP +static void LOG_SRLP_CTX(uint8_t v, rlp_ctx_t ctx[], uint8_t ptr) { + LOG("'0x%02x' ; <%u> ; ", v, ptr); + for (int i = ptr; i >= 0; --i) { + rlp_ctx_t cur = ctx[i]; + LOG("{%d, %u, %u} ; ", cur.state, cur.size, cur.cursor); + } + LOG("{EOC}\n"); +} +#else +#define LOG_SRLP_CTX(...) +#endif + /* * Consume a chunk of bytes. * diff --git a/ledger/src/tcpsigner/communication.c b/ledger/src/tcpsigner/communication.c deleted file mode 120000 index c15649fd..00000000 --- a/ledger/src/tcpsigner/communication.c +++ /dev/null @@ -1 +0,0 @@ -../ui/src/communication.c \ No newline at end of file diff --git a/ledger/src/tcpsigner/communication.h b/ledger/src/tcpsigner/communication.h deleted file mode 120000 index b6a13099..00000000 --- a/ledger/src/tcpsigner/communication.h +++ /dev/null @@ -1 +0,0 @@ -../ui/src/communication.h \ No newline at end of file diff --git a/ledger/src/ui/Makefile b/ledger/src/ui/Makefile index e0da592a..081ccc1c 100755 --- a/ledger/src/ui/Makefile +++ b/ledger/src/ui/Makefile @@ -136,6 +136,7 @@ CFLAGS += -fdata-sections -ffunction-sections -funsigned-char -fshort-enums CFLAGS += -mno-unaligned-access CFLAGS += -Wno-unused-parameter -Wno-duplicate-decl-specifier CFLAGS += -Werror +CFLAGS += -DHSM_PLATFORM_LEDGER ifeq ($(DEBUG_BUILD),1) CFLAGS += -DDEBUG_BUILD=${DEBUG_BUILD} endif diff --git a/ledger/src/ui/src/bootloader.c b/ledger/src/ui/src/bootloader.c index 22666126..8001f323 100644 --- a/ledger/src/ui/src/bootloader.c +++ b/ledger/src/ui/src/bootloader.c @@ -30,7 +30,7 @@ #include "ui_instructions.h" #include "defs.h" #include "ui_err.h" -#include "communication.h" +#include "ui_comm.h" #include "unlock.h" // Attestation context shorthand @@ -206,7 +206,7 @@ void bootloader_main(bootloader_mode_t mode) { break; } CATCH_OTHER(e) { - tx = comm_process_exception(e, tx, &reset_state); + tx = ui_process_exception(e, tx, &reset_state); } FINALLY { } diff --git a/ledger/src/ui/src/common_requirements.h b/ledger/src/ui/src/common_requirements.h new file mode 100644 index 00000000..e0763cbf --- /dev/null +++ b/ledger/src/ui/src/common_requirements.h @@ -0,0 +1,36 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#ifndef __COMMON_REQUIREMENTS_H +#define __COMMON_REQUIREMENTS_H + +#include + +#include "os.h" + +#define communication_get_msg_buffer() (G_io_apdu_buffer) +#define communication_get_msg_buffer_size() (sizeof(G_io_apdu_buffer)) +#define platform_memmove(...) os_memmove(__VA_ARGS__) + +#endif // __COMMON_REQUIREMENTS_H diff --git a/ledger/src/ui/src/signer_authorization_status.c b/ledger/src/ui/src/signer_authorization_status.c index 8c9a9823..f7ce2b81 100644 --- a/ledger/src/ui/src/signer_authorization_status.c +++ b/ledger/src/ui/src/signer_authorization_status.c @@ -22,7 +22,6 @@ * IN THE SOFTWARE. */ -#include "os.h" #include "signer_authorization_status.h" #include "runtime.h" diff --git a/ledger/src/ui/src/communication.c b/ledger/src/ui/src/ui_comm.c similarity index 90% rename from ledger/src/ui/src/communication.c rename to ledger/src/ui/src/ui_comm.c index f385fa46..bb869a4e 100644 --- a/ledger/src/ui/src/communication.c +++ b/ledger/src/ui/src/ui_comm.c @@ -22,9 +22,9 @@ * IN THE SOFTWARE. */ -#include "os.h" +#include "runtime.h" #include "apdu.h" -#include "communication.h" +#include "ui_comm.h" #include "modes.h" /** @@ -88,13 +88,13 @@ unsigned int get_retries() { * @arg[in] comm_reset_cb callback to reset the state * @returns the resulting APDU buffer size */ -unsigned int comm_process_exception(unsigned short ex, - unsigned int tx, - comm_reset_cb_t comm_reset_cb) { +unsigned int ui_process_exception(unsigned short ex, + unsigned int tx, + comm_reset_cb_t comm_reset_cb) { unsigned short sw = 0; // Reset the state in case of an error - if (ex != APDU_OK || tx + 2 > sizeof(G_io_apdu_buffer)) { + if (ex != APDU_OK || tx + 2 > APDU_TOTAL_SIZE) { comm_reset_cb(); } @@ -110,7 +110,7 @@ unsigned int comm_process_exception(unsigned short ex, // Unexpected exception => report // (check for a potential overflow first) - if (tx + 2 > sizeof(G_io_apdu_buffer)) { + if (tx + 2 > APDU_TOTAL_SIZE) { tx = 0; sw = 0x6983; } diff --git a/ledger/src/ui/src/communication.h b/ledger/src/ui/src/ui_comm.h similarity index 90% rename from ledger/src/ui/src/communication.h rename to ledger/src/ui/src/ui_comm.h index 96d970e7..449044d8 100644 --- a/ledger/src/ui/src/communication.h +++ b/ledger/src/ui/src/ui_comm.h @@ -22,8 +22,8 @@ * IN THE SOFTWARE. */ -#ifndef __COMMUNICATION_H -#define __COMMUNICATION_H +#ifndef __UI_COMM_H +#define __UI_COMM_H #include @@ -79,8 +79,8 @@ unsigned int get_retries(); * @arg[in] comm_reset_cb callback to reset the state * @returns the resulting APDU buffer size */ -unsigned int comm_process_exception(unsigned short ex, - unsigned int tx, - comm_reset_cb_t comm_reset_cb); +unsigned int ui_process_exception(unsigned short ex, + unsigned int tx, + comm_reset_cb_t comm_reset_cb); -#endif // __COMMUNICATION_H +#endif // __UI_COMM_H diff --git a/ledger/src/ui/src/ui_heartbeat.c b/ledger/src/ui/src/ui_heartbeat.c index e9f7e7d8..28761e91 100644 --- a/ledger/src/ui/src/ui_heartbeat.c +++ b/ledger/src/ui/src/ui_heartbeat.c @@ -24,12 +24,13 @@ #include +#include "runtime.h" #include "ui_heartbeat.h" #include "apdu.h" #include "ui_instructions.h" #include "ints.h" #include "ui_err.h" -#include "communication.h" +#include "ui_comm.h" #include "memutil.h" #include "compiletime.h" #include "signer_authorization_status.h" @@ -253,7 +254,7 @@ void ui_heartbeat_main(ui_heartbeat_t *ui_heartbeat_ctx) { } CATCH_OTHER(e) { current_context = ui_heartbeat_ctx; - tx = comm_process_exception(e, tx, &reset_state); + tx = ui_process_exception(e, tx, &reset_state); } FINALLY { } diff --git a/ledger/src/ui/test/bootloader/test_bootloader.c b/ledger/src/ui/test/bootloader/test_bootloader.c index d8c99c9e..573eab9b 100644 --- a/ledger/src/ui/test/bootloader/test_bootloader.c +++ b/ledger/src/ui/test/bootloader/test_bootloader.c @@ -34,7 +34,7 @@ #include "modes.h" #include "ui_err.h" #include "bootloader_mock.h" -#include "communication.h" +#include "ui_comm.h" // Mock variables needed for bootloader module bolos_ux_context_t G_bolos_ux_context; @@ -176,9 +176,9 @@ unsigned short io_exchange(unsigned char channel, unsigned short tx_len) { return 0; } -unsigned int comm_process_exception(unsigned short ex, - unsigned int tx, - comm_reset_cb_t comm_reset_cb) { +unsigned int ui_process_exception(unsigned short ex, + unsigned int tx, + comm_reset_cb_t comm_reset_cb) { return 0; } diff --git a/ledger/src/ui/test/communication/test_communication.c b/ledger/src/ui/test/communication/test_communication.c index 663a6308..86df5b7d 100644 --- a/ledger/src/ui/test/communication/test_communication.c +++ b/ledger/src/ui/test/communication/test_communication.c @@ -30,7 +30,7 @@ #include "assert_utils.h" #include "defs.h" #include "mock.h" -#include "communication.h" +#include "ui_comm.h" static unsigned int G_retries; diff --git a/ledger/src/ui/test/ui_heartbeat/test_ui_heartbeat.c b/ledger/src/ui/test/ui_heartbeat/test_ui_heartbeat.c index 04256818..6b13f8e3 100644 --- a/ledger/src/ui/test/ui_heartbeat/test_ui_heartbeat.c +++ b/ledger/src/ui/test/ui_heartbeat/test_ui_heartbeat.c @@ -27,7 +27,7 @@ #include "bolos_ux.h" #include "ui_heartbeat.h" #include "signer_authorization.h" -#include "communication.h" +#include "ui_comm.h" #include "apdu_utils.h" #include "assert_utils.h" #include "ui_err.h" diff --git a/lint-c b/lint-c index 90d811da..b408f015 100755 --- a/lint-c +++ b/lint-c @@ -12,7 +12,7 @@ if [[ $1 == "exec" ]]; then fi SRC_DIR="ledger/src" - SEARCH_DIRS="$SRC_DIR/signer $SRC_DIR/ui $SRC_DIR/tcpsigner $SRC_DIR/common" + SEARCH_DIRS="$SRC_DIR/signer $SRC_DIR/ui $SRC_DIR/tcpsigner $SRC_DIR/common $SRC_DIR/hal" find $SEARCH_DIRS -name "*.[ch]" | \ egrep -v "(bigdigits|bigdtypes|keccak256)\.[ch]$" | \ From 37e9aac4a5c942414b38a3bf566b196c7f5a2a87 Mon Sep 17 00:00:00 2001 From: Ariel Mendelzon Date: Tue, 4 Jun 2024 04:08:44 +1200 Subject: [PATCH 2/5] Decoupling business layer from hardware layer in TCPSigner (#179) - Implementing HAL for x86 based on the existing TCPSigner implementation - Additional x86-only functions for HAL implementation - Updating TCPSigner implementation to use HAL - Added TCPSigner-specific UI dependencies to implement functions needed by UI only code - Factoring HAL constants into a constants file - New BIP32 parser for TCPSigner seed file - Ensuring Firmware tests pass both on Ledger Nano S and TCPSigner - Linting --- ledger/src/hal/include/hal/communication.h | 58 +++- .../src => hal/include/hal}/constants.h | 10 +- ledger/src/hal/include/hal/endorsement.h | 37 +- ledger/src/hal/include/hal/hash.h | 2 +- ledger/src/hal/include/hal/log.h | 25 +- ledger/src/hal/include/hal/nvmem.h | 22 ++ ledger/src/hal/include/hal/platform.h | 9 + ledger/src/hal/include/hal/seed.h | 50 ++- ledger/src/hal/src/ledger/endorsement.c | 9 +- ledger/src/hal/src/ledger/seed.c | 10 +- ledger/src/hal/src/x86/bip32.c | 111 ++++++ .../{tcpsigner/os.h => hal/src/x86/bip32.h} | 36 +- ledger/src/{tcpsigner => hal/src/x86}/cJSON.c | 0 ledger/src/{tcpsigner => hal/src/x86}/cJSON.h | 0 .../os_io.c => hal/src/x86/communication.c} | 324 ++++++++++++------ ledger/src/hal/src/x86/endorsement.c | 249 ++++++++++++++ .../src/x86/exceptions.c} | 6 +- .../src/x86/explicit_bzero.c} | 6 +- .../src/x86/explicit_bzero.h} | 6 +- ledger/src/hal/src/x86/hash.c | 86 +++++ .../{tcpsigner => hal/src/x86}/hex_reader.c | 0 .../{tcpsigner => hal/src/x86}/hex_reader.h | 0 .../{tcpsigner => hal/src/x86}/hmac_sha256.c | 0 .../{tcpsigner => hal/src/x86}/hmac_sha256.h | 0 ledger/src/{tcpsigner => hal/src/x86}/json.c | 4 +- ledger/src/{tcpsigner => hal/src/x86}/json.h | 4 +- ledger/src/hal/src/x86/keccak256.c | 267 +++++++++++++++ ledger/src/hal/src/x86/keccak256.h | 81 +++++ .../{tcpsigner/log.h => hal/src/x86/log.c} | 37 +- .../{tcpsigner/os.c => hal/src/x86/nvmem.c} | 32 +- .../src/x86/platform.c} | 15 +- .../hsmsim_random.c => hal/src/x86/random.c} | 7 +- .../hsmsim_random.h => hal/src/x86/random.h} | 7 +- ledger/src/hal/src/x86/seed.c | 267 +++++++++++++++ ledger/src/hal/src/x86/sha256.c | 1 + ledger/src/hal/src/x86/sha256.h | 1 + ledger/src/signer/src/auth.h | 2 +- ledger/src/signer/src/bc_err.c | 4 +- ledger/src/signer/src/bigdigits.c | 77 +++-- ledger/src/signer/src/bigdigits.h | 22 ++ ledger/src/signer/src/defs.h | 2 +- ledger/src/signer/src/hsm.c | 2 +- ledger/src/signer/src/mem.h | 5 +- ledger/src/tcpsigner/Makefile | 21 +- ledger/src/tcpsigner/cx.h | 23 -- ledger/src/tcpsigner/dbg.c | 95 ----- ledger/src/tcpsigner/hsmsim_admin.c | 96 +++--- ledger/src/tcpsigner/hsmsim_admin.h | 22 +- ledger/src/tcpsigner/hsmsim_attestation.c | 147 -------- ledger/src/tcpsigner/hsmsim_attestation.h | 49 --- ledger/src/tcpsigner/hsmsim_ecdsa.c | 157 --------- ledger/src/tcpsigner/hsmsim_ecdsa.h | 34 -- ledger/src/tcpsigner/hsmsim_exceptions.c | 23 -- ledger/src/tcpsigner/hsmsim_exceptions.h | 38 -- ledger/src/tcpsigner/log.c | 57 --- ledger/src/tcpsigner/os_ecdsa.c | 141 -------- ledger/src/tcpsigner/os_ecdsa.h | 86 ----- ledger/src/tcpsigner/os_exceptions.h | 211 ------------ ledger/src/tcpsigner/os_hash.c | 63 ---- ledger/src/tcpsigner/os_hash.h | 57 --- ledger/src/tcpsigner/os_io.h | 98 ------ ledger/src/tcpsigner/os_io_seproxyhal.h | 30 -- ledger/src/tcpsigner/tcp.c | 120 ------- ledger/src/tcpsigner/tcp.h | 37 -- ledger/src/tcpsigner/tcpsigner.c | 129 ++++--- ledger/src/tcpsigner/ui_comm.c | 1 + ledger/src/tcpsigner/ui_comm.h | 1 + .../tcpsigner/{os_attestation.c => ui_deps.c} | 53 ++- .../tcpsigner/{os_attestation.h => ui_deps.h} | 12 +- ledger/src/ui/src/attestation.h | 2 +- ledger/src/ui/src/constants.h | 1 + ledger/src/ui/src/defs.h | 2 +- ledger/src/ui/test/mock/os_exceptions.h | 1 - 73 files changed, 1811 insertions(+), 1889 deletions(-) rename ledger/src/{common/src => hal/include/hal}/constants.h (90%) create mode 100644 ledger/src/hal/src/x86/bip32.c rename ledger/src/{tcpsigner/os.h => hal/src/x86/bip32.h} (67%) rename ledger/src/{tcpsigner => hal/src/x86}/cJSON.c (100%) rename ledger/src/{tcpsigner => hal/src/x86}/cJSON.h (100%) rename ledger/src/{tcpsigner/os_io.c => hal/src/x86/communication.c} (50%) create mode 100644 ledger/src/hal/src/x86/endorsement.c rename ledger/src/{tcpsigner/os_exceptions.c => hal/src/x86/exceptions.c} (96%) rename ledger/src/{tcpsigner/hsmsim_explicit_bzero.c => hal/src/x86/explicit_bzero.c} (95%) rename ledger/src/{tcpsigner/hsmsim_explicit_bzero.h => hal/src/x86/explicit_bzero.h} (95%) create mode 100644 ledger/src/hal/src/x86/hash.c rename ledger/src/{tcpsigner => hal/src/x86}/hex_reader.c (100%) rename ledger/src/{tcpsigner => hal/src/x86}/hex_reader.h (100%) rename ledger/src/{tcpsigner => hal/src/x86}/hmac_sha256.c (100%) rename ledger/src/{tcpsigner => hal/src/x86}/hmac_sha256.h (100%) rename ledger/src/{tcpsigner => hal/src/x86}/json.c (95%) rename ledger/src/{tcpsigner => hal/src/x86}/json.h (92%) create mode 100644 ledger/src/hal/src/x86/keccak256.c create mode 100644 ledger/src/hal/src/x86/keccak256.h rename ledger/src/{tcpsigner/log.h => hal/src/x86/log.c} (68%) rename ledger/src/{tcpsigner/os.c => hal/src/x86/nvmem.c} (71%) rename ledger/src/{tcpsigner/os_io_seproxyhal.c => hal/src/x86/platform.c} (82%) rename ledger/src/{tcpsigner/hsmsim_random.c => hal/src/x86/random.c} (91%) rename ledger/src/{tcpsigner/hsmsim_random.h => hal/src/x86/random.h} (89%) create mode 100644 ledger/src/hal/src/x86/seed.c create mode 120000 ledger/src/hal/src/x86/sha256.c create mode 120000 ledger/src/hal/src/x86/sha256.h delete mode 100644 ledger/src/tcpsigner/cx.h delete mode 100644 ledger/src/tcpsigner/dbg.c delete mode 100644 ledger/src/tcpsigner/hsmsim_attestation.c delete mode 100644 ledger/src/tcpsigner/hsmsim_attestation.h delete mode 100644 ledger/src/tcpsigner/hsmsim_ecdsa.c delete mode 100644 ledger/src/tcpsigner/hsmsim_ecdsa.h delete mode 100644 ledger/src/tcpsigner/hsmsim_exceptions.c delete mode 100644 ledger/src/tcpsigner/hsmsim_exceptions.h delete mode 100644 ledger/src/tcpsigner/log.c delete mode 100644 ledger/src/tcpsigner/os_ecdsa.c delete mode 100644 ledger/src/tcpsigner/os_ecdsa.h delete mode 100644 ledger/src/tcpsigner/os_exceptions.h delete mode 100644 ledger/src/tcpsigner/os_hash.c delete mode 100644 ledger/src/tcpsigner/os_hash.h delete mode 100644 ledger/src/tcpsigner/os_io.h delete mode 100644 ledger/src/tcpsigner/os_io_seproxyhal.h delete mode 100644 ledger/src/tcpsigner/tcp.c delete mode 100644 ledger/src/tcpsigner/tcp.h create mode 120000 ledger/src/tcpsigner/ui_comm.c create mode 120000 ledger/src/tcpsigner/ui_comm.h rename ledger/src/tcpsigner/{os_attestation.c => ui_deps.c} (67%) rename ledger/src/tcpsigner/{os_attestation.h => ui_deps.h} (88%) create mode 120000 ledger/src/ui/src/constants.h delete mode 120000 ledger/src/ui/test/mock/os_exceptions.h diff --git a/ledger/src/hal/include/hal/communication.h b/ledger/src/hal/include/hal/communication.h index 5af34d65..cf1db3e8 100644 --- a/ledger/src/hal/include/hal/communication.h +++ b/ledger/src/hal/include/hal/communication.h @@ -37,14 +37,14 @@ * * @returns whether the initialisation succeeded */ -bool communication_init(unsigned char* msg_buffer, size_t msg_buffer_size); +bool communication_init(unsigned char *msg_buffer, size_t msg_buffer_size); /** * @brief Get a pointer to the message buffer * * @returns a pointer to the message buffer */ -unsigned char* communication_get_msg_buffer(); +unsigned char *communication_get_msg_buffer(); /** * @brief Get the message buffer size @@ -57,7 +57,7 @@ size_t communication_get_msg_buffer_size(); * @brief Exchanges bytes with the host. This function blocks until the host * sends a message. * - * The message exchanges data with the host using the msg_buffer. If there are + * The message exchanges data with the host using the msg_buffer. If there are * any bytes to transmit, they are transmitted first. After that the function * blocks until a new message is received from the host. * @@ -67,9 +67,57 @@ size_t communication_get_msg_buffer_size(); */ unsigned short communication_io_exchange(unsigned short tx); +// BEGINNING of platform-dependent code +#if defined(HSM_PLATFORM_X86) + +#include + +/** + * @brief For an external module processing + * APDU messages + * + * @param cb the external module processing callback + */ +typedef unsigned short (*communication_external_module_process_t)( + unsigned short tx); +void communication_set_external_module_process( + communication_external_module_process_t cb); + /** - * @brief Finalizes the communication module + * @brief Starts a TCP server at the given host and port and sets it as the + * channel on which communication_io_exchange will perform the IO operations + * Either this or communication_set_input_file must be called before + * using communication_io_exchange. + * + * @param port the port on which to listen for connections + * @param host the interface to bind to */ -void communication_finalize(void); +void communication_set_and_start_server(int port, const char *host); + +/** + * @brief Sets the input file from which communication_io_exchange + * will read the input. + * Either this or communication_set_server must be called before + * using communication_io_exchange. + * + * @param _input_file the input file that is used for I/O + */ +void communication_set_input_file(FILE *_input_file); + +/** + * @brief Sets the replica file to which communication_io_exchange will + * write the input. Setting this is optional. + * + * @param _replica_file the file to which to replicate the inputs + */ +void communication_set_replica_file(FILE *_replica_file); + +/** + * @brief Perform an empty message write on the IO channel + */ +void communication_reply(); + +#endif +// END of platform-dependent code #endif // __HAL_COMMUNICATION_H diff --git a/ledger/src/common/src/constants.h b/ledger/src/hal/include/hal/constants.h similarity index 90% rename from ledger/src/common/src/constants.h rename to ledger/src/hal/include/hal/constants.h index b8deb134..7ba79c11 100644 --- a/ledger/src/common/src/constants.h +++ b/ledger/src/hal/include/hal/constants.h @@ -22,16 +22,16 @@ * IN THE SOFTWARE. */ -#ifndef __CONSTANTS_H -#define __CONSTANTS_H +#ifndef __HAL_CONSTANTS_H +#define __HAL_CONSTANTS_H -// Sizes +// ECDSA related sizes #define HASH_LENGTH 32 #define SEED_LENGTH 32 #define PRIVATE_KEY_LENGTH 32 -#define DERIVATION_PATH_PARTS 5 #define PUBKEY_UNCMP_LENGTH 65 #define PUBKEY_CMP_LENGTH 33 #define MAX_SIGNATURE_LENGTH 72 +#define BIP32_PATH_NUMPARTS 5 -#endif // __CONSTANTS_H +#endif // __HAL_CONSTANTS_H diff --git a/ledger/src/hal/include/hal/endorsement.h b/ledger/src/hal/include/hal/endorsement.h index bbb60a42..489a8bf7 100644 --- a/ledger/src/hal/include/hal/endorsement.h +++ b/ledger/src/hal/include/hal/endorsement.h @@ -50,7 +50,7 @@ bool endorsement_sign(uint8_t* msg, * * @param code_hash_out Where the code hash should be output * @param code_hash_out_length [in/out] the length of the output buffer / - * length of the produced code hash + * length of the produced code hash * * @returns whether code hash gathering succeeded */ @@ -62,11 +62,44 @@ bool endorsement_get_code_hash(uint8_t* code_hash_out, * * @param public_key_out Where the public key should be output * @param public_key_out_length [in/out] the length of the output buffer / - * length of the produced public key + * length of the produced public key * * @returns whether public key gathering succeeded */ bool endorsement_get_public_key(uint8_t* public_key_out, uint8_t* public_key_out_length); +// BEGINNING of platform-dependent code +#if defined(HSM_PLATFORM_X86) + +#include "hal/constants.h" + +// An attestation ID (in lack of a better name) +// is simply a pair consisting of a secp256k1 private key +// representing the device attestation private key and +// a code hash representing the hash of the running +// application that is attestating. Together, they can +// be used to construct another secp256k1 private key +// which is the attestation private key used to sign the +// attestation messages. +typedef struct { + unsigned char key[PRIVATE_KEY_LENGTH]; + unsigned char code_hash[HASH_LENGTH]; +} attestation_id_t; + +extern attestation_id_t attestation_id; + +/** + * @brief Initializes the endorsement module + * + * @param att_file_path the path to the file that + * contains the attestation id + * + * @returns whether the initialisation succeeded + */ +bool endorsement_init(char* att_file_path); + +#endif +// END of platform-dependent code + #endif // __HAL_ENDORSEMENT_H \ No newline at end of file diff --git a/ledger/src/hal/include/hal/hash.h b/ledger/src/hal/include/hal/hash.h index d9074581..0514324a 100644 --- a/ledger/src/hal/include/hal/hash.h +++ b/ledger/src/hal/include/hal/hash.h @@ -29,7 +29,7 @@ #include #include -#define HASH_SIZE 32 +#include "hal/constants.h" // BEGINNING of platform-dependent code #if defined(HSM_PLATFORM_LEDGER) diff --git a/ledger/src/hal/include/hal/log.h b/ledger/src/hal/include/hal/log.h index c970ca51..88549759 100644 --- a/ledger/src/hal/include/hal/log.h +++ b/ledger/src/hal/include/hal/log.h @@ -30,29 +30,24 @@ #include #include -#include "bigdigits.h" -#include "srlp.h" - -/** Set a prefix for all logs */ -void LOG_SET_PREFIX(char *prefix); - -/** Works just like printf */ +/** + * @brief Works just like printf + */ void LOG(const char *format, ...); -/** Print buffer in hex format with prefix */ +/** + * @brief Print buffer in hex format with prefix + * + * @param prefix the log prefix (the general log prefix will be prepended too) + * @param buffer the buffer containing the bytes to output as hex chars + * @param size the size of buffer in bytes + */ void LOG_HEX(const char *prefix, void *buffer, size_t size); -/** Print big integer in hex format with optional prefix and suffix strings */ -void LOG_BIGD_HEX(const char *prefix, - const DIGIT_T *a, - size_t len, - const char *suffix); - #elif defined(HSM_PLATFORM_LEDGER) #define LOG(...) #define LOG_HEX(...) -#define LOG_BIGD_HEX(...) #else #error "HSM Platform undefined" diff --git a/ledger/src/hal/include/hal/nvmem.h b/ledger/src/hal/include/hal/nvmem.h index 383c7f37..f7c89701 100644 --- a/ledger/src/hal/include/hal/nvmem.h +++ b/ledger/src/hal/include/hal/nvmem.h @@ -40,4 +40,26 @@ */ bool nvmem_write(void *dst, void *src, unsigned int length); +// BEGINNING of platform-dependent code +#if defined(HSM_PLATFORM_X86) + +typedef struct nvmmem_stats_s { + unsigned int write_count; +} nvmmem_stats_t; + +/** + * @brief Resets the non volatile memory statistics + */ +void nvmem_stats_reset(); + +/** + * @brief Returns the current non volatile memory statistics + * + * @returns the statistics + */ +nvmmem_stats_t nvmem_get_stats(); + +#endif +// END of platform-dependent code + #endif // __HAL_NVMEM_H \ No newline at end of file diff --git a/ledger/src/hal/include/hal/platform.h b/ledger/src/hal/include/hal/platform.h index 7c144072..3b0af3ae 100644 --- a/ledger/src/hal/include/hal/platform.h +++ b/ledger/src/hal/include/hal/platform.h @@ -42,4 +42,13 @@ void platform_memmove(void *dst, const void *src, unsigned int length); */ void platform_request_exit(); +/** + * X86 specific headers + */ +#if defined(HSM_PLATFORM_X86) + +#include "explicit_bzero.h" + +#endif // HSM_PLATFORM_X86 + #endif // __HAL_PLATFORM_H diff --git a/ledger/src/hal/include/hal/seed.h b/ledger/src/hal/include/hal/seed.h index 3af7c5f2..022d79a4 100644 --- a/ledger/src/hal/include/hal/seed.h +++ b/ledger/src/hal/include/hal/seed.h @@ -25,11 +25,10 @@ #ifndef __HAL_SEED_H #define __HAL_SEED_H +#include #include #include -#define SEED_PUBLIC_KEY_SIZE 65 - /** * @brief Returns whether there's a generated seed * @@ -73,4 +72,51 @@ bool seed_sign(uint32_t* path, uint8_t* sig_out, uint8_t* sig_out_length); +// BEGINNING of platform-dependent code +#if defined(HSM_PLATFORM_X86) + +typedef struct seed_data_s { + bool is_onboarded; + +} seed_data_t; + +/** + * @brief Derive the public key corresponding to the given + * private key and output it in either compressed + * or uncompressed format + * + * @param key the private key + * @param dest the destination buffer for the derived public key + * @param compressed whether to output in compressed or uncompressed format + * + * @returns the size of the output public key in bytes + */ +uint8_t seed_derive_pubkey_format(const unsigned char* key, + unsigned char* dest, + bool compressed); + +/** + * @brief Mock the return value of the seed_available() function + * + * @param is_onboarded the mock value + */ +void seed_set_is_onboarded(bool is_onboarded); + +/** + * @brief Initializes the seed module + * + * @param key_file_path the path to the file that + * contains the private keys + * @param bip32_paths an array containing the bip32 path strings + * @param bip32_paths_count the number of bip32 paths + * + * @returns whether the initialisation succeeded + */ +bool seed_init(const char* key_file_path, + const char* bip32_paths[], + const size_t bip32_paths_count); + +#endif +// END of platform-dependent code + #endif // __HAL_SEED_H diff --git a/ledger/src/hal/src/ledger/endorsement.c b/ledger/src/hal/src/ledger/endorsement.c index cbc7a37d..dd6708e3 100644 --- a/ledger/src/hal/src/ledger/endorsement.c +++ b/ledger/src/hal/src/ledger/endorsement.c @@ -23,12 +23,9 @@ */ #include "os.h" +#include "hal/constants.h" #include "hal/endorsement.h" -#define MAX_SIGNATURE_LENGTH 72 -#define MAX_CODE_HASH_LENGTH 32 -#define MAX_PUBLIC_KEY_LENGTH 65 - // Index of the ledger endorsement scheme #define ENDORSEMENT_SCHEME_INDEX 2 @@ -50,7 +47,7 @@ bool endorsement_sign(uint8_t* msg, bool endorsement_get_code_hash(uint8_t* code_hash_out, uint8_t* code_hash_out_length) { - if (*code_hash_out_length < MAX_CODE_HASH_LENGTH) { + if (*code_hash_out_length < HASH_LENGTH) { return false; } @@ -60,7 +57,7 @@ bool endorsement_get_code_hash(uint8_t* code_hash_out, bool endorsement_get_public_key(uint8_t* public_key_out, uint8_t* public_key_out_length) { - if (*public_key_out_length < MAX_PUBLIC_KEY_LENGTH) { + if (*public_key_out_length < PUBKEY_UNCMP_LENGTH) { return false; } diff --git a/ledger/src/hal/src/ledger/seed.c b/ledger/src/hal/src/ledger/seed.c index df87a24e..392457a1 100644 --- a/ledger/src/hal/src/ledger/seed.c +++ b/ledger/src/hal/src/ledger/seed.c @@ -26,12 +26,9 @@ #include "os.h" #include "cx.h" +#include "hal/constants.h" #include "hal/seed.h" -#define PRIVATE_KEY_LENGTH 32 -#define HASH_SIZE 32 -#define MAX_SIGNATURE_LENGTH 72 - bool seed_available() { return os_perso_isonboarded() == 1; } @@ -66,8 +63,9 @@ bool seed_derive_pubkey(uint32_t* path, 1); // Cleanup private key explicit_bzero((void*)&private_key, sizeof(private_key)); - if (*pubkey_out_length < public_key.W_len) + if (*pubkey_out_length < public_key.W_len) { THROW(1); + } // Output the public key *pubkey_out_length = public_key.W_len; os_memmove( @@ -122,7 +120,7 @@ bool seed_sign(uint32_t* path, CX_RND_RFC6979 | CX_LAST, CX_SHA256, hash32, - HASH_SIZE, + HASH_LENGTH, sig_out); // Cleanup private key explicit_bzero((void*)&private_key, sizeof(private_key)); diff --git a/ledger/src/hal/src/x86/bip32.c b/ledger/src/hal/src/x86/bip32.c new file mode 100644 index 00000000..4e5f807f --- /dev/null +++ b/ledger/src/hal/src/x86/bip32.c @@ -0,0 +1,111 @@ +#include "bip32.h" +#include "hal/constants.h" +#include "hal/log.h" + +#include +#include +#include +#include + +#define BIP32_PREFIX "m/" +#define MIN_PATH_LENGTH (strlen("m/0/0/0/0/0")) +#define MAX_PART_DECIMAL_DIGITS 10 +#define EXPECTED_PARTS BIP32_PATH_NUMPARTS + +#ifdef DEBUG_BIP32 +#define DEBUG_LOG(...) LOG(__VA_ARGS__) +#else +#define DEBUG_LOG(...) +#endif + +size_t bip32_parse_path(const char* path, uint8_t* out) { + size_t pos, start, pathlen; + int parts; + int index; + bool number; + char indexstr[MAX_PART_DECIMAL_DIGITS + 1]; + uint32_t indexint; + + if (strlen(path) < MIN_PATH_LENGTH) { + DEBUG_LOG("BIP32 path too short: %s\n", path); + return 0; + } + + if (strncmp(path, BIP32_PREFIX, strlen(BIP32_PREFIX))) { + DEBUG_LOG("Bad prefix for path: %s\n", path); + return 0; + } + + parts = 0; + pathlen = strlen(path); + pos = strlen(BIP32_PREFIX); + start = pos; + index = 0; + number = true; + while (pos < pathlen) { + if (number && path[pos] >= '0' && path[pos] <= '9') { + pos++; + if (pos - start > MAX_PART_DECIMAL_DIGITS) { + DEBUG_LOG("Path part %d too long for path: %s\n", parts, path); + return 0; + } + } else if (number && path[pos] == '\'') { + number = false; + index = 0x80000000; + pos++; + } else if (path[pos] != '/') { + DEBUG_LOG( + "Unexpected path character: %c for path %s\n", path[pos], path); + return 0; + } + + if (pos == pathlen || path[pos] == '/') { + // Compute the index + memcpy(indexstr, path + start, pos - start); + indexstr[pos - start] = '\0'; + indexint = (uint32_t)atol(indexstr); + if (indexint >= 0x80000000) { + DEBUG_LOG("Path part %d needs to be between 0 and 2^31-1 for " + "path: %s\n", + parts, + path); + return 0; + } + index += indexint; + // Output the index in LE + for (int i = 0; i < sizeof(uint32_t); i++) { + out[1 + (parts * sizeof(uint32_t)) + i] = + (index >> (8 * i)) & 0xFF; + } + // Next! + parts++; + index = 0; + number = true; + start = ++pos; + if (parts == EXPECTED_PARTS) { + out[0] = (char)parts; + return 1 + parts * sizeof(uint32_t); + } + } + } + + DEBUG_LOG("Unexpected code path reached for path: %s\n", path); + return 0; +} + +// Testing: move somewhere else +// #include +// int main() { +// char* bip32path = "m/44'/137'/1'/0/0"; +// uint8_t path[100]; +// size_t pathlen = bip32_parse_path(bip32path, path); +// printf("BIP32: %s\n", bip32path); +// printf("Len: %lu\n", pathlen); +// printf("Path: "); +// for (int i = 0; i < pathlen; i++) { +// printf("%02X", path[i]); +// if (i==0 || i%4 == 0) printf(" "); +// } +// printf("\n"); +// return 0; +// } \ No newline at end of file diff --git a/ledger/src/tcpsigner/os.h b/ledger/src/hal/src/x86/bip32.h similarity index 67% rename from ledger/src/tcpsigner/os.h rename to ledger/src/hal/src/x86/bip32.h index 4aaba444..ec01d80a 100644 --- a/ledger/src/tcpsigner/os.h +++ b/ledger/src/hal/src/x86/bip32.h @@ -22,28 +22,26 @@ * IN THE SOFTWARE. */ -#ifndef __SIMULATOR_OS_H -#define __SIMULATOR_OS_H +#ifndef __HAL_BIP32_H +#define __HAL_BIP32_H -#include "os_hash.h" -#include "os_attestation.h" -#include "os_ecdsa.h" -#include "os_exceptions.h" -#include "os_io.h" +#include +#include -#include "hsmsim_explicit_bzero.h" +#include "hal/constants.h" + +#define BIP32_PATH_PART_LENGTH (sizeof(uint32_t)) +#define BIP32_PATH_LENGTH (1 + BIP32_PATH_NUMPARTS * BIP32_PATH_PART_LENGTH) /** - * Miscellaneous + * @brief Parse the given string representation of a bip32 path + * into binary format + * + * @param path the bip32 path as string + * @param out the destination buffer for the parsed path + * + * @returns the size of the parsed path in bytes */ -#define PIC(x) (x) - -void os_memmove(void *dst, const void *src, unsigned int length); - -unsigned int os_perso_isonboarded(); - -unsigned int os_global_pin_retries(); - -void nvm_write(void *dst_adr, void *src_adr, unsigned int src_len); +size_t bip32_parse_path(const char* path, uint8_t* out); -#endif // __SIMULATOR_OS_H +#endif // __HAL_BIP32_H diff --git a/ledger/src/tcpsigner/cJSON.c b/ledger/src/hal/src/x86/cJSON.c similarity index 100% rename from ledger/src/tcpsigner/cJSON.c rename to ledger/src/hal/src/x86/cJSON.c diff --git a/ledger/src/tcpsigner/cJSON.h b/ledger/src/hal/src/x86/cJSON.h similarity index 100% rename from ledger/src/tcpsigner/cJSON.h rename to ledger/src/hal/src/x86/cJSON.h diff --git a/ledger/src/tcpsigner/os_io.c b/ledger/src/hal/src/x86/communication.c similarity index 50% rename from ledger/src/tcpsigner/os_io.c rename to ledger/src/hal/src/x86/communication.c index aded6661..a477b4f9 100644 --- a/ledger/src/tcpsigner/os_io.c +++ b/ledger/src/hal/src/x86/communication.c @@ -22,26 +22,26 @@ * IN THE SOFTWARE. */ -#include #include -#include -#include -#include +#include +#include #include -#include #include +#include +#include +#include +#include +#include -#include "os_io.h" -#include "tcp.h" -#include "log.h" -#include "defs.h" -#include "hsmsim_admin.h" +#include "hal/communication.h" +#include "hal/log.h" #include "apdu.h" /** * APDU buffer */ -unsigned char G_io_apdu_buffer[IO_APDU_BUFFER_SIZE]; +#define IO_APDU_BUFFER_SIZE 85 +static unsigned char apdu_buffer[IO_APDU_BUFFER_SIZE]; #define MAX_FUZZ_TRANSFER IO_APDU_BUFFER_SIZE @@ -53,109 +53,151 @@ enum io_mode_e io_mode; */ int server; int socketfd; +struct sockaddr_in servaddr, cli; /** * For the file input mode */ -FILE *input_file; +static FILE *input_file; /** * Copy all input to this file, if set. */ -FILE *replica_file; +static FILE *replica_file; /** * For flushing in between mains */ static bool io_exchange_write_only; -/* - * Sets the server on which io_exchange will perform - * the IO operations - * (This *MUST* be set before using io_exchange) +/** + * For an external module processing + * APDU messages */ -void os_io_set_server(int svr) { - server = svr; - socketfd = 0; - io_mode = IO_MODE_SERVER; - io_exchange_write_only = false; -} +typedef unsigned short (*communication_external_module_process_t)( + unsigned short tx); +communication_external_module_process_t external_module_process_cb = NULL; -void os_io_set_input_file(FILE *_input_file) { - input_file = _input_file; - io_mode = IO_MODE_INPUT_FILE; +void communication_set_external_module_process( + communication_external_module_process_t cb) { + external_module_process_cb = cb; } -void os_io_set_replica_file(FILE *_replica_file) { - replica_file = _replica_file; -} +/** + * @brief Start server, return a socket on connection + * + * @arg[in] PORT tcp port + * @arg[in] HOST HOST string + * + * @returns socket file descriptor + */ +static int start_server(int port, const char *host) { + int sockfd; + struct hostent *hostinfo; + hostinfo = gethostbyname(host); -unsigned short io_exchange(unsigned char channel_and_flags, unsigned short tx) { - unsigned short rx; - switch (io_mode) { - case IO_MODE_SERVER: - rx = io_exchange_server(channel_and_flags, tx); - break; - case IO_MODE_INPUT_FILE: - rx = io_exchange_file(channel_and_flags, tx, input_file); - break; - default: - info("[TCPSigner] No IO Mode set! This is a bug."); + if (hostinfo == NULL) { + LOG("Host not found.\n"); exit(1); - break; } - if (replica_file != NULL) { - int written = replicate_to_file(replica_file, rx); - if (written != rx + 1) { - info("Error writting to output file %s\n", replica_file); - exit(-1); - } + // socket create and verification + sockfd = socket(AF_INET, SOCK_STREAM, 0); + if (sockfd == -1) { + LOG("Socket creation failed...\n"); + exit(1); } - // Process one APDU message using the admin module - // if need be (there shouldn't normally - // be many of these in a row, so the stack shouldn't overflow) - if (hsmsim_admin_need_process(rx)) { - tx = hsmsim_admin_process_apdu(rx); - return io_exchange(channel_and_flags, tx); + bzero(&servaddr, sizeof(servaddr)); + + if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &(int){1}, sizeof(int)) < + 0) { + LOG("Socket option setting failed failed\n"); + exit(1); } - return rx; + if (setsockopt(sockfd, SOL_TCP, TCP_NODELAY, &(int){1}, sizeof(int)) < 0) { + LOG("Socket option setting failed failed\n"); + exit(1); + } + + // Set address and port + servaddr.sin_family = AF_INET; + memcpy(&servaddr.sin_addr, hostinfo->h_addr_list[0], hostinfo->h_length); + servaddr.sin_port = htons(port); + + // Binding newly created socket to given IP and verification + if ((bind(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr))) != 0) { + LOG("Socket bind failed...\n"); + exit(1); + } + + // Now server is ready to listen and verification + if ((listen(sockfd, 5)) != 0) { + LOG("Listen failed...\n"); + exit(1); + } + + LOG("Server listening...\n"); + return sockfd; +} + +/** + * @brief Accept the data packet from client and verification + * + * @arg[in] sockfd server socket + * + * @returns connection file descriptor + */ +static int accept_connection(int sockfd) { + int len = sizeof(cli); + int connfd = accept(sockfd, (struct sockaddr *)&cli, &len); + if (connfd < 0) { + LOG("Client connection failed...\n"); + exit(1); + } + + LOG("Client connected...\n"); + return connfd; +} + +void communication_set_and_start_server(int port, const char *host) { + server = start_server(port, host); + socketfd = 0; + io_mode = IO_MODE_SERVER; + io_exchange_write_only = false; +} + +void communication_set_input_file(FILE *_input_file) { + input_file = _input_file; + io_mode = IO_MODE_INPUT_FILE; +} + +void communication_set_replica_file(FILE *_replica_file) { + replica_file = _replica_file; } /** * Perform an empty message * write on the IO channel */ -void io_exchange_reply() { +void communication_reply() { io_exchange_write_only = true; - G_io_apdu_buffer[0] = (APDU_OK & 0xff00) >> 8; - G_io_apdu_buffer[1] = APDU_OK & 0xff; - io_exchange(0, 2); + apdu_buffer[0] = (APDU_OK & 0xff00) >> 8; + apdu_buffer[1] = APDU_OK & 0xff; + communication_io_exchange(2); } /* * This function emulates USB device, writing bytes to tcpsocket instead - * @arg[in] channel_and_flags must be CHANNEL_APDU * @arg[in] tx amount of bytes to transmit to the client * @ret amount of bytes received from the client */ -unsigned short io_exchange_server(unsigned char channel_and_flags, - unsigned short tx) { +static unsigned short io_exchange_server(unsigned short tx) { uint32_t tx_net, rx_net; unsigned int rx; int readlen; - // "Test" correct value on channel and flags in every call - if (channel_and_flags != CHANNEL_APDU) { - info("Invalid channel and flags specified for io_exchange: %d " - "(expected %d). Terminating TCPSigner.\n", - channel_and_flags, - CHANNEL_APDU); - exit(1); - } - while (true) { if (!socketfd) { socketfd = accept_connection(server); @@ -171,17 +213,17 @@ unsigned short io_exchange_server(unsigned char channel_and_flags, tx_net = htonl(tx_net); size_t written; if (send(socketfd, &tx_net, sizeof(tx_net), MSG_NOSIGNAL) == -1) { - info("Connection closed by the client\n"); + LOG("Connection closed by the client\n"); socketfd = 0; continue; } // Write APDU - if (send(socketfd, G_io_apdu_buffer, tx, MSG_NOSIGNAL) == -1) { - info("Connection closed by the client\n"); + if (send(socketfd, apdu_buffer, tx, MSG_NOSIGNAL) == -1) { + LOG("Connection closed by the client\n"); socketfd = 0; continue; } - info_hex("Dongle =>", G_io_apdu_buffer, tx); + LOG_HEX("Dongle =>", apdu_buffer, tx); } // Only write? We're done @@ -198,52 +240,48 @@ unsigned short io_exchange_server(unsigned char channel_and_flags, rx = ntohl(rx_net); if (rx > 0) { // Read APDU from socket - readlen = - read(socketfd, G_io_apdu_buffer, sizeof(G_io_apdu_buffer)); + readlen = read(socketfd, apdu_buffer, sizeof(apdu_buffer)); if (readlen != rx) { - info("Error reading APDU (got %d bytes != %d bytes). " - "Disconnected\n", - readlen, - rx); + LOG("Error reading APDU (got %d bytes != %d bytes). " + "Disconnected\n", + readlen, + rx); socketfd = 0; continue; } - info_hex("Dongle <=", G_io_apdu_buffer, rx); + LOG_HEX("Dongle <=", apdu_buffer, rx); } else { // Empty packet - info("Dongle <= \n"); + LOG("Dongle <= \n"); } return rx; } else if (readlen == 0) { // EOF => socket closed - info("Connection closed by the client\n"); + LOG("Connection closed by the client\n"); } else if (readlen == -1) { // Error reading - info("Error reading from socket. Disconnected\n"); + LOG("Error reading from socket. Disconnected\n"); } else { // Invalid packet header - info("Error reading APDU length (got %d bytes != %ld bytes). " - "Disconnected\n", - readlen, - sizeof(rx_net)); + LOG("Error reading APDU length (got %d bytes != %ld bytes). " + "Disconnected\n", + readlen, + sizeof(rx_net)); } socketfd = 0; } } /* This function emulates the HOST device, reading bytes from a file instead - * @arg[in] channel_and_flags must be CHANNEL_APDU * @arg[in] tx_len amount of bytes to transmit to the client * @arg[in] inputfd the input file * @ret amount of bytes received from the client */ -unsigned short io_exchange_file(unsigned char channel_and_flags, - unsigned char tx, - FILE *input_file) { +static unsigned short io_exchange_file(unsigned char tx, FILE *input_file) { // File input format: |1 byte length| |len bytes data| static unsigned long file_index = 0; - info_hex("Dongle => ", G_io_apdu_buffer, tx); + LOG_HEX("Dongle => ", apdu_buffer, tx); // Only write? We're done if (io_exchange_write_only) { @@ -254,10 +292,10 @@ unsigned short io_exchange_file(unsigned char channel_and_flags, unsigned char announced_rx; if (fread(&announced_rx, sizeof(char), 1, input_file) != 1) { if (feof(input_file)) { - info("Server: EOF\n"); + LOG("Server: EOF\n"); exit(0); } - info("Server: could not read rx size\n"); + LOG("Server: could not read rx size\n"); exit(1); } @@ -269,26 +307,25 @@ unsigned short io_exchange_file(unsigned char channel_and_flags, capped_rx = MAX_FUZZ_TRANSFER; } - info("Server: reading %d (announced: %d) bytes at index: %d\n", - capped_rx, - announced_rx, - file_index); - unsigned short rx = - fread(G_io_apdu_buffer, sizeof(char), capped_rx, input_file); + LOG("Server: reading %d (announced: %d) bytes at index: %d\n", + capped_rx, + announced_rx, + file_index); + unsigned short rx = fread(apdu_buffer, sizeof(char), capped_rx, input_file); if (rx != capped_rx) { // if we reach EOF while reading the data portion it means // the announced size did not match the file if (feof(input_file)) { - info("Server: malformed input, tried reading %d bytes but reached " - "EOF after %d\n", - capped_rx, - rx); + LOG("Server: malformed input, tried reading %d bytes but reached " + "EOF after %d\n", + capped_rx, + rx); exit(1); } - info("Server: Could not read %d bytes (only: %d) from input file\n", - capped_rx, - rx); + LOG("Server: Could not read %d bytes (only: %d) from input file\n", + capped_rx, + rx); exit(1); } @@ -298,12 +335,12 @@ unsigned short io_exchange_file(unsigned char channel_and_flags, // interpreting data as the length. unsigned long index_offset = announced_rx + 1; if (file_index > (ULONG_MAX - index_offset)) { - info("Server: input file too big, can't store offset."); + LOG("Server: input file too big, can't store offset."); exit(1); } file_index += index_offset; - info_hex("Dongle <= ", G_io_apdu_buffer, rx); + LOG_HEX("Dongle <= ", apdu_buffer, rx); return capped_rx; } @@ -312,11 +349,11 @@ unsigned short io_exchange_file(unsigned char channel_and_flags, * @arg[in] rx Lenght of the command * @ret number of bytes written */ -unsigned int replicate_to_file(FILE *replica_file, unsigned short rx) { +static unsigned int replicate_to_file(FILE *replica_file, unsigned short rx) { unsigned char rx_byte = rx; - info_hex("Replica =>", G_io_apdu_buffer, rx_byte); + LOG_HEX("Replica =>", apdu_buffer, rx_byte); unsigned int written = fwrite(&rx_byte, sizeof(char), 1, replica_file); - written += fwrite(G_io_apdu_buffer, sizeof(char), rx_byte, replica_file); + written += fwrite(apdu_buffer, sizeof(char), rx_byte, replica_file); // XXX: This should not be necessary. We are correctly closing the file // at the end of the process. But for whatever reason, this does not seem @@ -325,3 +362,64 @@ unsigned int replicate_to_file(FILE *replica_file, unsigned short rx) { fflush(replica_file); return written; } + +/***** BEGIN HAL Communication module implementation *****/ + +/** + * @brief Initializes the communication module + * + * @param msg_buffer The buffer to use for communication + * @param msg_buffer_size The size of the message buffer in bytes + * + * @returns whether the initialisation succeeded + */ +bool communication_init(unsigned char *msg_buffer, size_t msg_buffer_size) { + // Nothing to do here +} + +unsigned char *communication_get_msg_buffer() { + return apdu_buffer; +} + +size_t communication_get_msg_buffer_size() { + return sizeof(apdu_buffer); +} + +unsigned short communication_io_exchange(unsigned short tx) { + unsigned short rx, tx_ex; + + switch (io_mode) { + case IO_MODE_SERVER: + rx = io_exchange_server(tx); + break; + case IO_MODE_INPUT_FILE: + rx = io_exchange_file(tx, input_file); + break; + default: + LOG("[TCPSigner] No IO Mode set! This is a bug."); + exit(1); + break; + } + + if (replica_file != NULL) { + int written = replicate_to_file(replica_file, rx); + if (written != rx + 1) { + LOG("Error writting to output file %s\n", replica_file); + exit(-1); + } + } + + // Process one APDU message using an external module callback + // (there should generally speaking be at most one of these in a row, + // so the stack shouldn't overflow) + if (external_module_process_cb) { + tx_ex = external_module_process_cb(rx); + if (tx_ex) { + return communication_io_exchange(tx_ex); + } + } + + return rx; +} + +/***** END HAL Communication module implementation *****/ diff --git a/ledger/src/hal/src/x86/endorsement.c b/ledger/src/hal/src/x86/endorsement.c new file mode 100644 index 00000000..a449e950 --- /dev/null +++ b/ledger/src/hal/src/x86/endorsement.c @@ -0,0 +1,249 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#include +#include +#include +#include + +#include "hal/constants.h" +#include "hal/endorsement.h" +#include "hal/seed.h" +#include "hal/exceptions.h" +#include "hal/log.h" + +#include "random.h" +#include "hmac_sha256.h" +#include "cJSON.h" +#include "json.h" +#include "hex_reader.h" + +#define ATTESTATION_KEY_KEY "attestationKey" +#define CODE_HASH_KEY "codeHash" + +static secp256k1_context* sp_ctx = NULL; +attestation_id_t attestation_id; + +static size_t tweak_sign(const unsigned char* key, + const unsigned char* tweak, + const unsigned char* hash, + unsigned char* sig) { + unsigned char tweaked_key[PRIVATE_KEY_LENGTH]; + secp256k1_ecdsa_signature sp_sig; + size_t sig_serialized_size = MAX_SIGNATURE_LENGTH; + + // Tweak private key + memmove(tweaked_key, key, sizeof(tweaked_key)); + if (!secp256k1_ec_privkey_tweak_add(sp_ctx, tweaked_key, tweak)) + return 0; + + // Sign and serialize as DER + secp256k1_ecdsa_sign(sp_ctx, &sp_sig, hash, tweaked_key, NULL, NULL); + secp256k1_ecdsa_signature_serialize_der( + sp_ctx, sig, &sig_serialized_size, &sp_sig); + + return (int)sig_serialized_size; +} + +/** + * Write current attestation id in JSON-format to the given path + */ +static bool write_attestation_id_file(char* attid_file_path) { + cJSON* json = cJSON_CreateObject(); + + unsigned long max_size = + sizeof(attestation_id.key) > sizeof(attestation_id.code_hash) + ? sizeof(attestation_id.key) + : sizeof(attestation_id.code_hash); + + char hex_str[max_size * 2 + 1]; + + // Write attestation key + for (int i = 0; i < sizeof(attestation_id.key); i++) + sprintf(hex_str + i * 2, "%02x", attestation_id.key[i]); + hex_str[sizeof(attestation_id.key) * 2] = '\0'; + cJSON_AddStringToObject(json, ATTESTATION_KEY_KEY, hex_str); + + // Write code hash + for (int i = 0; i < sizeof(attestation_id.code_hash); i++) + sprintf(hex_str + i * 2, "%02x", attestation_id.code_hash[i]); + hex_str[sizeof(attestation_id.code_hash) * 2] = '\0'; + cJSON_AddStringToObject(json, CODE_HASH_KEY, hex_str); + + return write_json_file(attid_file_path, json); +} + +static inline bool read_hex_value_into(cJSON* json, + char* key, + unsigned char* dest) { + cJSON* entry = cJSON_GetObjectItemCaseSensitive(json, key); + if (entry == NULL || !cJSON_IsString(entry)) + return false; + char* hex_value = cJSON_GetStringValue(entry); + read_hex(hex_value, strlen(hex_value), dest); + return true; +} + +bool endorsement_init(char* att_file_path) { + // Init the secp256k1 context + if (!sp_ctx) + sp_ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN); + + LOG("Loading endorsement file '%s'\n", att_file_path); + cJSON* json = read_json_file(att_file_path); + + if (json == NULL) { + LOG("Endorsement file not found or file format incorrect. Creating a " + "random endorsement id (key and code hash pair)\n"); + + // Init new random key and code hash + random_getrandom(attestation_id.key, sizeof(attestation_id.key), 0); + random_getrandom( + attestation_id.code_hash, sizeof(attestation_id.code_hash), 0); + + // Write attestation id to the file + if (!write_attestation_id_file(att_file_path)) { + LOG("Error writing attestation id to %s\n", att_file_path); + return false; + } + LOG("Attestation id created and saved to %s\n", att_file_path); + } else { + // Load attestation id into memory + if (!cJSON_IsObject(json)) { + LOG("Expected an object as top level element of %s\n", + att_file_path); + return false; + } + + // Read attestation key + if (!read_hex_value_into( + json, ATTESTATION_KEY_KEY, attestation_id.key)) { + LOG("'%s' not found in '%s'\n", ATTESTATION_KEY_KEY, att_file_path); + return false; + } + + // Read code hash + if (!read_hex_value_into( + json, CODE_HASH_KEY, attestation_id.code_hash)) { + LOG("'%s' not found in '%s'\n", CODE_HASH_KEY, att_file_path); + return false; + } + } + + // Grab attestation id public key + unsigned char pubkey[PUBKEY_CMP_LENGTH]; + if (seed_derive_pubkey_format(attestation_id.key, pubkey, true) != + PUBKEY_CMP_LENGTH) { + LOG("Error getting compressed public key for attestation id key\n"); + return false; + } + LOG("Loaded attestation id:\n"); + LOG("\tPublic key: "); + for (int i = 0; i < sizeof(pubkey); i++) + LOG("%02x", pubkey[i]); + LOG("\n"); + LOG("\tCode hash: "); + for (int i = 0; i < sizeof(attestation_id.code_hash); i++) + LOG("%02x", attestation_id.code_hash[i]); + LOG("\n"); + + return true; +} + +bool endorsement_sign(uint8_t* msg, + size_t msg_size, + uint8_t* signature_out, + uint8_t* signature_out_length) { + + uint8_t pubkey[PUBKEY_UNCMP_LENGTH]; + uint8_t tweak[HMAC_SHA256_SIZE]; + uint8_t hash[HASH_LENGTH]; + + if (*signature_out_length < MAX_SIGNATURE_LENGTH) { + return false; + } + + sha256(msg, msg_size, hash, sizeof(hash)); + + if (seed_derive_pubkey_format(attestation_id.key, pubkey, false) != + sizeof(pubkey)) { + LOG("Error deriving public key for endorsement\n"); + return false; + } + + if (hmac_sha256(attestation_id.code_hash, + sizeof(attestation_id.code_hash), + pubkey, + sizeof(pubkey), + tweak, + sizeof(tweak)) != sizeof(tweak)) { + LOG("Error computing tweak for endorsement\n"); + return false; + } + + if (*signature_out_length < MAX_SIGNATURE_LENGTH) { + LOG("Output buffer for signature too small: %u bytes\n", + *signature_out_length); + return false; + } + + *signature_out_length = + tweak_sign(attestation_id.key, tweak, hash, signature_out); + + return true; +} + +bool endorsement_get_code_hash(uint8_t* code_hash_out, + uint8_t* code_hash_out_length) { + + if (*code_hash_out_length < HASH_LENGTH) { + LOG("Output buffer for code hash too small: %u bytes\n", + *code_hash_out_length); + return false; + } + + memmove(code_hash_out, + attestation_id.code_hash, + sizeof(attestation_id.code_hash)); + *code_hash_out_length = sizeof(attestation_id.code_hash); + + return true; +} + +bool endorsement_get_public_key(uint8_t* public_key_out, + uint8_t* public_key_out_length) { + uint8_t tempbuf[PUBKEY_UNCMP_LENGTH]; + + if (*public_key_out_length < PUBKEY_UNCMP_LENGTH) { + LOG("Output buffer for public key too small: %u bytes\n", + *public_key_out_length); + return false; + } + + *public_key_out_length = + seed_derive_pubkey_format(attestation_id.key, tempbuf, false); + memcpy(public_key_out, tempbuf, *public_key_out_length); + + return true; +} \ No newline at end of file diff --git a/ledger/src/tcpsigner/os_exceptions.c b/ledger/src/hal/src/x86/exceptions.c similarity index 96% rename from ledger/src/tcpsigner/os_exceptions.c rename to ledger/src/hal/src/x86/exceptions.c index a4533a93..64269f06 100644 --- a/ledger/src/tcpsigner/os_exceptions.c +++ b/ledger/src/hal/src/x86/exceptions.c @@ -44,7 +44,11 @@ * (https://github.com/LedgerHQ/nanos-secure-sdk/blob/nanos-1314/include/os.h) */ -#include "os_exceptions.h" +#ifndef HSM_PLATFORM_X86 +#define HSM_PLATFORM_X86 +#endif + +#include "hal/exceptions.h" static try_context_t G_try_last_open_context_var; diff --git a/ledger/src/tcpsigner/hsmsim_explicit_bzero.c b/ledger/src/hal/src/x86/explicit_bzero.c similarity index 95% rename from ledger/src/tcpsigner/hsmsim_explicit_bzero.c rename to ledger/src/hal/src/x86/explicit_bzero.c index 29905058..8ccec7a4 100644 --- a/ledger/src/tcpsigner/hsmsim_explicit_bzero.c +++ b/ledger/src/hal/src/x86/explicit_bzero.c @@ -42,9 +42,9 @@ Architecture-specific implementations also need to define __explicit_bzero_chk. */ -#include "hsmsim_explicit_bzero.h" +#include "explicit_bzero.h" -#ifdef __HSMSIM_EXPLICIT_BZERO_H +#ifdef __HSM_CUSTOM_EXPLICIT_BZERO_H /* Set LEN bytes of S to 0. The compiler will not delete a call to this function, even if S is dead after the call. */ @@ -54,4 +54,4 @@ void explicit_bzero(void *s, size_t len) { asm volatile("" ::: "memory"); } -#endif // __HSMSIM_EXPLICIT_BZERO_H +#endif // __HSM_CUSTOM_EXPLICIT_BZERO_H diff --git a/ledger/src/tcpsigner/hsmsim_explicit_bzero.h b/ledger/src/hal/src/x86/explicit_bzero.h similarity index 95% rename from ledger/src/tcpsigner/hsmsim_explicit_bzero.h rename to ledger/src/hal/src/x86/explicit_bzero.h index 49779507..62a6731d 100644 --- a/ledger/src/tcpsigner/hsmsim_explicit_bzero.h +++ b/ledger/src/hal/src/x86/explicit_bzero.h @@ -49,12 +49,12 @@ #pragma message "Using ad-hoc explicit_bzero" -#ifndef __HSMSIM_EXPLICIT_BZERO_H -#define __HSMSIM_EXPLICIT_BZERO_H +#ifndef __HSM_CUSTOM_EXPLICIT_BZERO_H +#define __HSM_CUSTOM_EXPLICIT_BZERO_H #include void explicit_bzero(void *s, size_t len); -#endif // __HSMSIM_EXPLICIT_BZERO_H +#endif // __HSM_CUSTOM_EXPLICIT_BZERO_H #endif diff --git a/ledger/src/hal/src/x86/hash.c b/ledger/src/hal/src/x86/hash.c new file mode 100644 index 00000000..39b43f93 --- /dev/null +++ b/ledger/src/hal/src/x86/hash.c @@ -0,0 +1,86 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#include "hal/hash.h" +#include "sha256.h" +#include "keccak256.h" + +// *** sha256 *** +bool hash_sha256_init(hash_sha256_ctx_t* ctx) { + sha256_init(ctx); + return true; +} + +bool hash_sha256_update(hash_sha256_ctx_t* ctx, + const uint8_t* data, + size_t len) { + sha256_update(ctx, data, len); + return true; +} + +bool hash_sha256_final(hash_sha256_ctx_t* ctx, uint8_t* out_hash) { + sha256_final(ctx, out_hash); + return true; +} + +// *** sha256 with midstate support *** +bool hash_sha256_ms_init(hash_sha256_ms_ctx_t* ctx) { + sha256_init(ctx); + return true; +} + +bool hash_sha256_ms_midstate(hash_sha256_ms_ctx_t* ctx, uint8_t* midstate) { + sha256_midstate(ctx, midstate); + return true; +} + +bool hash_sha256_ms_update(hash_sha256_ms_ctx_t* ctx, + const uint8_t* data, + size_t len) { + sha256_update(ctx, data, len); + return true; +} + +bool hash_sha256_ms_final(hash_sha256_ms_ctx_t* ctx, uint8_t* out_hash) { + sha256_final(ctx, out_hash); + return true; +} + +// *** keccak256 *** +bool hash_keccak256_init(hash_keccak256_ctx_t* ctx) { + keccak_init(ctx); + return true; +} + +bool hash_keccak256_update(hash_keccak256_ctx_t* ctx, + const uint8_t* data, + size_t len) { + keccak_update(ctx, data, len); + return true; +} + +bool hash_keccak256_final(hash_keccak256_ctx_t* ctx, uint8_t* out_hash) { + keccak_final(ctx, out_hash); + return true; +} \ No newline at end of file diff --git a/ledger/src/tcpsigner/hex_reader.c b/ledger/src/hal/src/x86/hex_reader.c similarity index 100% rename from ledger/src/tcpsigner/hex_reader.c rename to ledger/src/hal/src/x86/hex_reader.c diff --git a/ledger/src/tcpsigner/hex_reader.h b/ledger/src/hal/src/x86/hex_reader.h similarity index 100% rename from ledger/src/tcpsigner/hex_reader.h rename to ledger/src/hal/src/x86/hex_reader.h diff --git a/ledger/src/tcpsigner/hmac_sha256.c b/ledger/src/hal/src/x86/hmac_sha256.c similarity index 100% rename from ledger/src/tcpsigner/hmac_sha256.c rename to ledger/src/hal/src/x86/hmac_sha256.c diff --git a/ledger/src/tcpsigner/hmac_sha256.h b/ledger/src/hal/src/x86/hmac_sha256.h similarity index 100% rename from ledger/src/tcpsigner/hmac_sha256.h rename to ledger/src/hal/src/x86/hmac_sha256.h diff --git a/ledger/src/tcpsigner/json.c b/ledger/src/hal/src/x86/json.c similarity index 95% rename from ledger/src/tcpsigner/json.c rename to ledger/src/hal/src/x86/json.c index cee86d94..dac51319 100644 --- a/ledger/src/tcpsigner/json.c +++ b/ledger/src/hal/src/x86/json.c @@ -28,7 +28,7 @@ #include // Read a JSON file into memory -cJSON* read_json_file(char* file_path) { +cJSON* read_json_file(const char* file_path) { FILE* key_file; char* buffer; long file_size; @@ -63,7 +63,7 @@ cJSON* read_json_file(char* file_path) { } // Write JSON from memory to disk -bool write_json_file(char* file_path, cJSON* json) { +bool write_json_file(const char* file_path, cJSON* json) { FILE* key_file = fopen(file_path, "w"); if (key_file == NULL) return false; diff --git a/ledger/src/tcpsigner/json.h b/ledger/src/hal/src/x86/json.h similarity index 92% rename from ledger/src/tcpsigner/json.h rename to ledger/src/hal/src/x86/json.h index 079c47b6..e0d146b0 100644 --- a/ledger/src/tcpsigner/json.h +++ b/ledger/src/hal/src/x86/json.h @@ -29,8 +29,8 @@ #include #include "cJSON.h" -cJSON* read_json_file(char* file_path); +cJSON* read_json_file(const char* file_path); -bool write_json_file(char* file_path, cJSON* json); +bool write_json_file(const char* file_path, cJSON* json); #endif // __SIMULATOR_JSON_H diff --git a/ledger/src/hal/src/x86/keccak256.c b/ledger/src/hal/src/x86/keccak256.c new file mode 100644 index 00000000..e5084372 --- /dev/null +++ b/ledger/src/hal/src/x86/keccak256.c @@ -0,0 +1,267 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +/** + * Third party library taken from: + * https://github.com/firefly/wallet/blob/29adeaf7029142063b7a6878e049efd4c6534982/source/libs/ethers/src/keccak256.c + */ + +/* sha3 - an implementation of Secure Hash Algorithm 3 (Keccak). + * based on the + * The Keccak SHA-3 submission. Submission to NIST (Round 3), 2011 + * by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche + * + * Copyright: 2013 Aleksey Kravchenko + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. Use this program at your own risk! + */ + +#include "keccak256.h" + +//#include + +#include +#include + +#define BLOCK_SIZE ((1600 - 256 * 2) / 8) + +#define I64(x) x##LL +#define ROTL64(qword, n) ((qword) << (n) ^ ((qword) >> (64 - (n)))) +#define le2me_64(x) (x) +#define IS_ALIGNED_64(p) (0 == (7 & ((const char*)(p) - (const char*)0))) +#define me64_to_le_str(to, from, length) memcpy((to), (from), (length)) + +/* constants */ + +//const uint8_t round_constant_info[] PROGMEM = { +//const uint8_t constants[] PROGMEM = { +const uint8_t constants[] = { + + 1, 26, 94, 112, 31, 33, 121, 85, 14, 12, 53, 38, 63, 79, 93, 83, 82, 72, 22, 102, 121, 88, 33, 116, +//}; + +//const uint8_t pi_transform[] PROGMEM = { + 1, 6, 9, 22, 14, 20, 2, 12, 13, 19, 23, 15, 4, 24, 21, 8, 16, 5, 3, 18, 17, 11, 7, 10, +//}; + +//const uint8_t rhoTransforms[] PROGMEM = { + 1, 62, 28, 27, 36, 44, 6, 55, 20, 3, 10, 43, 25, 39, 41, 45, 15, 21, 8, 18, 2, 61, 56, 14, +}; + +#define TYPE_ROUND_INFO 0 +#define TYPE_PI_TRANSFORM 24 +#define TYPE_RHO_TRANSFORM 48 + +uint8_t getConstant(uint8_t type, uint8_t index) { + return constants[type + index]; +} + +static uint64_t get_round_constant(uint8_t round) { + uint64_t result = 0; + + uint8_t roundInfo = getConstant(TYPE_ROUND_INFO, round); + if (roundInfo & (1 << 6)) { result |= ((uint64_t)1 << 63); } + if (roundInfo & (1 << 5)) { result |= ((uint64_t)1 << 31); } + if (roundInfo & (1 << 4)) { result |= ((uint64_t)1 << 15); } + if (roundInfo & (1 << 3)) { result |= ((uint64_t)1 << 7); } + if (roundInfo & (1 << 2)) { result |= ((uint64_t)1 << 3); } + if (roundInfo & (1 << 1)) { result |= ((uint64_t)1 << 1); } + if (roundInfo & (1 << 0)) { result |= ((uint64_t)1 << 0); } + + return result; +} + + +/* Initializing a sha3 context for given number of output bits */ +void keccak_init(SHA3_CTX *ctx) { + /* NB: The Keccak capacity parameter = bits * 2 */ + + memset(ctx, 0, sizeof(SHA3_CTX)); +} + +/* Keccak theta() transformation */ +static void keccak_theta(uint64_t *A) { + uint64_t C[5], D[5]; + + for (uint8_t i = 0; i < 5; i++) { + C[i] = A[i]; + for (uint8_t j = 5; j < 25; j += 5) { C[i] ^= A[i + j]; } + } + + for (uint8_t i = 0; i < 5; i++) { + D[i] = ROTL64(C[(i + 1) % 5], 1) ^ C[(i + 4) % 5]; + } + + for (uint8_t i = 0; i < 5; i++) { + //for (uint8_t j = 0; j < 25; j += 5) { + for (uint8_t j = 0; j < 25; j += 5) { A[i + j] ^= D[i]; } + } +} + + +/* Keccak pi() transformation */ +static void keccak_pi(uint64_t *A) { + uint64_t A1 = A[1]; + for (uint8_t i = 1; i < 24; i++) { + A[getConstant(TYPE_PI_TRANSFORM, i - 1)] = A[getConstant(TYPE_PI_TRANSFORM, i)]; + } + A[10] = A1; + /* note: A[ 0] is left as is */ +} + +/* +ketch uses 30084 bytes (93%) of program storage space. Maximum is 32256 bytes. +Global variables use 743 bytes (36%) of dynamic memory, leaving 1305 bytes for local variables. Maximum is 2048 bytes. + +*/ +/* Keccak chi() transformation */ +static void keccak_chi(uint64_t *A) { + for (uint8_t i = 0; i < 25; i += 5) { + uint64_t A0 = A[0 + i], A1 = A[1 + i]; + A[0 + i] ^= ~A1 & A[2 + i]; + A[1 + i] ^= ~A[2 + i] & A[3 + i]; + A[2 + i] ^= ~A[3 + i] & A[4 + i]; + A[3 + i] ^= ~A[4 + i] & A0; + A[4 + i] ^= ~A0 & A1; + } +} + + +static void sha3_permutation(uint64_t *state) { + for (uint8_t round = 0; round < 24; round++) { + keccak_theta(state); + + /* apply Keccak rho() transformation */ + for (uint8_t i = 1; i < 25; i++) { + state[i] = ROTL64(state[i], getConstant(TYPE_RHO_TRANSFORM, i - 1)); + } + + keccak_pi(state); + keccak_chi(state); + + /* apply iota(state, round) */ + *state ^= get_round_constant(round); + } +} + +/** + * The core transformation. Process the specified block of data. + * + * @param hash the algorithm state + * @param block the message block to process + * @param block_size the size of the processed block in bytes + */ +static void sha3_process_block(uint64_t hash[25], const uint64_t *block) { + for (uint8_t i = 0; i < 17; i++) { + hash[i] ^= le2me_64(block[i]); + } + + /* make a permutation of the hash */ + sha3_permutation(hash); +} + +//#define SHA3_FINALIZED 0x80000000 +//#define SHA3_FINALIZED 0x8000 + +/** + * Calculate message hash. + * Can be called repeatedly with chunks of the message to be hashed. + * + * @param ctx the algorithm context containing current hashing state + * @param msg message chunk + * @param size length of the message chunk + */ +void keccak_update(SHA3_CTX *ctx, const unsigned char *msg, uint16_t size) +{ + uint16_t idx = (uint16_t)ctx->rest; + + //if (ctx->rest & SHA3_FINALIZED) return; /* too late for additional input */ + ctx->rest = (unsigned)((ctx->rest + size) % BLOCK_SIZE); + + /* fill partial block */ + if (idx) { + uint16_t left = BLOCK_SIZE - idx; + memcpy((char*)ctx->message + idx, msg, (size < left ? size : left)); + if (size < left) return; + + /* process partial block */ + sha3_process_block(ctx->hash, ctx->message); + msg += left; + size -= left; + } + + while (size >= BLOCK_SIZE) { + uint64_t* aligned_message_block; + if (IS_ALIGNED_64(msg)) { + // the most common case is processing of an already aligned message without copying it + aligned_message_block = (uint64_t*)(void*)msg; + } else { + memcpy(ctx->message, msg, BLOCK_SIZE); + aligned_message_block = ctx->message; + } + + sha3_process_block(ctx->hash, aligned_message_block); + msg += BLOCK_SIZE; + size -= BLOCK_SIZE; + } + + if (size) { + memcpy(ctx->message, msg, size); /* save leftovers */ + } +} + +/** +* Store calculated hash into the given array. +* +* @param ctx the algorithm context containing current hashing state +* @param result calculated hash in binary form +*/ +void keccak_final(SHA3_CTX *ctx, unsigned char* result) +{ + uint16_t digest_length = 100 - BLOCK_SIZE / 2; + +// if (!(ctx->rest & SHA3_FINALIZED)) { + /* clear the rest of the data queue */ + memset((char*)ctx->message + ctx->rest, 0, BLOCK_SIZE - ctx->rest); + ((char*)ctx->message)[ctx->rest] |= 0x01; + ((char*)ctx->message)[BLOCK_SIZE - 1] |= 0x80; + + /* process final block */ + sha3_process_block(ctx->hash, ctx->message); +// ctx->rest = SHA3_FINALIZED; /* mark context as finalized */ +// } + + if (result) { + me64_to_le_str(result, ctx->hash, digest_length); + } +} diff --git a/ledger/src/hal/src/x86/keccak256.h b/ledger/src/hal/src/x86/keccak256.h new file mode 100644 index 00000000..c2d15d7b --- /dev/null +++ b/ledger/src/hal/src/x86/keccak256.h @@ -0,0 +1,81 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +/** + * Third party library taken from: + * https://github.com/firefly/wallet/blob/29adeaf7029142063b7a6878e049efd4c6534982/source/libs/ethers/src/keccak256.h + */ + +/* sha3 - an implementation of Secure Hash Algorithm 3 (Keccak). + * based on the + * The Keccak SHA-3 submission. Submission to NIST (Round 3), 2011 + * by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche + * + * Copyright: 2013 Aleksey Kravchenko + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. Use this program at your own risk! + */ + +#ifndef __KECCAK256_H_ +#define __KECCAK256_H_ + +#include + +#define sha3_max_permutation_size 25 +#define sha3_max_rate_in_qwords 24 + +typedef struct SHA3_CTX { + /* 1600 bits algorithm hashing state */ + uint64_t hash[sha3_max_permutation_size]; + /* 1536-bit buffer for leftovers */ + uint64_t message[sha3_max_rate_in_qwords]; + /* count of bytes in the message[] buffer */ + uint16_t rest; +} SHA3_CTX; + + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + + +void keccak_init(SHA3_CTX *ctx); +void keccak_update(SHA3_CTX *ctx, const unsigned char *msg, uint16_t size); +void keccak_final(SHA3_CTX *ctx, unsigned char* result); + + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif /* __KECCAK256_H_ */ diff --git a/ledger/src/tcpsigner/log.h b/ledger/src/hal/src/x86/log.c similarity index 68% rename from ledger/src/tcpsigner/log.h rename to ledger/src/hal/src/x86/log.c index b0f66e6e..0e579d68 100644 --- a/ledger/src/tcpsigner/log.h +++ b/ledger/src/hal/src/x86/log.c @@ -22,19 +22,34 @@ * IN THE SOFTWARE. */ -/******************************************************************************* - * powHSM - * - * Generic logging to screen functions for TCPSigner - ********************************************************************************/ +#ifdef HSM_PLATFORM_X86 -#ifndef __SIMULATOR_LOG_H -#define __SIMULATOR_LOG_H +#include +#include +#include #include "bigdigits.h" -void info(const char *format, ...); -void info_hex(const char *prefix, void *buffer, size_t size); -void info_bigd_hex(const char *prefix, const DIGIT_T *a, size_t len); +void LOG(const char *format, ...) { + va_list args; + va_start(args, format); + + vprintf(format, args); + + va_end(args); +} + +void LOG_HEX(const char *prefix, void *buffer, size_t size) { + printf("%s ", prefix); + if (size > 0) { + printf("0x"); + for (unsigned int i = 0; i < size; i++) { + printf("%02x", ((unsigned char *)buffer)[i]); + } + } else { + printf("EMPTY"); + } + printf("\n"); +} -#endif // __SIMULATOR_LOG_H +#endif \ No newline at end of file diff --git a/ledger/src/tcpsigner/os.c b/ledger/src/hal/src/x86/nvmem.c similarity index 71% rename from ledger/src/tcpsigner/os.c rename to ledger/src/hal/src/x86/nvmem.c index 6e6da8c9..8d41edec 100644 --- a/ledger/src/tcpsigner/os.c +++ b/ledger/src/hal/src/x86/nvmem.c @@ -22,31 +22,31 @@ * IN THE SOFTWARE. */ -#include +#include "hal/nvmem.h" +#include "hal/log.h" -#include "os.h" -#include "hsmsim_admin.h" +#include +#include -void os_memmove(void *dst, const void *src, unsigned int length) { - memmove(dst, src, length); -} +static nvmmem_stats_t nvmmem_stats; -unsigned int os_perso_isonboarded() { - return hsmsim_admin_get_is_onboarded(); +void nvmem_stats_reset() { + memset(&nvmmem_stats, 0, sizeof(nvmmem_stats)); + LOG("NVM stats reset OK.\n"); } -unsigned int os_global_pin_retries(void) { - return HSMSIM_RETRIES; +nvmmem_stats_t nvmem_get_stats() { + return nvmmem_stats; } -void nvm_write(void *dst_adr, void *src_adr, unsigned int src_len) { - if (src_adr == NULL) { +bool nvmem_write(void *dst, void *src, unsigned int length) { + if (src == NULL) { // Treat as memory reset - memset(dst_adr, 0, src_len); + memset(dst, 0, length); } else { // Treat as normal copy - memmove(dst_adr, src_adr, src_len); + memmove(dst, src, length); } // Log the write - hsmsim_admin_nvm_record_write(); -} + nvmmem_stats.write_count++; +} \ No newline at end of file diff --git a/ledger/src/tcpsigner/os_io_seproxyhal.c b/ledger/src/hal/src/x86/platform.c similarity index 82% rename from ledger/src/tcpsigner/os_io_seproxyhal.c rename to ledger/src/hal/src/x86/platform.c index c6e43702..5cf96a53 100644 --- a/ledger/src/tcpsigner/os_io_seproxyhal.c +++ b/ledger/src/hal/src/x86/platform.c @@ -22,11 +22,16 @@ * IN THE SOFTWARE. */ -#include "os_io_seproxyhal.h" -#include "os_io.h" -#include "log.h" +#include "hal/platform.h" +#include "hal/log.h" -void os_sched_exit(unsigned int exit_code) { +#include + +void platform_memmove(void *dst, const void *src, unsigned int length) { + memmove(dst, src, length); +} + +void platform_request_exit() { // Currently unsupported, just log the call - info("os_sched_exit called with argument %u\n"); + LOG("platform_request_exit called\n"); } \ No newline at end of file diff --git a/ledger/src/tcpsigner/hsmsim_random.c b/ledger/src/hal/src/x86/random.c similarity index 91% rename from ledger/src/tcpsigner/hsmsim_random.c rename to ledger/src/hal/src/x86/random.c index 6b5aff83..c01c6554 100644 --- a/ledger/src/tcpsigner/hsmsim_random.c +++ b/ledger/src/hal/src/x86/random.c @@ -22,12 +22,11 @@ * IN THE SOFTWARE. */ -#include "hsmsim_random.h" +#include "random.h" -#include #include #include -void getrandom(void *buffer, size_t length, unsigned int flags) { +void random_getrandom(void *buffer, size_t length, unsigned int flags) { syscall(SYS_getrandom, buffer, length, 0); -} +} \ No newline at end of file diff --git a/ledger/src/tcpsigner/hsmsim_random.h b/ledger/src/hal/src/x86/random.h similarity index 89% rename from ledger/src/tcpsigner/hsmsim_random.h rename to ledger/src/hal/src/x86/random.h index f5f5a970..f20fa992 100644 --- a/ledger/src/tcpsigner/hsmsim_random.h +++ b/ledger/src/hal/src/x86/random.h @@ -22,6 +22,11 @@ * IN THE SOFTWARE. */ +#ifndef __HAL_RANDOM_H +#define __HAL_RANDOM_H + #include -void getrandom(void *buffer, size_t length, unsigned int flags); +void random_getrandom(void *buffer, size_t length, unsigned int flags); + +#endif // __HAL_RANDOM_H \ No newline at end of file diff --git a/ledger/src/hal/src/x86/seed.c b/ledger/src/hal/src/x86/seed.c new file mode 100644 index 00000000..7d291b29 --- /dev/null +++ b/ledger/src/hal/src/x86/seed.c @@ -0,0 +1,267 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#include +#include +#include +#include +#include + +#include "hal/constants.h" +#include "hal/seed.h" +#include "hal/log.h" +#include "random.h" + +#include "json.h" +#include "bip32.h" +#include "cJSON.h" +#include "hex_reader.h" + +#define SEED_DEFAULT_IS_ONBOARDED (true) + +typedef struct private_key_mapping_s { + const char* bip32_path; + uint8_t binary_path[BIP32_PATH_LENGTH]; + uint8_t key[PRIVATE_KEY_LENGTH]; +} private_key_mapping_t; + +static seed_data_t seed_data; +static secp256k1_context* sp_ctx = NULL; + +#define MAX_PRIVATE_KEYS 10 +static private_key_mapping_t private_keys[MAX_PRIVATE_KEYS]; +static unsigned int total_private_keys = 0; + +/** + * Write current private keys in JSON-format to the given path + */ +static bool write_key_file(const char* key_file_path) { + cJSON* json = cJSON_CreateObject(); + char hex_key[sizeof(private_keys[0].key) * 2 + 1]; + + for (int i = 0; i < total_private_keys; i++) { + for (int j = 0; j < sizeof(private_keys[0].key); j++) + sprintf(hex_key + j * 2, "%02x", private_keys[i].key[j]); + hex_key[sizeof(hex_key) - 1] = '\0'; + cJSON* json_hex_key = cJSON_CreateString(hex_key); + cJSON_AddStringToObject(json, private_keys[i].bip32_path, hex_key); + } + + return write_json_file(key_file_path, json); +} + +/** + * Get the key corresponding to the given path + */ +static bool get_key(uint32_t* path, uint8_t path_length, unsigned char* dest) { + // TODO: validate path length + bool found = false; + for (int i = 0; i < total_private_keys; i++) { + // Compare paths, skip first byte of stored path (length, not included + // in the path parameter) + if (!memcmp( + path, private_keys[i].binary_path + 1, BIP32_PATH_LENGTH - 1)) { + found = true; + memmove(dest, private_keys[i].key, sizeof(private_keys[i].key)); + break; + } + } + return found; +} + +uint8_t seed_derive_pubkey_format(const unsigned char* key, + unsigned char* dest, + bool compressed) { + secp256k1_pubkey pubkey; + size_t dest_size = compressed ? PUBKEY_CMP_LENGTH : PUBKEY_UNCMP_LENGTH; + + // Calculate the public key and serialize it according to + // the compressed argument + if (!secp256k1_ec_pubkey_create(sp_ctx, &pubkey, key)) { + return 0; + } + + secp256k1_ec_pubkey_serialize(sp_ctx, + dest, + &dest_size, + &pubkey, + compressed ? SECP256K1_EC_COMPRESSED + : SECP256K1_EC_UNCOMPRESSED); + + return (uint8_t)dest_size; +} + +static bool add_bip32_path(const char* bip32_path) { + private_keys[total_private_keys].bip32_path = bip32_path; + uint8_t* bpath = private_keys[total_private_keys].binary_path; + if (bip32_parse_path(bip32_path, bpath) != BIP32_PATH_LENGTH) { + LOG("Invalid BIP32 path given: %s\n", bip32_path); + return false; + } + total_private_keys++; + return true; +} + +bool seed_init(const char* key_file_path, + const char* bip32_paths[], + const size_t bip32_paths_count) { + // Init the secp256k1 context + if (!sp_ctx) + sp_ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN); + + // Initialize the onboarded value + seed_data.is_onboarded = SEED_DEFAULT_IS_ONBOARDED; + + // Configure BIP32 paths + for (int i = 0; i < bip32_paths_count; i++) { + if (!add_bip32_path((const char*)(bip32_paths[i]))) { + LOG("Error during seed initialization when trying to add path: " + "%s\n", + bip32_paths[i]); + return false; + } + } + + // Load keys + LOG("Loading key file '%s'\n", key_file_path); + cJSON* json = read_json_file(key_file_path); + + if (json == NULL) { + LOG("Keyfile not found or file format incorrect. Creating a new " + "random set of keys\n"); + // Init new random keys + for (int i = 0; i < total_private_keys; i++) { + random_getrandom( + private_keys[i].key, sizeof(private_keys[i].key), 0); + } + + // Write keys to the file + if (!write_key_file(key_file_path)) { + LOG("Error writing keys to %s\n", key_file_path); + return false; + } + LOG("Keys created and saved to %s\n", key_file_path); + } else { + // Load keys into memory + if (!cJSON_IsObject(json)) { + LOG("Expected an object as top level element of %s\n", + key_file_path); + return false; + } + + for (int i = 0; i < total_private_keys; i++) { + cJSON* key_entry = cJSON_GetObjectItemCaseSensitive( + json, private_keys[i].bip32_path); + if (key_entry == NULL || !cJSON_IsString(key_entry)) { + LOG("Path \"%s\" not found in \"%s\"\n", + bip32_paths[i], + key_file_path); + return false; + } + char* hex_key = cJSON_GetStringValue(key_entry); + read_hex(hex_key, strlen(hex_key), private_keys[i].key); + } + } + + unsigned char pubkey[PUBKEY_CMP_LENGTH]; + LOG("Loaded keys:\n"); + for (int i = 0; i < total_private_keys; i++) { + if (seed_derive_pubkey_format(private_keys[i].key, pubkey, true) != + PUBKEY_CMP_LENGTH) { + LOG("Error getting public key for path \"%s\"\n", + private_keys[i].bip32_path); + return false; + } + LOG("\t%s: ", private_keys[i].bip32_path); + for (int j = 0; j < sizeof(pubkey); j++) + LOG("%02x", pubkey[j]); + LOG("\n"); + } + + return true; +} + +void seed_set_is_onboarded(bool is_onboarded) { + seed_data.is_onboarded = is_onboarded; +} + +bool seed_available() { + return seed_data.is_onboarded; +} + +bool seed_derive_pubkey(uint32_t* path, + uint8_t path_length, + uint8_t* pubkey_out, + uint8_t* pubkey_out_length) { + + uint8_t key[PRIVATE_KEY_LENGTH]; + if (!get_key(path, path_length, key)) { + LOG("Invalid path given: %s\n", (unsigned char*)path); + return false; + } + + if (*pubkey_out_length < PUBKEY_CMP_LENGTH) { + LOG("Output buffer for public key too small: %u bytes\n", + *pubkey_out_length); + return false; + } + + *pubkey_out_length = seed_derive_pubkey_format(key, pubkey_out, false); + if (!(*pubkey_out_length)) { + LOG("Error deriving public key for path: %s\n", (unsigned char*)path); + return false; + } + + return true; +} + +bool seed_sign(uint32_t* path, + uint8_t path_length, + uint8_t* hash32, + uint8_t* sig_out, + uint8_t* sig_out_length) { + + secp256k1_ecdsa_signature sp_sig; + size_t sig_serialized_size = MAX_SIGNATURE_LENGTH; + + uint8_t key[PRIVATE_KEY_LENGTH]; + if (!get_key(path, path_length, key)) { + LOG("Invalid path given: %s\n", (unsigned char*)path); + return false; + } + + if (*sig_out_length < MAX_SIGNATURE_LENGTH) { + LOG("Output buffer for signature too small: %u bytes\n", + *sig_out_length); + return false; + } + + // Sign and serialize as DER + secp256k1_ecdsa_sign(sp_ctx, &sp_sig, hash32, key, NULL, NULL); + secp256k1_ecdsa_signature_serialize_der( + sp_ctx, sig_out, &sig_serialized_size, &sp_sig); + *sig_out_length = (uint8_t)sig_serialized_size; + + return true; +} diff --git a/ledger/src/hal/src/x86/sha256.c b/ledger/src/hal/src/x86/sha256.c new file mode 120000 index 00000000..a21d1a59 --- /dev/null +++ b/ledger/src/hal/src/x86/sha256.c @@ -0,0 +1 @@ +../common/sha256.c \ No newline at end of file diff --git a/ledger/src/hal/src/x86/sha256.h b/ledger/src/hal/src/x86/sha256.h new file mode 120000 index 00000000..65492ab2 --- /dev/null +++ b/ledger/src/hal/src/x86/sha256.h @@ -0,0 +1 @@ +../common/sha256.h \ No newline at end of file diff --git a/ledger/src/signer/src/auth.h b/ledger/src/signer/src/auth.h index 8a9b4ece..201c9202 100644 --- a/ledger/src/signer/src/auth.h +++ b/ledger/src/signer/src/auth.h @@ -87,7 +87,7 @@ typedef struct { uint8_t expected_bytes; bool auth_required; - uint32_t path[DERIVATION_PATH_PARTS]; + uint32_t path[BIP32_PATH_NUMPARTS]; uint32_t input_index_to_sign; uint8_t tx_hash[HASH_LENGTH]; diff --git a/ledger/src/signer/src/bc_err.c b/ledger/src/signer/src/bc_err.c index 37f38451..e06b2dae 100644 --- a/ledger/src/signer/src/bc_err.c +++ b/ledger/src/signer/src/bc_err.c @@ -26,7 +26,7 @@ #ifdef HSM_PLATFORM_X86 -#include +#include "hal/log.h" static struct err_entry { err_code_t errcode; @@ -74,7 +74,7 @@ void show_error(err_code_t errcode) { break; } } - fprintf(stderr, "*** ERROR: %s\n", msg); + LOG("*** ERROR: %s\n", msg); } #else void show_error(err_code_t errcode) { diff --git a/ledger/src/signer/src/bigdigits.c b/ledger/src/signer/src/bigdigits.c index c62fe3e3..cf2f7128 100644 --- a/ledger/src/signer/src/bigdigits.c +++ b/ledger/src/signer/src/bigdigits.c @@ -1,27 +1,27 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + /* $Id: bigdigits.c $ */ /***** BEGIN LICENSE BLOCK ***** @@ -47,6 +47,7 @@ #define assert(x) #include "bigdigits.h" +#include "hal/log.h" #define BITS_PER_HALF_DIGIT (BITS_PER_DIGIT / 2) #define LOHALF(x) ((DIGIT_T)((x) & MAX_HALF_DIGIT)) @@ -763,3 +764,31 @@ DIGIT_T spDivide(DIGIT_T *q, DIGIT_T *r, const DIGIT_T u[2], DIGIT_T v) *r = uu[0]; return q2; } + +// Platform-dependent code +#ifndef HSM_PLATFORM_LEDGER + +void LOG_BIGD_HEX(const char *prefix, + const DIGIT_T *a, + size_t len, + const char *suffix) { + if (prefix) + LOG("%s", prefix); + /* Trim leading digits which are zero */ + while (len--) { + if (a[len] != 0) + break; + } + len++; + if (0 == len) + len = 1; + /* print first digit without leading zeros */ + LOG("0x%" PRIxBIGD, a[--len]); + while (len--) { + LOG("%08" PRIxBIGD, a[len]); + } + if (suffix) + LOG("%s", suffix); +} + +#endif \ No newline at end of file diff --git a/ledger/src/signer/src/bigdigits.h b/ledger/src/signer/src/bigdigits.h index 898e5ae3..c1d9cd61 100644 --- a/ledger/src/signer/src/bigdigits.h +++ b/ledger/src/signer/src/bigdigits.h @@ -157,4 +157,26 @@ DIGIT_T mpShortDiv(DIGIT_T q[], const DIGIT_T u[], DIGIT_T d, size_t ndigits); } #endif +// Platform-dependent code +#ifndef HSM_PLATFORM_LEDGER + +/** + * @brief Print big integer in hex format with optional prefix and suffix strings + * + * @param prefix the log prefix (the general log prefix will be prepended too) + * @param a the big integer to print as hexadecimal + * @param len the size of a in bigint digits + * @param suffix the log suffix + */ +void LOG_BIGD_HEX(const char *prefix, + const DIGIT_T *a, + size_t len, + const char *suffix); + +#else + +#define LOG_BIGD_HEX(...) + +#endif // !HSM_PLATFORM_LEDGER + #endif // __BIGDIGITS_H diff --git a/ledger/src/signer/src/defs.h b/ledger/src/signer/src/defs.h index b96749ab..1a0b14fb 100644 --- a/ledger/src/signer/src/defs.h +++ b/ledger/src/signer/src/defs.h @@ -25,7 +25,7 @@ #ifndef __DEFS_H #define __DEFS_H -#include "constants.h" +#include "hal/constants.h" // Version and patchlevel #define VERSION_MAJOR 0x05 diff --git a/ledger/src/signer/src/hsm.c b/ledger/src/signer/src/hsm.c index f9d0e1eb..e1a0f12f 100644 --- a/ledger/src/signer/src/hsm.c +++ b/ledger/src/signer/src/hsm.c @@ -138,7 +138,7 @@ static unsigned int hsm_process_apdu(volatile unsigned int rx) { reset_if_starting(INS_GET_PUBLIC_KEY); // Check the received data size - if (rx != DATA + sizeof(uint32_t) * DERIVATION_PATH_PARTS) + if (rx != DATA + sizeof(uint32_t) * BIP32_PATH_NUMPARTS) THROW(ERR_INVALID_DATA_SIZE); // Wrong buffer size // Check for path validity before returning the public key diff --git a/ledger/src/signer/src/mem.h b/ledger/src/signer/src/mem.h index 99ebd045..ac610f20 100644 --- a/ledger/src/signer/src/mem.h +++ b/ledger/src/signer/src/mem.h @@ -25,6 +25,7 @@ #ifndef __MEM_H #define __MEM_H +#include "hal/constants.h" #include "hal/seed.h" #include "hal/hash.h" @@ -47,8 +48,8 @@ typedef struct att_s { hash_sha256_ctx_t hash_ctx; // Attestation public keys hashing context uint8_t msg[MAX_ATT_MESSAGE_SIZE]; // Attestation message - unsigned int path[DERIVATION_PATH_PARTS]; - uint8_t pubkey[SEED_PUBLIC_KEY_SIZE]; + uint32_t path[BIP32_PATH_NUMPARTS]; + uint8_t pubkey[PUBKEY_UNCMP_LENGTH]; uint8_t pubkey_length; } att_t; diff --git a/ledger/src/tcpsigner/Makefile b/ledger/src/tcpsigner/Makefile index 39b3cc99..f326ccf7 100644 --- a/ledger/src/tcpsigner/Makefile +++ b/ledger/src/tcpsigner/Makefile @@ -22,12 +22,17 @@ SRCPATH = ../signer/src COMMONPATH = ../common/src -VPATH = $(SRCPATH):$(COMMONPATH) +HALSRCPATH = ../hal/src/x86 +HALINCPATH = ../hal/include +HALPATH = $(HALINCPATH):$(HALSRCPATH) +VPATH = $(SRCPATH):$(COMMONPATH):$(HALPATH) include ../../coverage/coverage.mk -CFLAGS += -g -O0 -I$(SRCPATH) -I$(COMMONPATH) -I. -I /usr/local/include -DHSM_SIMULATOR -CFLAGS += -Werror +CFLAGS += -g -O0 -iquote $(SRCPATH) -iquote $(COMMONPATH) -iquote . +CFLAGS += -iquote $(HALINCPATH) -iquote $(HALSRCPATH) +CFLAGS += -I /usr/local/include -Werror +CFLAGS += -DHSM_PLATFORM_X86 LDFLAGS = -lsecp256k1 @@ -41,12 +46,15 @@ COMPILE.c = $(CC) $(DEPFLAGS) $(CFLAGS) -c SIGN_SRCS = $(filter-out %/main.c, $(wildcard $(SRCPATH)/*.c)) COMMON_SRCS = $(wildcard $(COMMONPATH)/*.c) -SIGN_OBJS = $(patsubst $(SRCPATH)/%.c, $(OBJDIR)/%.o, $(SIGN_SRCS)) $(patsubst $(COMMONPATH)/%.c, $(OBJDIR)/%.o, $(COMMON_SRCS)) +HAL_SRCS = $(wildcard $(HALSRCPATH)/*.c) +SIGN_OBJS = $(patsubst $(SRCPATH)/%.c, $(OBJDIR)/%.o, $(SIGN_SRCS)) +SIGN_OBJS += $(patsubst $(COMMONPATH)/%.c, $(OBJDIR)/%.o, $(COMMON_SRCS)) +SIGN_OBJS += $(patsubst $(HALSRCPATH)/%.c, $(OBJDIR)/%.o, $(HAL_SRCS)) SIM_SRCS = $(wildcard *.c) SIM_OBJS = $(patsubst %.c, $(OBJDIR)/%.o, $(SIM_SRCS)) -SRCS = $(SIGN_SRCS) $(COMMON_SRCS) $(SIM_SRCS) +SRCS = $(SIGN_SRCS) $(COMMON_SRCS) $(HAL_SRCS) $(SIM_SRCS) OBJS = $(SIGN_OBJS) $(SIM_OBJS) @@ -58,7 +66,8 @@ $(OBJDIR)/%.o: %.c $(DEPDIR)/%.d | $(DEPDIR) $(COMPILE.c) $(COVFLAGS) -o $@ $< $(DEPDIR): ; @mkdir -p $@ -DEPFILES := $(patsubst $(DEPDIR)/$(SRCPATH)/%.d, $(DEPDIR)/%.d, $(SRCS:%.c=$(DEPDIR)/%.d)) $(patsubst $(DEPDIR)/$(COMMONPATH)/%.d, $(DEPDIR)/%.d, $(SRCS:%.c=$(DEPDIR)/%.d)) + +DEPFILES := $(patsubst %.c, $(DEPDIR)/%.d, $(notdir $(SRCS))) $(DEPFILES): diff --git a/ledger/src/tcpsigner/cx.h b/ledger/src/tcpsigner/cx.h deleted file mode 100644 index 8ab2ccdc..00000000 --- a/ledger/src/tcpsigner/cx.h +++ /dev/null @@ -1,23 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ diff --git a/ledger/src/tcpsigner/dbg.c b/ledger/src/tcpsigner/dbg.c deleted file mode 100644 index ef7c8ed8..00000000 --- a/ledger/src/tcpsigner/dbg.c +++ /dev/null @@ -1,95 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -/******************************************************************************* - * powHSM - * - * Debug functions for TCPSigner - ********************************************************************************/ - -#ifdef HSM_SIMULATOR - -#include -#include - -#include "bigdigits.h" -#include "srlp.h" - -/** Print buffer in hex format with prefix */ -void LOG_HEX(const char *prefix, void *buffer, size_t size) { - printf("%s ", prefix); - if (size > 0) { - printf("0x"); - for (unsigned int i = 0; i < size; i++) { - printf("%02x", ((unsigned char *)buffer)[i]); - } - } else { - printf("EMPTY"); - } - printf("\n"); -} - -/** Print big integer in hex format with optional prefix and suffix strings */ -void LOG_BIGD_HEX(const char *prefix, - const DIGIT_T *a, - size_t len, - const char *suffix) { - if (prefix) - printf("%s", prefix); - /* Trim leading digits which are zero */ - while (len--) { - if (a[len] != 0) - break; - } - len++; - if (0 == len) - len = 1; - /* print first digit without leading zeros */ - printf("0x%" PRIxBIGD, a[--len]); - while (len--) { - printf("%08" PRIxBIGD, a[len]); - } - if (suffix) - printf("%s", suffix); -} - -/** Print N copies of a given char */ -void LOG_N_CHARS(const char c, unsigned int times) { - for (unsigned int i = 0; i < times; i++) - printf("%c", c); -} - -/** Print the given SRLP context (see srlp.h) */ -void LOG_SRLP_CTX(uint8_t v, rlp_ctx_t ctx[], uint8_t ptr) { -#ifdef DEBUG_SRLP - printf("'0x%02x' ; <%u> ; ", v, ptr); - for (int i = ptr; i >= 0; --i) { - rlp_ctx_t cur = ctx[i]; - printf("{%d, %u, %u} ; ", cur.state, cur.size, cur.cursor); - } - printf("{EOC}\n"); -#endif -} - -#endif \ No newline at end of file diff --git a/ledger/src/tcpsigner/hsmsim_admin.c b/ledger/src/tcpsigner/hsmsim_admin.c index 2b9947c8..11d5844f 100644 --- a/ledger/src/tcpsigner/hsmsim_admin.c +++ b/ledger/src/tcpsigner/hsmsim_admin.c @@ -22,18 +22,20 @@ * IN THE SOFTWARE. */ +#include + +#include "hal/seed.h" +#include "hal/log.h" #include "hsmsim_admin.h" #include "apdu.h" #include "bc_state.h" -#include "log.h" #include "ints.h" static hsmsim_admin_data_t hsmsim_admin_data; void hsmsim_admin_init() { memset(&hsmsim_admin_data, 0, sizeof(hsmsim_admin_data)); - hsmsim_admin_data.is_onboarded = HSMSIM_ADMIN_DEFAULT_IS_ONBOARDED; - info("ADMIN: Init OK.\n"); + LOG("ADMIN: Init OK.\n"); } bool hsmsim_admin_need_process(unsigned int rx) { @@ -42,51 +44,46 @@ bool hsmsim_admin_need_process(unsigned int rx) { static unsigned int hsmsim_admin_error(uint16_t code) { unsigned int tx = 0; - G_io_apdu_buffer[tx++] = HSMSIM_ADMIN_CLA; + SET_APDU_AT(tx++, HSMSIM_ADMIN_CLA); SET_APDU_AT(tx++, code >> 8); SET_APDU_AT(tx++, code); return tx; } static unsigned int hsmsim_admin_ok(unsigned int tx) { - if ((tx + 2 * sizeof(G_io_apdu_buffer[0])) > sizeof(G_io_apdu_buffer)) { - info("ADMIN: Buffer overflow on G_io_apdu_buffer when trying to reply " - "to the host.\n"); + if ((tx + 2 * APDU_ELEMENT_SIZE) > APDU_TOTAL_SIZE) { + LOG("ADMIN: Buffer overflow on I/O when trying to reply " + "to the host.\n"); return hsmsim_admin_error(HSMSIM_ADMIN_ERROR_BUFFER_OVERFLOW); } - G_io_apdu_buffer[tx++] = 0x90; - G_io_apdu_buffer[tx++] = 0x00; + SET_APDU_AT(tx++, 0x90); + SET_APDU_AT(tx++, 0x00); return tx; } -static void hsmsim_admin_nvm_stats_reset() { - memset( - &hsmsim_admin_data.nvm_stats, 0, sizeof(hsmsim_admin_data.nvm_stats)); - info("ADMIN: reset NVM stats OK.\n"); -} - unsigned int hsmsim_admin_process_apdu(unsigned int rx) { unsigned int tx; unsigned int offset; + nvmmem_stats_t nvmmem_stats; if (APDU_CLA() != HSMSIM_ADMIN_CLA) { - info("ADMIN: Invalid CLA: %d.\n", APDU_CLA()); + LOG("ADMIN: Invalid CLA: %d.\n", APDU_CLA()); return hsmsim_admin_error(HSMSIM_ADMIN_ERROR_INVALID_PROTOCOL); } if (rx < MIN_ADMIN_BYTES) { - info("ADMIN: Too few bytes in operation: %d.\n", rx); + LOG("ADMIN: Too few bytes in operation: %d.\n", rx); return hsmsim_admin_error(HSMSIM_ADMIN_ERROR_INVALID_PROTOCOL); } switch (APDU_CMD()) { case HSMSIM_ADMIN_CMD_SET_ANCESTOR_RCPT_ROOT: if (APDU_DATA_SIZE(rx) != HASH_LENGTH) { - info("ADMIN: Invalid ancestor receipts root size. Expected %d " - "bytes, got %d.\n", - HASH_LENGTH, - APDU_DATA_SIZE(rx)); + LOG("ADMIN: Invalid ancestor receipts root size. Expected %d " + "bytes, got %d.\n", + HASH_LENGTH, + APDU_DATA_SIZE(rx)); return hsmsim_admin_error(HSMSIM_ADMIN_ERROR_DATA_SIZE); } memcpy(hsmsim_admin_data.old_ancestor_receipts_root, @@ -94,73 +91,62 @@ unsigned int hsmsim_admin_process_apdu(unsigned int rx) { HASH_LENGTH); memcpy(N_bc_state.ancestor_receipt_root, APDU_DATA_PTR, HASH_LENGTH); hsmsim_admin_data.ancestor_receipts_root_set = true; - info_hex("ADMIN: Ancestor receipts root set to", - N_bc_state.ancestor_receipt_root, - HASH_LENGTH); + LOG_HEX("ADMIN: Ancestor receipts root set to", + N_bc_state.ancestor_receipt_root, + HASH_LENGTH); tx = TX_FOR_DATA_SIZE(0); break; case HSMSIM_ADMIN_CMD_RESET_ANCESTOR_RCPT_ROOT: if (!hsmsim_admin_data.ancestor_receipts_root_set) { - info("ADMIN: Cannot reset ancestor receipts root: not set.\n", - HASH_LENGTH, - APDU_DATA_SIZE(rx)); + LOG("ADMIN: Cannot reset ancestor receipts root: not set.\n"); return hsmsim_admin_error(HSMSIM_ADMIN_ERROR_INVALID_STATE); } memcpy(N_bc_state.ancestor_receipt_root, hsmsim_admin_data.old_ancestor_receipts_root, HASH_LENGTH); hsmsim_admin_data.ancestor_receipts_root_set = false; - info_hex("ADMIN: Ancestor receipts root reset to", - N_bc_state.ancestor_receipt_root, - HASH_LENGTH); + LOG_HEX("ADMIN: Ancestor receipts root reset to", + N_bc_state.ancestor_receipt_root, + HASH_LENGTH); tx = TX_FOR_DATA_SIZE(0); break; case HSMSIM_ADMIN_CMD_RESET_NVM_STATS: - hsmsim_admin_nvm_stats_reset(); + nvmem_stats_reset(); tx = TX_FOR_DATA_SIZE(0); break; case HSMSIM_ADMIN_CMD_GET_NVM_STATS: offset = 0; + nvmmem_stats = nvmem_get_stats(); APDU_DATA_PTR[offset++] = - (unsigned char)sizeof(hsmsim_admin_data.nvm_stats.write_count); + (unsigned char)sizeof(nvmmem_stats.write_count); VAR_BIGENDIAN_TO(APDU_DATA_PTR + offset, - hsmsim_admin_data.nvm_stats.write_count, - sizeof(hsmsim_admin_data.nvm_stats.write_count)); - offset += sizeof(hsmsim_admin_data.nvm_stats.write_count); + nvmmem_stats.write_count, + sizeof(nvmmem_stats.write_count)); + offset += sizeof(nvmmem_stats.write_count); tx = TX_FOR_DATA_SIZE(offset); - info("ADMIN: got NVM stats - %u writes.\n", - hsmsim_admin_data.nvm_stats.write_count); + LOG("ADMIN: got NVM stats - %u writes.\n", nvmmem_stats.write_count); break; case HSMSIM_ADMIN_CMD_GET_IS_ONBOARDED: - APDU_DATA_PTR[0] = (unsigned char)hsmsim_admin_data.is_onboarded; + APDU_DATA_PTR[0] = (unsigned char)seed_available(); tx = TX_FOR_DATA_SIZE(1); - info("ADMIN: got is_onboarded status.\n"); + LOG("ADMIN: got is_onboarded status.\n"); break; case HSMSIM_ADMIN_CMD_SET_IS_ONBOARDED: if (APDU_DATA_SIZE(rx) != 1) { - info("ADMIN: Invalid is_onboarded value size. Expected 1 " - "byte, got %d.\n", - APDU_DATA_SIZE(rx)); + LOG("ADMIN: Invalid is_onboarded value size. Expected 1 " + "byte, got %d.\n", + APDU_DATA_SIZE(rx)); return hsmsim_admin_error(HSMSIM_ADMIN_ERROR_DATA_SIZE); } - hsmsim_admin_data.is_onboarded = (bool)APDU_DATA_PTR[0]; - info("ADMIN: is_onboarded set to %d.\n", - hsmsim_admin_data.is_onboarded); + seed_set_is_onboarded((bool)APDU_DATA_PTR[0]); + LOG("ADMIN: is_onboarded set to %d.\n", + (unsigned char)seed_available()); tx = TX_FOR_DATA_SIZE(0); break; default: - info("ADMIN: Invalid CMD: %d.\n", APDU_CMD()); + LOG("ADMIN: Invalid CMD: %d.\n", APDU_CMD()); return hsmsim_admin_error(HSMSIM_ADMIN_ERROR_INVALID_PROTOCOL); } return hsmsim_admin_ok(tx); } - -void hsmsim_admin_nvm_record_write() { - hsmsim_admin_data.nvm_stats.write_count++; -} - -unsigned int hsmsim_admin_get_is_onboarded() { - return hsmsim_admin_data.is_onboarded ? HSMSIM_ADMIN_IS_ONBOARDED_YES - : HSMSIM_ADMIN_IS_ONBOARDED_NO; -} diff --git a/ledger/src/tcpsigner/hsmsim_admin.h b/ledger/src/tcpsigner/hsmsim_admin.h index 60ce1ad1..4099d299 100644 --- a/ledger/src/tcpsigner/hsmsim_admin.h +++ b/ledger/src/tcpsigner/hsmsim_admin.h @@ -28,7 +28,7 @@ #include #include -#include "constants.h" +#include "hal/constants.h" // Admin APDU constants #define MIN_ADMIN_BYTES 2 @@ -46,25 +46,9 @@ #define HSMSIM_ADMIN_ERROR_INVALID_STATE 0x6f02 #define HSMSIM_ADMIN_ERROR_BUFFER_OVERFLOW 0x6f03 -// Misc constants -#define HSMSIM_ADMIN_DEFAULT_IS_ONBOARDED (true) - -#define HSMSIM_ADMIN_IS_ONBOARDED_YES (1) -#define HSMSIM_ADMIN_IS_ONBOARDED_NO (0) - -#define HSMSIM_RETRIES (3) - -typedef struct hsmsim_admin_nvm_info_s { - unsigned int write_count; -} hsmsim_admin_nvm_info_t; - typedef struct hsmsim_admin_data_s { bool ancestor_receipts_root_set; uint8_t old_ancestor_receipts_root[HASH_LENGTH]; - - hsmsim_admin_nvm_info_t nvm_stats; - - bool is_onboarded; } hsmsim_admin_data_t; void hsmsim_admin_init(); @@ -73,8 +57,4 @@ bool hsmsim_admin_need_process(unsigned int rx); unsigned int hsmsim_admin_process_apdu(unsigned int rx); -void hsmsim_admin_nvm_record_write(); - -unsigned int hsmsim_admin_get_is_onboarded(); - #endif // __HSMSIM_ADMIN_H diff --git a/ledger/src/tcpsigner/hsmsim_attestation.c b/ledger/src/tcpsigner/hsmsim_attestation.c deleted file mode 100644 index 47ce9a21..00000000 --- a/ledger/src/tcpsigner/hsmsim_attestation.c +++ /dev/null @@ -1,147 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#include "hsmsim_attestation.h" - -#include -#include -#include - -#include "hsmsim_random.h" -#include "cJSON.h" -#include "json.h" -#include "hex_reader.h" -#include "os_ecdsa.h" -#include "log.h" - -#define ATTESTATION_KEY_KEY "attestationKey" -#define CODE_HASH_KEY "codeHash" - -attestation_id_t attestation_id; - -/** - * Write current attestation id in JSON-format to the given path - */ -static bool write_attestation_id_file(char* attid_file_path) { - cJSON* json = cJSON_CreateObject(); - - unsigned long max_size = - sizeof(attestation_id.key) > sizeof(attestation_id.code_hash) - ? sizeof(attestation_id.key) - : sizeof(attestation_id.code_hash); - - char hex_str[max_size * 2 + 1]; - - // Write attestation key - for (int i = 0; i < sizeof(attestation_id.key); i++) - sprintf(hex_str + i * 2, "%02x", attestation_id.key[i]); - hex_str[sizeof(attestation_id.key) * 2] = '\0'; - cJSON_AddStringToObject(json, ATTESTATION_KEY_KEY, hex_str); - - // Write code hash - for (int i = 0; i < sizeof(attestation_id.code_hash); i++) - sprintf(hex_str + i * 2, "%02x", attestation_id.code_hash[i]); - hex_str[sizeof(attestation_id.code_hash) * 2] = '\0'; - cJSON_AddStringToObject(json, CODE_HASH_KEY, hex_str); - - return write_json_file(attid_file_path, json); -} - -static inline bool read_hex_value_into(cJSON* json, - char* key, - unsigned char* dest) { - cJSON* entry = cJSON_GetObjectItemCaseSensitive(json, key); - if (entry == NULL || !cJSON_IsString(entry)) - return false; - char* hex_value = cJSON_GetStringValue(entry); - read_hex(hex_value, strlen(hex_value), dest); - return true; -} - -bool hsmsim_attestation_initialize(char* att_file_path) { - info("Loading attestation file '%s'\n", att_file_path); - cJSON* json = read_json_file(att_file_path); - - if (json == NULL) { - info("Attestation file not found or file format incorrect. Creating a " - "random attestation id (key and code hash pair)\n"); - - // Init new random key and code hash - getrandom(attestation_id.key, sizeof(attestation_id.key), 0); - getrandom( - attestation_id.code_hash, sizeof(attestation_id.code_hash), 0); - - // Write attestation id to the file - if (!write_attestation_id_file(att_file_path)) { - info("Error writing attestation id to %s\n", att_file_path); - return false; - } - info("Attestation id created and saved to %s\n", att_file_path); - } else { - // Load attestation id into memory - if (!cJSON_IsObject(json)) { - info("Expected an object as top level element of %s\n", - att_file_path); - return false; - } - - // Read attestation key - if (!read_hex_value_into( - json, ATTESTATION_KEY_KEY, attestation_id.key)) { - info( - "'%s' not found in '%s'\n", ATTESTATION_KEY_KEY, att_file_path); - return false; - } - - // Read code hash - if (!read_hex_value_into( - json, CODE_HASH_KEY, attestation_id.code_hash)) { - info("'%s' not found in '%s'\n", CODE_HASH_KEY, att_file_path); - return false; - } - } - - // Init OS ECDSA - os_ecdsa_initialize(); - - // Grab attestation id public key - unsigned char pubkey[PUBKEY_CMP_LENGTH]; - if (hsmsim_helper_getpubkey( - attestation_id.key, pubkey, sizeof(pubkey), true) != - PUBKEY_CMP_LENGTH) { - info("Error getting compressed public key for attestation id key\n"); - return false; - } - info("Loaded attestation id:\n"); - printf("\tPublic key: "); - for (int i = 0; i < sizeof(pubkey); i++) - printf("%02x", pubkey[i]); - printf("\n"); - printf("\tCode hash: "); - for (int i = 0; i < sizeof(attestation_id.code_hash); i++) - printf("%02x", attestation_id.code_hash[i]); - printf("\n"); - - return true; -} diff --git a/ledger/src/tcpsigner/hsmsim_attestation.h b/ledger/src/tcpsigner/hsmsim_attestation.h deleted file mode 100644 index b836c326..00000000 --- a/ledger/src/tcpsigner/hsmsim_attestation.h +++ /dev/null @@ -1,49 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#ifndef __SIMULATOR_HSMSIM_ATTESTATION_H -#define __SIMULATOR_HSMSIM_ATTESTATION_H - -#include - -#include "constants.h" - -// An attestation ID (in lack of a better name) -// is simply a pair consisting of a secp256k1 private key -// representing the device attestation private key and -// a code hash representing the hash of the running -// application that is attestating. Together, they can -// be used to construct another secp256k1 private key -// which is the attestation private key used to sign the -// attestation messages. -typedef struct { - unsigned char key[PRIVATE_KEY_LENGTH]; - unsigned char code_hash[HASH_LENGTH]; -} attestation_id_t; - -extern attestation_id_t attestation_id; - -bool hsmsim_attestation_initialize(char* att_file_path); - -#endif // __SIMULATOR_HSMSIM_ATTESTATION_H diff --git a/ledger/src/tcpsigner/hsmsim_ecdsa.c b/ledger/src/tcpsigner/hsmsim_ecdsa.c deleted file mode 100644 index 7cc490e2..00000000 --- a/ledger/src/tcpsigner/hsmsim_ecdsa.c +++ /dev/null @@ -1,157 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#include "hsmsim_ecdsa.h" -#include "os_ecdsa.h" - -#include -#include -#include - -#include "hsmsim_random.h" -#include "pathAuth.h" -#include "constants.h" -#include "cJSON.h" -#include "json.h" -#include "hex_reader.h" -#include "log.h" - -struct private_key_mapping_s { - const unsigned char* path; - unsigned char key[PRIVATE_KEY_LENGTH]; -}; - -static struct private_key_mapping_s private_keys[TOTAL_AUTHORIZED_PATHS]; - -// Hardcoded BIP32 paths for the JSON keyfile -// (no real use in writing conversion routines to/from binary -// since there's no real use for the paths themselves -// other than serving as map keys) -// The order is based on the 'ordered_paths' constant defined in 'pathAuth.c' -// (which means that if that changes, this should be updated accordingly) -const char bip32_paths[][20] = { - "m/44'/0'/0'/0/0", // BTC - "m/44'/1'/0'/0/0", // tBTC - "m/44'/1'/1'/0/0", // tRSK - "m/44'/1'/2'/0/0", // tMST - "m/44'/137'/0'/0/0", // RSK - "m/44'/137'/1'/0/0", // MST -}; - -/** - * Write current private keys in JSON-format to the given path - */ -static bool write_key_file(char* key_file_path) { - cJSON* json = cJSON_CreateObject(); - char hex_key[sizeof(private_keys[0].key) * 2 + 1]; - char bip32_path[100]; - - for (int i = 0; i < KEY_PATH_COUNT(); i++) { - for (int j = 0; j < sizeof(private_keys[0].key); j++) - sprintf(hex_key + j * 2, "%02x", private_keys[i].key[j]); - hex_key[sizeof(hex_key) - 1] = '\0'; - cJSON* json_hex_key = cJSON_CreateString(hex_key); - cJSON_AddStringToObject(json, bip32_paths[i], hex_key); - } - - return write_json_file(key_file_path, json); -} - -bool hsmsim_ecdsa_initialize(char* key_file_path) { - info("Loading key file '%s'\n", key_file_path); - cJSON* json = read_json_file(key_file_path); - - if (json == NULL) { - info("Keyfile not found or file format incorrect. Creating a new " - "random set of keys\n"); - // Init new random keys - for (int i = 0; i < KEY_PATH_COUNT(); i++) { - private_keys[i].path = (const unsigned char*)get_ordered_path(i); - getrandom(private_keys[i].key, sizeof(private_keys[i].key), 0); - } - - // Write keys to the file - if (!write_key_file(key_file_path)) { - info("Error writing keys to %s\n", key_file_path); - return false; - } - info("Keys created and saved to %s\n", key_file_path); - } else { - // Load keys into memory - if (!cJSON_IsObject(json)) { - info("Expected an object as top level element of %s\n", - key_file_path); - return false; - } - - for (int i = 0; i < KEY_PATH_COUNT(); i++) { - cJSON* key_entry = - cJSON_GetObjectItemCaseSensitive(json, bip32_paths[i]); - if (key_entry == NULL || !cJSON_IsString(key_entry)) { - info("Path '%s' not found in '%s'\n", - bip32_paths[i], - key_file_path); - return false; - } - private_keys[i].path = (const unsigned char*)get_ordered_path(i); - char* hex_key = cJSON_GetStringValue(key_entry); - read_hex(hex_key, strlen(hex_key), private_keys[i].key); - } - } - - // Init OS ECDSA - os_ecdsa_initialize(); - - unsigned char pubkey[PUBKEY_CMP_LENGTH]; - info("Loaded keys:\n"); - for (int i = 0; i < KEY_PATH_COUNT(); i++) { - if (hsmsim_helper_getpubkey( - private_keys[i].key, pubkey, sizeof(pubkey), true) != - PUBKEY_CMP_LENGTH) { - info("Error getting public key for key '%s'\n", bip32_paths[i]); - return false; - } - printf("\t%s: ", bip32_paths[i]); - for (int j = 0; j < sizeof(pubkey); j++) - printf("%02x", pubkey[j]); - printf("\n"); - } - - return true; -} - -bool hsmsim_ecdsa_get_key(unsigned char* path, unsigned char* dest) { - bool found = false; - for (int i = 0; i < TOTAL_AUTHORIZED_PATHS; i++) { - // Compare paths, skip first byte of stored path (length, not included - // in the path parameter) - if (!memcmp( - path, private_keys[i].path + 1, SINGLE_PATH_SIZE_BYTES - 1)) { - found = true; - memmove(dest, private_keys[i].key, sizeof(private_keys[i].key)); - break; - } - } - return found; -} diff --git a/ledger/src/tcpsigner/hsmsim_ecdsa.h b/ledger/src/tcpsigner/hsmsim_ecdsa.h deleted file mode 100644 index c93ad616..00000000 --- a/ledger/src/tcpsigner/hsmsim_ecdsa.h +++ /dev/null @@ -1,34 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#ifndef __SIMULATOR_HSMSIM_ECDSA_H -#define __SIMULATOR_HSMSIM_ECDSA_H - -#include - -bool hsmsim_ecdsa_initialize(char* key_file_path); - -bool hsmsim_ecdsa_get_key(unsigned char* path, unsigned char* dst_key); - -#endif // __SIMULATOR_HSMSIM_ECDSA_H diff --git a/ledger/src/tcpsigner/hsmsim_exceptions.c b/ledger/src/tcpsigner/hsmsim_exceptions.c deleted file mode 100644 index 8ab2ccdc..00000000 --- a/ledger/src/tcpsigner/hsmsim_exceptions.c +++ /dev/null @@ -1,23 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ diff --git a/ledger/src/tcpsigner/hsmsim_exceptions.h b/ledger/src/tcpsigner/hsmsim_exceptions.h deleted file mode 100644 index 25795453..00000000 --- a/ledger/src/tcpsigner/hsmsim_exceptions.h +++ /dev/null @@ -1,38 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#ifndef __SIMULATOR_HSMSIM_EXCEPTIONS_H -#define __SIMULATOR_HSMSIM_EXCEPTIONS_H - -#include -#include "os_exceptions.h" - -/* ----------------------------------------------------------------------- */ -/* - HSM SIMULATOR SPECIFIC EXCEPTIONS - */ -/* ----------------------------------------------------------------------- */ -#define HSMSIM_EXC_INVALID_PATH 0xbb01 -#define HSMSIM_EXC_SECP_ERROR 0xbb02 -#define HSMSIM_EXC_HMAC_ERROR 0xbb03 - -#endif // __SIMULATOR_HSMSIM_EXCEPTIONS_H diff --git a/ledger/src/tcpsigner/log.c b/ledger/src/tcpsigner/log.c deleted file mode 100644 index f34f90b1..00000000 --- a/ledger/src/tcpsigner/log.c +++ /dev/null @@ -1,57 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -/******************************************************************************* - * powHSM - * - * Generic logging to screen functions for TCPSigner - ********************************************************************************/ - -#include -#include - -#include "log.h" -#include "dbg.h" - -#define PREFIX "[TCPSIGNER] " - -void info(const char *format, ...) { - va_list args; - va_start(args, format); - - LOG(PREFIX); - vprintf(format, args); - - va_end(args); -} - -void info_hex(const char *prefix, void *buffer, size_t size) { - LOG(PREFIX); - LOG_HEX(prefix, buffer, size); -} - -void info_bigd_hex(const char *prefix, const DIGIT_T *a, size_t len) { - LOG(PREFIX); - LOG_BIGD_HEX(prefix, a, len, "\n"); -} diff --git a/ledger/src/tcpsigner/os_ecdsa.c b/ledger/src/tcpsigner/os_ecdsa.c deleted file mode 100644 index 5eaa6816..00000000 --- a/ledger/src/tcpsigner/os_ecdsa.c +++ /dev/null @@ -1,141 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#include "os_ecdsa.h" - -#include -#include - -#include "hsmsim_ecdsa.h" -#include "hsmsim_exceptions.h" -#include "constants.h" - -#include "hsmsim_random.h" - -#define PUBKEY_UNCOMPRESSED_LENGTH 65 - -static secp256k1_context *sp_ctx = NULL; - -void os_ecdsa_initialize() { - // Init the secp256k1 context - if (!sp_ctx) - sp_ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN); -} - -void os_perso_derive_node_bip32(cx_curve_t curve, - unsigned int *path, - unsigned int pathLength, - unsigned char *privateKey, - unsigned char *chain) { - - if (!hsmsim_ecdsa_get_key((unsigned char *)path, privateKey)) { - THROW(HSMSIM_EXC_INVALID_PATH); - } -} - -int cx_ecdsa_init_private_key(cx_curve_t curve, - unsigned char *rawkey, - unsigned int key_len, - cx_ecfp_private_key_t *key) { - - memmove(key->K, rawkey, key_len); - return 0; // Return value not used atm -} - -int cx_ecfp_generate_pair(cx_curve_t curve, - cx_ecfp_public_key_t *pubkey, - cx_ecfp_private_key_t *privkey, - int keepprivate) { - - secp256k1_pubkey sp_pubkey; - - // Calculate the public key and serialize it uncompressed - if (!secp256k1_ec_pubkey_create(sp_ctx, &sp_pubkey, privkey->K)) { - THROW(HSMSIM_EXC_SECP_ERROR); - } - size_t pubkey_size = sizeof(pubkey->W); - secp256k1_ec_pubkey_serialize( - sp_ctx, pubkey->W, &pubkey_size, &sp_pubkey, SECP256K1_EC_UNCOMPRESSED); - pubkey->W_len = (unsigned int)pubkey_size; - return 0; // Return value not used atm -} - -int cx_ecdsa_sign(cx_ecfp_private_key_t *key, - int mode, - cx_md_t hashID, - unsigned char *hash, - unsigned int hash_len, - unsigned char *sig) { - - secp256k1_ecdsa_signature sp_sig; - size_t sig_serialized_size = MAX_SIGNATURE_LENGTH; - - // Sign and serialize as DER - secp256k1_ecdsa_sign(sp_ctx, &sp_sig, hash, key->K, NULL, NULL); - secp256k1_ecdsa_signature_serialize_der( - sp_ctx, sig, &sig_serialized_size, &sp_sig); - - return (int)sig_serialized_size; -} - -size_t hsmsim_helper_getpubkey(const unsigned char *key, - unsigned char *dest, - size_t dest_size, - bool compressed) { - secp256k1_pubkey pubkey; - - // Calculate the public key and serialize it compressed - if (!secp256k1_ec_pubkey_create(sp_ctx, &pubkey, key)) { - return 0; - } - secp256k1_ec_pubkey_serialize(sp_ctx, - dest, - &dest_size, - &pubkey, - compressed ? SECP256K1_EC_COMPRESSED - : SECP256K1_EC_UNCOMPRESSED); - - return dest_size; -} - -size_t hsmsim_helper_tweak_sign(const unsigned char *key, - const unsigned char *tweak, - const unsigned char *hash, - unsigned char *sig) { - unsigned char tweaked_key[PRIVATE_KEY_LENGTH]; - secp256k1_ecdsa_signature sp_sig; - size_t sig_serialized_size = MAX_SIGNATURE_LENGTH; - - // Tweak private key - memmove(tweaked_key, key, sizeof(tweaked_key)); - if (!secp256k1_ec_privkey_tweak_add(sp_ctx, tweaked_key, tweak)) - return 0; - - // Sign and serialize as DER - secp256k1_ecdsa_sign(sp_ctx, &sp_sig, hash, tweaked_key, NULL, NULL); - secp256k1_ecdsa_signature_serialize_der( - sp_ctx, sig, &sig_serialized_size, &sp_sig); - - return (int)sig_serialized_size; -} diff --git a/ledger/src/tcpsigner/os_ecdsa.h b/ledger/src/tcpsigner/os_ecdsa.h deleted file mode 100644 index 2a1449ad..00000000 --- a/ledger/src/tcpsigner/os_ecdsa.h +++ /dev/null @@ -1,86 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#ifndef __SIMULATOR_OS_ECDSA_H -#define __SIMULATOR_OS_ECDSA_H - -#include -#include - -// TODO: in the future, actual enum definitions for these -// two types could be copied from the nanos SDK and used -// to e.g. verify calls are made with expected parameters. -// Ignore for now, define as char. -#define CX_CURVE_256K1 0 -#define CX_RND_RFC6979 0 -#define CX_LAST 0 -#define CX_SHA256 0 -typedef char cx_md_t; -typedef char cx_curve_t; - -typedef struct cx_ecfp_private_key_s { - unsigned char K[32]; -} cx_ecfp_private_key_t; - -typedef struct cx_ecfp_public_key_s { - unsigned int W_len; - unsigned char W[65]; -} cx_ecfp_public_key_t; - -void os_ecdsa_initialize(); - -void os_perso_derive_node_bip32(cx_curve_t curve, - unsigned int *path, - unsigned int pathLength, - unsigned char *privateKey, - unsigned char *chain); - -int cx_ecdsa_init_private_key(cx_curve_t curve, - unsigned char *rawkey, - unsigned int key_len, - cx_ecfp_private_key_t *key); - -int cx_ecfp_generate_pair(cx_curve_t curve, - cx_ecfp_public_key_t *pubkey, - cx_ecfp_private_key_t *privkey, - int keepprivate); - -int cx_ecdsa_sign(cx_ecfp_private_key_t *key, - int mode, - cx_md_t hashID, - unsigned char *hash, - unsigned int hash_len, - unsigned char *sig); - -size_t hsmsim_helper_getpubkey(const unsigned char *key, - unsigned char *dest, - size_t dest_size, - bool compressed); - -size_t hsmsim_helper_tweak_sign(const unsigned char *key, - const unsigned char *tweak, - const unsigned char *hash, - unsigned char *sig); - -#endif // __SIMULATOR_OS_ECDSA_H diff --git a/ledger/src/tcpsigner/os_exceptions.h b/ledger/src/tcpsigner/os_exceptions.h deleted file mode 100644 index 1397e5f6..00000000 --- a/ledger/src/tcpsigner/os_exceptions.h +++ /dev/null @@ -1,211 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -/***************************************************************************** - * Ledger Nano S - Secure firmware - * (c) 2016, 2017 Ledger - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - *****************************************************************************/ - -/** - * Modified try...catch exception implementation (taken from nanos-secure-sdk) - * (https://github.com/LedgerHQ/nanos-secure-sdk/blob/nanos-1314/include/os.h) - */ - -#ifndef __SIMULATOR_OS_EXCEPTIONS_H -#define __SIMULATOR_OS_EXCEPTIONS_H - -#include -#include - -/* ----------------------------------------------------------------------- */ -/* - TYPES - */ -/* ----------------------------------------------------------------------- */ - -// error type definition -typedef unsigned short exception_t; - -// convenience declaration -typedef struct try_context_s try_context_t; - -// structure to reduce the code size generated for the close try (on stm7) -struct try_context_s { - // current exception context - jmp_buf jmp_buf; - - // previous exception contexts (if null, then will fail the same way as - // before, segv, therefore don't mind chaining) - try_context_t* previous; - - // current exception if any - exception_t ex; -}; - -extern try_context_t* G_try_last_open_context; - -/* ----------------------------------------------------------------------- */ -/* - EXCEPTIONS - */ -/* ----------------------------------------------------------------------- */ - -// workaround to make sure defines are replaced by their value for example -#define CPP_CONCAT(x, y) CPP_CONCAT_x(x, y) -#define CPP_CONCAT_x(x, y) x##y - -// ----------------------------------------------------------------------- -// - BEGIN TRY -// ----------------------------------------------------------------------- - -#define BEGIN_TRY_L(L) \ - { \ - try_context_t __try##L; - -// ----------------------------------------------------------------------- -// - TRY -// ----------------------------------------------------------------------- -#define TRY_L(L) \ - __try \ - ##L.previous = G_try_last_open_context; \ - __try \ - ##L.ex = setjmp(__try##L.jmp_buf); \ - G_try_last_open_context = &__try##L; \ - if (__try##L.ex == 0) { -// ----------------------------------------------------------------------- -// - EXCEPTION CATCH -// ----------------------------------------------------------------------- -#define CATCH_L(L, x) \ - goto CPP_CONCAT(__FINALLY, L); \ - } \ - else if (__try##L.ex == x) { \ - G_try_last_open_context = __try##L.previous; - -// ----------------------------------------------------------------------- -// - EXCEPTION CATCH OTHER -// ----------------------------------------------------------------------- -#define CATCH_OTHER_L(L, e) \ - goto CPP_CONCAT(__FINALLY, L); \ - } \ - else { \ - exception_t e; \ - e = __try##L.ex; \ - __try \ - ##L.ex = 0; \ - G_try_last_open_context = __try##L.previous; - -// ----------------------------------------------------------------------- -// - EXCEPTION CATCH ALL -// ----------------------------------------------------------------------- -#define CATCH_ALL_L(L) \ - goto CPP_CONCAT(__FINALLY, L); \ - } \ - else { \ - __try \ - ##L.ex = 0; \ - G_try_last_open_context = __try##L.previous; - -// ----------------------------------------------------------------------- -// - FINALLY -// ----------------------------------------------------------------------- -#define FINALLY_L(L) \ - goto CPP_CONCAT(__FINALLY, L); \ - } \ - CPP_CONCAT(__FINALLY, L) : G_try_last_open_context = __try##L.previous; - -// ----------------------------------------------------------------------- -// - END TRY -// ----------------------------------------------------------------------- -#define END_TRY_L(L) \ - if (__try##L.ex != 0) { \ - THROW_L(L, __try##L.ex); \ - } \ - } - -// ----------------------------------------------------------------------- -// - CLOSE TRY -// ----------------------------------------------------------------------- -#define CLOSE_TRY_L(L) \ - G_try_last_open_context = G_try_last_open_context->previous - -// ----------------------------------------------------------------------- -// - EXCEPTION THROW -// ----------------------------------------------------------------------- -/* -#ifndef BOLOS_RELEASE - -void os_longjmp(jmp_buf b, unsigned int exception); -#define THROW_L(L, x) \ - os_longjmp(G_try_last_open_context->jmp_buf, x) - -#else -*/ -#define THROW_L(L, x) longjmp(G_try_last_open_context->jmp_buf, x) -/* -#endif // BOLOS_RELEASE -*/ - -// Default macros when nesting is not used. -#define THROW_OS(x) THROW_L(EX, x) -#define BEGIN_TRY BEGIN_TRY_L(EX) -#define TRY TRY_L(EX) -#define CATCH(x) CATCH_L(EX, x) -#define CATCH_OTHER(e) CATCH_OTHER_L(EX, e) -#define CATCH_ALL CATCH_ALL_L(EX) -#define FINALLY FINALLY_L(EX) -#define CLOSE_TRY CLOSE_TRY_L(EX) -#define END_TRY END_TRY_L(EX) - -#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - -#include - -#define IGNORE_WHEN_FUZZING(e) \ - (e == MERKLE_PROOF_MISMATCH || e == CB_TXN_HASH_MISMATCH || \ - e == MM_HASH_MISMATCH || e == CHAIN_MISMATCH || \ - e == ANCESTOR_TIP_MISMATCH || \ - e == 0x6A94) // Validations in Merkle Proof. Not assigned a name. - -#define THROW(e) \ - { \ - if (!IGNORE_WHEN_FUZZING(e)) { \ - THROW_OS(e); \ - } \ - } - -#else - -#define THROW(e) THROW_OS(e) - -#endif - -#endif // __SIMULATOR_OS_EXCEPTIONS_H diff --git a/ledger/src/tcpsigner/os_hash.c b/ledger/src/tcpsigner/os_hash.c deleted file mode 100644 index 103b9eae..00000000 --- a/ledger/src/tcpsigner/os_hash.c +++ /dev/null @@ -1,63 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#include "os_hash.h" -#include "os_exceptions.h" -#include "dbg.h" - -int cx_sha256_init(cx_sha256_t *hash) { - hash->header.algo = CX_ALGO_SHA256; - sha256_init(&hash->ctx); -} - -int cx_keccak_init(cx_sha3_t *hash, int size) { - hash->header.algo = CX_ALGO_KECCAK256; - keccak_init(&hash->ctx); -} - -int cx_hash(cx_hash_t *hash, - int mode, - unsigned char *in, - unsigned int len, - unsigned char *out) { - switch (hash->algo) { - case CX_ALGO_SHA256: - if (!out) { - sha256_update(&((cx_sha256_t *)hash)->ctx, in, len); - } else { - sha256_final(&((cx_sha256_t *)hash)->ctx, out); - } - break; - case CX_ALGO_KECCAK256: - if (!out) { - keccak_update(&((cx_sha3_t *)hash)->ctx, in, len); - } else { - keccak_final(&((cx_sha3_t *)hash)->ctx, out); - } - break; - default: - LOG("Invalid hash algorithm given to cx_hash: %d", hash->algo); - THROW(0x9999); // TODO: define proper simulator-only error codes - } -} diff --git a/ledger/src/tcpsigner/os_hash.h b/ledger/src/tcpsigner/os_hash.h deleted file mode 100644 index 829ee6a8..00000000 --- a/ledger/src/tcpsigner/os_hash.h +++ /dev/null @@ -1,57 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#ifndef __SIMULATOR_OS_HASHING_H -#define __SIMULATOR_OS_HASHING_H - -#include "sha256.h" -#include "keccak256.h" - -typedef enum { CX_ALGO_SHA256 = 0x01, CX_ALGO_KECCAK256 } cx_algo_t; - -typedef struct cx_hash_header_s { - cx_algo_t algo; -} cx_hash_t; - -typedef struct cx_sha256_s { - cx_hash_t header; - SHA256_CTX ctx; -} cx_sha256_t; - -typedef struct cx_sha3_s { - cx_hash_t header; - SHA3_CTX ctx; -} cx_sha3_t; - -int cx_sha256_init(cx_sha256_t *hash); - -int cx_keccak_init(cx_sha3_t *hash, int size); - -int cx_hash(cx_hash_t *hash, - int mode, - unsigned char *in, - unsigned int len, - unsigned char *out); - -#endif // __SIMULATOR_OS_HASHING_H diff --git a/ledger/src/tcpsigner/os_io.h b/ledger/src/tcpsigner/os_io.h deleted file mode 100644 index 16095370..00000000 --- a/ledger/src/tcpsigner/os_io.h +++ /dev/null @@ -1,98 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#ifndef __SIMULATOR_OS_IO_H -#define __SIMULATOR_OS_IO_H - -#include - -/** - * APDU buffer - */ -#define CHANNEL_APDU 0 -#define IO_APDU_BUFFER_SIZE 85 -extern unsigned char G_io_apdu_buffer[IO_APDU_BUFFER_SIZE]; - -/* - * Sets the server on which io_exchange will perform - * the IO operations - * Either this or os_io_set_input_file must be called before - * using io_exchange. - */ -void os_io_set_server(int svr); - -/* - * Sets the input file from which io_exchange will - * read the input. - * Either this or os_io_set_server must be called before - * using io_exchange. - */ -void os_io_set_input_file(FILE *_input_file); - -/* - * Sets the replica file to which io_exchange will - * write the input. Optional. - */ -void os_io_set_replica_file(FILE *_replica_file); - -/** - * Perform an empty message - * write on the IO channel - */ -void io_exchange_reply(); - -/* - * This function performs the input / output to a simulated dongle, - * either via a TCP server of via an input file depending on global state. - * @arg[in] channel_and_flags must be CHANNEL_APDU - * @arg[in] tx amount of bytes to transmit to the client - * @ret amount of bytes received from the client - */ -unsigned short io_exchange(unsigned char channel_and_flags, unsigned short tx); -/* - * This function emulates USB device, writing bytes to tcpsocket instead - * @arg[in] channel_and_flags must be CHANNEL_APDU - * @arg[in] tx amount of bytes to transmit to the client - * @ret amount of bytes received from the client - */ -unsigned short io_exchange_server(unsigned char channel_and_flags, - unsigned short tx); - -/* This function emulates the HOST device, reading bytes to a file instead - * @arg[in] channel_and_flags must be CHANNEL_APDU - * @arg[in] tx_len amount of bytes to transmit to the client - * @ret amount of bytes received from the client - */ -unsigned short io_exchange_file(unsigned char channel_and_flags, - unsigned char tx_len, - FILE *inputfd); - -/* Append a received command to file - * @arg[in] filename Binary file to append commands - * @arg[in] rx Lenght of the command - * @ret number of bytes written - */ -unsigned int replicate_to_file(FILE *replica_file, unsigned short rx); - -#endif // __SIMULATOR_OS_IO_H diff --git a/ledger/src/tcpsigner/os_io_seproxyhal.h b/ledger/src/tcpsigner/os_io_seproxyhal.h deleted file mode 100644 index cd6b53fc..00000000 --- a/ledger/src/tcpsigner/os_io_seproxyhal.h +++ /dev/null @@ -1,30 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -#ifndef __SIMULATOR_OS_IO_SEPROXYHAL_H -#define __SIMULATOR_OS_IO_SEPROXYHAL_H - -void os_sched_exit(unsigned int exit_code); - -#endif // __SIMULATOR_OS_IO_SEPROXYHAL_H diff --git a/ledger/src/tcpsigner/tcp.c b/ledger/src/tcpsigner/tcp.c deleted file mode 100644 index a93f12ad..00000000 --- a/ledger/src/tcpsigner/tcp.c +++ /dev/null @@ -1,120 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -/******************************************************************************* - * powHSM - * - * USB over TCP simulator layer for TCPSigner - ********************************************************************************/ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "os.h" -#include "tcp.h" -#include "hsmsim_exceptions.h" - -#include "log.h" - -// Global socket variables -struct sockaddr_in servaddr, cli; - -/* start server, return a socket on connection - * @arg[in] PORT tcp port - * @arg[in] HOST HOST string - * @ret socket file descriptor - */ -int start_server(int port, const char *host) { - int sockfd; - struct hostent *hostinfo; - hostinfo = gethostbyname(host); - - if (hostinfo == NULL) { - info("Host not found.\n"); - exit(1); - } - - // socket create and verification - sockfd = socket(AF_INET, SOCK_STREAM, 0); - if (sockfd == -1) { - info("Socket creation failed...\n"); - exit(1); - } - - bzero(&servaddr, sizeof(servaddr)); - - if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &(int){1}, sizeof(int)) < - 0) { - info("Socket option setting failed failed\n"); - exit(1); - } - - if (setsockopt(sockfd, SOL_TCP, TCP_NODELAY, &(int){1}, sizeof(int)) < 0) { - info("Socket option setting failed failed\n"); - exit(1); - } - - // Set address and port - servaddr.sin_family = AF_INET; - memcpy(&servaddr.sin_addr, hostinfo->h_addr_list[0], hostinfo->h_length); - servaddr.sin_port = htons(port); - - // Binding newly created socket to given IP and verification - if ((bind(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr))) != 0) { - info("Socket bind failed...\n"); - exit(1); - } - - // Now server is ready to listen and verification - if ((listen(sockfd, 5)) != 0) { - info("Listen failed...\n"); - exit(1); - } - - info("Server listening...\n"); - return sockfd; -} - -/* Accept the data packet from client and verification - * @arg[in] sockfd server socket - * @ret connection file descriptor - */ -int accept_connection(int sockfd) { - int len = sizeof(cli); - int connfd = accept(sockfd, (struct sockaddr *)&cli, &len); - if (connfd < 0) { - info("Client connection failed...\n"); - exit(1); - } - - info("Client connected...\n"); - return connfd; -} diff --git a/ledger/src/tcpsigner/tcp.h b/ledger/src/tcpsigner/tcp.h deleted file mode 100644 index 9c21ae1b..00000000 --- a/ledger/src/tcpsigner/tcp.h +++ /dev/null @@ -1,37 +0,0 @@ -/** - * The MIT License (MIT) - * - * Copyright (c) 2021 RSK Labs Ltd - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to - * deal in the Software without restriction, including without limitation the - * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or - * sell copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - */ - -/******************************************************************************* - * powHSM - * - * USB over TCP simulator layer for TCPSigner - ********************************************************************************/ - -#define EXCEPTION_SOCKET -1 - -// Setup server socket. Returns server socket FD -int start_server(int PORT, const char *HOST); - -// Accept connection. Returns connection socket FD -int accept_connection(int sockfd); diff --git a/ledger/src/tcpsigner/tcpsigner.c b/ledger/src/tcpsigner/tcpsigner.c index dde1c35c..a9e8ed89 100644 --- a/ledger/src/tcpsigner/tcpsigner.c +++ b/ledger/src/tcpsigner/tcpsigner.c @@ -37,32 +37,39 @@ #include #include -#include "os.h" -#include "tcp.h" -#include "hsmsim_exceptions.h" +#include "hal/communication.h" +#include "hal/seed.h" +#include "hal/endorsement.h" +#include "hal/log.h" + #include "hsmsim_nu.h" -#include "hsmsim_ecdsa.h" -#include "hsmsim_attestation.h" #include "hsmsim_admin.h" #include "hsm.h" -#include "hsm-ledger.h" #include "ui_heartbeat.h" #include "bc_advance.h" #include "bc_state.h" #include "bc_diff.h" #include "defs.h" - #include "hex_reader.h" -#include "log.h" - typedef enum { ARG_NU_WASABI = 0xaa00, ARG_NU_PAPYRUS, ARG_NU_IRIS, } arg_non_printable_t; +// Hardcoded BIP32 paths for the JSON keyfile +const char *BIP32_PATHS[] = { + "m/44'/0'/0'/0/0", // BTC + "m/44'/1'/0'/0/0", // tBTC + "m/44'/1'/1'/0/0", // tRSK + "m/44'/1'/2'/0/0", // tMST + "m/44'/137'/0'/0/0", // RSK + "m/44'/137'/1'/0/0", // MST +}; +const size_t BIP32_PATHS_COUNT = sizeof(BIP32_PATHS) / sizeof(BIP32_PATHS[0]); + /** * UI heartbeat memory area * There's probably a better @@ -243,6 +250,15 @@ static error_t parse_opt(int key, char *arg, struct argp_state *state) { return 0; } +static unsigned short admin_process(unsigned short rx) { + if (hsmsim_admin_need_process(rx)) { + return hsmsim_admin_process_apdu(rx); + } + + // Signal nothing needed to process + return 0; +} + // The argp parser static struct argp argp = { options, @@ -251,7 +267,7 @@ static struct argp argp = { "TCPSigner -- an x86 implementation of the HSM signer"}; static void finalise() { - printf("Caught termination signal. Bye.\n"); + LOG("Caught termination signal. Bye.\n"); exit(0); } @@ -315,21 +331,21 @@ void main(int argc, char **argv) { argp_parse(&argp, argc, argv, 0, 0, &arguments); // Output welcome message & parameters - info("TCPSigner starting.\n"); + LOG("TCPSigner starting.\n"); // Output signer version - info("Signer version: %u.%u.%u\n", - VERSION_MAJOR, - VERSION_MINOR, - VERSION_PATCH); - - info("Signer parameters:\n"); - info_hex("Checkpoint:", arguments.checkpoint, sizeof(arguments.checkpoint)); - info_bigd_hex("Difficulty: ", - arguments.difficulty, - sizeof(arguments.difficulty) / - sizeof(arguments.difficulty[0])); - info("Network: %s\n", arguments.network); + LOG("Signer version: %u.%u.%u\n", + VERSION_MAJOR, + VERSION_MINOR, + VERSION_PATCH); + + LOG("Signer parameters:\n"); + LOG_HEX("Checkpoint:", arguments.checkpoint, sizeof(arguments.checkpoint)); + LOG_BIGD_HEX("Difficulty: ", + arguments.difficulty, + sizeof(arguments.difficulty) / sizeof(arguments.difficulty[0]), + "\n"); + LOG("Network: %s\n", arguments.network); // Set checkpoint memmove( @@ -347,36 +363,37 @@ void main(int argc, char **argv) { arguments.difficulty_cap, sizeof(arguments.difficulty_cap)); } - info_bigd_hex("Block difficulty cap: ", - MAX_BLOCK_DIFFICULTY, - sizeof(MAX_BLOCK_DIFFICULTY) / - sizeof(MAX_BLOCK_DIFFICULTY[0])); + LOG_BIGD_HEX("Block difficulty cap: ", + MAX_BLOCK_DIFFICULTY, + sizeof(MAX_BLOCK_DIFFICULTY) / sizeof(MAX_BLOCK_DIFFICULTY[0]), + "\n"); // Set network upgrade activation overrides for (int i = 0; i < arguments.network_upgrade_overrides_count; i++) hsmsim_set_network_upgrade_block_number( arguments.network_upgrade_overrides[i]); // Display network upgrade activation configuration - info("Network upgrade activation block numbers (latest takes " - "precedence):\n"); + LOG("Network upgrade activation block numbers (latest takes " + "precedence):\n"); network_upgrade_activation_t *activations = hsmsim_get_network_upgrade_activations(); for (int i = 0; i < hsmsim_get_network_upgrade_activations_count(); i++) { - info("\t%s: %u\n", - hsmsim_get_network_upgrade_name(activations[i].network_upgrade), - activations[i].activation_bn); + LOG("\t%s: %u\n", + hsmsim_get_network_upgrade_name(activations[i].network_upgrade), + activations[i].activation_bn); } - // Initialize ECDSA - if (!hsmsim_ecdsa_initialize(arguments.key_file_path)) { - info("Error during ECDSA initialization\n"); + // Initialize the seed module + if (!seed_init(arguments.key_file_path, BIP32_PATHS, BIP32_PATHS_COUNT)) { + LOG("Error during seed module initialization\n"); exit(1); } - info("ECDSA initialized.\n"); + + LOG("Seed module initialized.\n"); // Initialize Attestation - if (!hsmsim_attestation_initialize(arguments.att_file_path)) { - info("Error during Attestation initialization\n"); + if (!endorsement_init(arguments.att_file_path)) { + LOG("Error during endorsement module initialization\n"); exit(1); } @@ -391,48 +408,50 @@ void main(int argc, char **argv) { #endif FILE *inputfd; if (arguments.filemode) { - info("Using file %s as input\n", arguments.inputfile); + LOG("Using file %s as input\n", arguments.inputfile); if ((inputfd = fopen(arguments.inputfile, "rb")) == NULL) { - info("Error opening file %s as input\n", arguments.inputfile); + LOG("Error opening file %s as input\n", arguments.inputfile); exit(1); } - os_io_set_input_file(inputfd); + communication_set_input_file(inputfd); } else { - info("Starting TCP server on %s:%i\n", - arguments.bind, - arguments.port); - int server = start_server(arguments.port, arguments.bind); - os_io_set_server(server); + LOG("Starting TCP server on %s:%i\n", + arguments.bind, + arguments.port); + communication_set_and_start_server(arguments.port, arguments.bind); } FILE *replicafd; if (strlen(arguments.replicafile) > 0) { - info("Using file %s as replica\n", arguments.replicafile); + LOG("Using file %s as replica\n", arguments.replicafile); if ((replicafd = fopen(arguments.replicafile, "ab")) == NULL) { - info("Error opening file %s as replica\n", - arguments.replicafile); + LOG("Error opening file %s as replica\n", + arguments.replicafile); exit(1); }; - os_io_set_replica_file(replicafd); + communication_set_replica_file(replicafd); }; + // Set the admin module callback for the communication module + communication_set_external_module_process(&admin_process); + // Run the Signer main loop and the // UI heartbeat main loop in an alternate // fashion. while (true) { - info("Running signer main loop...\n"); + LOG("Running signer main loop...\n"); hsm_init(); - hsm_ledger_main_loop(); + hsm_main_loop(); // Send an empty reply so that the client // doesn't hang waiting - io_exchange_reply(); + communication_reply(); - info("Running UI heartbeat main loop...\n"); + LOG("Running UI heartbeat main loop...\n"); ui_heartbeat_init(&ui_heartbeat_ctx); ui_heartbeat_main(&ui_heartbeat_ctx); // Ditto - io_exchange_reply(); + communication_reply(); } if (replicafd != NULL) { diff --git a/ledger/src/tcpsigner/ui_comm.c b/ledger/src/tcpsigner/ui_comm.c new file mode 120000 index 00000000..c7a15e2a --- /dev/null +++ b/ledger/src/tcpsigner/ui_comm.c @@ -0,0 +1 @@ +../ui/src/ui_comm.c \ No newline at end of file diff --git a/ledger/src/tcpsigner/ui_comm.h b/ledger/src/tcpsigner/ui_comm.h new file mode 120000 index 00000000..a57ebda6 --- /dev/null +++ b/ledger/src/tcpsigner/ui_comm.h @@ -0,0 +1 @@ +../ui/src/ui_comm.h \ No newline at end of file diff --git a/ledger/src/tcpsigner/os_attestation.c b/ledger/src/tcpsigner/ui_deps.c similarity index 67% rename from ledger/src/tcpsigner/os_attestation.c rename to ledger/src/tcpsigner/ui_deps.c index 3fd97247..a35ed7cb 100644 --- a/ledger/src/tcpsigner/os_attestation.c +++ b/ledger/src/tcpsigner/ui_deps.c @@ -24,38 +24,29 @@ #include -#include "os_attestation.h" -#include "hsmsim_attestation.h" -#include "hsmsim_exceptions.h" -#include "os_ecdsa.h" +#include "hal/constants.h" +#include "hal/seed.h" +#include "hal/endorsement.h" +#include "hal/communication.h" +#include "hal/exceptions.h" +#include "hal/log.h" + +#include "ui_deps.h" +#include "ui_err.h" #include "sha256.h" #include "hmac_sha256.h" +#define UI_DEPS_PIN_RETRIES (3) + unsigned int os_endorsement_key2_derive_sign_data(unsigned char *src, unsigned int srcLength, unsigned char *signature) { - uint8_t pubkey[PUBKEY_UNCMP_LENGTH]; - uint8_t tweak[HMAC_SHA256_SIZE]; - uint8_t hash[HASH_LENGTH]; - - sha256(src, srcLength, hash, sizeof(hash)); - - if (hsmsim_helper_getpubkey( - attestation_id.key, pubkey, sizeof(pubkey), false) != - sizeof(pubkey)) { - THROW(HSMSIM_EXC_SECP_ERROR); - } - - if (hmac_sha256(attestation_id.code_hash, - sizeof(attestation_id.code_hash), - pubkey, - sizeof(pubkey), - tweak, - sizeof(tweak)) != sizeof(tweak)) { - THROW(HSMSIM_EXC_HMAC_ERROR); + uint8_t signature_length = MAX_SIGNATURE_LENGTH; + if (!endorsement_sign(src, srcLength, signature, &signature_length)) { + LOG("UI error endorsing message\n"); + THROW(ERR_UI_INTERNAL); } - - return hsmsim_helper_tweak_sign(attestation_id.key, tweak, hash, signature); + return signature_length; } unsigned int os_endorsement_get_code_hash(unsigned char *buffer) { @@ -66,8 +57,16 @@ unsigned int os_endorsement_get_code_hash(unsigned char *buffer) { unsigned int os_endorsement_get_public_key(unsigned char index, unsigned char *buffer) { uint8_t tempbuf[PUBKEY_UNCMP_LENGTH]; - size_t tempbuf_size = hsmsim_helper_getpubkey( - attestation_id.key, tempbuf, sizeof(tempbuf), false); + size_t tempbuf_size = + seed_derive_pubkey_format(attestation_id.key, tempbuf, false); memcpy(buffer, tempbuf, tempbuf_size); return tempbuf_size; +} + +unsigned int os_global_pin_retries() { + return UI_DEPS_PIN_RETRIES; +} + +unsigned short io_exchange(unsigned char channel_and_flags, unsigned short tx) { + return communication_io_exchange(tx); } \ No newline at end of file diff --git a/ledger/src/tcpsigner/os_attestation.h b/ledger/src/tcpsigner/ui_deps.h similarity index 88% rename from ledger/src/tcpsigner/os_attestation.h rename to ledger/src/tcpsigner/ui_deps.h index 8db43ca3..b0c7695e 100644 --- a/ledger/src/tcpsigner/os_attestation.h +++ b/ledger/src/tcpsigner/ui_deps.h @@ -22,8 +22,10 @@ * IN THE SOFTWARE. */ -#ifndef __SIMULATOR_OS_ATTESTATION_H -#define __SIMULATOR_OS_ATTESTATION_H +#ifndef __UI_DEPS_H +#define __UI_DEPS_H + +#define CHANNEL_APDU (123) unsigned int os_endorsement_key2_derive_sign_data(unsigned char *src, unsigned int srcLength, @@ -34,4 +36,8 @@ unsigned int os_endorsement_get_code_hash(unsigned char *buffer); unsigned int os_endorsement_get_public_key(unsigned char index, unsigned char *buffer); -#endif // __SIMULATOR_OS_ATTESTATION_H +unsigned int os_global_pin_retries(); + +unsigned short io_exchange(unsigned char channel_and_flags, unsigned short tx); + +#endif // __UI_DEPS_H diff --git a/ledger/src/ui/src/attestation.h b/ledger/src/ui/src/attestation.h index 9d2fb260..54a2e499 100644 --- a/ledger/src/ui/src/attestation.h +++ b/ledger/src/ui/src/attestation.h @@ -81,7 +81,7 @@ typedef struct { unsigned int msg_offset; unsigned char path[PUBKEY_PATH_LENGTH]; - unsigned char priv_key_data[SEED_LENGTH]; + unsigned char priv_key_data[PRIVATE_KEY_LENGTH]; cx_ecfp_private_key_t priv_key; cx_ecfp_public_key_t pub_key; } att_t; diff --git a/ledger/src/ui/src/constants.h b/ledger/src/ui/src/constants.h new file mode 120000 index 00000000..af2a9633 --- /dev/null +++ b/ledger/src/ui/src/constants.h @@ -0,0 +1 @@ +../../hal/include/hal/constants.h \ No newline at end of file diff --git a/ledger/src/ui/src/defs.h b/ledger/src/ui/src/defs.h index 16d823f9..cb1a01c3 100644 --- a/ledger/src/ui/src/defs.h +++ b/ledger/src/ui/src/defs.h @@ -25,8 +25,8 @@ #ifndef __DEFS_H #define __DEFS_H -#include "apdu.h" #include "constants.h" +#include "apdu.h" // Version and patchlevel #define VERSION_MAJOR 0x05 diff --git a/ledger/src/ui/test/mock/os_exceptions.h b/ledger/src/ui/test/mock/os_exceptions.h deleted file mode 120000 index 7f262726..00000000 --- a/ledger/src/ui/test/mock/os_exceptions.h +++ /dev/null @@ -1 +0,0 @@ -../../../tcpsigner/os_exceptions.h \ No newline at end of file From 2fed4d06bae927b1236bcb4b573f9c8179488962 Mon Sep 17 00:00:00 2001 From: Ariel Mendelzon Date: Sat, 8 Jun 2024 02:57:27 +1200 Subject: [PATCH 3/5] Updating directory structure to accomodate for multiple platforms (#180) - Moved 'ledger' directory to 'firmware' - Unified Makefile, source and tests directory structure - Updated Makefiles to account for new (unified) directory structure - Updated paths within scripts - Updated github workflows - Updated script names to account for underlying platform - Updated documentation references - New 'run all' script for tcpsigner unit tests - Incidentally fixing cross-module responsibility includes - Incidentally fixing version number in Ledger app deployment scripts --- .github/workflows/coverage.yml | 8 ++--- .github/workflows/run-tests.yml | 33 +++++++----------- .github/workflows/static-analysis.yml | 4 +-- .gitignore | 4 +-- QUICKSTART.md | 10 +++--- README.md | 2 +- build-dist | 24 ++++++------- {ledger => firmware}/README.md | 10 +++--- {ledger => firmware}/build/README.md | 14 ++++---- .../build/build-ledger-signer | 4 +-- .../build/build-ledger-ui | 4 +-- .../build/build-ledger-ui-debug | 4 +-- {ledger => firmware}/build/build-tcpsigner | 2 +- .../build/build-tcpsigner-afl | 19 +++++----- {ledger => firmware}/build/builder-term | 0 .../build/builder-term-afl | 0 {ledger => firmware}/coverage/.gitignore | 0 {ledger => firmware}/coverage/coverage.mk | 0 {ledger => firmware}/coverage/gen-coverage | 14 ++++---- {ledger => firmware}/deploy/.gitignore | 0 {ledger => firmware}/deploy/Makefile.defines | 0 {ledger => firmware}/deploy/Makefile.rules | 0 {ledger => firmware}/deploy/README.md | 4 +-- .../deploy/deploy-ledger-signer | 2 +- .../deploy/deploy-ledger-ui | 2 +- ledger/deploy/dsig => firmware/deploy/dledsig | 2 +- ledger/deploy/dui => firmware/deploy/dledui | 2 +- {ledger => firmware}/deploy/target.id | 0 {ledger => firmware}/fuzz/README.md | 12 +++---- {ledger => firmware}/fuzz/add-new-testcases | 4 +-- {ledger => firmware}/fuzz/dict/btc_trans | Bin {ledger => firmware}/fuzz/dict/header | 0 {ledger => firmware}/fuzz/dict/receipt | Bin {ledger => firmware}/fuzz/env | 0 .../fuzz/extract-inputs-from-tests | 12 +++---- {ledger => firmware}/fuzz/fuzz | 12 +++---- {ledger => firmware}/fuzz/generate-testcases | 0 {ledger => firmware}/fuzz/hex_to_dict.py | 0 {ledger => firmware}/fuzz/min-testcases | 6 ++-- .../fuzz/testcases-raw/replica-1.out | Bin .../fuzz/testcases-raw/replica-10.out | Bin .../fuzz/testcases-raw/replica-11.out | Bin .../fuzz/testcases-raw/replica-12.out | Bin .../fuzz/testcases-raw/replica-13.out | Bin .../fuzz/testcases-raw/replica-14.out | Bin .../fuzz/testcases-raw/replica-15.out | Bin .../fuzz/testcases-raw/replica-16.out | Bin .../fuzz/testcases-raw/replica-17.out | Bin .../fuzz/testcases-raw/replica-18.out | Bin .../fuzz/testcases-raw/replica-19.out | Bin .../fuzz/testcases-raw/replica-2.out | Bin .../fuzz/testcases-raw/replica-20.out | Bin .../fuzz/testcases-raw/replica-21.out | Bin .../fuzz/testcases-raw/replica-22.out | Bin .../fuzz/testcases-raw/replica-23.out | Bin .../fuzz/testcases-raw/replica-24.out | Bin .../fuzz/testcases-raw/replica-25.out | Bin .../fuzz/testcases-raw/replica-26.out | Bin .../fuzz/testcases-raw/replica-27.out | Bin .../fuzz/testcases-raw/replica-28.out | Bin .../fuzz/testcases-raw/replica-29.out | Bin .../fuzz/testcases-raw/replica-3.out | Bin .../fuzz/testcases-raw/replica-30.out | Bin .../fuzz/testcases-raw/replica-31.out | Bin .../fuzz/testcases-raw/replica-32.out | Bin .../fuzz/testcases-raw/replica-33.out | Bin .../fuzz/testcases-raw/replica-34.out | Bin .../fuzz/testcases-raw/replica-35.out | Bin .../fuzz/testcases-raw/replica-36.out | Bin .../fuzz/testcases-raw/replica-4.out | Bin .../fuzz/testcases-raw/replica-5.out | Bin .../fuzz/testcases-raw/replica-6.out | Bin .../fuzz/testcases-raw/replica-7.out | Bin .../fuzz/testcases-raw/replica-8.out | Bin .../fuzz/testcases-raw/replica-9.out | Bin .../fuzz/testcases-unique/replica-1.out | Bin .../fuzz/testcases-unique/replica-11.out | Bin .../fuzz/testcases-unique/replica-12.out | Bin .../fuzz/testcases-unique/replica-13.out | Bin .../fuzz/testcases-unique/replica-14.out | Bin .../fuzz/testcases-unique/replica-15.out | Bin .../fuzz/testcases-unique/replica-16.out | Bin .../fuzz/testcases-unique/replica-17.out | Bin .../fuzz/testcases-unique/replica-18.out | Bin .../fuzz/testcases-unique/replica-19.out | Bin .../fuzz/testcases-unique/replica-2.out | Bin .../fuzz/testcases-unique/replica-20.out | Bin .../fuzz/testcases-unique/replica-21.out | Bin .../fuzz/testcases-unique/replica-22.out | Bin .../fuzz/testcases-unique/replica-23.out | Bin .../fuzz/testcases-unique/replica-25.out | Bin .../fuzz/testcases-unique/replica-28.out | Bin .../fuzz/testcases-unique/replica-29.out | Bin .../fuzz/testcases-unique/replica-3.out | Bin .../fuzz/testcases-unique/replica-30.out | Bin .../fuzz/testcases-unique/replica-31.out | Bin .../fuzz/testcases-unique/replica-32.out | Bin .../fuzz/testcases-unique/replica-33.out | Bin .../fuzz/testcases-unique/replica-34.out | Bin .../fuzz/testcases-unique/replica-35.out | Bin .../fuzz/testcases-unique/replica-4.out | Bin .../fuzz/testcases-unique/replica-5.out | Bin .../fuzz/testcases-unique/replica-6.out | Bin .../fuzz/testcases-unique/replica-7.out | Bin .../fuzz/testcases-unique/replica-8.out | Bin .../fuzz/testcases-unique/replica-9.out | Bin .../fuzz/testcases/replica-1.out | Bin .../fuzz/testcases/replica-2.out | Bin .../fuzz/testcases/replica-3.out | Bin {ledger => firmware}/fuzz/unique-testcases | 6 ++-- {ledger => firmware}/src/.gitignore | 0 {ledger => firmware}/src/common/src/apdu.h | 0 .../src/common/src/compiletime.h | 0 {ledger => firmware}/src/common/src/ints.h | 0 {ledger => firmware}/src/common/src/memutil.h | 0 {ledger => firmware}/src/common/src/modes.h | 0 {ledger => firmware}/src/common/src/runtime.h | 0 .../src/common/test/.gitignore | 0 .../src/common/test/ints/Makefile | 0 .../src/common/test/ints/test_ints.c | 0 .../src/common/test/memutil/Makefile | 0 .../src/common/test/memutil/os.h | 0 .../src/common/test/memutil/test_memutil.c | 0 .../src/common/test/run-all.sh | 0 .../src/hal/include/hal/communication.h | 2 +- .../src/hal/include/hal/constants.h | 0 .../src/hal/include/hal/endorsement.h | 0 .../src/hal/include/hal/exceptions.h | 2 +- .../src/hal/include/hal/hash.h | 0 .../src/hal/include/hal/log.h | 0 .../src/hal/include/hal/nvmem.h | 0 .../src/hal/include/hal/platform.h | 0 .../src/hal/include/hal/seed.h | 0 .../src/hal/src/common/sha256.c | 0 .../src/hal/src/common/sha256.h | 0 .../src/hal/src/ledger/communication.c | 0 .../src/hal/src/ledger/endorsement.c | 0 .../src/hal/src/ledger/hash.c | 0 .../src/hal/src/ledger/nvmem.c | 0 .../src/hal/src/ledger/platform.c | 0 .../src/hal/src/ledger/seed.c | 0 .../src/hal/src/ledger/sha256.c | 0 .../src/hal/src/ledger/sha256.h | 0 {ledger => firmware}/src/hal/src/x86/bip32.c | 0 {ledger => firmware}/src/hal/src/x86/bip32.h | 0 {ledger => firmware}/src/hal/src/x86/cJSON.c | 0 {ledger => firmware}/src/hal/src/x86/cJSON.h | 0 .../src/hal/src/x86/communication.c | 0 .../src/hal/src/x86/endorsement.c | 0 .../src/hal/src/x86/exceptions.c | 0 .../src/hal/src/x86/explicit_bzero.c | 0 .../src/hal/src/x86/explicit_bzero.h | 0 {ledger => firmware}/src/hal/src/x86/hash.c | 0 .../src/hal/src/x86/hex_reader.c | 0 .../src/hal/src/x86/hex_reader.h | 0 .../src/hal/src/x86/hmac_sha256.c | 0 .../src/hal/src/x86/hmac_sha256.h | 0 {ledger => firmware}/src/hal/src/x86/json.c | 0 {ledger => firmware}/src/hal/src/x86/json.h | 0 .../src/hal/src/x86/keccak256.c | 0 .../src/hal/src/x86/keccak256.h | 0 {ledger => firmware}/src/hal/src/x86/log.c | 2 -- {ledger => firmware}/src/hal/src/x86/nvmem.c | 0 .../src/hal/src/x86/platform.c | 0 {ledger => firmware}/src/hal/src/x86/random.c | 0 {ledger => firmware}/src/hal/src/x86/random.h | 0 {ledger => firmware}/src/hal/src/x86/seed.c | 0 {ledger => firmware}/src/hal/src/x86/sha256.c | 0 {ledger => firmware}/src/hal/src/x86/sha256.h | 0 .../src/ledger}/signer/.gitignore | 0 .../src/ledger}/signer/Makefile | 4 +-- .../src/ledger}/signer/icon.gif | Bin firmware/src/ledger/signer/icon.hex | 1 + .../src/ledger}/signer/make-difficulty.py | 0 .../ledger}/signer/make-initial-block-hash.py | 0 .../src/ledger}/signer/src/main.c | 0 .../src => firmware/src/ledger}/ui/.gitignore | 0 .../src => firmware/src/ledger}/ui/LICENSE | 0 .../src => firmware/src/ledger}/ui/Makefile | 4 +-- .../src/ledger}/ui/glyphs/badge_back.gif | Bin .../ledger}/ui/glyphs/badge_loading_v2.gif | Bin .../src/ledger}/ui/glyphs/digit_0.gif | Bin .../src/ledger}/ui/glyphs/digit_1.gif | Bin .../src/ledger}/ui/glyphs/digit_2.gif | Bin .../src/ledger}/ui/glyphs/digit_3.gif | Bin .../src/ledger}/ui/glyphs/digit_4.gif | Bin .../src/ledger}/ui/glyphs/digit_5.gif | Bin .../src/ledger}/ui/glyphs/digit_6.gif | Bin .../src/ledger}/ui/glyphs/digit_7.gif | Bin .../src/ledger}/ui/glyphs/digit_8.gif | Bin .../src/ledger}/ui/glyphs/digit_9.gif | Bin .../src/ledger}/ui/glyphs/digit_dot.gif | Bin .../ledger}/ui/glyphs/digit_underscore.gif | Bin .../src/ledger}/ui/glyphs/fish_left.gif | Bin .../src/ledger}/ui/glyphs/fish_right.gif | Bin .../src/ledger}/ui/glyphs/icon_backspace.gif | Bin .../src/ledger}/ui/glyphs/icon_classes.gif | Bin .../src/ledger}/ui/glyphs/icon_dashboard.gif | Bin .../src/ledger}/ui/glyphs/icon_digits.gif | Bin .../src/ledger}/ui/glyphs/icon_lowercase.gif | Bin .../src/ledger}/ui/glyphs/icon_uppercase.gif | Bin .../src/ledger}/ui/glyphs/icon_validate.gif | Bin .../ledger}/ui/glyphs/icon_validate_bold.gif | Bin .../src => firmware/src/ledger}/ui/icon.gif | Bin firmware/src/ledger/ui/icon.hex | 1 + .../ledger}/ui/make-initial-signer-hash.py | 0 .../ui/make-initial-signer-iteration.py | 0 .../src/ledger}/ui/script.ux.ld | 0 .../src/ledger}/ui/src/attestation.c | 0 .../src/ledger}/ui/src/attestation.h | 0 .../src/ledger}/ui/src/bolos_ux.c | 0 .../src/ledger}/ui/src/bolos_ux.h | 0 .../src/ledger}/ui/src/bolos_ux_common.h | 0 .../src/ledger}/ui/src/bolos_ux_dashboard.c | 0 .../ui/src/bolos_ux_not_personalized.c | 0 .../src/ledger}/ui/src/bolos_ux_processing.c | 0 .../src/ledger}/ui/src/bolos_ux_settings.c | 0 .../src/ledger}/ui/src/bootloader.c | 0 .../src/ledger}/ui/src/bootloader.h | 0 .../src/ledger}/ui/src/common_requirements.h | 0 firmware/src/ledger/ui/src/constants.h | 1 + .../src => firmware/src/ledger}/ui/src/defs.h | 0 .../src => firmware/src/ledger}/ui/src/main.c | 0 .../src/ledger}/ui/src/onboard.c | 0 .../src/ledger}/ui/src/onboard.h | 0 .../src => firmware/src/ledger}/ui/src/pin.c | 0 .../src => firmware/src/ledger}/ui/src/pin.h | 0 .../src/ledger}/ui/src/signer_authorization.c | 0 .../src/ledger}/ui/src/signer_authorization.h | 0 .../src/signer_authorization_signers/aleph.h | 0 .../signer_authorization_signers/testing.h | 0 .../ui/src/signer_authorization_status.c | 0 .../ui/src/signer_authorization_status.h | 0 .../src/ledger}/ui/src/ui_comm.c | 0 .../src/ledger}/ui/src/ui_comm.h | 0 .../src/ledger}/ui/src/ui_err.h | 0 .../src/ledger}/ui/src/ui_heartbeat.c | 0 .../src/ledger}/ui/src/ui_heartbeat.h | 0 .../src/ledger}/ui/src/ui_instructions.h | 0 .../src/ledger}/ui/src/unlock.c | 0 .../src/ledger}/ui/src/unlock.h | 0 .../src/ledger}/ui/src/ux_handlers.c | 0 .../src/ledger}/ui/src/ux_handlers.h | 0 .../bolos_ux_onboarding_seed_bip39.c | 0 .../bolos_ux_onboarding_seed_bip39.h | 0 .../bolos_ux_onboarding_seed_pbkdf2.c | 0 .../bolos_ux_onboarding_seed_rom_variables.c | 0 .../bolos_ux_onboarding_seed_rom_variables.h | 0 .../src/ledger}/ui/test/attestation/Makefile | 0 .../ui/test/attestation/test_attestation.c | 0 .../src/ledger}/ui/test/bootloader/Makefile | 0 .../ui/test/bootloader/mock/bolos_ux_common.h | 0 .../ui/test/bootloader/mock/bootloader_mock.h | 0 .../ui/test/bootloader/test_bootloader.c | 0 .../ledger}/ui/test/communication/Makefile | 0 .../test/communication/test_communication.c | 0 .../src/ledger}/ui/test/mock/apdu_utils.h | 0 .../src/ledger}/ui/test/mock/assert_utils.h | 0 .../mock/bolos_ux_onboarding_seed_bip39.h | 0 .../src/ledger}/ui/test/mock/cx.h | 0 .../src/ledger}/ui/test/mock/mock.c | 0 .../src/ledger}/ui/test/mock/mock.h | 0 .../src/ledger}/ui/test/mock/os.h | 0 .../ledger}/ui/test/mock/os_io_seproxyhal.h | 0 .../src/ledger}/ui/test/onboard/Makefile | 0 .../ledger}/ui/test/onboard/test_onboard.c | 0 .../src/ledger}/ui/test/pin/Makefile | 0 .../src/ledger}/ui/test/pin/test_pin.c | 0 .../src/ledger}/ui/test/run-all.sh | 0 .../ui/test/signer_authorization/Makefile | 0 .../test_signer_authorization.c | 0 .../src/ledger}/ui/test/ui_heartbeat/Makefile | 0 .../ui/test/ui_heartbeat/test_ui_heartbeat.c | 0 .../src/ledger}/ui/test/unlock/Makefile | 0 .../src/ledger}/ui/test/unlock/test_unlock.c | 0 .../src/ledger}/ui/test/ux_handlers/Makefile | 0 .../test/ux_handlers/mock/bolos_ux_common.h | 0 .../bolos_ux_onboarding_seed_rom_variables.h | 0 .../test/ux_handlers/mock/test_ux_handlers.h | 0 .../ui/test/ux_handlers/test_ux_handlers.c | 0 .../src/powhsm}/src/attestation.c | 0 .../src/powhsm}/src/attestation.h | 0 .../signer => firmware/src/powhsm}/src/auth.c | 0 .../signer => firmware/src/powhsm}/src/auth.h | 0 .../src/powhsm}/src/auth_constants.h | 0 .../src/powhsm}/src/auth_path.c | 0 .../src/powhsm}/src/auth_path.h | 0 .../src/powhsm}/src/auth_receipt.c | 0 .../src/powhsm}/src/auth_receipt.h | 0 .../src/powhsm}/src/auth_trie.c | 0 .../src/powhsm}/src/auth_trie.h | 0 .../src/powhsm}/src/auth_tx.c | 0 .../src/powhsm}/src/auth_tx.h | 0 .../signer => firmware/src/powhsm}/src/bc.h | 0 .../src/powhsm}/src/bc_advance.c | 0 .../src/powhsm}/src/bc_advance.h | 0 .../src/powhsm}/src/bc_ancestor.c | 0 .../src/powhsm}/src/bc_ancestor.h | 0 .../src/powhsm}/src/bc_block.h | 0 .../src/powhsm}/src/bc_blockutils.h | 0 .../src/powhsm}/src/bc_diff.c | 0 .../src/powhsm}/src/bc_diff.h | 0 .../src/powhsm}/src/bc_err.c | 0 .../src/powhsm}/src/bc_err.h | 0 .../src/powhsm}/src/bc_hash.c | 0 .../src/powhsm}/src/bc_hash.h | 0 .../src/powhsm}/src/bc_mm.c | 0 .../src/powhsm}/src/bc_mm.h | 0 .../src/powhsm}/src/bc_nu.h | 0 .../src/powhsm}/src/bc_state.c | 0 .../src/powhsm}/src/bc_state.h | 0 .../src/powhsm}/src/bigdigits.c | 0 .../src/powhsm}/src/bigdigits.h | 0 .../src/powhsm}/src/bigdtypes.h | 0 .../src/powhsm}/src/btcscript.c | 0 .../src/powhsm}/src/btcscript.h | 0 .../src/powhsm}/src/btctx.c | 0 .../src/powhsm}/src/btctx.h | 0 .../src/powhsm}/src/common_requirements.h | 0 .../signer => firmware/src/powhsm}/src/defs.h | 0 .../signer => firmware/src/powhsm}/src/err.h | 0 .../src/powhsm}/src/flags.h | 0 .../src/powhsm}/src/heartbeat.c | 0 .../src/powhsm}/src/heartbeat.h | 0 .../signer => firmware/src/powhsm}/src/hsm.c | 0 .../signer => firmware/src/powhsm}/src/hsm.h | 0 .../src/powhsm}/src/instructions.h | 0 .../signer => firmware/src/powhsm}/src/mem.c | 0 .../signer => firmware/src/powhsm}/src/mem.h | 0 .../signer => firmware/src/powhsm}/src/nvm.h | 0 .../src/powhsm}/src/pathAuth.c | 0 .../src/powhsm}/src/pathAuth.h | 0 .../src/powhsm}/src/protocol.txt | 0 .../signer => firmware/src/powhsm}/src/srlp.c | 0 .../signer => firmware/src/powhsm}/src/srlp.h | 0 .../src/powhsm}/src/svarint.c | 0 .../src/powhsm}/src/svarint.h | 0 .../signer => firmware/src/powhsm}/src/trie.c | 0 .../signer => firmware/src/powhsm}/src/trie.h | 0 .../signer => firmware/src/powhsm}/src/util.h | 0 .../src/powhsm}/test/btcscript/Makefile | 0 .../src/powhsm/test/btcscript/btcscript.o | Bin 0 -> 3608 bytes .../src/powhsm/test/btcscript/hex_reader.o | Bin 0 -> 1920 bytes firmware/src/powhsm/test/btcscript/test.out | Bin 0 -> 26856 bytes .../powhsm}/test/btcscript/test_btcscript.c | 0 .../powhsm/test/btcscript/test_btcscript.o | Bin 0 -> 18752 bytes firmware/src/powhsm/test/btcscript/test_fwk.o | Bin 0 -> 1368 bytes .../src/powhsm}/test/btctx/Makefile | 0 firmware/src/powhsm/test/btctx/btctx.o | Bin 0 -> 8128 bytes firmware/src/powhsm/test/btctx/hex_reader.o | Bin 0 -> 1920 bytes firmware/src/powhsm/test/btctx/os.o | Bin 0 -> 2064 bytes .../powhsm}/test/btctx/resources/tx-001.hex | 0 .../powhsm}/test/btctx/resources/tx-002.hex | 0 .../powhsm}/test/btctx/resources/tx-003.hex | 0 .../powhsm}/test/btctx/resources/tx-004.hex | 0 firmware/src/powhsm/test/btctx/svarint.o | Bin 0 -> 3096 bytes firmware/src/powhsm/test/btctx/test.out | Bin 0 -> 33256 bytes .../src/powhsm}/test/btctx/test_btctx.c | 0 firmware/src/powhsm/test/btctx/test_btctx.o | Bin 0 -> 27720 bytes firmware/src/powhsm/test/btctx/test_fwk.o | Bin 0 -> 1368 bytes .../src/powhsm}/test/common/test_fwk.c | 0 .../src/powhsm}/test/difficulty/Makefile | 0 firmware/src/powhsm/test/difficulty/bc_diff.o | Bin 0 -> 3952 bytes .../src/powhsm/test/difficulty/bigdigits.o | Bin 0 -> 7920 bytes firmware/src/powhsm/test/difficulty/os.o | Bin 0 -> 2064 bytes firmware/src/powhsm/test/difficulty/test.out | Bin 0 -> 22432 bytes .../powhsm}/test/difficulty/test_difficulty.c | 0 .../powhsm/test/difficulty/test_difficulty.o | Bin 0 -> 3424 bytes .../src/powhsm/test/difficulty/test_fwk.o | Bin 0 -> 1368 bytes .../src/powhsm}/test/run-all.sh | 0 .../src/powhsm}/test/sha256/Makefile | 0 firmware/src/powhsm/test/sha256/sha256.o | Bin 0 -> 4352 bytes firmware/src/powhsm/test/sha256/test.out | Bin 0 -> 17288 bytes firmware/src/powhsm/test/sha256/test_fwk.o | Bin 0 -> 1368 bytes .../src/powhsm}/test/sha256/test_sha256.c | 0 firmware/src/powhsm/test/sha256/test_sha256.o | Bin 0 -> 3512 bytes .../src/powhsm}/test/srlp/Makefile | 0 .../src/powhsm}/test/srlp/mocks/os.h | 0 .../test/srlp/resources/block-0900123.rlp | Bin .../test/srlp/resources/block-1234000.rlp | Bin .../test/srlp/resources/block-1900456.rlp | Bin .../test/srlp/resources/block-2221171.rlp | Bin .../test/srlp/resources/block-fakelen.rlp | Bin .../test/srlp/resources/block-post-wasabi.rlp | Bin .../test/srlp/resources/block-pre-wasabi.rlp | Bin firmware/src/powhsm/test/srlp/srlp.o | Bin 0 -> 11080 bytes firmware/src/powhsm/test/srlp/test.out | Bin 0 -> 22864 bytes firmware/src/powhsm/test/srlp/test_fwk.o | Bin 0 -> 1368 bytes .../src/powhsm}/test/srlp/test_srlp.c | 0 firmware/src/powhsm/test/srlp/test_srlp.o | Bin 0 -> 9584 bytes .../src/powhsm}/test/svarint/Makefile | 0 firmware/src/powhsm/test/svarint/svarint.o | Bin 0 -> 3096 bytes firmware/src/powhsm/test/svarint/test.out | Bin 0 -> 17584 bytes firmware/src/powhsm/test/svarint/test_fwk.o | Bin 0 -> 1368 bytes .../src/powhsm}/test/svarint/test_svarint.c | 0 .../src/powhsm/test/svarint/test_svarint.o | Bin 0 -> 9848 bytes .../src/powhsm}/test/trie/Makefile | 0 firmware/src/powhsm/test/trie/hex_reader.o | Bin 0 -> 1920 bytes firmware/src/powhsm/test/trie/os.o | Bin 0 -> 2064 bytes firmware/src/powhsm/test/trie/svarint.o | Bin 0 -> 3096 bytes firmware/src/powhsm/test/trie/test.out | Bin 0 -> 40664 bytes firmware/src/powhsm/test/trie/test_fwk.o | Bin 0 -> 1368 bytes .../src/powhsm}/test/trie/test_trie.c | 0 firmware/src/powhsm/test/trie/test_trie.o | Bin 0 -> 32744 bytes firmware/src/powhsm/test/trie/trie.o | Bin 0 -> 14168 bytes .../powhsm}/test/utils/block-0900123-exp.txt | 0 .../src/powhsm}/test/utils/block-0900123.txt | 0 .../src/powhsm}/test/utils/block-1234000.txt | 0 .../powhsm}/test/utils/block-1900456.exp.txt | 0 .../src/powhsm}/test/utils/block-1900456.txt | 0 .../src/powhsm}/test/utils/block-2221171.txt | 0 .../src/powhsm}/test/utils/block-fakelen.rlp | Bin .../src/powhsm}/test/utils/block-fakelen.txt | 0 .../powhsm}/test/utils/block-post-wasabi.txt | 0 .../powhsm}/test/utils/block-pre-wasabi.txt | 0 .../src/powhsm}/test/utils/bt.py | 0 {ledger => firmware}/src/tcpsigner/Makefile | 22 +++++++----- .../src/tcpsigner/src}/hsmsim_admin.c | 0 .../src/tcpsigner/src}/hsmsim_admin.h | 0 .../src/tcpsigner/src}/hsmsim_nu.c | 0 .../src/tcpsigner/src}/hsmsim_nu.h | 0 .../src/signer_authorization_status.c | 1 + .../src/signer_authorization_status.h | 1 + .../src/tcpsigner/src}/tcpsigner.c | 2 +- firmware/src/tcpsigner/src/ui_comm.c | 1 + firmware/src/tcpsigner/src/ui_comm.h | 1 + .../src/tcpsigner/src}/ui_deps.c | 0 .../src/tcpsigner/src}/ui_deps.h | 0 firmware/src/tcpsigner/src/ui_err.h | 1 + firmware/src/tcpsigner/src/ui_heartbeat.c | 1 + firmware/src/tcpsigner/src/ui_heartbeat.h | 1 + firmware/src/tcpsigner/src/ui_instructions.h | 1 + .../src/tcpsigner/test/hmac_sha256/Makefile | 0 .../test/hmac_sha256/test_hmac_sha256.c | 0 firmware/src/tcpsigner/test/run-all.sh | 13 +++++++ .../static-analysis/.gitignore | 0 .../static-analysis/gen-static-analysis | 4 +-- {ledger => firmware}/test/.gitignore | 0 {ledger => firmware}/test/README.md | 6 ++-- {ledger => firmware}/test/cases/__init__.py | 0 .../test/cases/admin_is_onboarded.py | 0 {ledger => firmware}/test/cases/advance.py | 0 {ledger => firmware}/test/cases/case.py | 0 {ledger => firmware}/test/cases/get.py | 0 {ledger => firmware}/test/cases/heartbeat.py | 0 {ledger => firmware}/test/cases/nvm_stats.py | 0 {ledger => firmware}/test/cases/parameters.py | 0 {ledger => firmware}/test/cases/reconnect.py | 0 {ledger => firmware}/test/cases/reset.py | 0 {ledger => firmware}/test/cases/sign_auth.py | 0 .../test/cases/sign_helpers.py | 0 .../test/cases/sign_noauth.py | 0 {ledger => firmware}/test/cases/suite.py | 0 {ledger => firmware}/test/cases/update.py | 0 {ledger => firmware}/test/comm | 0 {ledger => firmware}/test/ledger | 0 {ledger => firmware}/test/misc/blockbin.py | 2 +- {ledger => firmware}/test/misc/blockdump.py | 0 {ledger => firmware}/test/misc/blocksplit.py | 0 {ledger => firmware}/test/misc/comm | 0 {ledger => firmware}/test/misc/genPaths.py | 0 {ledger => firmware}/test/misc/hex2c.py | 0 {ledger => firmware}/test/misc/ledger | 0 {ledger => firmware}/test/misc/mine.py | 0 {ledger => firmware}/test/misc/rsk_block.py | 0 .../test/misc/rsk_netparams.py | 0 {ledger => firmware}/test/misc/rsk_utils.py | 0 .../test/misc/tcpsigner_admin.py | 0 {ledger => firmware}/test/misc/thirdparty | 0 {ledger => firmware}/test/options.py | 0 {ledger => firmware}/test/output.py | 0 .../resources/000-blockchain-parameters.json | 0 .../test/resources/001-get-at-startup.json | 0 .../test/resources/002-sign-noauth.json | 0 .../test/resources/003-heartbeat-initial.json | 0 .../test/resources/100-reset.json | 0 .../test/resources/101-get-initial.json | 0 .../test/resources/102-advance.json | 0 .../test/resources/103-get-after-advance.json | 0 .../104-heartbeat-after-advance.json | 0 .../test/resources/105-advance-brothers.json | 0 .../106-get-after-advance-brothers.json | 0 .../resources/110-get-initial-partial.json | 0 .../test/resources/111-advance-partial.json | 0 .../test/resources/112-get-final-partial.json | 0 .../test/resources/113-reset.json | 0 .../test/resources/114-advance-partial.json | 0 .../test/resources/115-get-final-partial.json | 0 .../test/resources/116-reset.json | 0 .../test/resources/117-advance-partial.json | 0 .../test/resources/118-get-final-partial.json | 0 .../test/resources/120-reset.json | 0 .../test/resources/121-advance-cap.json | 0 .../test/resources/122-get-final-cap.json | 0 .../test/resources/123-reset.json | 0 .../test/resources/124-advance-cap.json | 0 .../test/resources/125-get-final-cap.json | 0 .../test/resources/200-update-iris.json | 0 .../resources/201-get-after-update-iris.json | 0 .../test/resources/202-sign-iris.json | 0 .../resources/203-get-after-sign-iris.json | 0 .../204-heartbeat-after-sign-iris.json | 0 .../resources/210-advance-for-segwit.json | 0 .../test/resources/211-update-segwit.json | 0 .../212-get-after-advance-segwit.json | 0 .../test/resources/213-sign-segwit-t1i0.json | 0 .../test/resources/214-sign-segwit-t1i1.json | 0 .../test/resources/215-sign-segwit-t2i0.json | 0 .../test/resources/216-sign-segwit-t2i1.json | 0 .../299-advance-cap-for-partial-check.json | 0 .../test/resources/300-update.json | 0 .../test/resources/301-get-after-update.json | 0 .../test/resources/302-sign.json | 0 .../test/resources/303-get-after-sign.json | 0 .../test/resources/304-sign-noauth.json | 0 .../resources/305-get-after-sign-noauth.json | 0 .../resources/306-heartbeat-after-sign.json | 0 .../test/resources/307-reconnect-dongle.json | 0 .../resources/308-get-after-reconnection.json | 0 .../309-heartbeat-after-reconnection.json | 0 .../400-advance-partial-before-sign.json | 0 .../test/resources/401-get-before-sign.json | 0 .../410-sign-fail-invalid-version.json | 0 .../resources/411-sign-fail-zero-byte-tx.json | 0 ...412-sign-fail-malformed-redeem-script.json | 0 .../413-sign-fail-malformed-output.json | 0 .../414-sign-fail-receipt-nomatch.json | 0 ...sign-fail-receipt-no-match-single-log.json | 0 ...-fail-receipt-top-level-size-mismatch.json | 0 ...17-sign-fail-receipt-malformed-nologs.json | 0 ...18-sign-fail-proof-only-receipts-root.json | 0 .../419-sign-fail-proof-first-non-leaf.json | 0 .../420-sign-fail-proof-leaf-nomatch.json | 0 ...21-sign-fail-proof-wrong-version-node.json | 0 .../422-sign-fail-proof-does-not-connect.json | 0 .../423-sign-auth-fail-invalid-path.json | 0 .../424-sign-noauth-fail-invalid-path.json | 0 .../425-sign-auth-fail-invalid-length.json | 0 .../426-sign-noauth-fail-invalid-length.json | 0 .../resources/499-get-after-failed-sign.json | 0 .../500-advance-inconsistent-list-length.json | 0 .../test/resources/501-advance-long-mmmp.json | 0 .../502-advance-brother-pow-invalid-mp.json | 0 .../503-advance-brother-pow-invalid-dif.json | 0 .../504-advance-brother-pow-invalid-mmh.json | 0 .../505-advance-brother-too-many.json | 0 .../506-advance-brother-not-brother.json | 0 .../507-advance-brother-same-as-block.json | 0 .../508-advance-brothers-not-ordered.json | 0 .../509-get-after-failed-advance.json | 0 .../600-advance-partial-before-sign.json | 0 .../test/resources/601-get-before-sign.json | 0 .../resources/602-sign-long-redeemscript.json | 0 .../610-sign-tx-with-many-inputs.json | 0 .../resources/612-sign-sample-mainnet-tx.json | 0 .../613-sign-sample-testnet-tx-erp.json | 0 .../614-sign-match-not-last-log.json | 0 .../resources/615-sign-match-long-proof.json | 0 .../616-sign-3input-5output-testnet.json | 0 .../resources/617-get-after-success-sign.json | 0 .../test/resources/620-sign-segwit-basic.json | 0 .../621-sign-segwit-with-many-inputs.json | 0 .../622-sign-segwit-long-witnessscript.json | 0 .../700-dongle-fake-receipt-root-fails.json | 0 ...00-advance-single-block-with-brothers.json | 0 ...-get-after-single-block-with-brothers.json | 0 .../resources/900-set-is-onboarded-no.json | 0 .../901-no-onboarded-sign-noauth-fails.json | 0 .../902-no-onboard-sign-auth-fails.json | 0 .../903-no-onboarded-get-bs-fails.json | 0 .../904-no-onboarded-advance-fails.json | 0 .../905-no-onboard-update-fails.json | 0 .../resources/906-set-is-onboarded-yes.json | 0 .../907-dongle-set-is-onboarded-fails.json | 0 .../nvm/00-blockchain-parameters.json | 0 .../resources/nvm/01-nvm-stats-reset.json | 0 .../test/resources/nvm/10-reset.json | 0 .../resources/nvm/11-get-initial-mainnet.json | 0 .../resources/nvm/12-advance-mainnet.json | 0 .../nvm/13-get-after-advance-mainnet.json | 0 .../resources/nvm/20-nvm-stats-print.json | 0 {ledger => firmware}/test/run.py | 0 {ledger => firmware}/test/test-all | 6 ++-- {ledger => firmware}/test/thirdparty | 0 .../tcpsigner/signer_authorization_status.c | 1 - .../tcpsigner/signer_authorization_status.h | 1 - ledger/src/tcpsigner/ui_comm.c | 1 - ledger/src/tcpsigner/ui_comm.h | 1 - ledger/src/tcpsigner/ui_err.h | 1 - ledger/src/tcpsigner/ui_heartbeat.c | 1 - ledger/src/tcpsigner/ui_heartbeat.h | 1 - ledger/src/tcpsigner/ui_instructions.h | 1 - ledger/src/ui/src/constants.h | 1 - ledger/src/ui/test/mock/apdu.h | 1 - lint-c | 6 ++-- middleware/README.md | 2 +- utils/tcpsigner-bundle/build.sh | 4 +-- 597 files changed, 169 insertions(+), 153 deletions(-) rename {ledger => firmware}/README.md (88%) rename {ledger => firmware}/build/README.md (76%) rename ledger/build/build-signer => firmware/build/build-ledger-signer (80%) rename ledger/build/build-ui => firmware/build/build-ledger-ui (76%) rename ledger/build/build-ui-debug => firmware/build/build-ledger-ui-debug (76%) rename {ledger => firmware}/build/build-tcpsigner (70%) rename {ledger => firmware}/build/build-tcpsigner-afl (56%) rename {ledger => firmware}/build/builder-term (100%) rename ledger/build/builder-tcpsigner-afl => firmware/build/builder-term-afl (100%) rename {ledger => firmware}/coverage/.gitignore (100%) rename {ledger => firmware}/coverage/coverage.mk (100%) rename {ledger => firmware}/coverage/gen-coverage (70%) rename {ledger => firmware}/deploy/.gitignore (100%) rename {ledger => firmware}/deploy/Makefile.defines (100%) rename {ledger => firmware}/deploy/Makefile.rules (100%) rename {ledger => firmware}/deploy/README.md (90%) rename ledger/deploy/deploy-ui => firmware/deploy/deploy-ledger-signer (62%) rename ledger/deploy/deploy-signer => firmware/deploy/deploy-ledger-ui (62%) rename ledger/deploy/dsig => firmware/deploy/dledsig (85%) rename ledger/deploy/dui => firmware/deploy/dledui (88%) rename {ledger => firmware}/deploy/target.id (100%) rename {ledger => firmware}/fuzz/README.md (82%) rename {ledger => firmware}/fuzz/add-new-testcases (91%) rename {ledger => firmware}/fuzz/dict/btc_trans (100%) rename {ledger => firmware}/fuzz/dict/header (100%) rename {ledger => firmware}/fuzz/dict/receipt (100%) rename {ledger => firmware}/fuzz/env (100%) rename {ledger => firmware}/fuzz/extract-inputs-from-tests (55%) rename {ledger => firmware}/fuzz/fuzz (92%) rename {ledger => firmware}/fuzz/generate-testcases (100%) rename {ledger => firmware}/fuzz/hex_to_dict.py (100%) rename {ledger => firmware}/fuzz/min-testcases (67%) rename {ledger => firmware}/fuzz/testcases-raw/replica-1.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-10.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-11.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-12.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-13.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-14.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-15.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-16.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-17.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-18.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-19.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-2.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-20.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-21.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-22.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-23.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-24.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-25.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-26.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-27.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-28.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-29.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-3.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-30.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-31.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-32.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-33.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-34.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-35.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-36.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-4.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-5.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-6.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-7.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-8.out (100%) rename {ledger => firmware}/fuzz/testcases-raw/replica-9.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-1.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-11.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-12.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-13.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-14.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-15.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-16.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-17.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-18.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-19.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-2.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-20.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-21.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-22.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-23.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-25.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-28.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-29.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-3.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-30.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-31.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-32.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-33.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-34.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-35.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-4.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-5.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-6.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-7.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-8.out (100%) rename {ledger => firmware}/fuzz/testcases-unique/replica-9.out (100%) rename {ledger => firmware}/fuzz/testcases/replica-1.out (100%) rename {ledger => firmware}/fuzz/testcases/replica-2.out (100%) rename {ledger => firmware}/fuzz/testcases/replica-3.out (100%) rename {ledger => firmware}/fuzz/unique-testcases (65%) rename {ledger => firmware}/src/.gitignore (100%) rename {ledger => firmware}/src/common/src/apdu.h (100%) rename {ledger => firmware}/src/common/src/compiletime.h (100%) rename {ledger => firmware}/src/common/src/ints.h (100%) rename {ledger => firmware}/src/common/src/memutil.h (100%) rename {ledger => firmware}/src/common/src/modes.h (100%) rename {ledger => firmware}/src/common/src/runtime.h (100%) rename {ledger => firmware}/src/common/test/.gitignore (100%) rename {ledger => firmware}/src/common/test/ints/Makefile (100%) rename {ledger => firmware}/src/common/test/ints/test_ints.c (100%) rename {ledger => firmware}/src/common/test/memutil/Makefile (100%) rename {ledger => firmware}/src/common/test/memutil/os.h (100%) rename {ledger => firmware}/src/common/test/memutil/test_memutil.c (100%) rename {ledger => firmware}/src/common/test/run-all.sh (100%) rename {ledger => firmware}/src/hal/include/hal/communication.h (97%) rename {ledger => firmware}/src/hal/include/hal/constants.h (100%) rename {ledger => firmware}/src/hal/include/hal/endorsement.h (100%) rename {ledger => firmware}/src/hal/include/hal/exceptions.h (99%) rename {ledger => firmware}/src/hal/include/hal/hash.h (100%) rename {ledger => firmware}/src/hal/include/hal/log.h (100%) rename {ledger => firmware}/src/hal/include/hal/nvmem.h (100%) rename {ledger => firmware}/src/hal/include/hal/platform.h (100%) rename {ledger => firmware}/src/hal/include/hal/seed.h (100%) rename {ledger => firmware}/src/hal/src/common/sha256.c (100%) rename {ledger => firmware}/src/hal/src/common/sha256.h (100%) rename {ledger => firmware}/src/hal/src/ledger/communication.c (100%) rename {ledger => firmware}/src/hal/src/ledger/endorsement.c (100%) rename {ledger => firmware}/src/hal/src/ledger/hash.c (100%) rename {ledger => firmware}/src/hal/src/ledger/nvmem.c (100%) rename {ledger => firmware}/src/hal/src/ledger/platform.c (100%) rename {ledger => firmware}/src/hal/src/ledger/seed.c (100%) rename {ledger => firmware}/src/hal/src/ledger/sha256.c (100%) rename {ledger => firmware}/src/hal/src/ledger/sha256.h (100%) rename {ledger => firmware}/src/hal/src/x86/bip32.c (100%) rename {ledger => firmware}/src/hal/src/x86/bip32.h (100%) rename {ledger => firmware}/src/hal/src/x86/cJSON.c (100%) rename {ledger => firmware}/src/hal/src/x86/cJSON.h (100%) rename {ledger => firmware}/src/hal/src/x86/communication.c (100%) rename {ledger => firmware}/src/hal/src/x86/endorsement.c (100%) rename {ledger => firmware}/src/hal/src/x86/exceptions.c (100%) rename {ledger => firmware}/src/hal/src/x86/explicit_bzero.c (100%) rename {ledger => firmware}/src/hal/src/x86/explicit_bzero.h (100%) rename {ledger => firmware}/src/hal/src/x86/hash.c (100%) rename {ledger => firmware}/src/hal/src/x86/hex_reader.c (100%) rename {ledger => firmware}/src/hal/src/x86/hex_reader.h (100%) rename {ledger => firmware}/src/hal/src/x86/hmac_sha256.c (100%) rename {ledger => firmware}/src/hal/src/x86/hmac_sha256.h (100%) rename {ledger => firmware}/src/hal/src/x86/json.c (100%) rename {ledger => firmware}/src/hal/src/x86/json.h (100%) rename {ledger => firmware}/src/hal/src/x86/keccak256.c (100%) rename {ledger => firmware}/src/hal/src/x86/keccak256.h (100%) rename {ledger => firmware}/src/hal/src/x86/log.c (98%) rename {ledger => firmware}/src/hal/src/x86/nvmem.c (100%) rename {ledger => firmware}/src/hal/src/x86/platform.c (100%) rename {ledger => firmware}/src/hal/src/x86/random.c (100%) rename {ledger => firmware}/src/hal/src/x86/random.h (100%) rename {ledger => firmware}/src/hal/src/x86/seed.c (100%) rename {ledger => firmware}/src/hal/src/x86/sha256.c (100%) rename {ledger => firmware}/src/hal/src/x86/sha256.h (100%) rename {ledger/src => firmware/src/ledger}/signer/.gitignore (100%) rename {ledger/src => firmware/src/ledger}/signer/Makefile (97%) rename {ledger/src => firmware/src/ledger}/signer/icon.gif (100%) create mode 100644 firmware/src/ledger/signer/icon.hex rename {ledger/src => firmware/src/ledger}/signer/make-difficulty.py (100%) rename {ledger/src => firmware/src/ledger}/signer/make-initial-block-hash.py (100%) rename {ledger/src => firmware/src/ledger}/signer/src/main.c (100%) rename {ledger/src => firmware/src/ledger}/ui/.gitignore (100%) rename {ledger/src => firmware/src/ledger}/ui/LICENSE (100%) rename {ledger/src => firmware/src/ledger}/ui/Makefile (99%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/badge_back.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/badge_loading_v2.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_0.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_1.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_2.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_3.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_4.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_5.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_6.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_7.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_8.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_9.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_dot.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/digit_underscore.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/fish_left.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/fish_right.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/icon_backspace.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/icon_classes.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/icon_dashboard.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/icon_digits.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/icon_lowercase.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/icon_uppercase.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/icon_validate.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/glyphs/icon_validate_bold.gif (100%) rename {ledger/src => firmware/src/ledger}/ui/icon.gif (100%) create mode 100644 firmware/src/ledger/ui/icon.hex rename {ledger/src => firmware/src/ledger}/ui/make-initial-signer-hash.py (100%) rename {ledger/src => firmware/src/ledger}/ui/make-initial-signer-iteration.py (100%) rename {ledger/src => firmware/src/ledger}/ui/script.ux.ld (100%) rename {ledger/src => firmware/src/ledger}/ui/src/attestation.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/attestation.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bolos_ux.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bolos_ux.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bolos_ux_common.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bolos_ux_dashboard.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bolos_ux_not_personalized.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bolos_ux_processing.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bolos_ux_settings.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bootloader.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/bootloader.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/common_requirements.h (100%) create mode 120000 firmware/src/ledger/ui/src/constants.h rename {ledger/src => firmware/src/ledger}/ui/src/defs.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/main.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/onboard.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/onboard.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/pin.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/pin.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/signer_authorization.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/signer_authorization.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/signer_authorization_signers/aleph.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/signer_authorization_signers/testing.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/signer_authorization_status.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/signer_authorization_status.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/ui_comm.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/ui_comm.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/ui_err.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/ui_heartbeat.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/ui_heartbeat.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/ui_instructions.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/unlock.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/unlock.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src/ux_handlers.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src/ux_handlers.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src_common/bolos_ux_onboarding_seed_bip39.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src_common/bolos_ux_onboarding_seed_bip39.h (100%) rename {ledger/src => firmware/src/ledger}/ui/src_common/bolos_ux_onboarding_seed_pbkdf2.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src_common/bolos_ux_onboarding_seed_rom_variables.c (100%) rename {ledger/src => firmware/src/ledger}/ui/src_common/bolos_ux_onboarding_seed_rom_variables.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/attestation/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/attestation/test_attestation.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/bootloader/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/bootloader/mock/bolos_ux_common.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/bootloader/mock/bootloader_mock.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/bootloader/test_bootloader.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/communication/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/communication/test_communication.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/mock/apdu_utils.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/mock/assert_utils.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/mock/bolos_ux_onboarding_seed_bip39.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/mock/cx.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/mock/mock.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/mock/mock.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/mock/os.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/mock/os_io_seproxyhal.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/onboard/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/onboard/test_onboard.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/pin/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/pin/test_pin.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/run-all.sh (100%) rename {ledger/src => firmware/src/ledger}/ui/test/signer_authorization/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/signer_authorization/test_signer_authorization.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/ui_heartbeat/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/ui_heartbeat/test_ui_heartbeat.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/unlock/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/unlock/test_unlock.c (100%) rename {ledger/src => firmware/src/ledger}/ui/test/ux_handlers/Makefile (100%) rename {ledger/src => firmware/src/ledger}/ui/test/ux_handlers/mock/bolos_ux_common.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/ux_handlers/mock/bolos_ux_onboarding_seed_rom_variables.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/ux_handlers/mock/test_ux_handlers.h (100%) rename {ledger/src => firmware/src/ledger}/ui/test/ux_handlers/test_ux_handlers.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/attestation.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/attestation.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_constants.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_path.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_path.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_receipt.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_receipt.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_trie.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_trie.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_tx.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/auth_tx.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_advance.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_advance.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_ancestor.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_ancestor.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_block.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_blockutils.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_diff.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_diff.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_err.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_err.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_hash.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_hash.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_mm.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_mm.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_nu.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_state.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bc_state.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bigdigits.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bigdigits.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/bigdtypes.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/btcscript.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/btcscript.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/btctx.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/btctx.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/common_requirements.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/defs.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/err.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/flags.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/heartbeat.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/heartbeat.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/hsm.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/hsm.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/instructions.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/mem.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/mem.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/nvm.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/pathAuth.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/pathAuth.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/protocol.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/srlp.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/srlp.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/svarint.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/svarint.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/trie.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/trie.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/src/util.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/btcscript/Makefile (100%) create mode 100644 firmware/src/powhsm/test/btcscript/btcscript.o create mode 100644 firmware/src/powhsm/test/btcscript/hex_reader.o create mode 100755 firmware/src/powhsm/test/btcscript/test.out rename {ledger/src/signer => firmware/src/powhsm}/test/btcscript/test_btcscript.c (100%) create mode 100644 firmware/src/powhsm/test/btcscript/test_btcscript.o create mode 100644 firmware/src/powhsm/test/btcscript/test_fwk.o rename {ledger/src/signer => firmware/src/powhsm}/test/btctx/Makefile (100%) create mode 100644 firmware/src/powhsm/test/btctx/btctx.o create mode 100644 firmware/src/powhsm/test/btctx/hex_reader.o create mode 100644 firmware/src/powhsm/test/btctx/os.o rename {ledger/src/signer => firmware/src/powhsm}/test/btctx/resources/tx-001.hex (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/btctx/resources/tx-002.hex (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/btctx/resources/tx-003.hex (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/btctx/resources/tx-004.hex (100%) create mode 100644 firmware/src/powhsm/test/btctx/svarint.o create mode 100755 firmware/src/powhsm/test/btctx/test.out rename {ledger/src/signer => firmware/src/powhsm}/test/btctx/test_btctx.c (100%) create mode 100644 firmware/src/powhsm/test/btctx/test_btctx.o create mode 100644 firmware/src/powhsm/test/btctx/test_fwk.o rename {ledger/src/signer => firmware/src/powhsm}/test/common/test_fwk.c (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/difficulty/Makefile (100%) create mode 100644 firmware/src/powhsm/test/difficulty/bc_diff.o create mode 100644 firmware/src/powhsm/test/difficulty/bigdigits.o create mode 100644 firmware/src/powhsm/test/difficulty/os.o create mode 100755 firmware/src/powhsm/test/difficulty/test.out rename {ledger/src/signer => firmware/src/powhsm}/test/difficulty/test_difficulty.c (100%) create mode 100644 firmware/src/powhsm/test/difficulty/test_difficulty.o create mode 100644 firmware/src/powhsm/test/difficulty/test_fwk.o rename {ledger/src/signer => firmware/src/powhsm}/test/run-all.sh (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/sha256/Makefile (100%) create mode 100644 firmware/src/powhsm/test/sha256/sha256.o create mode 100755 firmware/src/powhsm/test/sha256/test.out create mode 100644 firmware/src/powhsm/test/sha256/test_fwk.o rename {ledger/src/signer => firmware/src/powhsm}/test/sha256/test_sha256.c (100%) create mode 100644 firmware/src/powhsm/test/sha256/test_sha256.o rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/Makefile (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/mocks/os.h (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/resources/block-0900123.rlp (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/resources/block-1234000.rlp (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/resources/block-1900456.rlp (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/resources/block-2221171.rlp (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/resources/block-fakelen.rlp (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/resources/block-post-wasabi.rlp (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/resources/block-pre-wasabi.rlp (100%) create mode 100644 firmware/src/powhsm/test/srlp/srlp.o create mode 100755 firmware/src/powhsm/test/srlp/test.out create mode 100644 firmware/src/powhsm/test/srlp/test_fwk.o rename {ledger/src/signer => firmware/src/powhsm}/test/srlp/test_srlp.c (100%) create mode 100644 firmware/src/powhsm/test/srlp/test_srlp.o rename {ledger/src/signer => firmware/src/powhsm}/test/svarint/Makefile (100%) create mode 100644 firmware/src/powhsm/test/svarint/svarint.o create mode 100755 firmware/src/powhsm/test/svarint/test.out create mode 100644 firmware/src/powhsm/test/svarint/test_fwk.o rename {ledger/src/signer => firmware/src/powhsm}/test/svarint/test_svarint.c (100%) create mode 100644 firmware/src/powhsm/test/svarint/test_svarint.o rename {ledger/src/signer => firmware/src/powhsm}/test/trie/Makefile (100%) create mode 100644 firmware/src/powhsm/test/trie/hex_reader.o create mode 100644 firmware/src/powhsm/test/trie/os.o create mode 100644 firmware/src/powhsm/test/trie/svarint.o create mode 100755 firmware/src/powhsm/test/trie/test.out create mode 100644 firmware/src/powhsm/test/trie/test_fwk.o rename {ledger/src/signer => firmware/src/powhsm}/test/trie/test_trie.c (100%) create mode 100644 firmware/src/powhsm/test/trie/test_trie.o create mode 100644 firmware/src/powhsm/test/trie/trie.o rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-0900123-exp.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-0900123.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-1234000.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-1900456.exp.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-1900456.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-2221171.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-fakelen.rlp (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-fakelen.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-post-wasabi.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/block-pre-wasabi.txt (100%) rename {ledger/src/signer => firmware/src/powhsm}/test/utils/bt.py (100%) rename {ledger => firmware}/src/tcpsigner/Makefile (80%) rename {ledger/src/tcpsigner => firmware/src/tcpsigner/src}/hsmsim_admin.c (100%) rename {ledger/src/tcpsigner => firmware/src/tcpsigner/src}/hsmsim_admin.h (100%) rename {ledger/src/tcpsigner => firmware/src/tcpsigner/src}/hsmsim_nu.c (100%) rename {ledger/src/tcpsigner => firmware/src/tcpsigner/src}/hsmsim_nu.h (100%) create mode 120000 firmware/src/tcpsigner/src/signer_authorization_status.c create mode 120000 firmware/src/tcpsigner/src/signer_authorization_status.h rename {ledger/src/tcpsigner => firmware/src/tcpsigner/src}/tcpsigner.c (99%) create mode 120000 firmware/src/tcpsigner/src/ui_comm.c create mode 120000 firmware/src/tcpsigner/src/ui_comm.h rename {ledger/src/tcpsigner => firmware/src/tcpsigner/src}/ui_deps.c (100%) rename {ledger/src/tcpsigner => firmware/src/tcpsigner/src}/ui_deps.h (100%) create mode 120000 firmware/src/tcpsigner/src/ui_err.h create mode 120000 firmware/src/tcpsigner/src/ui_heartbeat.c create mode 120000 firmware/src/tcpsigner/src/ui_heartbeat.h create mode 120000 firmware/src/tcpsigner/src/ui_instructions.h rename {ledger => firmware}/src/tcpsigner/test/hmac_sha256/Makefile (100%) rename {ledger => firmware}/src/tcpsigner/test/hmac_sha256/test_hmac_sha256.c (100%) create mode 100755 firmware/src/tcpsigner/test/run-all.sh rename {ledger => firmware}/static-analysis/.gitignore (100%) rename {ledger => firmware}/static-analysis/gen-static-analysis (94%) rename {ledger => firmware}/test/.gitignore (100%) rename {ledger => firmware}/test/README.md (68%) rename {ledger => firmware}/test/cases/__init__.py (100%) rename {ledger => firmware}/test/cases/admin_is_onboarded.py (100%) rename {ledger => firmware}/test/cases/advance.py (100%) rename {ledger => firmware}/test/cases/case.py (100%) rename {ledger => firmware}/test/cases/get.py (100%) rename {ledger => firmware}/test/cases/heartbeat.py (100%) rename {ledger => firmware}/test/cases/nvm_stats.py (100%) rename {ledger => firmware}/test/cases/parameters.py (100%) rename {ledger => firmware}/test/cases/reconnect.py (100%) rename {ledger => firmware}/test/cases/reset.py (100%) rename {ledger => firmware}/test/cases/sign_auth.py (100%) rename {ledger => firmware}/test/cases/sign_helpers.py (100%) rename {ledger => firmware}/test/cases/sign_noauth.py (100%) rename {ledger => firmware}/test/cases/suite.py (100%) rename {ledger => firmware}/test/cases/update.py (100%) rename {ledger => firmware}/test/comm (100%) rename {ledger => firmware}/test/ledger (100%) rename {ledger => firmware}/test/misc/blockbin.py (98%) rename {ledger => firmware}/test/misc/blockdump.py (100%) rename {ledger => firmware}/test/misc/blocksplit.py (100%) rename {ledger => firmware}/test/misc/comm (100%) rename {ledger => firmware}/test/misc/genPaths.py (100%) rename {ledger => firmware}/test/misc/hex2c.py (100%) rename {ledger => firmware}/test/misc/ledger (100%) rename {ledger => firmware}/test/misc/mine.py (100%) rename {ledger => firmware}/test/misc/rsk_block.py (100%) rename {ledger => firmware}/test/misc/rsk_netparams.py (100%) rename {ledger => firmware}/test/misc/rsk_utils.py (100%) rename {ledger => firmware}/test/misc/tcpsigner_admin.py (100%) rename {ledger => firmware}/test/misc/thirdparty (100%) rename {ledger => firmware}/test/options.py (100%) rename {ledger => firmware}/test/output.py (100%) rename {ledger => firmware}/test/resources/000-blockchain-parameters.json (100%) rename {ledger => firmware}/test/resources/001-get-at-startup.json (100%) rename {ledger => firmware}/test/resources/002-sign-noauth.json (100%) rename {ledger => firmware}/test/resources/003-heartbeat-initial.json (100%) rename {ledger => firmware}/test/resources/100-reset.json (100%) rename {ledger => firmware}/test/resources/101-get-initial.json (100%) rename {ledger => firmware}/test/resources/102-advance.json (100%) rename {ledger => firmware}/test/resources/103-get-after-advance.json (100%) rename {ledger => firmware}/test/resources/104-heartbeat-after-advance.json (100%) rename {ledger => firmware}/test/resources/105-advance-brothers.json (100%) rename {ledger => firmware}/test/resources/106-get-after-advance-brothers.json (100%) rename {ledger => firmware}/test/resources/110-get-initial-partial.json (100%) rename {ledger => firmware}/test/resources/111-advance-partial.json (100%) rename {ledger => firmware}/test/resources/112-get-final-partial.json (100%) rename {ledger => firmware}/test/resources/113-reset.json (100%) rename {ledger => firmware}/test/resources/114-advance-partial.json (100%) rename {ledger => firmware}/test/resources/115-get-final-partial.json (100%) rename {ledger => firmware}/test/resources/116-reset.json (100%) rename {ledger => firmware}/test/resources/117-advance-partial.json (100%) rename {ledger => firmware}/test/resources/118-get-final-partial.json (100%) rename {ledger => firmware}/test/resources/120-reset.json (100%) rename {ledger => firmware}/test/resources/121-advance-cap.json (100%) rename {ledger => firmware}/test/resources/122-get-final-cap.json (100%) rename {ledger => firmware}/test/resources/123-reset.json (100%) rename {ledger => firmware}/test/resources/124-advance-cap.json (100%) rename {ledger => firmware}/test/resources/125-get-final-cap.json (100%) rename {ledger => firmware}/test/resources/200-update-iris.json (100%) rename {ledger => firmware}/test/resources/201-get-after-update-iris.json (100%) rename {ledger => firmware}/test/resources/202-sign-iris.json (100%) rename {ledger => firmware}/test/resources/203-get-after-sign-iris.json (100%) rename {ledger => firmware}/test/resources/204-heartbeat-after-sign-iris.json (100%) rename {ledger => firmware}/test/resources/210-advance-for-segwit.json (100%) rename {ledger => firmware}/test/resources/211-update-segwit.json (100%) rename {ledger => firmware}/test/resources/212-get-after-advance-segwit.json (100%) rename {ledger => firmware}/test/resources/213-sign-segwit-t1i0.json (100%) rename {ledger => firmware}/test/resources/214-sign-segwit-t1i1.json (100%) rename {ledger => firmware}/test/resources/215-sign-segwit-t2i0.json (100%) rename {ledger => firmware}/test/resources/216-sign-segwit-t2i1.json (100%) rename {ledger => firmware}/test/resources/299-advance-cap-for-partial-check.json (100%) rename {ledger => firmware}/test/resources/300-update.json (100%) rename {ledger => firmware}/test/resources/301-get-after-update.json (100%) rename {ledger => firmware}/test/resources/302-sign.json (100%) rename {ledger => firmware}/test/resources/303-get-after-sign.json (100%) rename {ledger => firmware}/test/resources/304-sign-noauth.json (100%) rename {ledger => firmware}/test/resources/305-get-after-sign-noauth.json (100%) rename {ledger => firmware}/test/resources/306-heartbeat-after-sign.json (100%) rename {ledger => firmware}/test/resources/307-reconnect-dongle.json (100%) rename {ledger => firmware}/test/resources/308-get-after-reconnection.json (100%) rename {ledger => firmware}/test/resources/309-heartbeat-after-reconnection.json (100%) rename {ledger => firmware}/test/resources/400-advance-partial-before-sign.json (100%) rename {ledger => firmware}/test/resources/401-get-before-sign.json (100%) rename {ledger => firmware}/test/resources/410-sign-fail-invalid-version.json (100%) rename {ledger => firmware}/test/resources/411-sign-fail-zero-byte-tx.json (100%) rename {ledger => firmware}/test/resources/412-sign-fail-malformed-redeem-script.json (100%) rename {ledger => firmware}/test/resources/413-sign-fail-malformed-output.json (100%) rename {ledger => firmware}/test/resources/414-sign-fail-receipt-nomatch.json (100%) rename {ledger => firmware}/test/resources/415-sign-fail-receipt-no-match-single-log.json (100%) rename {ledger => firmware}/test/resources/416-sign-fail-receipt-top-level-size-mismatch.json (100%) rename {ledger => firmware}/test/resources/417-sign-fail-receipt-malformed-nologs.json (100%) rename {ledger => firmware}/test/resources/418-sign-fail-proof-only-receipts-root.json (100%) rename {ledger => firmware}/test/resources/419-sign-fail-proof-first-non-leaf.json (100%) rename {ledger => firmware}/test/resources/420-sign-fail-proof-leaf-nomatch.json (100%) rename {ledger => firmware}/test/resources/421-sign-fail-proof-wrong-version-node.json (100%) rename {ledger => firmware}/test/resources/422-sign-fail-proof-does-not-connect.json (100%) rename {ledger => firmware}/test/resources/423-sign-auth-fail-invalid-path.json (100%) rename {ledger => firmware}/test/resources/424-sign-noauth-fail-invalid-path.json (100%) rename {ledger => firmware}/test/resources/425-sign-auth-fail-invalid-length.json (100%) rename {ledger => firmware}/test/resources/426-sign-noauth-fail-invalid-length.json (100%) rename {ledger => firmware}/test/resources/499-get-after-failed-sign.json (100%) rename {ledger => firmware}/test/resources/500-advance-inconsistent-list-length.json (100%) rename {ledger => firmware}/test/resources/501-advance-long-mmmp.json (100%) rename {ledger => firmware}/test/resources/502-advance-brother-pow-invalid-mp.json (100%) rename {ledger => firmware}/test/resources/503-advance-brother-pow-invalid-dif.json (100%) rename {ledger => firmware}/test/resources/504-advance-brother-pow-invalid-mmh.json (100%) rename {ledger => firmware}/test/resources/505-advance-brother-too-many.json (100%) rename {ledger => firmware}/test/resources/506-advance-brother-not-brother.json (100%) rename {ledger => firmware}/test/resources/507-advance-brother-same-as-block.json (100%) rename {ledger => firmware}/test/resources/508-advance-brothers-not-ordered.json (100%) rename {ledger => firmware}/test/resources/509-get-after-failed-advance.json (100%) rename {ledger => firmware}/test/resources/600-advance-partial-before-sign.json (100%) rename {ledger => firmware}/test/resources/601-get-before-sign.json (100%) rename {ledger => firmware}/test/resources/602-sign-long-redeemscript.json (100%) rename {ledger => firmware}/test/resources/610-sign-tx-with-many-inputs.json (100%) rename {ledger => firmware}/test/resources/612-sign-sample-mainnet-tx.json (100%) rename {ledger => firmware}/test/resources/613-sign-sample-testnet-tx-erp.json (100%) rename {ledger => firmware}/test/resources/614-sign-match-not-last-log.json (100%) rename {ledger => firmware}/test/resources/615-sign-match-long-proof.json (100%) rename {ledger => firmware}/test/resources/616-sign-3input-5output-testnet.json (100%) rename {ledger => firmware}/test/resources/617-get-after-success-sign.json (100%) rename {ledger => firmware}/test/resources/620-sign-segwit-basic.json (100%) rename {ledger => firmware}/test/resources/621-sign-segwit-with-many-inputs.json (100%) rename {ledger => firmware}/test/resources/622-sign-segwit-long-witnessscript.json (100%) rename {ledger => firmware}/test/resources/700-dongle-fake-receipt-root-fails.json (100%) rename {ledger => firmware}/test/resources/800-advance-single-block-with-brothers.json (100%) rename {ledger => firmware}/test/resources/801-get-after-single-block-with-brothers.json (100%) rename {ledger => firmware}/test/resources/900-set-is-onboarded-no.json (100%) rename {ledger => firmware}/test/resources/901-no-onboarded-sign-noauth-fails.json (100%) rename {ledger => firmware}/test/resources/902-no-onboard-sign-auth-fails.json (100%) rename {ledger => firmware}/test/resources/903-no-onboarded-get-bs-fails.json (100%) rename {ledger => firmware}/test/resources/904-no-onboarded-advance-fails.json (100%) rename {ledger => firmware}/test/resources/905-no-onboard-update-fails.json (100%) rename {ledger => firmware}/test/resources/906-set-is-onboarded-yes.json (100%) rename {ledger => firmware}/test/resources/907-dongle-set-is-onboarded-fails.json (100%) rename {ledger => firmware}/test/resources/nvm/00-blockchain-parameters.json (100%) rename {ledger => firmware}/test/resources/nvm/01-nvm-stats-reset.json (100%) rename {ledger => firmware}/test/resources/nvm/10-reset.json (100%) rename {ledger => firmware}/test/resources/nvm/11-get-initial-mainnet.json (100%) rename {ledger => firmware}/test/resources/nvm/12-advance-mainnet.json (100%) rename {ledger => firmware}/test/resources/nvm/13-get-after-advance-mainnet.json (100%) rename {ledger => firmware}/test/resources/nvm/20-nvm-stats-print.json (100%) rename {ledger => firmware}/test/run.py (100%) rename {ledger => firmware}/test/test-all (75%) rename {ledger => firmware}/test/thirdparty (100%) delete mode 120000 ledger/src/tcpsigner/signer_authorization_status.c delete mode 120000 ledger/src/tcpsigner/signer_authorization_status.h delete mode 120000 ledger/src/tcpsigner/ui_comm.c delete mode 120000 ledger/src/tcpsigner/ui_comm.h delete mode 120000 ledger/src/tcpsigner/ui_err.h delete mode 120000 ledger/src/tcpsigner/ui_heartbeat.c delete mode 120000 ledger/src/tcpsigner/ui_heartbeat.h delete mode 120000 ledger/src/tcpsigner/ui_instructions.h delete mode 120000 ledger/src/ui/src/constants.h delete mode 120000 ledger/src/ui/test/mock/apdu.h diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index ae0095d5..b7a9a022 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -40,15 +40,15 @@ jobs: - name: Run firmware coverage script run: | - ledger/coverage/gen-coverage - COVPCT=$(cat ledger/coverage/output/total) + firmware/coverage/gen-coverage + COVPCT=$(cat firmware/coverage/output/total) COVCOL=$(utils/coverage-color.sh $COVPCT) - echo "{ \"schemaVersion\": 1, \"label\": \"Firmware coverage\", \"message\": \"$COVPCT%\", \"color\": \"$COVCOL\" }" > ledger/coverage/output/badge.json + echo "{ \"schemaVersion\": 1, \"label\": \"Firmware coverage\", \"message\": \"$COVPCT%\", \"color\": \"$COVCOL\" }" > firmware/coverage/output/badge.json - name: "Upload firmware coverage report" run: | aws s3 sync \ - ledger/coverage/output/ \ + firmware/coverage/output/ \ s3://${{ secrets.CODECOVERAGE_S3_BUCKET }}/powhsm_5.0.x/firmware_coverage_report \ --sse aws:kms --sse-kms-key-id ${{ secrets.CODECOVERAGE_KMS_KEY_ID }} \ --no-progress --follow-symlinks --delete --only-show-errors diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 3906d9a0..be09adae 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -20,28 +20,21 @@ jobs: - name: Middleware tests run: middleware/test-all - - name: Ledger tests for TCPSigner - run: ledger/test/test-all + - name: Firmware tests using TCPSigner + run: firmware/test/test-all - - name: Ledger Signer's tests - run: ledger/src/signer/test/run-all.sh + - name: Firmware TCPSigner's unit tests + working-directory: + run: firmware/src/tcpsigner/test/run-all.sh - - name: Ledger UI's tests - run: ledger/src/ui/test/run-all.sh + - name: Firmware common lib unit tests + run: firmware/src/common/test/run-all.sh - - name: Ledger common lib tests - working-directory: ledger/src/common/test/ - run: | - for d in memutil ints; do - (cd "$d" && make clean test) - done + - name: Ledger Signer's unit tests + run: firmware/src/ledger/signer/test/run-all.sh - - name: Ledger TCPSigner's tests - working-directory: ledger/src/tcpsigner/test/ - run: | - for d in hmac_sha256; do - (cd "$d" && make clean test) - done + - name: Ledger UI's unit tests + run: firmware/src/ledger/ui/test/run-all.sh run-integration-tests: name: Integration tests @@ -59,7 +52,7 @@ jobs: docker/mware/build docker/packer/build middleware/build/manager-tcp - ledger/build/build-tcpsigner + firmware/build/build-tcpsigner - name: Checkout hsm-integration-test repo uses: actions/checkout@v3 @@ -74,7 +67,7 @@ jobs: mkdir hsm-integration-test/docker/manager/manager-tcp tar -xzf rsk-powhsm/middleware/bin/manager-tcp.tgz \ -C hsm-integration-test/docker/manager/manager-tcp - cp rsk-powhsm/ledger/src/tcpsigner/tcpsigner \ + cp rsk-powhsm/firmware/src/tcpsigner/tcpsigner \ hsm-integration-test/docker/tcpsigner/ - name: Run HSM integration tests diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index a4620ad2..c8ecd73f 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -20,13 +20,13 @@ jobs: id: static-analysis continue-on-error: true run: | - ledger/static-analysis/gen-static-analysis + firmware/static-analysis/gen-static-analysis - name: Upload static analysis reports uses: actions/upload-artifact@v3 with: name: static-analysis-reports - path: ledger/static-analysis/output + path: firmware/static-analysis/output - name: Report static analysis findings if: steps.static-analysis.outcome != 'success' diff --git a/.gitignore b/.gitignore index d4e2c370..1d02b745 100644 --- a/.gitignore +++ b/.gitignore @@ -20,5 +20,5 @@ .vscode/ # Ignore fuzz artifacts -ledger/fuzz/.coverage-build -ledger/fuzz/output +firmware/fuzz/.coverage-build +firmware/fuzz/output diff --git a/QUICKSTART.md b/QUICKSTART.md index e62019b8..65b7ec93 100644 --- a/QUICKSTART.md +++ b/QUICKSTART.md @@ -23,15 +23,15 @@ Unless otherwise stated, only x86 platforms are supported for building this proj - Run tests: ``` ~/repo> middleware/test-all # Middleware unit tests -~/repo> ledger/test/test-all # Ledger signer application tests -~/repo/ledger/src/signer/test/*> make test # Run ledger signer application unit tests -~/repo/ledger/src/common/test/*> make test # Run ledger common libraries unit tests +~/repo> firmware/test/test-all # Ledger signer application tests +~/repo/firmware/src/ledger/signer/test/*> make test # Run ledger signer application unit tests +~/repo/firmware/src/common/test/*> make test # Run ledger common libraries unit tests ``` - Build firmware binaries: ``` -~/repo> ledger/build/build-signer # Build signer -~/repo> ledger/build/build-ui # Build UI +~/repo> firmware/build/build-signer # Build signer +~/repo> firmware/build/build-ui # Build UI ``` - Build middleware binaries: diff --git a/README.md b/README.md index 39596598..8e986994 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,7 @@ Refer to the following documents for details on specifics: - [Blockchain bookkeeping documentation](./docs/blockchain-bookkeeping.md) - [Attestation documentation](./docs/attestation.md) - [Heartbeat documentation](./docs/heartbeat.md) -- [Ledger apps](./ledger/README.md) +- [Ledger apps](./firmware/README.md) - [Middleware](./middleware/README.md) - [Distribution](./dist/README.md) diff --git a/build-dist b/build-dist index dad4bf60..995eecad 100755 --- a/build-dist +++ b/build-dist @@ -65,32 +65,32 @@ computeHash() { } echo -e "\e[33mBuilding signer...\e[0m" -$ROOT_DIR/ledger/build/build-signer $CHECKPOINT $DIFFICULTY $NETWORK > /dev/null -cp $ROOT_DIR/ledger/src/signer/bin/app.hex $FIRMWARE_DIR/signer.hex -cp $ROOT_DIR/ledger/src/signer/icon.hex $FIRMWARE_DIR/signer.icon.hex +$ROOT_DIR/firmware/build/build-ledger-signer $CHECKPOINT $DIFFICULTY $NETWORK > /dev/null +cp $ROOT_DIR/firmware/src/ledger/signer/bin/app.hex $FIRMWARE_DIR/signer.hex +cp $ROOT_DIR/firmware/src/ledger/signer/icon.hex $FIRMWARE_DIR/signer.icon.hex HEX_NAME="Signer" -HEX_PATH="ledger/src/signer/bin/app.hex" +HEX_PATH="firmware/src/ledger/signer/bin/app.hex" computeHash SIGNER_HASH=$APP_HASH echo -e "\e[33mBuilding UI...\e[0m" -$ROOT_DIR/ledger/build/build-ui $SIGNER_HASH $UI_ITERATION $UI_AUTHORIZERS > /dev/null -cp $ROOT_DIR/ledger/src/ui/bin/token.hex $FIRMWARE_DIR/ui.hex -cp $ROOT_DIR/ledger/src/ui/icon.hex $FIRMWARE_DIR/ui.icon.hex +$ROOT_DIR/firmware/build/build-ledger-ui $SIGNER_HASH $UI_ITERATION $UI_AUTHORIZERS > /dev/null +cp $ROOT_DIR/firmware/src/ledger/ui/bin/token.hex $FIRMWARE_DIR/ui.hex +cp $ROOT_DIR/firmware/src/ledger/ui/icon.hex $FIRMWARE_DIR/ui.icon.hex HEX_NAME="UI" -HEX_PATH="ledger/src/ui/bin/token.hex" +HEX_PATH="firmware/src/ledger/ui/bin/token.hex" CA_FILE="rsk-ca.txt" computeHash echo -e "\e[33mSigning apps...\e[0m" -$ROOT_DIR/docker/mware/do-notty-nousb /hsm2 "python middleware/signonetime.py -a ledger/src/ui/bin/token.hex,ledger/src/signer/bin/app.hex -p $CA_FILE" > /dev/null -mv -f $ROOT_DIR/ledger/src/ui/bin/token.hex.sig $FIRMWARE_DIR/ui.hex.sig -mv -f $ROOT_DIR/ledger/src/signer/bin/app.hex.sig $FIRMWARE_DIR/signer.hex.sig +$ROOT_DIR/docker/mware/do-notty-nousb /hsm2 "python middleware/signonetime.py -a firmware/src/ledger/ui/bin/token.hex,firmware/src/ledger/signer/bin/app.hex -p $CA_FILE" > /dev/null +mv -f $ROOT_DIR/firmware/src/ledger/ui/bin/token.hex.sig $FIRMWARE_DIR/ui.hex.sig +mv -f $ROOT_DIR/firmware/src/ledger/signer/bin/app.hex.sig $FIRMWARE_DIR/signer.hex.sig mv -f $ROOT_DIR/$CA_FILE $SCRIPTS_DIR/$CA_FILE SIGNER_AUTH_FILE="signer_auth.json" echo -e "\e[33mCreating empty signer authorization for upgrades...\e[0m" -$ROOT_DIR/docker/mware/do-notty-nousb /hsm2 "python middleware/signapp.py message -a ledger/src/signer/bin/app.hex -i $UI_ITERATION -o $SIGNER_AUTH_FILE" > /dev/null +$ROOT_DIR/docker/mware/do-notty-nousb /hsm2 "python middleware/signapp.py message -a firmware/src/ledger/signer/bin/app.hex -i $UI_ITERATION -o $SIGNER_AUTH_FILE" > /dev/null mv -f $ROOT_DIR/$SIGNER_AUTH_FILE $FIRMWARE_DIR/$SIGNER_AUTH_FILE echo diff --git a/ledger/README.md b/firmware/README.md similarity index 88% rename from ledger/README.md rename to firmware/README.md index f161382c..c67bee79 100644 --- a/ledger/README.md +++ b/firmware/README.md @@ -2,9 +2,9 @@ There are two ledger apps, both of them targeted for running on a Ledger Nano S with a 1.3.1 firmware. -- UI: this is the modified 1.3.1 UI with a nonblocking behavior to allow the device to run uninterruptedly without human interaction. It is essentially the RSK version of the Ledger Nano S User Interface which can be loaded as a specific application - it can be used to personalize most generic parts of the user experience. This version also modifies the onboarding process to reflect RSK needs. Modified UIs display a warning at boot time to let you know whether you're running a certified version. This application shall be installed in Recovery mode. Find the source code under `ledger/src/ui`. +- UI: this is the modified 1.3.1 UI with a nonblocking behavior to allow the device to run uninterruptedly without human interaction. It is essentially the RSK version of the Ledger Nano S User Interface which can be loaded as a specific application - it can be used to personalize most generic parts of the user experience. This version also modifies the onboarding process to reflect RSK needs. Modified UIs display a warning at boot time to let you know whether you're running a certified version. This application shall be installed in Recovery mode. Find the source code under `firmware/src/ledger/ui`. -- Signer: this is the main app that implements the signing and authorization logic for powHSM. It is intended to be used alongside the UI. Find the source code under `ledger/src/signer`. +- Signer: this is the main app that implements the signing and authorization logic for powHSM. It is intended to be used alongside the UI. Find the source code under `firmware/src/powhsm`. There exists also an x86 implementation of the _Signer_ component, which we call TCPSigner, that we use to smoke test, fuzz (see [the fuzzing documentation](./fuzz/README.md) for details) and debug & test new features on before we jump onto testing on a physical device. With the exception of fuzzing, this component creates a TCP/IP server that serves the purpose of enabling the otherwise USB-based interactions with a given client. @@ -31,7 +31,7 @@ that should build (or rebuild in case any of the `Dockerfile`s have changed) the ## Common tasks and documentation -Refer to [ledger/build/README.md](./build/README.md) for instructions on building and to [ledger/deploy/README.md](./deploy/README.md) for instructions on deploying. +Refer to [firmware/build/README.md](./build/README.md) for instructions on building and to [firmware/deploy/README.md](./deploy/README.md) for instructions on deploying. See [Ledger's documentation](http://ledger.readthedocs.io) to get a reference on developing for the platform. @@ -40,13 +40,13 @@ See [Ledger's documentation](http://ledger.readthedocs.io) to get a reference on There are some tests written in Python that serve the purpose of smoke testing the powHSM signer when either installed and running on a Ledger Nano S or via a fresh TCPSigner build. To run them against a TCPSigner, issue: ``` -~/repo/ledger/test> ./test-all +~/repo/firmware/test> ./test-all ``` To run them against a Ledger Nano S, issue: ``` -~/repo/ledger/test> ./test-all dongle +~/repo/firmware/test> ./test-all dongle ``` Make sure that the Ledger is unlocked and with the signer app running for the tests to run correctly. diff --git a/ledger/build/README.md b/firmware/build/README.md similarity index 76% rename from ledger/build/README.md rename to firmware/build/README.md index 11b0e38f..c6fb26bc 100644 --- a/ledger/build/README.md +++ b/firmware/build/README.md @@ -7,21 +7,21 @@ The Docker image for ledger builds (see [the ledger readme](../README.md)) provi To build the UI, just issue: ```bash -~/repo> ledger/build/build-ui +~/repo> firmware/build/build-ledger-ui ``` -where `` is the hash of the authorized signer version (only this signer can be opened in the UI once running), `` is the iteration of the authorized signer version (used for downgrade prevention) and `` is the basename of the signer authorizers header file (the file to be included for the build process should be at `~/ledger/src/ui/src/signer_authorization_signers/.h`). +where `` is the hash of the authorized signer version (only this signer can be opened in the UI once running), `` is the iteration of the authorized signer version (used for downgrade prevention) and `` is the basename of the signer authorizers header file (the file to be included for the build process should be at `~/firmware/src/ledger/ui/src/signer_authorization_signers/.h`). There is also a *debug* version of the UI, which disables disallowing PINs with no alpha characters, therefore allowing for testing UI (and Signer) builds granting access to recovery mode without the need for wiping the device each time. This debug version is intended for development purposes only, and to build it, just issue: ```bash -~/repo> ledger/build/build-ui-debug +~/repo> firmware/build/build-ledger-ui-debug ``` To build the signer, just issue: ```bash -~/repo> ledger/build/build-signer +~/repo> firmware/build/build-ledger-signer ``` where `` is the desired blockchain checkpoint hash, `` is the minimum required difficulty (can be specified as a decimal number or as a hexadecimal - prefixed with `0x`), and `` is the desired network the build is to target (one of `mainnet`, `testnet` or `regtest`). @@ -29,10 +29,10 @@ where `` is the desired blockchain checkpoint hash, ` ledger/build/build-signer 0x00f06dcff26ec8b4d373fbd53ee770e9348d9bd6a247ad4c86e82ceb3c2130ac 0x7c50933098 testnet +~/repo> firmware/build/build-ledger-signer 0x00f06dcff26ec8b4d373fbd53ee770e9348d9bd6a247ad4c86e82ceb3c2130ac 0x7c50933098 testnet ``` -Once the build is complete, you will get the hash of the build as output, and the actual build output will be in `/ledger/src/signer/bin/app.hex` (for the signer) and `/ledger/src/ui/bin/token.hex` (for the UI). +Once the build is complete, you will get the hash of the build as output, and the actual build output will be in `/firmware/src/ledger/signer/bin/app.hex` (for the signer) and `/firmware/src/ledger/ui/bin/token.hex` (for the UI). #### Reproducible builds @@ -41,7 +41,7 @@ It is *very important* to mention that both the Signer and the UI builds are bit ### Building the TCPSigner ```bash -~/repo> ledger/build/build-tcpsigner +~/repo> firmware/build/build-tcpsigner ``` Happy building! diff --git a/ledger/build/build-signer b/firmware/build/build-ledger-signer similarity index 80% rename from ledger/build/build-signer rename to firmware/build/build-ledger-signer index 3097f8e8..4dc58c92 100755 --- a/ledger/build/build-signer +++ b/firmware/build/build-ledger-signer @@ -25,10 +25,10 @@ HSM_ROOT=$(realpath $BUILD_ROOT/../../) DOCKER_IMAGE=hsm:ledger source $BUILD_ROOT/../../docker/check-image -HEX_PATH="/hsm2/ledger/src/signer/bin/app.hex" +HEX_PATH="/hsm2/firmware/src/ledger/signer/bin/app.hex" HASH_CMD="cd /opt && echo '*******************' && echo 'Build successful. Signer hash:' && python -m hashapp.hashApp --hex $HEX_PATH && echo '*******************'" BUILD_CMD="make clean && make CHECKPOINT=$1 TARGET_DIFFICULTY=$2 NETWORK=$NETWORK && $HASH_CMD" DOCKER_USER="$(id -u):$(id -g)" -docker run -t --rm --user $DOCKER_USER -w /hsm2/ledger/src/signer -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" +docker run -t --rm --user $DOCKER_USER -w /hsm2/firmware/src/ledger/signer -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" diff --git a/ledger/build/build-ui b/firmware/build/build-ledger-ui similarity index 76% rename from ledger/build/build-ui rename to firmware/build/build-ledger-ui index 5783c3c9..64c5e23a 100755 --- a/ledger/build/build-ui +++ b/firmware/build/build-ledger-ui @@ -14,10 +14,10 @@ HSM_ROOT=$(realpath $BUILD_ROOT/../../) DOCKER_IMAGE=hsm:ledger source $BUILD_ROOT/../../docker/check-image -HEX_PATH="/hsm2/ledger/src/ui/bin/token.hex" +HEX_PATH="/hsm2/firmware/src/ledger/ui/bin/token.hex" HASH_CMD="cd /opt && echo '*******************' && echo 'Build successful. UI hash:' && python -m hashapp.hashApp --hex $HEX_PATH && echo '*******************'" BUILD_CMD="make clean && make SIGNER_HASH=$1 SIGNER_ITERATION=$2 SIGNERS_FILE=$3 && $HASH_CMD" DOCKER_USER="$(id -u):$(id -g)" -docker run -t --rm --user $DOCKER_USER -w /hsm2/ledger/src/ui -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" +docker run -t --rm --user $DOCKER_USER -w /hsm2/firmware/src/ledger/ui -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" diff --git a/ledger/build/build-ui-debug b/firmware/build/build-ledger-ui-debug similarity index 76% rename from ledger/build/build-ui-debug rename to firmware/build/build-ledger-ui-debug index a653c165..ec1047dc 100755 --- a/ledger/build/build-ui-debug +++ b/firmware/build/build-ledger-ui-debug @@ -14,10 +14,10 @@ HSM_ROOT=$(realpath $BUILD_ROOT/../../) DOCKER_IMAGE=hsm:ledger source $BUILD_ROOT/../../docker/check-image -HEX_PATH="/hsm2/ledger/src/ui/bin/token.hex" +HEX_PATH="/hsm2/firmware/src/ledger/ui/bin/token.hex" HASH_CMD="cd /opt && echo '*******************' && echo 'Build successful. UI hash:' && python -m hashapp.hashApp --hex $HEX_PATH && echo '*******************'" BUILD_CMD="make clean && make SIGNER_HASH=$1 SIGNER_ITERATION=$2 SIGNERS_FILE=$3 DEBUG_BUILD=1 && $HASH_CMD" DOCKER_USER="$(id -u):$(id -g)" -docker run -t --rm --user $DOCKER_USER -w /hsm2/ledger/src/ui -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" +docker run -t --rm --user $DOCKER_USER -w /hsm2/firmware/src/ledger/ui -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" diff --git a/ledger/build/build-tcpsigner b/firmware/build/build-tcpsigner similarity index 70% rename from ledger/build/build-tcpsigner rename to firmware/build/build-tcpsigner index e6538844..7efb1f91 100755 --- a/ledger/build/build-tcpsigner +++ b/firmware/build/build-tcpsigner @@ -18,4 +18,4 @@ BUILD_CMD="make clean all" DOCKER_USER="$(id -u):$(id -g)" -docker run -t --rm --user $DOCKER_USER -w /hsm2/ledger/src/tcpsigner -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" +docker run -t --rm --user $DOCKER_USER -w /hsm2/firmware/src/tcpsigner -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" diff --git a/ledger/build/build-tcpsigner-afl b/firmware/build/build-tcpsigner-afl similarity index 56% rename from ledger/build/build-tcpsigner-afl rename to firmware/build/build-tcpsigner-afl index 38e190a0..5972602d 100755 --- a/ledger/build/build-tcpsigner-afl +++ b/firmware/build/build-tcpsigner-afl @@ -13,7 +13,7 @@ HSM_ROOT=$(realpath $BUILD_ROOT/../../) COVERAGE_DIR="$1" if [[ -z "$COVERAGE_DIR" ]]; then - COVERAGE_DIR="$HSM_ROOT/ledger/fuzz/.coverage-build" + COVERAGE_DIR="$HSM_ROOT/firmware/fuzz/.coverage-build" fi if [[ -z "$2" || "$2" != "--force" ]]; then @@ -29,10 +29,13 @@ fi if [[ $REPLY =~ ^[Yy]$ ]]; then rm -rf $COVERAGE_DIR - mkdir -p $COVERAGE_DIR - cp -rf $HSM_ROOT/ledger/src/tcpsigner $COVERAGE_DIR/tcpsigner - cp -rf $HSM_ROOT/ledger/src/signer $COVERAGE_DIR/signer - cp -rf $HSM_ROOT/ledger/src/common $COVERAGE_DIR/common + mkdir -p $COVERAGE_DIR/ledger + cp -rf $HSM_ROOT/firmware/src/hal $COVERAGE_DIR/hal + cp -rf $HSM_ROOT/firmware/src/common $COVERAGE_DIR/common + cp -rf $HSM_ROOT/firmware/src/powhsm $COVERAGE_DIR/powhsm + cp -rf $HSM_ROOT/firmware/src/tcpsigner $COVERAGE_DIR/tcpsigner + # Some UI dependencies needed (symlinks within tcpsigner/src) + cp -rf $HSM_ROOT/firmware/src/ledger/ui $COVERAGE_DIR/ledger/ui else exit 1 fi @@ -42,9 +45,9 @@ source $BUILD_ROOT/../../docker/check-image DOCKER_USER="$(id -u):$(id -g)" -COVERAGE_CMD="CC=\"gcc-7 --coverage\" CXX=g++-7 make clean all" +COVERAGE_CMD="HSM_AFL=1 CC=\"gcc-7 --coverage\" CXX=g++-7 make clean all" docker run -ti --rm --user $DOCKER_USER -w /hsm2-cov/tcpsigner -v ${COVERAGE_DIR}:/hsm2-cov ${DOCKER_IMAGE} /bin/bash -c "$COVERAGE_CMD" # Good luck modifying this line. I don't recommend it. -BUILD_CMD="AFL_CC=gcc-7 AFL_CXX=g++-7 CC=afl-gcc-fast CXX=afl-g++-fast make clean all" -docker run -ti --rm --user $DOCKER_USER -w /hsm2/ledger/src/tcpsigner -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" +BUILD_CMD="HSM_AFL=1 AFL_CC=gcc-7 AFL_CXX=g++-7 CC=afl-gcc-fast CXX=afl-g++-fast make clean all" +docker run -ti --rm --user $DOCKER_USER -w /hsm2/firmware/src/tcpsigner -v ${HSM_ROOT}:/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$BUILD_CMD" diff --git a/ledger/build/builder-term b/firmware/build/builder-term similarity index 100% rename from ledger/build/builder-term rename to firmware/build/builder-term diff --git a/ledger/build/builder-tcpsigner-afl b/firmware/build/builder-term-afl similarity index 100% rename from ledger/build/builder-tcpsigner-afl rename to firmware/build/builder-term-afl diff --git a/ledger/coverage/.gitignore b/firmware/coverage/.gitignore similarity index 100% rename from ledger/coverage/.gitignore rename to firmware/coverage/.gitignore diff --git a/ledger/coverage/coverage.mk b/firmware/coverage/coverage.mk similarity index 100% rename from ledger/coverage/coverage.mk rename to firmware/coverage/coverage.mk diff --git a/ledger/coverage/gen-coverage b/firmware/coverage/gen-coverage similarity index 70% rename from ledger/coverage/gen-coverage rename to firmware/coverage/gen-coverage index db4d2f63..dde649fc 100755 --- a/ledger/coverage/gen-coverage +++ b/firmware/coverage/gen-coverage @@ -7,19 +7,21 @@ if [[ $1 == "exec" ]]; then # Remove any existing coverage data rm -rf $BASEDIR/coverage.info $BASEDIR/output - find $REPOROOT/ledger -name "*.gcno" -o -name "*.gcda" | xargs rm -f + find $REPOROOT/firmware -name "*.gcno" -o -name "*.gcda" | xargs rm -f - # Run firmware unit tests with coverage generation - COVERAGE=y $REPOROOT/ledger/src/signer/test/run-all.sh - COVERAGE=y $REPOROOT/ledger/src/ui/test/run-all.sh + # Run unit tests with coverage generation + COVERAGE=y $REPOROOT/firmware/src/common/test/run-all.sh + COVERAGE=y $REPOROOT/firmware/src/powhsm/test/run-all.sh + COVERAGE=y $REPOROOT/firmware/src/ledger/ui/test/run-all.sh + COVERAGE=y $REPOROOT/firmware/src/tcpsigner/test/run-all.sh # Run tcpsigner test suite - pushd $REPOROOT/ledger/src/tcpsigner > /dev/null + pushd $REPOROOT/firmware/src/tcpsigner > /dev/null COVERAGE=y make clean all ./tcpsigner --checkpoint 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b --difficulty 0x32 --network regtest > /dev/null & popd > /dev/null - pushd $REPOROOT/ledger/test > /dev/null + pushd $REPOROOT/firmware/test > /dev/null python run.py err_code=$? popd > /dev/null diff --git a/ledger/deploy/.gitignore b/firmware/deploy/.gitignore similarity index 100% rename from ledger/deploy/.gitignore rename to firmware/deploy/.gitignore diff --git a/ledger/deploy/Makefile.defines b/firmware/deploy/Makefile.defines similarity index 100% rename from ledger/deploy/Makefile.defines rename to firmware/deploy/Makefile.defines diff --git a/ledger/deploy/Makefile.rules b/firmware/deploy/Makefile.rules similarity index 100% rename from ledger/deploy/Makefile.rules rename to firmware/deploy/Makefile.rules diff --git a/ledger/deploy/README.md b/firmware/deploy/README.md similarity index 90% rename from ledger/deploy/README.md rename to firmware/deploy/README.md index c4a5456b..35e7eb27 100644 --- a/ledger/deploy/README.md +++ b/firmware/deploy/README.md @@ -11,7 +11,7 @@ Before deploying the Signer or UI, you first have to build them. Refer to [the b Once the UI is built, you must have your device plugged in and in recovery mode. Issue: ```bash -~/repo> ledger/deploy/deploy-ui +~/repo> firmware/deploy/deploy-ledger-ui ``` and follow the prompts on the device. @@ -21,7 +21,7 @@ and follow the prompts on the device. Once the Signer is built, you must have your device plugged in and unlocked (or alternatively in recovery mode). Issue: ```bash -~/repo> ledger/deploy/deploy-signer +~/repo> firmware/deploy/deploy-ledger-signer ``` and follow the prompts on the device (only if in recovery mode or using the factory UI). diff --git a/ledger/deploy/deploy-ui b/firmware/deploy/deploy-ledger-signer similarity index 62% rename from ledger/deploy/deploy-ui rename to firmware/deploy/deploy-ledger-signer index 80aec3af..e54ba955 100755 --- a/ledger/deploy/deploy-ui +++ b/firmware/deploy/deploy-ledger-signer @@ -5,4 +5,4 @@ pushd $(dirname $0) > /dev/null DEPLOY_DIR=$(pwd) popd > /dev/null -$DEPLOY_DIR/../../docker/mware/do /hsm2/ledger/deploy ./dui +$DEPLOY_DIR/../../docker/mware/do /hsm2/firmware/deploy ./dledsig diff --git a/ledger/deploy/deploy-signer b/firmware/deploy/deploy-ledger-ui similarity index 62% rename from ledger/deploy/deploy-signer rename to firmware/deploy/deploy-ledger-ui index 70cd4325..fc5ca76e 100755 --- a/ledger/deploy/deploy-signer +++ b/firmware/deploy/deploy-ledger-ui @@ -5,4 +5,4 @@ pushd $(dirname $0) > /dev/null DEPLOY_DIR=$(pwd) popd > /dev/null -$DEPLOY_DIR/../../docker/mware/do /hsm2/ledger/deploy ./dsig +$DEPLOY_DIR/../../docker/mware/do /hsm2/firmware/deploy ./dledui diff --git a/ledger/deploy/dsig b/firmware/deploy/dledsig similarity index 85% rename from ledger/deploy/dsig rename to firmware/deploy/dledsig index 44bb371d..d0ac56b5 100755 --- a/ledger/deploy/dsig +++ b/firmware/deploy/dledsig @@ -8,7 +8,7 @@ export BOLOS_SDK=$CURDIR export TARGET_ID=`cat $CURDIR/target.id` TOPDIR=$CURDIR/../ -BUILDDIR=$TOPDIR/src/signer/ +BUILDDIR=$TOPDIR/src/ledger/signer/ pushd $BUILDDIR > /dev/null make load diff --git a/ledger/deploy/dui b/firmware/deploy/dledui similarity index 88% rename from ledger/deploy/dui rename to firmware/deploy/dledui index 33ea0c28..b766e066 100755 --- a/ledger/deploy/dui +++ b/firmware/deploy/dledui @@ -9,7 +9,7 @@ export TARGET_ID=`cat $CURDIR/target.id` export ONLY_LOAD=YES TOPDIR=$CURDIR/../ -BUILDDIR=$TOPDIR/src/ui/ +BUILDDIR=$TOPDIR/src/ledger/ui/ pushd $BUILDDIR > /dev/null make load diff --git a/ledger/deploy/target.id b/firmware/deploy/target.id similarity index 100% rename from ledger/deploy/target.id rename to firmware/deploy/target.id diff --git a/ledger/fuzz/README.md b/firmware/fuzz/README.md similarity index 82% rename from ledger/fuzz/README.md rename to firmware/fuzz/README.md index 40fcf749..e6a1a071 100644 --- a/ledger/fuzz/README.md +++ b/firmware/fuzz/README.md @@ -9,16 +9,16 @@ can build using the `~/repo/docker/afl/build` script. # Building a fuzzable TCPSinger You can build the TCPSigner with the AFL++ compilers with the -`~/repo/ledger/build/build-tcpsigner-afl` script, which uses the +`~/repo/firmware/build/build-tcpsigner-afl` script, which uses the `~/repo/docker/afl/Dockerfile` instructions to build a `tcpsigner` binary which you can then fuzz using the `fuzz` script in this folder. The `fuzz` script takes three optional parameters: - number of cores, defaults to the number of cores on your machine (as per reported by `nproc`) -- path to testcases, defaults to `~/repo/ledger/fuzz/testcases` -- path to output, defaults to `~/repo/ledger/fuzz/output` -- path to dictionary, defaults to `~/repo/ledger/fuzz/dict` -- path to coverage build, defaults to `~/repo/ledger/fuzz/.coverage-build` +- path to testcases, defaults to `~/repo/firmware/fuzz/testcases` +- path to output, defaults to `~/repo/firmware/fuzz/output` +- path to dictionary, defaults to `~/repo/firmware/fuzz/dict` +- path to coverage build, defaults to `~/repo/firmware/fuzz/.coverage-build` And runs a primary fuzzer, coverage and `cores - 1` secondary fuzzers. @@ -55,5 +55,5 @@ python3 hex_to_dict.py ``` # Modifying run parameters -The `~/repo/ledger/fuzz/env` file specifies the difficulty, network and checkpoint to be +The `~/repo/firmware/fuzz/env` file specifies the difficulty, network and checkpoint to be used both by the fuzzer and the coverage script. diff --git a/ledger/fuzz/add-new-testcases b/firmware/fuzz/add-new-testcases similarity index 91% rename from ledger/fuzz/add-new-testcases rename to firmware/fuzz/add-new-testcases index 16994b4e..a32efe6f 100755 --- a/ledger/fuzz/add-new-testcases +++ b/firmware/fuzz/add-new-testcases @@ -34,12 +34,12 @@ CMD="./tcpsigner --checkpoint $CHECKPOINT --difficulty $DIFFICULTY --network $NE TESTCASES="$1" OUTPUT="$2" if [[ -z "$OUTPUT" ]]; then - OUTPUT="$HSM_ROOT/ledger/fuzz/output" + OUTPUT="$HSM_ROOT/firmware/fuzz/output" fi NEW_SEEDS_CMD="afl-fuzz -S newseeds -i /testcases -o /output $CMD" # no tmux needed as this should not take a long time... docker run -ti --rm --env AFL_BENCH_JUST_ONE=1 --env AFL_FAST_CAL=1 \ - --user $DOCKER_USER -w /hsm2/ledger/src/tcpsigner \ + --user $DOCKER_USER -w /hsm2/firmware/src/tcpsigner \ -v "$TESTCASES":/testcases -v "$OUTPUT":/output \ -v "$HSM_ROOT":/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$NEW_SEEDS_CMD" diff --git a/ledger/fuzz/dict/btc_trans b/firmware/fuzz/dict/btc_trans similarity index 100% rename from ledger/fuzz/dict/btc_trans rename to firmware/fuzz/dict/btc_trans diff --git a/ledger/fuzz/dict/header b/firmware/fuzz/dict/header similarity index 100% rename from ledger/fuzz/dict/header rename to firmware/fuzz/dict/header diff --git a/ledger/fuzz/dict/receipt b/firmware/fuzz/dict/receipt similarity index 100% rename from ledger/fuzz/dict/receipt rename to firmware/fuzz/dict/receipt diff --git a/ledger/fuzz/env b/firmware/fuzz/env similarity index 100% rename from ledger/fuzz/env rename to firmware/fuzz/env diff --git a/ledger/fuzz/extract-inputs-from-tests b/firmware/fuzz/extract-inputs-from-tests similarity index 55% rename from ledger/fuzz/extract-inputs-from-tests rename to firmware/fuzz/extract-inputs-from-tests index a9ce276a..dec37c4b 100755 --- a/ledger/fuzz/extract-inputs-from-tests +++ b/firmware/fuzz/extract-inputs-from-tests @@ -24,19 +24,19 @@ for ((N=1; N<=$RES_AMOUNT; N++)); do echo "Running loop $N / $RES_AMOUNT" REPLICA="replica-$N.out" - rm ../../ledger/src/tcpsigner/replica-$N.out 2> /dev/null || true + rm $FUZZ_ROOT/../src/tcpsigner/replica-$N.out 2> /dev/null || true - $TEST_ROOT/../../docker/mware/do-notty-nousb /hsm2/ledger/src/tcpsigner ./tcpsigner -r "$REPLICA" --checkpoint 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b --difficulty 0x32 --network regtest > /dev/null & + $FUZZ_ROOT/../../docker/mware/do-notty-nousb /hsm2/firmware/src/tcpsigner ./tcpsigner -r "$REPLICA" --checkpoint 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b --difficulty 0x32 --network regtest > /dev/null & sleep 1 - CMD="docker exec -t -w /hsm2/ledger/test hsm-mware-notty python run.py --filter" + CMD="docker exec -t -w /hsm2/firmware/test hsm-mware-notty python run.py --filter" echo "$RESOURCES" | head -n "$N" | xargs -n 1 $CMD - docker cp hsm-mware-notty:/hsm2/ledger/src/tcpsigner/replica-$N.out $TESTCASES - rm ../../ledger/src/tcpsigner/replica-$N.out 2> /dev/null || true + docker cp hsm-mware-notty:/hsm2/firmware/src/tcpsigner/replica-$N.out $TESTCASES + rm $FUZZ_ROOT/../src/tcpsigner/replica-$N.out 2> /dev/null || true # Kill (and remove) container docker kill hsm-mware-notty > /dev/null - echo "Input replica in /hsm2/ledger/src/tcpsinger/$REPLICA" + echo "Input replica in /hsm2/firmware/src/tcpsigner/$REPLICA" done diff --git a/ledger/fuzz/fuzz b/firmware/fuzz/fuzz similarity index 92% rename from ledger/fuzz/fuzz rename to firmware/fuzz/fuzz index f61fcff1..7029e113 100755 --- a/ledger/fuzz/fuzz +++ b/firmware/fuzz/fuzz @@ -53,22 +53,22 @@ fi TESTCASES="$2" if [[ -z "$TESTCASES" ]]; then - TESTCASES="$HSM_ROOT/ledger/fuzz/testcases" + TESTCASES="$HSM_ROOT/firmware/fuzz/testcases" fi OUTPUT="$3" if [[ -z "$OUTPUT" ]]; then - OUTPUT="$HSM_ROOT/ledger/fuzz/output" + OUTPUT="$HSM_ROOT/firmware/fuzz/output" fi DICT="$4" if [[ -z "$DICT" ]]; then - DICT="$HSM_ROOT/ledger/fuzz/dict" + DICT="$HSM_ROOT/firmware/fuzz/dict" fi COVERAGE_DIR="$5" if [[ -z "$COVERAGE_DIR" ]]; then - COVERAGE_DIR="$HSM_ROOT/ledger/fuzz/.coverage-build" + COVERAGE_DIR="$HSM_ROOT/firmware/fuzz/.coverage-build" fi if [[ -d "$OUTPUT/cov" ]]; then @@ -92,7 +92,7 @@ sleep 0.5 # give some time to coverage to start... MAIN_FUZZ_CMD="afl-fuzz -x /dict -D -M main -i /testcases -o /output $CMD" tmux new -d -s main \ docker run -ti --rm --env AFL_AUTORESUME=1 --env AFL_TESTCACHE_SIZE=500 \ - --user $DOCKER_USER -w /hsm2/ledger/src/tcpsigner \ + --user $DOCKER_USER -w /hsm2/firmware/src/tcpsigner \ -v "$DICT":/dict -v "$TESTCASES":/testcases -v "$OUTPUT":/output \ -v "$HSM_ROOT":/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$MAIN_FUZZ_CMD" sleep 0.1 # starting too many instances of AFL too quickly seems to mess things up @@ -122,7 +122,7 @@ while [[ $CORE -lt $CORES ]]; do tmux new -d -s secondary-$CORE \ docker run -ti --rm \ --env AFL_AUTORESUME=1 --env AFL_TESTCACHE_SIZE=500 \ - --user $DOCKER_USER -w /hsm2/ledger/src/tcpsigner \ + --user $DOCKER_USER -w /hsm2/firmware/src/tcpsigner \ -v "$DICT":/dict -v "$TESTCASES":/testcases -v "$OUTPUT":/output \ -v "$HSM_ROOT":/hsm2 ${DOCKER_IMAGE} /bin/bash -c "$SECONDARY_FUZZ_CMD" CORE=$(( CORE+1 )) diff --git a/ledger/fuzz/generate-testcases b/firmware/fuzz/generate-testcases similarity index 100% rename from ledger/fuzz/generate-testcases rename to firmware/fuzz/generate-testcases diff --git a/ledger/fuzz/hex_to_dict.py b/firmware/fuzz/hex_to_dict.py similarity index 100% rename from ledger/fuzz/hex_to_dict.py rename to firmware/fuzz/hex_to_dict.py diff --git a/ledger/fuzz/min-testcases b/firmware/fuzz/min-testcases similarity index 67% rename from ledger/fuzz/min-testcases rename to firmware/fuzz/min-testcases index e04bbef1..a74b37cd 100755 --- a/ledger/fuzz/min-testcases +++ b/firmware/fuzz/min-testcases @@ -18,16 +18,16 @@ DOCKER_USER="$(id -u):$(id -g)" TESTCASESUNIQUE="$1" if [[ -z "$TESTCASESUNIQUE" ]]; then - TESTCASESUNIQUE="$HSM_ROOT/ledger/fuzz/testcases-unique" + TESTCASESUNIQUE="$HSM_ROOT/firmware/fuzz/testcases-unique" fi TESTCASES="$2" if [[ -z "$TESTCASES" ]]; then - TESTCASES="$HSM_ROOT/ledger/fuzz/testcases" + TESTCASES="$HSM_ROOT/firmware/fuzz/testcases" fi cd $TESTCASESUNIQUE; for i in *; do CMD="afl-tmin -i /testcases-unique/$i -o /testcases/$i -- ./tcpsigner -i @@" - docker run -t --rm --user $DOCKER_USER -w /hsm2/ledger/src/tcpsigner -v "$HSM_ROOT":/hsm2 -v "$TESTCASESUNIQUE":/testcases-unique -v "$TESTCASES":/testcases ${DOCKER_IMAGE} /bin/bash -c "$CMD" + docker run -t --rm --user $DOCKER_USER -w /hsm2/firmware/src/tcpsigner -v "$HSM_ROOT":/hsm2 -v "$TESTCASESUNIQUE":/testcases-unique -v "$TESTCASES":/testcases ${DOCKER_IMAGE} /bin/bash -c "$CMD" done diff --git a/ledger/fuzz/testcases-raw/replica-1.out b/firmware/fuzz/testcases-raw/replica-1.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-1.out rename to firmware/fuzz/testcases-raw/replica-1.out diff --git a/ledger/fuzz/testcases-raw/replica-10.out b/firmware/fuzz/testcases-raw/replica-10.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-10.out rename to firmware/fuzz/testcases-raw/replica-10.out diff --git a/ledger/fuzz/testcases-raw/replica-11.out b/firmware/fuzz/testcases-raw/replica-11.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-11.out rename to firmware/fuzz/testcases-raw/replica-11.out diff --git a/ledger/fuzz/testcases-raw/replica-12.out b/firmware/fuzz/testcases-raw/replica-12.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-12.out rename to firmware/fuzz/testcases-raw/replica-12.out diff --git a/ledger/fuzz/testcases-raw/replica-13.out b/firmware/fuzz/testcases-raw/replica-13.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-13.out rename to firmware/fuzz/testcases-raw/replica-13.out diff --git a/ledger/fuzz/testcases-raw/replica-14.out b/firmware/fuzz/testcases-raw/replica-14.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-14.out rename to firmware/fuzz/testcases-raw/replica-14.out diff --git a/ledger/fuzz/testcases-raw/replica-15.out b/firmware/fuzz/testcases-raw/replica-15.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-15.out rename to firmware/fuzz/testcases-raw/replica-15.out diff --git a/ledger/fuzz/testcases-raw/replica-16.out b/firmware/fuzz/testcases-raw/replica-16.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-16.out rename to firmware/fuzz/testcases-raw/replica-16.out diff --git a/ledger/fuzz/testcases-raw/replica-17.out b/firmware/fuzz/testcases-raw/replica-17.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-17.out rename to firmware/fuzz/testcases-raw/replica-17.out diff --git a/ledger/fuzz/testcases-raw/replica-18.out b/firmware/fuzz/testcases-raw/replica-18.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-18.out rename to firmware/fuzz/testcases-raw/replica-18.out diff --git a/ledger/fuzz/testcases-raw/replica-19.out b/firmware/fuzz/testcases-raw/replica-19.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-19.out rename to firmware/fuzz/testcases-raw/replica-19.out diff --git a/ledger/fuzz/testcases-raw/replica-2.out b/firmware/fuzz/testcases-raw/replica-2.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-2.out rename to firmware/fuzz/testcases-raw/replica-2.out diff --git a/ledger/fuzz/testcases-raw/replica-20.out b/firmware/fuzz/testcases-raw/replica-20.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-20.out rename to firmware/fuzz/testcases-raw/replica-20.out diff --git a/ledger/fuzz/testcases-raw/replica-21.out b/firmware/fuzz/testcases-raw/replica-21.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-21.out rename to firmware/fuzz/testcases-raw/replica-21.out diff --git a/ledger/fuzz/testcases-raw/replica-22.out b/firmware/fuzz/testcases-raw/replica-22.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-22.out rename to firmware/fuzz/testcases-raw/replica-22.out diff --git a/ledger/fuzz/testcases-raw/replica-23.out b/firmware/fuzz/testcases-raw/replica-23.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-23.out rename to firmware/fuzz/testcases-raw/replica-23.out diff --git a/ledger/fuzz/testcases-raw/replica-24.out b/firmware/fuzz/testcases-raw/replica-24.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-24.out rename to firmware/fuzz/testcases-raw/replica-24.out diff --git a/ledger/fuzz/testcases-raw/replica-25.out b/firmware/fuzz/testcases-raw/replica-25.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-25.out rename to firmware/fuzz/testcases-raw/replica-25.out diff --git a/ledger/fuzz/testcases-raw/replica-26.out b/firmware/fuzz/testcases-raw/replica-26.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-26.out rename to firmware/fuzz/testcases-raw/replica-26.out diff --git a/ledger/fuzz/testcases-raw/replica-27.out b/firmware/fuzz/testcases-raw/replica-27.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-27.out rename to firmware/fuzz/testcases-raw/replica-27.out diff --git a/ledger/fuzz/testcases-raw/replica-28.out b/firmware/fuzz/testcases-raw/replica-28.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-28.out rename to firmware/fuzz/testcases-raw/replica-28.out diff --git a/ledger/fuzz/testcases-raw/replica-29.out b/firmware/fuzz/testcases-raw/replica-29.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-29.out rename to firmware/fuzz/testcases-raw/replica-29.out diff --git a/ledger/fuzz/testcases-raw/replica-3.out b/firmware/fuzz/testcases-raw/replica-3.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-3.out rename to firmware/fuzz/testcases-raw/replica-3.out diff --git a/ledger/fuzz/testcases-raw/replica-30.out b/firmware/fuzz/testcases-raw/replica-30.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-30.out rename to firmware/fuzz/testcases-raw/replica-30.out diff --git a/ledger/fuzz/testcases-raw/replica-31.out b/firmware/fuzz/testcases-raw/replica-31.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-31.out rename to firmware/fuzz/testcases-raw/replica-31.out diff --git a/ledger/fuzz/testcases-raw/replica-32.out b/firmware/fuzz/testcases-raw/replica-32.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-32.out rename to firmware/fuzz/testcases-raw/replica-32.out diff --git a/ledger/fuzz/testcases-raw/replica-33.out b/firmware/fuzz/testcases-raw/replica-33.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-33.out rename to firmware/fuzz/testcases-raw/replica-33.out diff --git a/ledger/fuzz/testcases-raw/replica-34.out b/firmware/fuzz/testcases-raw/replica-34.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-34.out rename to firmware/fuzz/testcases-raw/replica-34.out diff --git a/ledger/fuzz/testcases-raw/replica-35.out b/firmware/fuzz/testcases-raw/replica-35.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-35.out rename to firmware/fuzz/testcases-raw/replica-35.out diff --git a/ledger/fuzz/testcases-raw/replica-36.out b/firmware/fuzz/testcases-raw/replica-36.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-36.out rename to firmware/fuzz/testcases-raw/replica-36.out diff --git a/ledger/fuzz/testcases-raw/replica-4.out b/firmware/fuzz/testcases-raw/replica-4.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-4.out rename to firmware/fuzz/testcases-raw/replica-4.out diff --git a/ledger/fuzz/testcases-raw/replica-5.out b/firmware/fuzz/testcases-raw/replica-5.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-5.out rename to firmware/fuzz/testcases-raw/replica-5.out diff --git a/ledger/fuzz/testcases-raw/replica-6.out b/firmware/fuzz/testcases-raw/replica-6.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-6.out rename to firmware/fuzz/testcases-raw/replica-6.out diff --git a/ledger/fuzz/testcases-raw/replica-7.out b/firmware/fuzz/testcases-raw/replica-7.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-7.out rename to firmware/fuzz/testcases-raw/replica-7.out diff --git a/ledger/fuzz/testcases-raw/replica-8.out b/firmware/fuzz/testcases-raw/replica-8.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-8.out rename to firmware/fuzz/testcases-raw/replica-8.out diff --git a/ledger/fuzz/testcases-raw/replica-9.out b/firmware/fuzz/testcases-raw/replica-9.out similarity index 100% rename from ledger/fuzz/testcases-raw/replica-9.out rename to firmware/fuzz/testcases-raw/replica-9.out diff --git a/ledger/fuzz/testcases-unique/replica-1.out b/firmware/fuzz/testcases-unique/replica-1.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-1.out rename to firmware/fuzz/testcases-unique/replica-1.out diff --git a/ledger/fuzz/testcases-unique/replica-11.out b/firmware/fuzz/testcases-unique/replica-11.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-11.out rename to firmware/fuzz/testcases-unique/replica-11.out diff --git a/ledger/fuzz/testcases-unique/replica-12.out b/firmware/fuzz/testcases-unique/replica-12.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-12.out rename to firmware/fuzz/testcases-unique/replica-12.out diff --git a/ledger/fuzz/testcases-unique/replica-13.out b/firmware/fuzz/testcases-unique/replica-13.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-13.out rename to firmware/fuzz/testcases-unique/replica-13.out diff --git a/ledger/fuzz/testcases-unique/replica-14.out b/firmware/fuzz/testcases-unique/replica-14.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-14.out rename to firmware/fuzz/testcases-unique/replica-14.out diff --git a/ledger/fuzz/testcases-unique/replica-15.out b/firmware/fuzz/testcases-unique/replica-15.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-15.out rename to firmware/fuzz/testcases-unique/replica-15.out diff --git a/ledger/fuzz/testcases-unique/replica-16.out b/firmware/fuzz/testcases-unique/replica-16.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-16.out rename to firmware/fuzz/testcases-unique/replica-16.out diff --git a/ledger/fuzz/testcases-unique/replica-17.out b/firmware/fuzz/testcases-unique/replica-17.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-17.out rename to firmware/fuzz/testcases-unique/replica-17.out diff --git a/ledger/fuzz/testcases-unique/replica-18.out b/firmware/fuzz/testcases-unique/replica-18.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-18.out rename to firmware/fuzz/testcases-unique/replica-18.out diff --git a/ledger/fuzz/testcases-unique/replica-19.out b/firmware/fuzz/testcases-unique/replica-19.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-19.out rename to firmware/fuzz/testcases-unique/replica-19.out diff --git a/ledger/fuzz/testcases-unique/replica-2.out b/firmware/fuzz/testcases-unique/replica-2.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-2.out rename to firmware/fuzz/testcases-unique/replica-2.out diff --git a/ledger/fuzz/testcases-unique/replica-20.out b/firmware/fuzz/testcases-unique/replica-20.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-20.out rename to firmware/fuzz/testcases-unique/replica-20.out diff --git a/ledger/fuzz/testcases-unique/replica-21.out b/firmware/fuzz/testcases-unique/replica-21.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-21.out rename to firmware/fuzz/testcases-unique/replica-21.out diff --git a/ledger/fuzz/testcases-unique/replica-22.out b/firmware/fuzz/testcases-unique/replica-22.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-22.out rename to firmware/fuzz/testcases-unique/replica-22.out diff --git a/ledger/fuzz/testcases-unique/replica-23.out b/firmware/fuzz/testcases-unique/replica-23.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-23.out rename to firmware/fuzz/testcases-unique/replica-23.out diff --git a/ledger/fuzz/testcases-unique/replica-25.out b/firmware/fuzz/testcases-unique/replica-25.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-25.out rename to firmware/fuzz/testcases-unique/replica-25.out diff --git a/ledger/fuzz/testcases-unique/replica-28.out b/firmware/fuzz/testcases-unique/replica-28.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-28.out rename to firmware/fuzz/testcases-unique/replica-28.out diff --git a/ledger/fuzz/testcases-unique/replica-29.out b/firmware/fuzz/testcases-unique/replica-29.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-29.out rename to firmware/fuzz/testcases-unique/replica-29.out diff --git a/ledger/fuzz/testcases-unique/replica-3.out b/firmware/fuzz/testcases-unique/replica-3.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-3.out rename to firmware/fuzz/testcases-unique/replica-3.out diff --git a/ledger/fuzz/testcases-unique/replica-30.out b/firmware/fuzz/testcases-unique/replica-30.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-30.out rename to firmware/fuzz/testcases-unique/replica-30.out diff --git a/ledger/fuzz/testcases-unique/replica-31.out b/firmware/fuzz/testcases-unique/replica-31.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-31.out rename to firmware/fuzz/testcases-unique/replica-31.out diff --git a/ledger/fuzz/testcases-unique/replica-32.out b/firmware/fuzz/testcases-unique/replica-32.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-32.out rename to firmware/fuzz/testcases-unique/replica-32.out diff --git a/ledger/fuzz/testcases-unique/replica-33.out b/firmware/fuzz/testcases-unique/replica-33.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-33.out rename to firmware/fuzz/testcases-unique/replica-33.out diff --git a/ledger/fuzz/testcases-unique/replica-34.out b/firmware/fuzz/testcases-unique/replica-34.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-34.out rename to firmware/fuzz/testcases-unique/replica-34.out diff --git a/ledger/fuzz/testcases-unique/replica-35.out b/firmware/fuzz/testcases-unique/replica-35.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-35.out rename to firmware/fuzz/testcases-unique/replica-35.out diff --git a/ledger/fuzz/testcases-unique/replica-4.out b/firmware/fuzz/testcases-unique/replica-4.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-4.out rename to firmware/fuzz/testcases-unique/replica-4.out diff --git a/ledger/fuzz/testcases-unique/replica-5.out b/firmware/fuzz/testcases-unique/replica-5.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-5.out rename to firmware/fuzz/testcases-unique/replica-5.out diff --git a/ledger/fuzz/testcases-unique/replica-6.out b/firmware/fuzz/testcases-unique/replica-6.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-6.out rename to firmware/fuzz/testcases-unique/replica-6.out diff --git a/ledger/fuzz/testcases-unique/replica-7.out b/firmware/fuzz/testcases-unique/replica-7.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-7.out rename to firmware/fuzz/testcases-unique/replica-7.out diff --git a/ledger/fuzz/testcases-unique/replica-8.out b/firmware/fuzz/testcases-unique/replica-8.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-8.out rename to firmware/fuzz/testcases-unique/replica-8.out diff --git a/ledger/fuzz/testcases-unique/replica-9.out b/firmware/fuzz/testcases-unique/replica-9.out similarity index 100% rename from ledger/fuzz/testcases-unique/replica-9.out rename to firmware/fuzz/testcases-unique/replica-9.out diff --git a/ledger/fuzz/testcases/replica-1.out b/firmware/fuzz/testcases/replica-1.out similarity index 100% rename from ledger/fuzz/testcases/replica-1.out rename to firmware/fuzz/testcases/replica-1.out diff --git a/ledger/fuzz/testcases/replica-2.out b/firmware/fuzz/testcases/replica-2.out similarity index 100% rename from ledger/fuzz/testcases/replica-2.out rename to firmware/fuzz/testcases/replica-2.out diff --git a/ledger/fuzz/testcases/replica-3.out b/firmware/fuzz/testcases/replica-3.out similarity index 100% rename from ledger/fuzz/testcases/replica-3.out rename to firmware/fuzz/testcases/replica-3.out diff --git a/ledger/fuzz/unique-testcases b/firmware/fuzz/unique-testcases similarity index 65% rename from ledger/fuzz/unique-testcases rename to firmware/fuzz/unique-testcases index 7ae17fbe..6a673228 100755 --- a/ledger/fuzz/unique-testcases +++ b/firmware/fuzz/unique-testcases @@ -19,13 +19,13 @@ CMD="afl-cmin -i /testcases-raw -o /testcases-unique ./tcpsigner -i @@" TESTCASES="$1" if [[ -z "$TESTCASES" ]]; then - TESTCASES="$HSM_ROOT/ledger/fuzz/testcases-raw" + TESTCASES="$HSM_ROOT/firmware/fuzz/testcases-raw" fi TESTCASESUNIQ="$2" if [[ -z "$TESTCASESUNIQ" ]]; then - TESTCASESUNIQ="$HSM_ROOT/ledger/fuzz/testcases-unique" + TESTCASESUNIQ="$HSM_ROOT/firmware/fuzz/testcases-unique" fi -docker run -ti --rm --user $DOCKER_USER -w /hsm2/ledger/src/tcpsigner -v ${HSM_ROOT}:/hsm2 -v "$TESTCASES":/testcases-raw -v "$TESTCASESUNIQ":/testcases-unique ${DOCKER_IMAGE} /bin/bash -c "$CMD" +docker run -ti --rm --user $DOCKER_USER -w /hsm2/firmware/src/tcpsigner -v ${HSM_ROOT}:/hsm2 -v "$TESTCASES":/testcases-raw -v "$TESTCASESUNIQ":/testcases-unique ${DOCKER_IMAGE} /bin/bash -c "$CMD" diff --git a/ledger/src/.gitignore b/firmware/src/.gitignore similarity index 100% rename from ledger/src/.gitignore rename to firmware/src/.gitignore diff --git a/ledger/src/common/src/apdu.h b/firmware/src/common/src/apdu.h similarity index 100% rename from ledger/src/common/src/apdu.h rename to firmware/src/common/src/apdu.h diff --git a/ledger/src/common/src/compiletime.h b/firmware/src/common/src/compiletime.h similarity index 100% rename from ledger/src/common/src/compiletime.h rename to firmware/src/common/src/compiletime.h diff --git a/ledger/src/common/src/ints.h b/firmware/src/common/src/ints.h similarity index 100% rename from ledger/src/common/src/ints.h rename to firmware/src/common/src/ints.h diff --git a/ledger/src/common/src/memutil.h b/firmware/src/common/src/memutil.h similarity index 100% rename from ledger/src/common/src/memutil.h rename to firmware/src/common/src/memutil.h diff --git a/ledger/src/common/src/modes.h b/firmware/src/common/src/modes.h similarity index 100% rename from ledger/src/common/src/modes.h rename to firmware/src/common/src/modes.h diff --git a/ledger/src/common/src/runtime.h b/firmware/src/common/src/runtime.h similarity index 100% rename from ledger/src/common/src/runtime.h rename to firmware/src/common/src/runtime.h diff --git a/ledger/src/common/test/.gitignore b/firmware/src/common/test/.gitignore similarity index 100% rename from ledger/src/common/test/.gitignore rename to firmware/src/common/test/.gitignore diff --git a/ledger/src/common/test/ints/Makefile b/firmware/src/common/test/ints/Makefile similarity index 100% rename from ledger/src/common/test/ints/Makefile rename to firmware/src/common/test/ints/Makefile diff --git a/ledger/src/common/test/ints/test_ints.c b/firmware/src/common/test/ints/test_ints.c similarity index 100% rename from ledger/src/common/test/ints/test_ints.c rename to firmware/src/common/test/ints/test_ints.c diff --git a/ledger/src/common/test/memutil/Makefile b/firmware/src/common/test/memutil/Makefile similarity index 100% rename from ledger/src/common/test/memutil/Makefile rename to firmware/src/common/test/memutil/Makefile diff --git a/ledger/src/common/test/memutil/os.h b/firmware/src/common/test/memutil/os.h similarity index 100% rename from ledger/src/common/test/memutil/os.h rename to firmware/src/common/test/memutil/os.h diff --git a/ledger/src/common/test/memutil/test_memutil.c b/firmware/src/common/test/memutil/test_memutil.c similarity index 100% rename from ledger/src/common/test/memutil/test_memutil.c rename to firmware/src/common/test/memutil/test_memutil.c diff --git a/ledger/src/common/test/run-all.sh b/firmware/src/common/test/run-all.sh similarity index 100% rename from ledger/src/common/test/run-all.sh rename to firmware/src/common/test/run-all.sh diff --git a/ledger/src/hal/include/hal/communication.h b/firmware/src/hal/include/hal/communication.h similarity index 97% rename from ledger/src/hal/include/hal/communication.h rename to firmware/src/hal/include/hal/communication.h index cf1db3e8..71da6fe1 100644 --- a/ledger/src/hal/include/hal/communication.h +++ b/firmware/src/hal/include/hal/communication.h @@ -57,7 +57,7 @@ size_t communication_get_msg_buffer_size(); * @brief Exchanges bytes with the host. This function blocks until the host * sends a message. * - * The message exchanges data with the host using the msg_buffer. If there are + * The message exchanges data with the host using the msg_buffer. If there are * any bytes to transmit, they are transmitted first. After that the function * blocks until a new message is received from the host. * diff --git a/ledger/src/hal/include/hal/constants.h b/firmware/src/hal/include/hal/constants.h similarity index 100% rename from ledger/src/hal/include/hal/constants.h rename to firmware/src/hal/include/hal/constants.h diff --git a/ledger/src/hal/include/hal/endorsement.h b/firmware/src/hal/include/hal/endorsement.h similarity index 100% rename from ledger/src/hal/include/hal/endorsement.h rename to firmware/src/hal/include/hal/endorsement.h diff --git a/ledger/src/hal/include/hal/exceptions.h b/firmware/src/hal/include/hal/exceptions.h similarity index 99% rename from ledger/src/hal/include/hal/exceptions.h rename to firmware/src/hal/include/hal/exceptions.h index 5b5fe8eb..d5f374e2 100644 --- a/ledger/src/hal/include/hal/exceptions.h +++ b/firmware/src/hal/include/hal/exceptions.h @@ -193,7 +193,7 @@ void os_longjmp(jmp_buf b, unsigned int exception); #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -#include +#include "bc_err.h" #define IGNORE_WHEN_FUZZING(e) \ (e == MERKLE_PROOF_MISMATCH || e == CB_TXN_HASH_MISMATCH || \ diff --git a/ledger/src/hal/include/hal/hash.h b/firmware/src/hal/include/hal/hash.h similarity index 100% rename from ledger/src/hal/include/hal/hash.h rename to firmware/src/hal/include/hal/hash.h diff --git a/ledger/src/hal/include/hal/log.h b/firmware/src/hal/include/hal/log.h similarity index 100% rename from ledger/src/hal/include/hal/log.h rename to firmware/src/hal/include/hal/log.h diff --git a/ledger/src/hal/include/hal/nvmem.h b/firmware/src/hal/include/hal/nvmem.h similarity index 100% rename from ledger/src/hal/include/hal/nvmem.h rename to firmware/src/hal/include/hal/nvmem.h diff --git a/ledger/src/hal/include/hal/platform.h b/firmware/src/hal/include/hal/platform.h similarity index 100% rename from ledger/src/hal/include/hal/platform.h rename to firmware/src/hal/include/hal/platform.h diff --git a/ledger/src/hal/include/hal/seed.h b/firmware/src/hal/include/hal/seed.h similarity index 100% rename from ledger/src/hal/include/hal/seed.h rename to firmware/src/hal/include/hal/seed.h diff --git a/ledger/src/hal/src/common/sha256.c b/firmware/src/hal/src/common/sha256.c similarity index 100% rename from ledger/src/hal/src/common/sha256.c rename to firmware/src/hal/src/common/sha256.c diff --git a/ledger/src/hal/src/common/sha256.h b/firmware/src/hal/src/common/sha256.h similarity index 100% rename from ledger/src/hal/src/common/sha256.h rename to firmware/src/hal/src/common/sha256.h diff --git a/ledger/src/hal/src/ledger/communication.c b/firmware/src/hal/src/ledger/communication.c similarity index 100% rename from ledger/src/hal/src/ledger/communication.c rename to firmware/src/hal/src/ledger/communication.c diff --git a/ledger/src/hal/src/ledger/endorsement.c b/firmware/src/hal/src/ledger/endorsement.c similarity index 100% rename from ledger/src/hal/src/ledger/endorsement.c rename to firmware/src/hal/src/ledger/endorsement.c diff --git a/ledger/src/hal/src/ledger/hash.c b/firmware/src/hal/src/ledger/hash.c similarity index 100% rename from ledger/src/hal/src/ledger/hash.c rename to firmware/src/hal/src/ledger/hash.c diff --git a/ledger/src/hal/src/ledger/nvmem.c b/firmware/src/hal/src/ledger/nvmem.c similarity index 100% rename from ledger/src/hal/src/ledger/nvmem.c rename to firmware/src/hal/src/ledger/nvmem.c diff --git a/ledger/src/hal/src/ledger/platform.c b/firmware/src/hal/src/ledger/platform.c similarity index 100% rename from ledger/src/hal/src/ledger/platform.c rename to firmware/src/hal/src/ledger/platform.c diff --git a/ledger/src/hal/src/ledger/seed.c b/firmware/src/hal/src/ledger/seed.c similarity index 100% rename from ledger/src/hal/src/ledger/seed.c rename to firmware/src/hal/src/ledger/seed.c diff --git a/ledger/src/hal/src/ledger/sha256.c b/firmware/src/hal/src/ledger/sha256.c similarity index 100% rename from ledger/src/hal/src/ledger/sha256.c rename to firmware/src/hal/src/ledger/sha256.c diff --git a/ledger/src/hal/src/ledger/sha256.h b/firmware/src/hal/src/ledger/sha256.h similarity index 100% rename from ledger/src/hal/src/ledger/sha256.h rename to firmware/src/hal/src/ledger/sha256.h diff --git a/ledger/src/hal/src/x86/bip32.c b/firmware/src/hal/src/x86/bip32.c similarity index 100% rename from ledger/src/hal/src/x86/bip32.c rename to firmware/src/hal/src/x86/bip32.c diff --git a/ledger/src/hal/src/x86/bip32.h b/firmware/src/hal/src/x86/bip32.h similarity index 100% rename from ledger/src/hal/src/x86/bip32.h rename to firmware/src/hal/src/x86/bip32.h diff --git a/ledger/src/hal/src/x86/cJSON.c b/firmware/src/hal/src/x86/cJSON.c similarity index 100% rename from ledger/src/hal/src/x86/cJSON.c rename to firmware/src/hal/src/x86/cJSON.c diff --git a/ledger/src/hal/src/x86/cJSON.h b/firmware/src/hal/src/x86/cJSON.h similarity index 100% rename from ledger/src/hal/src/x86/cJSON.h rename to firmware/src/hal/src/x86/cJSON.h diff --git a/ledger/src/hal/src/x86/communication.c b/firmware/src/hal/src/x86/communication.c similarity index 100% rename from ledger/src/hal/src/x86/communication.c rename to firmware/src/hal/src/x86/communication.c diff --git a/ledger/src/hal/src/x86/endorsement.c b/firmware/src/hal/src/x86/endorsement.c similarity index 100% rename from ledger/src/hal/src/x86/endorsement.c rename to firmware/src/hal/src/x86/endorsement.c diff --git a/ledger/src/hal/src/x86/exceptions.c b/firmware/src/hal/src/x86/exceptions.c similarity index 100% rename from ledger/src/hal/src/x86/exceptions.c rename to firmware/src/hal/src/x86/exceptions.c diff --git a/ledger/src/hal/src/x86/explicit_bzero.c b/firmware/src/hal/src/x86/explicit_bzero.c similarity index 100% rename from ledger/src/hal/src/x86/explicit_bzero.c rename to firmware/src/hal/src/x86/explicit_bzero.c diff --git a/ledger/src/hal/src/x86/explicit_bzero.h b/firmware/src/hal/src/x86/explicit_bzero.h similarity index 100% rename from ledger/src/hal/src/x86/explicit_bzero.h rename to firmware/src/hal/src/x86/explicit_bzero.h diff --git a/ledger/src/hal/src/x86/hash.c b/firmware/src/hal/src/x86/hash.c similarity index 100% rename from ledger/src/hal/src/x86/hash.c rename to firmware/src/hal/src/x86/hash.c diff --git a/ledger/src/hal/src/x86/hex_reader.c b/firmware/src/hal/src/x86/hex_reader.c similarity index 100% rename from ledger/src/hal/src/x86/hex_reader.c rename to firmware/src/hal/src/x86/hex_reader.c diff --git a/ledger/src/hal/src/x86/hex_reader.h b/firmware/src/hal/src/x86/hex_reader.h similarity index 100% rename from ledger/src/hal/src/x86/hex_reader.h rename to firmware/src/hal/src/x86/hex_reader.h diff --git a/ledger/src/hal/src/x86/hmac_sha256.c b/firmware/src/hal/src/x86/hmac_sha256.c similarity index 100% rename from ledger/src/hal/src/x86/hmac_sha256.c rename to firmware/src/hal/src/x86/hmac_sha256.c diff --git a/ledger/src/hal/src/x86/hmac_sha256.h b/firmware/src/hal/src/x86/hmac_sha256.h similarity index 100% rename from ledger/src/hal/src/x86/hmac_sha256.h rename to firmware/src/hal/src/x86/hmac_sha256.h diff --git a/ledger/src/hal/src/x86/json.c b/firmware/src/hal/src/x86/json.c similarity index 100% rename from ledger/src/hal/src/x86/json.c rename to firmware/src/hal/src/x86/json.c diff --git a/ledger/src/hal/src/x86/json.h b/firmware/src/hal/src/x86/json.h similarity index 100% rename from ledger/src/hal/src/x86/json.h rename to firmware/src/hal/src/x86/json.h diff --git a/ledger/src/hal/src/x86/keccak256.c b/firmware/src/hal/src/x86/keccak256.c similarity index 100% rename from ledger/src/hal/src/x86/keccak256.c rename to firmware/src/hal/src/x86/keccak256.c diff --git a/ledger/src/hal/src/x86/keccak256.h b/firmware/src/hal/src/x86/keccak256.h similarity index 100% rename from ledger/src/hal/src/x86/keccak256.h rename to firmware/src/hal/src/x86/keccak256.h diff --git a/ledger/src/hal/src/x86/log.c b/firmware/src/hal/src/x86/log.c similarity index 98% rename from ledger/src/hal/src/x86/log.c rename to firmware/src/hal/src/x86/log.c index 0e579d68..3eb673cd 100644 --- a/ledger/src/hal/src/x86/log.c +++ b/firmware/src/hal/src/x86/log.c @@ -28,8 +28,6 @@ #include #include -#include "bigdigits.h" - void LOG(const char *format, ...) { va_list args; va_start(args, format); diff --git a/ledger/src/hal/src/x86/nvmem.c b/firmware/src/hal/src/x86/nvmem.c similarity index 100% rename from ledger/src/hal/src/x86/nvmem.c rename to firmware/src/hal/src/x86/nvmem.c diff --git a/ledger/src/hal/src/x86/platform.c b/firmware/src/hal/src/x86/platform.c similarity index 100% rename from ledger/src/hal/src/x86/platform.c rename to firmware/src/hal/src/x86/platform.c diff --git a/ledger/src/hal/src/x86/random.c b/firmware/src/hal/src/x86/random.c similarity index 100% rename from ledger/src/hal/src/x86/random.c rename to firmware/src/hal/src/x86/random.c diff --git a/ledger/src/hal/src/x86/random.h b/firmware/src/hal/src/x86/random.h similarity index 100% rename from ledger/src/hal/src/x86/random.h rename to firmware/src/hal/src/x86/random.h diff --git a/ledger/src/hal/src/x86/seed.c b/firmware/src/hal/src/x86/seed.c similarity index 100% rename from ledger/src/hal/src/x86/seed.c rename to firmware/src/hal/src/x86/seed.c diff --git a/ledger/src/hal/src/x86/sha256.c b/firmware/src/hal/src/x86/sha256.c similarity index 100% rename from ledger/src/hal/src/x86/sha256.c rename to firmware/src/hal/src/x86/sha256.c diff --git a/ledger/src/hal/src/x86/sha256.h b/firmware/src/hal/src/x86/sha256.h similarity index 100% rename from ledger/src/hal/src/x86/sha256.h rename to firmware/src/hal/src/x86/sha256.h diff --git a/ledger/src/signer/.gitignore b/firmware/src/ledger/signer/.gitignore similarity index 100% rename from ledger/src/signer/.gitignore rename to firmware/src/ledger/signer/.gitignore diff --git a/ledger/src/signer/Makefile b/firmware/src/ledger/signer/Makefile similarity index 97% rename from ledger/src/signer/Makefile rename to firmware/src/ledger/signer/Makefile index 4fcbab34..1a7150b9 100755 --- a/ledger/src/signer/Makefile +++ b/firmware/src/ledger/signer/Makefile @@ -50,7 +50,7 @@ APPFLAGS = 0x00 PROG = "app" # Build configuration -APP_SOURCE_PATH += src ../common/src ../hal/src/ledger +APP_SOURCE_PATH += src ../../powhsm/src ../../common/src ../../hal/src/ledger SDK_SOURCE_PATH += lib_stusb lib_stusb_impl DEFINES += APPVERSION=\"$(APPVERSION)\" @@ -132,4 +132,4 @@ include $(BOLOS_SDK)/Makefile.rules # This is to prevent individual subdirectory inclusion by using the # SDK provided APP_SOURCE_PATH variable -INCLUDES_PATH += ../hal/include +INCLUDES_PATH += ../../hal/include diff --git a/ledger/src/signer/icon.gif b/firmware/src/ledger/signer/icon.gif similarity index 100% rename from ledger/src/signer/icon.gif rename to firmware/src/ledger/signer/icon.gif diff --git a/firmware/src/ledger/signer/icon.hex b/firmware/src/ledger/signer/icon.hex new file mode 100644 index 00000000..ba691e7e --- /dev/null +++ b/firmware/src/ledger/signer/icon.hex @@ -0,0 +1 @@ +0100000000ffffff000000c0014001c001ae3a9a2cae3ac4114411c411ae3a9a2cae3ac0014001c001 \ No newline at end of file diff --git a/ledger/src/signer/make-difficulty.py b/firmware/src/ledger/signer/make-difficulty.py similarity index 100% rename from ledger/src/signer/make-difficulty.py rename to firmware/src/ledger/signer/make-difficulty.py diff --git a/ledger/src/signer/make-initial-block-hash.py b/firmware/src/ledger/signer/make-initial-block-hash.py similarity index 100% rename from ledger/src/signer/make-initial-block-hash.py rename to firmware/src/ledger/signer/make-initial-block-hash.py diff --git a/ledger/src/signer/src/main.c b/firmware/src/ledger/signer/src/main.c similarity index 100% rename from ledger/src/signer/src/main.c rename to firmware/src/ledger/signer/src/main.c diff --git a/ledger/src/ui/.gitignore b/firmware/src/ledger/ui/.gitignore similarity index 100% rename from ledger/src/ui/.gitignore rename to firmware/src/ledger/ui/.gitignore diff --git a/ledger/src/ui/LICENSE b/firmware/src/ledger/ui/LICENSE similarity index 100% rename from ledger/src/ui/LICENSE rename to firmware/src/ledger/ui/LICENSE diff --git a/ledger/src/ui/Makefile b/firmware/src/ledger/ui/Makefile similarity index 99% rename from ledger/src/ui/Makefile rename to firmware/src/ledger/ui/Makefile index 081ccc1c..a5d361e5 100755 --- a/ledger/src/ui/Makefile +++ b/firmware/src/ledger/ui/Makefile @@ -42,7 +42,7 @@ ifeq ($(TARGET_ID),) TARGET_ID := $(shell cat $(BOLOS_SDK)/include/bolos_target.h | grep 0x | cut -f3 -d' ') endif APPNAME = UX -APPVERSION = 4 +APPVERSION = 5 VERSION = ux$(APPVERSION) # APPLICATION_FLAG_BOLOS_UX | APPLICATION_FLAG_GLOBAL_PIN | APPLICATION_FLAG_BOLOS_SETTINGS APPFLAGS = 0x248 @@ -84,7 +84,7 @@ CONFIG_PRODUCTIONS := bin/$(PROG) # Nano S ifeq ($(TARGET_ID)$(ONLY_LOAD),0x31100002) DEFINES += BOLOS_APP_ICON_SIZE_B=\(9+32\) -SOURCE_PATH := src src_common $(BOLOS_SDK)/src ../common/src +SOURCE_PATH := src src_common $(BOLOS_SDK)/src ../../common/src SOURCE_PATH += $(BOLOS_SDK)/lib_stusb $(BOLOS_SDK)/lib_stusb_impl SOURCE_PATH += $(BOLOS_SDK)/lib_stusb/STM32_USB_Device_Library/Class/HID/Src else ifeq ($(TARGET_ID),0x31000002) diff --git a/ledger/src/ui/glyphs/badge_back.gif b/firmware/src/ledger/ui/glyphs/badge_back.gif similarity index 100% rename from ledger/src/ui/glyphs/badge_back.gif rename to firmware/src/ledger/ui/glyphs/badge_back.gif diff --git a/ledger/src/ui/glyphs/badge_loading_v2.gif b/firmware/src/ledger/ui/glyphs/badge_loading_v2.gif similarity index 100% rename from ledger/src/ui/glyphs/badge_loading_v2.gif rename to firmware/src/ledger/ui/glyphs/badge_loading_v2.gif diff --git a/ledger/src/ui/glyphs/digit_0.gif b/firmware/src/ledger/ui/glyphs/digit_0.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_0.gif rename to firmware/src/ledger/ui/glyphs/digit_0.gif diff --git a/ledger/src/ui/glyphs/digit_1.gif b/firmware/src/ledger/ui/glyphs/digit_1.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_1.gif rename to firmware/src/ledger/ui/glyphs/digit_1.gif diff --git a/ledger/src/ui/glyphs/digit_2.gif b/firmware/src/ledger/ui/glyphs/digit_2.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_2.gif rename to firmware/src/ledger/ui/glyphs/digit_2.gif diff --git a/ledger/src/ui/glyphs/digit_3.gif b/firmware/src/ledger/ui/glyphs/digit_3.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_3.gif rename to firmware/src/ledger/ui/glyphs/digit_3.gif diff --git a/ledger/src/ui/glyphs/digit_4.gif b/firmware/src/ledger/ui/glyphs/digit_4.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_4.gif rename to firmware/src/ledger/ui/glyphs/digit_4.gif diff --git a/ledger/src/ui/glyphs/digit_5.gif b/firmware/src/ledger/ui/glyphs/digit_5.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_5.gif rename to firmware/src/ledger/ui/glyphs/digit_5.gif diff --git a/ledger/src/ui/glyphs/digit_6.gif b/firmware/src/ledger/ui/glyphs/digit_6.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_6.gif rename to firmware/src/ledger/ui/glyphs/digit_6.gif diff --git a/ledger/src/ui/glyphs/digit_7.gif b/firmware/src/ledger/ui/glyphs/digit_7.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_7.gif rename to firmware/src/ledger/ui/glyphs/digit_7.gif diff --git a/ledger/src/ui/glyphs/digit_8.gif b/firmware/src/ledger/ui/glyphs/digit_8.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_8.gif rename to firmware/src/ledger/ui/glyphs/digit_8.gif diff --git a/ledger/src/ui/glyphs/digit_9.gif b/firmware/src/ledger/ui/glyphs/digit_9.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_9.gif rename to firmware/src/ledger/ui/glyphs/digit_9.gif diff --git a/ledger/src/ui/glyphs/digit_dot.gif b/firmware/src/ledger/ui/glyphs/digit_dot.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_dot.gif rename to firmware/src/ledger/ui/glyphs/digit_dot.gif diff --git a/ledger/src/ui/glyphs/digit_underscore.gif b/firmware/src/ledger/ui/glyphs/digit_underscore.gif similarity index 100% rename from ledger/src/ui/glyphs/digit_underscore.gif rename to firmware/src/ledger/ui/glyphs/digit_underscore.gif diff --git a/ledger/src/ui/glyphs/fish_left.gif b/firmware/src/ledger/ui/glyphs/fish_left.gif similarity index 100% rename from ledger/src/ui/glyphs/fish_left.gif rename to firmware/src/ledger/ui/glyphs/fish_left.gif diff --git a/ledger/src/ui/glyphs/fish_right.gif b/firmware/src/ledger/ui/glyphs/fish_right.gif similarity index 100% rename from ledger/src/ui/glyphs/fish_right.gif rename to firmware/src/ledger/ui/glyphs/fish_right.gif diff --git a/ledger/src/ui/glyphs/icon_backspace.gif b/firmware/src/ledger/ui/glyphs/icon_backspace.gif similarity index 100% rename from ledger/src/ui/glyphs/icon_backspace.gif rename to firmware/src/ledger/ui/glyphs/icon_backspace.gif diff --git a/ledger/src/ui/glyphs/icon_classes.gif b/firmware/src/ledger/ui/glyphs/icon_classes.gif similarity index 100% rename from ledger/src/ui/glyphs/icon_classes.gif rename to firmware/src/ledger/ui/glyphs/icon_classes.gif diff --git a/ledger/src/ui/glyphs/icon_dashboard.gif b/firmware/src/ledger/ui/glyphs/icon_dashboard.gif similarity index 100% rename from ledger/src/ui/glyphs/icon_dashboard.gif rename to firmware/src/ledger/ui/glyphs/icon_dashboard.gif diff --git a/ledger/src/ui/glyphs/icon_digits.gif b/firmware/src/ledger/ui/glyphs/icon_digits.gif similarity index 100% rename from ledger/src/ui/glyphs/icon_digits.gif rename to firmware/src/ledger/ui/glyphs/icon_digits.gif diff --git a/ledger/src/ui/glyphs/icon_lowercase.gif b/firmware/src/ledger/ui/glyphs/icon_lowercase.gif similarity index 100% rename from ledger/src/ui/glyphs/icon_lowercase.gif rename to firmware/src/ledger/ui/glyphs/icon_lowercase.gif diff --git a/ledger/src/ui/glyphs/icon_uppercase.gif b/firmware/src/ledger/ui/glyphs/icon_uppercase.gif similarity index 100% rename from ledger/src/ui/glyphs/icon_uppercase.gif rename to firmware/src/ledger/ui/glyphs/icon_uppercase.gif diff --git a/ledger/src/ui/glyphs/icon_validate.gif b/firmware/src/ledger/ui/glyphs/icon_validate.gif similarity index 100% rename from ledger/src/ui/glyphs/icon_validate.gif rename to firmware/src/ledger/ui/glyphs/icon_validate.gif diff --git a/ledger/src/ui/glyphs/icon_validate_bold.gif b/firmware/src/ledger/ui/glyphs/icon_validate_bold.gif similarity index 100% rename from ledger/src/ui/glyphs/icon_validate_bold.gif rename to firmware/src/ledger/ui/glyphs/icon_validate_bold.gif diff --git a/ledger/src/ui/icon.gif b/firmware/src/ledger/ui/icon.gif similarity index 100% rename from ledger/src/ui/icon.gif rename to firmware/src/ledger/ui/icon.gif diff --git a/firmware/src/ledger/ui/icon.hex b/firmware/src/ledger/ui/icon.hex new file mode 100644 index 00000000..228d1154 --- /dev/null +++ b/firmware/src/ledger/ui/icon.hex @@ -0,0 +1 @@ +0100000000ffffff0000002004100808100420fe7f02402248725c224992433a4112400240fe7f0000 \ No newline at end of file diff --git a/ledger/src/ui/make-initial-signer-hash.py b/firmware/src/ledger/ui/make-initial-signer-hash.py similarity index 100% rename from ledger/src/ui/make-initial-signer-hash.py rename to firmware/src/ledger/ui/make-initial-signer-hash.py diff --git a/ledger/src/ui/make-initial-signer-iteration.py b/firmware/src/ledger/ui/make-initial-signer-iteration.py similarity index 100% rename from ledger/src/ui/make-initial-signer-iteration.py rename to firmware/src/ledger/ui/make-initial-signer-iteration.py diff --git a/ledger/src/ui/script.ux.ld b/firmware/src/ledger/ui/script.ux.ld similarity index 100% rename from ledger/src/ui/script.ux.ld rename to firmware/src/ledger/ui/script.ux.ld diff --git a/ledger/src/ui/src/attestation.c b/firmware/src/ledger/ui/src/attestation.c similarity index 100% rename from ledger/src/ui/src/attestation.c rename to firmware/src/ledger/ui/src/attestation.c diff --git a/ledger/src/ui/src/attestation.h b/firmware/src/ledger/ui/src/attestation.h similarity index 100% rename from ledger/src/ui/src/attestation.h rename to firmware/src/ledger/ui/src/attestation.h diff --git a/ledger/src/ui/src/bolos_ux.c b/firmware/src/ledger/ui/src/bolos_ux.c similarity index 100% rename from ledger/src/ui/src/bolos_ux.c rename to firmware/src/ledger/ui/src/bolos_ux.c diff --git a/ledger/src/ui/src/bolos_ux.h b/firmware/src/ledger/ui/src/bolos_ux.h similarity index 100% rename from ledger/src/ui/src/bolos_ux.h rename to firmware/src/ledger/ui/src/bolos_ux.h diff --git a/ledger/src/ui/src/bolos_ux_common.h b/firmware/src/ledger/ui/src/bolos_ux_common.h similarity index 100% rename from ledger/src/ui/src/bolos_ux_common.h rename to firmware/src/ledger/ui/src/bolos_ux_common.h diff --git a/ledger/src/ui/src/bolos_ux_dashboard.c b/firmware/src/ledger/ui/src/bolos_ux_dashboard.c similarity index 100% rename from ledger/src/ui/src/bolos_ux_dashboard.c rename to firmware/src/ledger/ui/src/bolos_ux_dashboard.c diff --git a/ledger/src/ui/src/bolos_ux_not_personalized.c b/firmware/src/ledger/ui/src/bolos_ux_not_personalized.c similarity index 100% rename from ledger/src/ui/src/bolos_ux_not_personalized.c rename to firmware/src/ledger/ui/src/bolos_ux_not_personalized.c diff --git a/ledger/src/ui/src/bolos_ux_processing.c b/firmware/src/ledger/ui/src/bolos_ux_processing.c similarity index 100% rename from ledger/src/ui/src/bolos_ux_processing.c rename to firmware/src/ledger/ui/src/bolos_ux_processing.c diff --git a/ledger/src/ui/src/bolos_ux_settings.c b/firmware/src/ledger/ui/src/bolos_ux_settings.c similarity index 100% rename from ledger/src/ui/src/bolos_ux_settings.c rename to firmware/src/ledger/ui/src/bolos_ux_settings.c diff --git a/ledger/src/ui/src/bootloader.c b/firmware/src/ledger/ui/src/bootloader.c similarity index 100% rename from ledger/src/ui/src/bootloader.c rename to firmware/src/ledger/ui/src/bootloader.c diff --git a/ledger/src/ui/src/bootloader.h b/firmware/src/ledger/ui/src/bootloader.h similarity index 100% rename from ledger/src/ui/src/bootloader.h rename to firmware/src/ledger/ui/src/bootloader.h diff --git a/ledger/src/ui/src/common_requirements.h b/firmware/src/ledger/ui/src/common_requirements.h similarity index 100% rename from ledger/src/ui/src/common_requirements.h rename to firmware/src/ledger/ui/src/common_requirements.h diff --git a/firmware/src/ledger/ui/src/constants.h b/firmware/src/ledger/ui/src/constants.h new file mode 120000 index 00000000..7a27783a --- /dev/null +++ b/firmware/src/ledger/ui/src/constants.h @@ -0,0 +1 @@ +../../../hal/include/hal/constants.h \ No newline at end of file diff --git a/ledger/src/ui/src/defs.h b/firmware/src/ledger/ui/src/defs.h similarity index 100% rename from ledger/src/ui/src/defs.h rename to firmware/src/ledger/ui/src/defs.h diff --git a/ledger/src/ui/src/main.c b/firmware/src/ledger/ui/src/main.c similarity index 100% rename from ledger/src/ui/src/main.c rename to firmware/src/ledger/ui/src/main.c diff --git a/ledger/src/ui/src/onboard.c b/firmware/src/ledger/ui/src/onboard.c similarity index 100% rename from ledger/src/ui/src/onboard.c rename to firmware/src/ledger/ui/src/onboard.c diff --git a/ledger/src/ui/src/onboard.h b/firmware/src/ledger/ui/src/onboard.h similarity index 100% rename from ledger/src/ui/src/onboard.h rename to firmware/src/ledger/ui/src/onboard.h diff --git a/ledger/src/ui/src/pin.c b/firmware/src/ledger/ui/src/pin.c similarity index 100% rename from ledger/src/ui/src/pin.c rename to firmware/src/ledger/ui/src/pin.c diff --git a/ledger/src/ui/src/pin.h b/firmware/src/ledger/ui/src/pin.h similarity index 100% rename from ledger/src/ui/src/pin.h rename to firmware/src/ledger/ui/src/pin.h diff --git a/ledger/src/ui/src/signer_authorization.c b/firmware/src/ledger/ui/src/signer_authorization.c similarity index 100% rename from ledger/src/ui/src/signer_authorization.c rename to firmware/src/ledger/ui/src/signer_authorization.c diff --git a/ledger/src/ui/src/signer_authorization.h b/firmware/src/ledger/ui/src/signer_authorization.h similarity index 100% rename from ledger/src/ui/src/signer_authorization.h rename to firmware/src/ledger/ui/src/signer_authorization.h diff --git a/ledger/src/ui/src/signer_authorization_signers/aleph.h b/firmware/src/ledger/ui/src/signer_authorization_signers/aleph.h similarity index 100% rename from ledger/src/ui/src/signer_authorization_signers/aleph.h rename to firmware/src/ledger/ui/src/signer_authorization_signers/aleph.h diff --git a/ledger/src/ui/src/signer_authorization_signers/testing.h b/firmware/src/ledger/ui/src/signer_authorization_signers/testing.h similarity index 100% rename from ledger/src/ui/src/signer_authorization_signers/testing.h rename to firmware/src/ledger/ui/src/signer_authorization_signers/testing.h diff --git a/ledger/src/ui/src/signer_authorization_status.c b/firmware/src/ledger/ui/src/signer_authorization_status.c similarity index 100% rename from ledger/src/ui/src/signer_authorization_status.c rename to firmware/src/ledger/ui/src/signer_authorization_status.c diff --git a/ledger/src/ui/src/signer_authorization_status.h b/firmware/src/ledger/ui/src/signer_authorization_status.h similarity index 100% rename from ledger/src/ui/src/signer_authorization_status.h rename to firmware/src/ledger/ui/src/signer_authorization_status.h diff --git a/ledger/src/ui/src/ui_comm.c b/firmware/src/ledger/ui/src/ui_comm.c similarity index 100% rename from ledger/src/ui/src/ui_comm.c rename to firmware/src/ledger/ui/src/ui_comm.c diff --git a/ledger/src/ui/src/ui_comm.h b/firmware/src/ledger/ui/src/ui_comm.h similarity index 100% rename from ledger/src/ui/src/ui_comm.h rename to firmware/src/ledger/ui/src/ui_comm.h diff --git a/ledger/src/ui/src/ui_err.h b/firmware/src/ledger/ui/src/ui_err.h similarity index 100% rename from ledger/src/ui/src/ui_err.h rename to firmware/src/ledger/ui/src/ui_err.h diff --git a/ledger/src/ui/src/ui_heartbeat.c b/firmware/src/ledger/ui/src/ui_heartbeat.c similarity index 100% rename from ledger/src/ui/src/ui_heartbeat.c rename to firmware/src/ledger/ui/src/ui_heartbeat.c diff --git a/ledger/src/ui/src/ui_heartbeat.h b/firmware/src/ledger/ui/src/ui_heartbeat.h similarity index 100% rename from ledger/src/ui/src/ui_heartbeat.h rename to firmware/src/ledger/ui/src/ui_heartbeat.h diff --git a/ledger/src/ui/src/ui_instructions.h b/firmware/src/ledger/ui/src/ui_instructions.h similarity index 100% rename from ledger/src/ui/src/ui_instructions.h rename to firmware/src/ledger/ui/src/ui_instructions.h diff --git a/ledger/src/ui/src/unlock.c b/firmware/src/ledger/ui/src/unlock.c similarity index 100% rename from ledger/src/ui/src/unlock.c rename to firmware/src/ledger/ui/src/unlock.c diff --git a/ledger/src/ui/src/unlock.h b/firmware/src/ledger/ui/src/unlock.h similarity index 100% rename from ledger/src/ui/src/unlock.h rename to firmware/src/ledger/ui/src/unlock.h diff --git a/ledger/src/ui/src/ux_handlers.c b/firmware/src/ledger/ui/src/ux_handlers.c similarity index 100% rename from ledger/src/ui/src/ux_handlers.c rename to firmware/src/ledger/ui/src/ux_handlers.c diff --git a/ledger/src/ui/src/ux_handlers.h b/firmware/src/ledger/ui/src/ux_handlers.h similarity index 100% rename from ledger/src/ui/src/ux_handlers.h rename to firmware/src/ledger/ui/src/ux_handlers.h diff --git a/ledger/src/ui/src_common/bolos_ux_onboarding_seed_bip39.c b/firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_bip39.c similarity index 100% rename from ledger/src/ui/src_common/bolos_ux_onboarding_seed_bip39.c rename to firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_bip39.c diff --git a/ledger/src/ui/src_common/bolos_ux_onboarding_seed_bip39.h b/firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_bip39.h similarity index 100% rename from ledger/src/ui/src_common/bolos_ux_onboarding_seed_bip39.h rename to firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_bip39.h diff --git a/ledger/src/ui/src_common/bolos_ux_onboarding_seed_pbkdf2.c b/firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_pbkdf2.c similarity index 100% rename from ledger/src/ui/src_common/bolos_ux_onboarding_seed_pbkdf2.c rename to firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_pbkdf2.c diff --git a/ledger/src/ui/src_common/bolos_ux_onboarding_seed_rom_variables.c b/firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_rom_variables.c similarity index 100% rename from ledger/src/ui/src_common/bolos_ux_onboarding_seed_rom_variables.c rename to firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_rom_variables.c diff --git a/ledger/src/ui/src_common/bolos_ux_onboarding_seed_rom_variables.h b/firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_rom_variables.h similarity index 100% rename from ledger/src/ui/src_common/bolos_ux_onboarding_seed_rom_variables.h rename to firmware/src/ledger/ui/src_common/bolos_ux_onboarding_seed_rom_variables.h diff --git a/ledger/src/ui/test/attestation/Makefile b/firmware/src/ledger/ui/test/attestation/Makefile similarity index 100% rename from ledger/src/ui/test/attestation/Makefile rename to firmware/src/ledger/ui/test/attestation/Makefile diff --git a/ledger/src/ui/test/attestation/test_attestation.c b/firmware/src/ledger/ui/test/attestation/test_attestation.c similarity index 100% rename from ledger/src/ui/test/attestation/test_attestation.c rename to firmware/src/ledger/ui/test/attestation/test_attestation.c diff --git a/ledger/src/ui/test/bootloader/Makefile b/firmware/src/ledger/ui/test/bootloader/Makefile similarity index 100% rename from ledger/src/ui/test/bootloader/Makefile rename to firmware/src/ledger/ui/test/bootloader/Makefile diff --git a/ledger/src/ui/test/bootloader/mock/bolos_ux_common.h b/firmware/src/ledger/ui/test/bootloader/mock/bolos_ux_common.h similarity index 100% rename from ledger/src/ui/test/bootloader/mock/bolos_ux_common.h rename to firmware/src/ledger/ui/test/bootloader/mock/bolos_ux_common.h diff --git a/ledger/src/ui/test/bootloader/mock/bootloader_mock.h b/firmware/src/ledger/ui/test/bootloader/mock/bootloader_mock.h similarity index 100% rename from ledger/src/ui/test/bootloader/mock/bootloader_mock.h rename to firmware/src/ledger/ui/test/bootloader/mock/bootloader_mock.h diff --git a/ledger/src/ui/test/bootloader/test_bootloader.c b/firmware/src/ledger/ui/test/bootloader/test_bootloader.c similarity index 100% rename from ledger/src/ui/test/bootloader/test_bootloader.c rename to firmware/src/ledger/ui/test/bootloader/test_bootloader.c diff --git a/ledger/src/ui/test/communication/Makefile b/firmware/src/ledger/ui/test/communication/Makefile similarity index 100% rename from ledger/src/ui/test/communication/Makefile rename to firmware/src/ledger/ui/test/communication/Makefile diff --git a/ledger/src/ui/test/communication/test_communication.c b/firmware/src/ledger/ui/test/communication/test_communication.c similarity index 100% rename from ledger/src/ui/test/communication/test_communication.c rename to firmware/src/ledger/ui/test/communication/test_communication.c diff --git a/ledger/src/ui/test/mock/apdu_utils.h b/firmware/src/ledger/ui/test/mock/apdu_utils.h similarity index 100% rename from ledger/src/ui/test/mock/apdu_utils.h rename to firmware/src/ledger/ui/test/mock/apdu_utils.h diff --git a/ledger/src/ui/test/mock/assert_utils.h b/firmware/src/ledger/ui/test/mock/assert_utils.h similarity index 100% rename from ledger/src/ui/test/mock/assert_utils.h rename to firmware/src/ledger/ui/test/mock/assert_utils.h diff --git a/ledger/src/ui/test/mock/bolos_ux_onboarding_seed_bip39.h b/firmware/src/ledger/ui/test/mock/bolos_ux_onboarding_seed_bip39.h similarity index 100% rename from ledger/src/ui/test/mock/bolos_ux_onboarding_seed_bip39.h rename to firmware/src/ledger/ui/test/mock/bolos_ux_onboarding_seed_bip39.h diff --git a/ledger/src/ui/test/mock/cx.h b/firmware/src/ledger/ui/test/mock/cx.h similarity index 100% rename from ledger/src/ui/test/mock/cx.h rename to firmware/src/ledger/ui/test/mock/cx.h diff --git a/ledger/src/ui/test/mock/mock.c b/firmware/src/ledger/ui/test/mock/mock.c similarity index 100% rename from ledger/src/ui/test/mock/mock.c rename to firmware/src/ledger/ui/test/mock/mock.c diff --git a/ledger/src/ui/test/mock/mock.h b/firmware/src/ledger/ui/test/mock/mock.h similarity index 100% rename from ledger/src/ui/test/mock/mock.h rename to firmware/src/ledger/ui/test/mock/mock.h diff --git a/ledger/src/ui/test/mock/os.h b/firmware/src/ledger/ui/test/mock/os.h similarity index 100% rename from ledger/src/ui/test/mock/os.h rename to firmware/src/ledger/ui/test/mock/os.h diff --git a/ledger/src/ui/test/mock/os_io_seproxyhal.h b/firmware/src/ledger/ui/test/mock/os_io_seproxyhal.h similarity index 100% rename from ledger/src/ui/test/mock/os_io_seproxyhal.h rename to firmware/src/ledger/ui/test/mock/os_io_seproxyhal.h diff --git a/ledger/src/ui/test/onboard/Makefile b/firmware/src/ledger/ui/test/onboard/Makefile similarity index 100% rename from ledger/src/ui/test/onboard/Makefile rename to firmware/src/ledger/ui/test/onboard/Makefile diff --git a/ledger/src/ui/test/onboard/test_onboard.c b/firmware/src/ledger/ui/test/onboard/test_onboard.c similarity index 100% rename from ledger/src/ui/test/onboard/test_onboard.c rename to firmware/src/ledger/ui/test/onboard/test_onboard.c diff --git a/ledger/src/ui/test/pin/Makefile b/firmware/src/ledger/ui/test/pin/Makefile similarity index 100% rename from ledger/src/ui/test/pin/Makefile rename to firmware/src/ledger/ui/test/pin/Makefile diff --git a/ledger/src/ui/test/pin/test_pin.c b/firmware/src/ledger/ui/test/pin/test_pin.c similarity index 100% rename from ledger/src/ui/test/pin/test_pin.c rename to firmware/src/ledger/ui/test/pin/test_pin.c diff --git a/ledger/src/ui/test/run-all.sh b/firmware/src/ledger/ui/test/run-all.sh similarity index 100% rename from ledger/src/ui/test/run-all.sh rename to firmware/src/ledger/ui/test/run-all.sh diff --git a/ledger/src/ui/test/signer_authorization/Makefile b/firmware/src/ledger/ui/test/signer_authorization/Makefile similarity index 100% rename from ledger/src/ui/test/signer_authorization/Makefile rename to firmware/src/ledger/ui/test/signer_authorization/Makefile diff --git a/ledger/src/ui/test/signer_authorization/test_signer_authorization.c b/firmware/src/ledger/ui/test/signer_authorization/test_signer_authorization.c similarity index 100% rename from ledger/src/ui/test/signer_authorization/test_signer_authorization.c rename to firmware/src/ledger/ui/test/signer_authorization/test_signer_authorization.c diff --git a/ledger/src/ui/test/ui_heartbeat/Makefile b/firmware/src/ledger/ui/test/ui_heartbeat/Makefile similarity index 100% rename from ledger/src/ui/test/ui_heartbeat/Makefile rename to firmware/src/ledger/ui/test/ui_heartbeat/Makefile diff --git a/ledger/src/ui/test/ui_heartbeat/test_ui_heartbeat.c b/firmware/src/ledger/ui/test/ui_heartbeat/test_ui_heartbeat.c similarity index 100% rename from ledger/src/ui/test/ui_heartbeat/test_ui_heartbeat.c rename to firmware/src/ledger/ui/test/ui_heartbeat/test_ui_heartbeat.c diff --git a/ledger/src/ui/test/unlock/Makefile b/firmware/src/ledger/ui/test/unlock/Makefile similarity index 100% rename from ledger/src/ui/test/unlock/Makefile rename to firmware/src/ledger/ui/test/unlock/Makefile diff --git a/ledger/src/ui/test/unlock/test_unlock.c b/firmware/src/ledger/ui/test/unlock/test_unlock.c similarity index 100% rename from ledger/src/ui/test/unlock/test_unlock.c rename to firmware/src/ledger/ui/test/unlock/test_unlock.c diff --git a/ledger/src/ui/test/ux_handlers/Makefile b/firmware/src/ledger/ui/test/ux_handlers/Makefile similarity index 100% rename from ledger/src/ui/test/ux_handlers/Makefile rename to firmware/src/ledger/ui/test/ux_handlers/Makefile diff --git a/ledger/src/ui/test/ux_handlers/mock/bolos_ux_common.h b/firmware/src/ledger/ui/test/ux_handlers/mock/bolos_ux_common.h similarity index 100% rename from ledger/src/ui/test/ux_handlers/mock/bolos_ux_common.h rename to firmware/src/ledger/ui/test/ux_handlers/mock/bolos_ux_common.h diff --git a/ledger/src/ui/test/ux_handlers/mock/bolos_ux_onboarding_seed_rom_variables.h b/firmware/src/ledger/ui/test/ux_handlers/mock/bolos_ux_onboarding_seed_rom_variables.h similarity index 100% rename from ledger/src/ui/test/ux_handlers/mock/bolos_ux_onboarding_seed_rom_variables.h rename to firmware/src/ledger/ui/test/ux_handlers/mock/bolos_ux_onboarding_seed_rom_variables.h diff --git a/ledger/src/ui/test/ux_handlers/mock/test_ux_handlers.h b/firmware/src/ledger/ui/test/ux_handlers/mock/test_ux_handlers.h similarity index 100% rename from ledger/src/ui/test/ux_handlers/mock/test_ux_handlers.h rename to firmware/src/ledger/ui/test/ux_handlers/mock/test_ux_handlers.h diff --git a/ledger/src/ui/test/ux_handlers/test_ux_handlers.c b/firmware/src/ledger/ui/test/ux_handlers/test_ux_handlers.c similarity index 100% rename from ledger/src/ui/test/ux_handlers/test_ux_handlers.c rename to firmware/src/ledger/ui/test/ux_handlers/test_ux_handlers.c diff --git a/ledger/src/signer/src/attestation.c b/firmware/src/powhsm/src/attestation.c similarity index 100% rename from ledger/src/signer/src/attestation.c rename to firmware/src/powhsm/src/attestation.c diff --git a/ledger/src/signer/src/attestation.h b/firmware/src/powhsm/src/attestation.h similarity index 100% rename from ledger/src/signer/src/attestation.h rename to firmware/src/powhsm/src/attestation.h diff --git a/ledger/src/signer/src/auth.c b/firmware/src/powhsm/src/auth.c similarity index 100% rename from ledger/src/signer/src/auth.c rename to firmware/src/powhsm/src/auth.c diff --git a/ledger/src/signer/src/auth.h b/firmware/src/powhsm/src/auth.h similarity index 100% rename from ledger/src/signer/src/auth.h rename to firmware/src/powhsm/src/auth.h diff --git a/ledger/src/signer/src/auth_constants.h b/firmware/src/powhsm/src/auth_constants.h similarity index 100% rename from ledger/src/signer/src/auth_constants.h rename to firmware/src/powhsm/src/auth_constants.h diff --git a/ledger/src/signer/src/auth_path.c b/firmware/src/powhsm/src/auth_path.c similarity index 100% rename from ledger/src/signer/src/auth_path.c rename to firmware/src/powhsm/src/auth_path.c diff --git a/ledger/src/signer/src/auth_path.h b/firmware/src/powhsm/src/auth_path.h similarity index 100% rename from ledger/src/signer/src/auth_path.h rename to firmware/src/powhsm/src/auth_path.h diff --git a/ledger/src/signer/src/auth_receipt.c b/firmware/src/powhsm/src/auth_receipt.c similarity index 100% rename from ledger/src/signer/src/auth_receipt.c rename to firmware/src/powhsm/src/auth_receipt.c diff --git a/ledger/src/signer/src/auth_receipt.h b/firmware/src/powhsm/src/auth_receipt.h similarity index 100% rename from ledger/src/signer/src/auth_receipt.h rename to firmware/src/powhsm/src/auth_receipt.h diff --git a/ledger/src/signer/src/auth_trie.c b/firmware/src/powhsm/src/auth_trie.c similarity index 100% rename from ledger/src/signer/src/auth_trie.c rename to firmware/src/powhsm/src/auth_trie.c diff --git a/ledger/src/signer/src/auth_trie.h b/firmware/src/powhsm/src/auth_trie.h similarity index 100% rename from ledger/src/signer/src/auth_trie.h rename to firmware/src/powhsm/src/auth_trie.h diff --git a/ledger/src/signer/src/auth_tx.c b/firmware/src/powhsm/src/auth_tx.c similarity index 100% rename from ledger/src/signer/src/auth_tx.c rename to firmware/src/powhsm/src/auth_tx.c diff --git a/ledger/src/signer/src/auth_tx.h b/firmware/src/powhsm/src/auth_tx.h similarity index 100% rename from ledger/src/signer/src/auth_tx.h rename to firmware/src/powhsm/src/auth_tx.h diff --git a/ledger/src/signer/src/bc.h b/firmware/src/powhsm/src/bc.h similarity index 100% rename from ledger/src/signer/src/bc.h rename to firmware/src/powhsm/src/bc.h diff --git a/ledger/src/signer/src/bc_advance.c b/firmware/src/powhsm/src/bc_advance.c similarity index 100% rename from ledger/src/signer/src/bc_advance.c rename to firmware/src/powhsm/src/bc_advance.c diff --git a/ledger/src/signer/src/bc_advance.h b/firmware/src/powhsm/src/bc_advance.h similarity index 100% rename from ledger/src/signer/src/bc_advance.h rename to firmware/src/powhsm/src/bc_advance.h diff --git a/ledger/src/signer/src/bc_ancestor.c b/firmware/src/powhsm/src/bc_ancestor.c similarity index 100% rename from ledger/src/signer/src/bc_ancestor.c rename to firmware/src/powhsm/src/bc_ancestor.c diff --git a/ledger/src/signer/src/bc_ancestor.h b/firmware/src/powhsm/src/bc_ancestor.h similarity index 100% rename from ledger/src/signer/src/bc_ancestor.h rename to firmware/src/powhsm/src/bc_ancestor.h diff --git a/ledger/src/signer/src/bc_block.h b/firmware/src/powhsm/src/bc_block.h similarity index 100% rename from ledger/src/signer/src/bc_block.h rename to firmware/src/powhsm/src/bc_block.h diff --git a/ledger/src/signer/src/bc_blockutils.h b/firmware/src/powhsm/src/bc_blockutils.h similarity index 100% rename from ledger/src/signer/src/bc_blockutils.h rename to firmware/src/powhsm/src/bc_blockutils.h diff --git a/ledger/src/signer/src/bc_diff.c b/firmware/src/powhsm/src/bc_diff.c similarity index 100% rename from ledger/src/signer/src/bc_diff.c rename to firmware/src/powhsm/src/bc_diff.c diff --git a/ledger/src/signer/src/bc_diff.h b/firmware/src/powhsm/src/bc_diff.h similarity index 100% rename from ledger/src/signer/src/bc_diff.h rename to firmware/src/powhsm/src/bc_diff.h diff --git a/ledger/src/signer/src/bc_err.c b/firmware/src/powhsm/src/bc_err.c similarity index 100% rename from ledger/src/signer/src/bc_err.c rename to firmware/src/powhsm/src/bc_err.c diff --git a/ledger/src/signer/src/bc_err.h b/firmware/src/powhsm/src/bc_err.h similarity index 100% rename from ledger/src/signer/src/bc_err.h rename to firmware/src/powhsm/src/bc_err.h diff --git a/ledger/src/signer/src/bc_hash.c b/firmware/src/powhsm/src/bc_hash.c similarity index 100% rename from ledger/src/signer/src/bc_hash.c rename to firmware/src/powhsm/src/bc_hash.c diff --git a/ledger/src/signer/src/bc_hash.h b/firmware/src/powhsm/src/bc_hash.h similarity index 100% rename from ledger/src/signer/src/bc_hash.h rename to firmware/src/powhsm/src/bc_hash.h diff --git a/ledger/src/signer/src/bc_mm.c b/firmware/src/powhsm/src/bc_mm.c similarity index 100% rename from ledger/src/signer/src/bc_mm.c rename to firmware/src/powhsm/src/bc_mm.c diff --git a/ledger/src/signer/src/bc_mm.h b/firmware/src/powhsm/src/bc_mm.h similarity index 100% rename from ledger/src/signer/src/bc_mm.h rename to firmware/src/powhsm/src/bc_mm.h diff --git a/ledger/src/signer/src/bc_nu.h b/firmware/src/powhsm/src/bc_nu.h similarity index 100% rename from ledger/src/signer/src/bc_nu.h rename to firmware/src/powhsm/src/bc_nu.h diff --git a/ledger/src/signer/src/bc_state.c b/firmware/src/powhsm/src/bc_state.c similarity index 100% rename from ledger/src/signer/src/bc_state.c rename to firmware/src/powhsm/src/bc_state.c diff --git a/ledger/src/signer/src/bc_state.h b/firmware/src/powhsm/src/bc_state.h similarity index 100% rename from ledger/src/signer/src/bc_state.h rename to firmware/src/powhsm/src/bc_state.h diff --git a/ledger/src/signer/src/bigdigits.c b/firmware/src/powhsm/src/bigdigits.c similarity index 100% rename from ledger/src/signer/src/bigdigits.c rename to firmware/src/powhsm/src/bigdigits.c diff --git a/ledger/src/signer/src/bigdigits.h b/firmware/src/powhsm/src/bigdigits.h similarity index 100% rename from ledger/src/signer/src/bigdigits.h rename to firmware/src/powhsm/src/bigdigits.h diff --git a/ledger/src/signer/src/bigdtypes.h b/firmware/src/powhsm/src/bigdtypes.h similarity index 100% rename from ledger/src/signer/src/bigdtypes.h rename to firmware/src/powhsm/src/bigdtypes.h diff --git a/ledger/src/signer/src/btcscript.c b/firmware/src/powhsm/src/btcscript.c similarity index 100% rename from ledger/src/signer/src/btcscript.c rename to firmware/src/powhsm/src/btcscript.c diff --git a/ledger/src/signer/src/btcscript.h b/firmware/src/powhsm/src/btcscript.h similarity index 100% rename from ledger/src/signer/src/btcscript.h rename to firmware/src/powhsm/src/btcscript.h diff --git a/ledger/src/signer/src/btctx.c b/firmware/src/powhsm/src/btctx.c similarity index 100% rename from ledger/src/signer/src/btctx.c rename to firmware/src/powhsm/src/btctx.c diff --git a/ledger/src/signer/src/btctx.h b/firmware/src/powhsm/src/btctx.h similarity index 100% rename from ledger/src/signer/src/btctx.h rename to firmware/src/powhsm/src/btctx.h diff --git a/ledger/src/signer/src/common_requirements.h b/firmware/src/powhsm/src/common_requirements.h similarity index 100% rename from ledger/src/signer/src/common_requirements.h rename to firmware/src/powhsm/src/common_requirements.h diff --git a/ledger/src/signer/src/defs.h b/firmware/src/powhsm/src/defs.h similarity index 100% rename from ledger/src/signer/src/defs.h rename to firmware/src/powhsm/src/defs.h diff --git a/ledger/src/signer/src/err.h b/firmware/src/powhsm/src/err.h similarity index 100% rename from ledger/src/signer/src/err.h rename to firmware/src/powhsm/src/err.h diff --git a/ledger/src/signer/src/flags.h b/firmware/src/powhsm/src/flags.h similarity index 100% rename from ledger/src/signer/src/flags.h rename to firmware/src/powhsm/src/flags.h diff --git a/ledger/src/signer/src/heartbeat.c b/firmware/src/powhsm/src/heartbeat.c similarity index 100% rename from ledger/src/signer/src/heartbeat.c rename to firmware/src/powhsm/src/heartbeat.c diff --git a/ledger/src/signer/src/heartbeat.h b/firmware/src/powhsm/src/heartbeat.h similarity index 100% rename from ledger/src/signer/src/heartbeat.h rename to firmware/src/powhsm/src/heartbeat.h diff --git a/ledger/src/signer/src/hsm.c b/firmware/src/powhsm/src/hsm.c similarity index 100% rename from ledger/src/signer/src/hsm.c rename to firmware/src/powhsm/src/hsm.c diff --git a/ledger/src/signer/src/hsm.h b/firmware/src/powhsm/src/hsm.h similarity index 100% rename from ledger/src/signer/src/hsm.h rename to firmware/src/powhsm/src/hsm.h diff --git a/ledger/src/signer/src/instructions.h b/firmware/src/powhsm/src/instructions.h similarity index 100% rename from ledger/src/signer/src/instructions.h rename to firmware/src/powhsm/src/instructions.h diff --git a/ledger/src/signer/src/mem.c b/firmware/src/powhsm/src/mem.c similarity index 100% rename from ledger/src/signer/src/mem.c rename to firmware/src/powhsm/src/mem.c diff --git a/ledger/src/signer/src/mem.h b/firmware/src/powhsm/src/mem.h similarity index 100% rename from ledger/src/signer/src/mem.h rename to firmware/src/powhsm/src/mem.h diff --git a/ledger/src/signer/src/nvm.h b/firmware/src/powhsm/src/nvm.h similarity index 100% rename from ledger/src/signer/src/nvm.h rename to firmware/src/powhsm/src/nvm.h diff --git a/ledger/src/signer/src/pathAuth.c b/firmware/src/powhsm/src/pathAuth.c similarity index 100% rename from ledger/src/signer/src/pathAuth.c rename to firmware/src/powhsm/src/pathAuth.c diff --git a/ledger/src/signer/src/pathAuth.h b/firmware/src/powhsm/src/pathAuth.h similarity index 100% rename from ledger/src/signer/src/pathAuth.h rename to firmware/src/powhsm/src/pathAuth.h diff --git a/ledger/src/signer/src/protocol.txt b/firmware/src/powhsm/src/protocol.txt similarity index 100% rename from ledger/src/signer/src/protocol.txt rename to firmware/src/powhsm/src/protocol.txt diff --git a/ledger/src/signer/src/srlp.c b/firmware/src/powhsm/src/srlp.c similarity index 100% rename from ledger/src/signer/src/srlp.c rename to firmware/src/powhsm/src/srlp.c diff --git a/ledger/src/signer/src/srlp.h b/firmware/src/powhsm/src/srlp.h similarity index 100% rename from ledger/src/signer/src/srlp.h rename to firmware/src/powhsm/src/srlp.h diff --git a/ledger/src/signer/src/svarint.c b/firmware/src/powhsm/src/svarint.c similarity index 100% rename from ledger/src/signer/src/svarint.c rename to firmware/src/powhsm/src/svarint.c diff --git a/ledger/src/signer/src/svarint.h b/firmware/src/powhsm/src/svarint.h similarity index 100% rename from ledger/src/signer/src/svarint.h rename to firmware/src/powhsm/src/svarint.h diff --git a/ledger/src/signer/src/trie.c b/firmware/src/powhsm/src/trie.c similarity index 100% rename from ledger/src/signer/src/trie.c rename to firmware/src/powhsm/src/trie.c diff --git a/ledger/src/signer/src/trie.h b/firmware/src/powhsm/src/trie.h similarity index 100% rename from ledger/src/signer/src/trie.h rename to firmware/src/powhsm/src/trie.h diff --git a/ledger/src/signer/src/util.h b/firmware/src/powhsm/src/util.h similarity index 100% rename from ledger/src/signer/src/util.h rename to firmware/src/powhsm/src/util.h diff --git a/ledger/src/signer/test/btcscript/Makefile b/firmware/src/powhsm/test/btcscript/Makefile similarity index 100% rename from ledger/src/signer/test/btcscript/Makefile rename to firmware/src/powhsm/test/btcscript/Makefile diff --git a/firmware/src/powhsm/test/btcscript/btcscript.o b/firmware/src/powhsm/test/btcscript/btcscript.o new file mode 100644 index 0000000000000000000000000000000000000000..acae619227451c3ae0daf0b295e52fef37ee0568 GIT binary patch literal 3608 zcmb`JO>7%Q6o6;#G)>bqYpNJogi0=l5(HVdTS*5Y5bmez1f-F?Z$KCNxSpj z_kL#P?ReK8Y4ItaBoQtWd4V_y?ABZhm;Ao8?0@d7xJ{ zP)}fxUZumWFz8zpn0NQ+XgL~oh+a(|>Sm&gWmJ;~W+Je0?+&eR16=>B;iaxK|{?d|E(ww-%+J<(?yYF{k9^f)scq$St1R;4cOYtHO)P3>E) z8=5=k#rH;R(^c&!GZA83uc}?&$YLv;e-EH}I95p2G((Udk=#i|;Bv_X6AaE9$u+aUgC zx4k-kSepIp)U0b1jcU8{%GkdxGzD(8zwMg`xxZaF(2isL3=ql1VJo)yNvEy5 z6+b!YHf`Nc=-bP-QF#omv#xcf5rTx_3ZUYV5wP3wi@>o?n#I!|gFeIf=Zw?dqCRJ2 zOWESW4MWM2tg-CasfEIVK~mH4+3~S>YIbVsvUVkPWo$gIrAR)PFXaqZY%y0VUw4D- zVxd&d=g1RmK75qe)rT!h&I>qSFUI1hfya*u;wJ_CvVgxM;AH`?2>5pbUKj9(0)7e) zE{L~3ApyttWxM!`0v;FeR|Wj4fG-L7ihzG6;9m*&w*tN`;5!2TtANu6x9RgaYXyF{Vkx%t$!Vg_D>|C5BF4jysu7e@t#Qe^$HEGw4l zIQGMZ&qamHEnTeOJUT&6!G-hi?;QQ72lfTVJ=2hzUI1|@?B{41aDNUitmzHkWPs1d z6TEg599T2L1K7y(2Rxk5&qw@@aNQmHz`G#k^v2GzeD@i{P@ccc^7!Cg|0Qs=>;H{z zD??|A*nj-@!1HNo5!NgDia@$Mi0r?ku8Wb1$3 Joea7+|37`_=tckl literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/btcscript/hex_reader.o b/firmware/src/powhsm/test/btcscript/hex_reader.o new file mode 100644 index 0000000000000000000000000000000000000000..4826ca386c46eade11a927efcad733a38956aab6 GIT binary patch literal 1920 zcmbu8%WD%s7{F(fKGK(|;-T1r5einZ+oWKnB6YQHI~1#;1}~O&n`}+6X(8E`R_z1g zqf00XUc87N{R>J@5-C_c2=SJSkc&`B4)NAQF@E1LZ3Ps1Zu-q-0EO@BBRHP}r=-nXR_i1~3=Vhr>`jD%!w~*3gTG{t3 zf=9{H)Y$H4mS0&;9WH0NjjaOpspV$YyamRgmHJKGD741yBy&oodlz)iQF|^+?O+D_ zWx-3Iq^-tHXjS_02IA?qUc|g@y?|5xVM;I15C-R{lG$I|G{h&1%H#B0CkDKt>o*iR zhKd-gp4HD^K2VFMf)eK zL52qh&-=Qrn3GXs#uxCby=tJl?-bX3z5d>SKM?Ta29DwYqCB`sl!aEMy}91=0?wxc z7=9?%akzA-^{H#HrOq`15oO;6wTn&-18JZ279cU-3iMG-6v|?oHkT5GCmbIVkYnOe^Wc8;~SE1K;va! zqthXhNlt(dnf!9T$$`9vj86iG-{_z7&peTvX-!-y=;f0RR91 literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/btcscript/test.out b/firmware/src/powhsm/test/btcscript/test.out new file mode 100755 index 0000000000000000000000000000000000000000..c85001866e3c54d1e90b91c4b9c8a5ee0d1242b6 GIT binary patch literal 26856 zcmeHwd32n`mG39Xvdv=20Tj#dx^?T;t@_HJK0cdXyRx>XMv=$w?=?c_Ql9YHUwf}Q2qI|T96;GhAaafU5w)+&?2~!J> z-%q63uM_>9%r1+B{*sE}Dp&S&2ex@-PqehByKiXw((SIj)Ha(3`S`EMWB>2jc;7d+|KL9+1pUOnb zpjy9Q1D>j6M%lp+>2yNcGL#!svRQv{FdoQd6TiDh*)q`GmrInv+(1v^X z*t5 zz1dQ-t2@?Zqj(_R+&!3!2Rha*@9FQ0JN%%B1a0o^?-PQuoV6+=_ncbz&CGuiqcPUt zKU%ud?}yIqK85Nx3j@e_AlL6hAK?{KV!cbeQ{bJQyuOHw@{ugZ$q%G26Ea?c%Ql2h zl;EclAktI`e!2ufr%Q0T7N~krC;e8GdH5k;mMPWAbA;3Sl4)@#&k-(T2q9`G{pNC5 zeC9>P?c^Ea=j)M|TT5`NlPS~5bA-Xr#nj%(vxJ{kL}xRz7MQibtOaH*Fl&KX3(Q*J z|6dDahToo_8L5A3gQ8^a8_U%e4rhk<&ws9Hkb?CyR242gir8cR(_VsbOfAyh?SqBG9CRU_ptK!sZ2+{$(^kH zS5&6s+vFBjUWRhA2W6JDU#-r+d|M{}v&`_(srHVwqxE0Gi8(X6z+j~1#Rh2K^xk?! z`EBEcE2yUBP6)`1*56LVo6a?1_%ETJhJQ+7yz#=FB=|W&!QaOCt*eMEIiAT+W%m90 zlbLl@r3mw+wW{S2kn%hD>r6_TkZ#!lF9#b?)1z^%g<1l zSc)M{bm7;5`rn{jbE|A8>ExfFawFR8x%D|BPm-m17E_nX-)v z0ckQ)|0u{)De&&a5BfYf@%iJ00xJFj6$cngo^fuR%H-S01wMn~$i}zx?F;uj&$!4^IH|$4Gel!r@=m zKt9R~c;m*sW5d(6jl15$s3`M*0d~wo!|-%XzdB3A4TzRP&}X%8lOlPhR13q)4cbu3#MITxipye$Tn-X*(m-gD>7+Y zS@xBD`y$}oC}c)j=RZT^!@3x$zY)j*rS@1C@@p7t>sgT5h~hP(c+L8)7o)fo#e=Pj zs3l4lqEsU3*kWL(m2rHy7Lr?=i1{7LDm9Y^jlLPbW=4M)bJ6(36qtSjrp71Qn?|p# z*_~->eB#-C<8}Fcul_v$4k{l<sW2CtgX#`9JRN}+Vze1eVLDGjpUfqc;7A#xqwQBiFO|cLIz7_#y~UJ$l78CY3#dloS*D4*POI_rD^ey{xOJQg&> zLLDAQkfBIIy)Q=m7)Sg#lF4s`gQt(6mg3;4Pok^BtxL!u!+FduCe!G@S_R>chKerXKn1PDcK&1ZUIS8q@|68H(RP#p>`Ch>;1N29$ zf&Td4X(H<%Lmn&kLTnJPT!{#|1VhS#m~Q~H*l^$_D!gO@UNW9PygU6S9AcW}Owy{yx_%SWFb!A8cfBdt9&GC}5{q49@qiO25xW z(?SZ;-60elKAT9(ZKUAeywBF|S!MDnl1FKGF32D$=$7 zB@p-7p~jK=L&#xmk5E#F>yV0^Ah>-=RQF7gD}%H8``~?(5EoZG_-GF_R!N$F~W&A-s2%>cYO+~ z9jreWzbTPaSa#I9fLwpHU|`exTVy6%c+dNhN6#;V zP|ufB&-Jeorx$_3d zT|4<5ggk ziftv%J2~fFoU@-ezr#4^fD@iEvY-(e>}%62K=RDz9s`32IXcN0;4)k;;{lR!J6O=@ zRo3X>#Cc5Q-=f6q_dk$1Hh0glIkdOV%y>K2$swGC^BbSso!$?xIKCe|n9TQ9V z!HHk|E4pB7h1LUepi8Jak0nNBzE&s?cBc2uhy`q|Ofhfx5~A-@!(#krGE02}Lzwsu z2_8v5NuAtV>|`7ecC~{O&k&SPW6MODcS3ovvrgW_>R_FWvraVXuI!VSfdo`ZV8`*+uGTTb>z0Ia{0=diEV-;V6T`Y!yYgz72G)u^?P zqQPj(`M@WdVGMpkqMeW84%6>$1Zr-~UNDGtJhB8@et{&7T6f}KU?AfNl%4p-JLEL= z5QnA5#^V#`7dhuD&iO+)^~4Tv?o1a>-FbH*-qt_^LQI-!9KMKesp$RSL=$*Q1L;hJ zY{kqUVKaYdcltGixI@qwgDdC2^38(Qr{-&Ksg5FW={ zDwt0<{Tj2OMO}ZFcU{N3ewG~1g7j)O94xWn%Tq-gViR2myYa1RwCNFu*jqpy`BT-6L6G(4h}RB@G1ctIiL{mECDxg;2rYB?-6h#2aXc( z5CNMw@Hznx5b$XZ93tQz0&e2KQv~!9a5D!UCEykUZsEY!2v|b^{bL#YZVv%h5pWv^ z?j>Le0elN-$q}%KfKJYl5HJrwX0+*61(%*T-bBF}$t0rGjCKYStbck}$lKSKUNo^Pl8pYeP|`JKo! zr@HmIwj0;t9CEdywB4{e|9acT)%kbZI@E&P=AJ{D0ag~dTBSGchP)~005>jb! zs5g#?Dc99Km<_vz`tINorG5JPQ$jINHkzb=AjNHxy6n=y%U~+HA{dDMDBBfpU(Bm0 zdxc=*Bf31LOJE6gDEMf2)Z>Zj5mT9QS8Q0H=Ci^z$@cYUrP2DiL6oAIWregRn@!oS z*eu?@B@T0OR0Nnh)p?6uFat^XGc#GeRrMYeC&PQmo;nL#LKcaB*I^ z@%0(KOFS?&*wsJO6QzPU6~!_6^QD8rD^KQEMdkQfP_|;_M@n}er>d%$iDIdWr74!K zScYPmie)L5tyqp?xr*f}makZWVugwoDORjliDIjY?<=Z?U%np%imG#>sk&;YrfR9S z>Zq>jso?U}YB1(StCI98$*7XdD#@yn>?+BrlH6ia6f>xzm{vtGy^3N+6~)Xdidj_@ zv#TiP6cuw}Fdbc*5T}@-YLyh3pIdgMCx-8Zk?%QvsOy0m=|*Bjs;dW{ZhN8bx@ux+ zMqui2AKQx^KhP{!jWjDz?a)_MTUV_(j#S_E)XV#5ZH?HIOU2cG3yNd!e)CoruDs(OxP#-?Gov93FgjS(fT?FFG8=yq%yiGv|I zrsZpa>m_QU>%Obofvr2f8riz(IvBHIIj(`BBzB15guWT;aqOC=uE8>q6+1dKFzwiZ zVG}n9VrY{N8a z?1ZoahVMeOW&24IYp(04s-^odsi$KO6GQjnh#bL;unfUA>kYHsK>lDGvFd7;g_Ul= zkv*(&7arpVfr|BF1%~aIzMeR4s2k+XwrdBv1OHcbIIrVkvBX+pBLoCdWCvOhV+DJ9 z6slfi29fFo5bdd+tLdQ~g<6zgkt8}ogaP08vGiRP4Pw_y923sz`-$$Fs*APfyQb^A zwjF9#h@}!n5CuV|?uXDW(2@W>xV~iso@*N(B99wkv6`9@W1*T*Tnk-W_buN+;Id*P z2z=ktLnnl|L^VwePzxf*QcW*ZwaE7!57k&bSfN;vuB9dkf|(OzGfO;Ew{2HPfc2u# z2|_GyvX>r*7+DzFf$4{uff(TUY@NkEA||C-3;!W3Oy>(#50DTeS;DSoMk3+w%&ML& zW~1NiUO2NC(mLg9R8`F|a&6Pnb(}}d5W6+@QS9z?7I7Ut(ls~q4b^a**p56$*R)VI zywGs4x9cI|K;Tm(bP_+ZeaJAh#KZ>fnMUI4fn#W4gcAY6Y-D?$uIh-mmg_hHP9A8k zBMMr!swP25hm=tFJ(A(z+@RuEg~){SLJ;E=g0mRnu;ytv=6DH?36_h!AF(-!<2dng zoQjgz3jD-$4b?*MRy70XAjje(L&3%w&Cw9u(LN62MAd9H(c&cZfw@kcBoLmMk?H6- z^B{%>NrK3S{$ed8>%@`ixvH)wUSw;o@7am&=s48iJa3z7gy3!_0phi8n>dI$5az`= znPEpzaY8{X#>ngh5)DuHtk8F3Q}@hJHzPz!gG`|5rjyu#4@)`$0&5g|zF~TLVrr&l z=@Ir6oCtmPyv*m%3~hvN(hi3;1Jh>ss*_-rY&u>!PzJHwh8!>S6Krv@8#|8bXt9ff z77njQfHPF0V)J6!>9%3|f#pPg?1h2h7`_FuI855U8=BbdOdA_ynBZKD?F(~{KUFtW zxQXNXP@ZIjmWPuXhJ#}-c1_E~v_;s>3>=&x3r9O_p0?#^jup@p!M$t)hf^GBu{B|< zGfKxNy%c^LVN=yCvZ8KizTshCGjtpPT^kPrD#D(sTNDp12gCCbC0%UbwqanW4D8qn zT`w|J6`P=8lMI;G!S)_uSHrn5NwmZ=;SZVyX85KT!%8@j`l!b2L^=$m>24A`MilB6 zrVTRS-dHX;e44Hn;ecy|*ekI^8cu?V!vPhK74S5i?rqPoBi90Bgu@CZjD9ENb#$3R>M)1^Wb$v{+z;AMy-Mu0Otq~X94VXX#^Z9DMaAh9uL zc8Eg}o@XrI(BK=19mnL8AxEY76Lma?r z!?Pokf$)ZvXLzdR-~o{4K#eWcGBMW(av_d>IFLm?%o^dT)4}}HlbY_SI8MQ&Bmd6HWd#_fkP)%#8VHCh8~QB#fo5sm`gGc<9))@a*c_ZxKn2(b^)Lui6k zE1$WE#hg9={Q*zdxLXp5-3QX8wJ3|b+-!Frzr`JtjHUeY{S``eo@{w77oL6`CVPJTbOL_WGp>RIlHCy|9p|Aq<7SOkWx4lp(+=6lj^e)ir zLB9(61JI{Ie-8R4=>Pmlq3{9dSua5j-c9QOy$1C2ptpbqKgCP*pg%fXC_D^$=gWn{ ze$a}3^Ctf%%rt18PatSzy|G|TJ3zE1S z7OreqbZz5l+ve|7K6&odmm8N{Ofa>_tH_E1x$}vNL~ZG{z_)sQXye--d|QQuiwUwboSp!QGW=U-57l-Bpnw0{$LE#~o`VBezr zx;JWxgW7+9pM5_r6zJW|VtwtkMfvArKBrLMT3VkTuGuQLL>K_Ka0Diam}&no>UaE}`u(WiiTX~^V*hnFvw0@pJPLda z>xkY;RhBg@e4uu9!=gX0OE;uO=cF4J|5^Qt2KD~AnFe=w-l~Sy+Z)`r2DPnW@v?^0 zvW7+AU)C_6eJ|z;tg|DKL&KO&vljTjVFCGlA^ANa>08WK(E(di)X_rT+X7CM+{HXY zdlx17-6Fhx%#w`7=ZdoYei5xlO0xdl;|2Ol7e#*Wtey%;JLhmZmlH*W?^B|GJEg>8 z5h#n@pm;T!CH$p9SrW|@rIW+7L@AB2-!uCa+arMC&w5yLMaL4~E)F1d=dKFjg>iu8kW{1j!o zbo`QvI(WPE!x9+U!|N;TN%eJDt*NT`0_E|lcti1fj^*+ji|e}_hY+W?GES7^O-eO?tW!R!$nTt$^J5ivmLfb~hbXbBDt?Z# zvnnp5*NiM$w{w)=6lM^fqc~ZsG$>OQc5V=O3V$S2nl2K!jJvYVL8b;z1X3RvCzdn( zMEl$>CnC$E7249trvHf(nGMkf=%KLY=p z=;S?$ZCZI>@Nc=8<0!H;4{?^{T#mm#qQuVNpl1sF@5IK*o*jVGhd$)o5x-0;1b-kV z>M~KW0XXS1*2w|c?^fU`!Ba}kgTkpQap3bp{sA%J>{$p6zsm4Z2|WLp;QyG=|4G5} zjKJR${(M;AhXnqJSf}#@{&V09p-)$*00gNa{@N4c@UNJha$Z)dt8TY5fs=jqck(uJ zzLuVZe-*X z(PO|#ex+aiNbo-{=BpF_L}@Q@lK)~SDYm zB?(?go%yzFHrJaC>FciaiP@+>ySb-7@O!dRu76-K>kn=H29b_a9{bK4cX5r~&eai=`M zl%%&t>3z^_)V&$^l~F7K1+SbE9(MTy{35aV7AP8Kv+dWVJ32m{UAb}n@{ZLT)@QTy zQQIo0Srs*^qIy+StBR7TR$kY(E}c!UUy;REa?3{^DcKdDUf;HE_44u>_H|xB`22D< zoe>f;E3Q+rtJZE<*0wggVdcu}(;eB4wqX^oiis(hmc(2K-gWle8_qAIWcgfA6P+nFw|hO`kX}>*&NwY55wd(lyvS z*xj4;qh8!t_igQk!-V|V)f5pTIyUo+WCIVB1SPsH##)-9LInZA!* z^`qBiY8F=%8kc^IyUZp^^Wcu&oF9PZ1~~1KIeg?h9@wHZ_x0!E=FNRW&B0JNzVD6~ zjycq}Z1vKdzgb~*UH)K~(j4vRgFH@i1H5KyJTQnqO(-j5Q8y6x_|!n;w)EtbW;S)r z$Tn~8N0I)*L20H452k*$w3_2C5!1UO2$3b;lm~a-Lgvwf-`gFc`~DnBhH|t-n=!*m zGq#sr>>A}e)&Eh6?%U{WCARV6J&3#yk@syuvy6SJHl`P*75Nt_KTCmG-+0DBbDF{^h-oq|*LUf5|859cWK?gt9E}ha^q0 zUir7qOZ6A9@)=}EW!Zka=t$Br!6^H$9RDuSewpBt_f3+Pwx?(3%JzQ_jPw%MrF7`z zNl^K`Ezsh*QkL_`l(tWac9QOqjDl8(SH4iuUfy#_D)p6OWLeVxTG4(?bRg;X#5rHK zm;KA~H!9l8dvQtS{jlU0?j?)Lw?%t7fAV=l(x}3KmHmIOqJ8E6uj931PdroE|1%Zs z<$ax`TWE2VBxyGZJ&z3CaY;6LA0hug9+mvEEa~5&ZDUD$dH**>-#)Z$hTje`hDJ=@RX?NJc?Z73Je7Q~zoOF56#L zfeUl8HdICBqVJaQ?h*aF;)0Ii;8pmM`pfuB>qF{Z(p))o6EA&P1};%4`GsDXQ>B7YbBw%G5Y`FBy^q@7;uGqZ- zK|w)T7_=cul*s2&(fMl1zE>IE$H%7dv;i_jZPMbdvVY8;{1r&Y8yun)&X` zjzv%HI%s5D`^C-ew{Ur@bN9usbnada_CL%#(V6+Da;`SF-!%2wxDd=Y&uG6j7)?~K zAPMdap>OK{%=XTa&rR&#zklo2r%SzO_HJ(PyZzRE&W3p-+m0cH)%3@YZ5XMHwrTs& zOgSlop|)tKGkZ3-UxHMO`3dC}0}U(u$x`*s4?$51%qVE4y{A-Y%i#`&O84MA+tJlu zf|>RXhIV1&&|cbHs`h00o75+%ui#?@pOx@6dp` zs-8)m=q{9@JDYaTEsc%&*tco#oRK^J3vKD<51zpqhQlAW36gJn^-(<8Q!(=SKL>hu zIX{&a$zua0y7fv_#F_0{kxn&>15;Vk`|8=XJ)cfJm*yq?`XOOWeW#tf%ZO1m*s^M9 zrqmfqZ27>D@~q8sUVR>o4;iLf;xH(e9jCxQ}r_XjVdR$ z?6>RSt-B7|x@$-;EzI~Ttdpl^;0miB-rRm1Uh!1JS^;jZ6E3>Lb|*U_XlEaqX}?fDSDny3=(9W7Iq2lB`c9r`?;m>g2dIOS@2`mp zfFG|GEcI3SBko@4*sck1Pwgs3B;AkrXa|h?b$m~~mfC6N490VBJ@fYV{=;s+b-%pv zNE#4g(w>n`^AJ6u9>P^MV`d;7M98I>`4`HWe`<64IfS^Us&UpvN{s(EnSIb_PmD49 ze^oyanwVWTHO$KY-q>;bxq%HItna$chST*nq!e#rs&U=U`i`u}xbI@MLQ zQ`M9)Io%tdxVDu|PW0r)UTb_}yf-e^j^8YL^}W%o5~BE{ z(>>9Xt+UT=oj11Z@@1D@xN59>`B-=5s%0yew;fHIT%S$mC5!d3>G7Locd{s^WsjN< zDkj&vbQ z{zyhA>huDb ziX3N3ioClQM1$c+}&8>Je#{ahI>Wq+QKQrAc>Uva5|Y zSsBFXn^{+AYnHRA+x45tjq7FBlX)K~)v4$9yC@B$jx%qaT$im|zwp;< zwYXK!Q(81t*LF?^M8_FZ{;wt#j@O^(+6nH@?*TH)nbzhg&0S8l%_}F}q&Z7kH;(t# zv`VLIl?_kbaMx7;Y`c4=)Vd#Y12_q+roiK4i;e@FZW=@zpp>)E+;mi@jVJ?0N zk){sws*B4!=Cgo>jI)TvEMZ^?RtIBV+?wLm6u+hfH6^Smyrx7oCGHo;3DO$H+#1Ea z8pZq?#ey2e!WzYRjbc$>u^0yP&}9H|PLQ$Ccr5)q6gZuDAMj~~?nB{JmGM)*>xW_^%b0*@1Wr++uo~Obu@`!tJDw8CL z;xLbauuNvL@A^E8TsO#)K&FBT$ynkCQRHWwC+IA785hz^;w1Ei7v*kJgt05UFpQJb zXRZtq!GkDqrO(0PkZEY`sFB^GJ`#oa9Co(M&Rz!geAO@#=(EXp9R zU_pQZx@jJTEJ!lu=0ZdXsoLa`#_kQD`jStPNU6-nT69(xF|NuEV%hUHE6@??gQ zWf@Nck-0u%KqSg_CIuoUm3J-t+psX@7tBjh5F^WiT`$O0aT+pRXJmfrxp=nVd@}WQJW@H_i2T9C4 zuSjz4#vea-if0LC1L z0fqw=^FoS;VT9ocM9CN%IQM<*lqr{C7ALvS7&bwllMI+Q!uFnHS3_P{6mAg)@CVlg z8NQiFSP2=aKs9D3_h2a3iwha~dFF+fHpqZ`W4R#t3}QD&g6n74E3rfRQGtm=f{J4W zJPp}BPkf%oA&7Yb)xp858?qO9K}bb-w=$#9-jvJfrZJQC8yJYhtM#9D=86}gK8O9t=u+yGqRbF8PxgZQ*a ze3IddTyR}V!*u_VZ2iL_B4K}28 zPU#b7h&Z7uaS9R=0SL2@;XGDgSXeJ4BlR&%oXH{_8{jq}j3_XtIK$H-LehtDmE(#@ zPF1#JU8l6Sl^hgM+$JiqH(lf)cUFWr~4@@V#<*;>_uXJ}{ikVjRG*Cb>)7M)`h& z@{bJr03AXLtXh5MCQ9&b{`XtVu<>q5mGXTcy|h-(>RoPke4=`bJFST(U%&tCzc(F_ z>fbNwx6SxV40;=`+w0eIXkOy#Et+$|vSnwq7A}|RxR_|UY}6Zdm+(dEu0`8Fb6r+; z`T^DT(9M@QLmTG~opAUe@7;VMX+e?-;)d{+Id{rVSG z{o!=g{a-NXf1j$4XSMhH?N1~eWdZ%t?bAW~v)-ZpGpha?`qHD@4}W@2C4qz%w=2A(@N%wHn_=e=bvOGm?7+cl%CK|r0q7qC zIm)m@OEJEJ>(PciOCJaJb^Od#9P>ioL+fz*tW}5qr~%*EfWHo$^wD~hYYNyf9HLJC zF~DhDEpVui-%uf+Bz%7L*dO^PfRp?Y@`|7Jm{r z*=?g*Vr47>=l6lv+2>xx|EyYKWo!cf0fm1`xwQ84?5otUWe%Mfd#Gmn<8*aOEZ4?r2zx2DPYPi+Z)F zTZ{I;wN}cNyJz=;6)Vp>cSU#Q`R8BW9_x;sd)|t6*IB=zH*I{9te9OfJuRnt-9n77 zH7eESci;xxAADEU&E7=&n{c=PHLBWQn`o2QHP!UD=~=sUzXNCe)c8cNaHe}xYvqKq z4xf-Gv;G%brSJp? zt3u_v^}Uvj^fxk8Zm2Hhc+GxqRXE9^eveYmn+@FT_Z|z^{eIcP z*Qw|G)zu#FUmASsmvo}?H`S%DzaH=3Te$A`aSOjwJwL6kcE39eKJ`oWRDM!j4(NB6 zh3kIbu<*Z7&u^)#-S2-JeCk*G>-*Hkr{__R_c#mJ{hnmu&nUU4DBSLMiGkB!jcI?= z`;Xo4a!bDM_aY15t@>SM$T$7!VFRa>Pxt$M12^^gXG{JwYJI(I;aZ>F7OoSB*A4lm zKJ#dxDB92U`dVn<$D>~B=^6M34gAao{3-*d^`g%d*D9Rm<{hD$3NR@{XZu-yh25$P#DGDcXrX4rm=|ATh zeA6E;HgL1wD=b|1dyR!Zr23T#x9xwufwwR=ZMVNR=NbI(8aVNFynWKZ zPd4~JGH@E#;p*J>V++^gdfCFCQ{#F~;r6)p7<^No|1|g{TaR~$1fbCTo{ArhA7bFA z0oQ(bl!4DT_#bM(Pcv}So=XhewC9-yKHrdkfq|QLyWGOH-LACoI{X{Hs|X|13v|I zdcHoWa1yuBz~>u$y4CBES-93evhZ7!-Of_Dt^YEEf2z^%MFziR;FlWw`38Pv177_X zLuCh|>{I&uks;sQAOFn2&HeFj4V=cR?e;?hH}}V#3a9SqcCm_MyDePX?H3lV_s6{o zx9xV&!4Qf9y z!8h0Y7YzJlj9J_NJ_9%X`Kty_exl>^w+x)#d1yJ`HgJkd8vl;M$ZAEP z4cyEVb{XCZn_xc2AeYTdnN;d;EUTex0# zZyNGVe?C;b|I+fcKfhn$WFK=}ErWl$VV?yCZu;9|LyqZh%M9G~w~Gzj^tUSv`84m^ z4${K49oAa-OKQHZH{_dkxYxj2#<(7|?5`I6a<#AI(3?;-8@S$2Ra!w)iJ0{(=U+Z}I0Te%!!cZt>?U{)G+v z)fRt&;$PXoFD(A)iho@L|3-_i^U+%x_?s<0Q}VYo@c+c(`-=aS2L3lJK3Dt)8~A@` z@e{@0-oSsx;-97XKWyOttHuAA;{RI%|K}F}JjMS-1Ao88Z!7*m>cbg5n*Kaj;W{pL z6#tk8{yd9+k>a1$!1pZvC5j(4@XxXMmn#0pEqqMjD-Ah|jCJ}6i+_dUrxt#-!mn+R zGhy+i;@@oHH!J+M203?H{CgDt4=sGL%G+-2|=qrHy9Z&>{26#uOT{@WIR z-;t#{&al#pro)tfn8NkCctjm6M;iFYTKxOe0ri9i{>c`932nkC3k?1eJnQj}TKquq z{RaLS7Jp3fKi0r+QRgT$Ui#5xsk+g){tkSNh3oIPw_CXWetW-#>+hD^EnI(}+-c$Z z`=owvs`b&|CtK?MjmGu&$)y&qzfWFc;rjceGdg|Kx}HdJ?M+qJHTrH!t`(#7-=NND zE_%WlO{b@w(W%MmA)8#cPEMe1VzMVkFSum&68sNnb{z=ROs?q`Q(~P|!}>p8T980P zQ0abO-cohiTthd5S{IhT5w1seGqO_-P7P=^jC4 z`CY4DjobaxS|gcu`})%rCH(Cv}{k6o)a8oybTbEai_p0_Zf7DjD zSJPT+J8Jo*`Sjay){t-%nhrW=*zGCI+j9rVacC1pdBqx-HJtMOU0wSxwX61`y7YhB G?f(bx%ndyN literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/btcscript/test_fwk.o b/firmware/src/powhsm/test/btcscript/test_fwk.o new file mode 100644 index 0000000000000000000000000000000000000000..4ebfd3efdd8231f4f8d686b416a261fbdbdfba65 GIT binary patch literal 1368 zcmbtTy-piJ5T3IE6YNBel_C-pPK80R@>wE9grWn7AE79P6-zYMY3*C^3GPn1TZNwn zDkM6}JPJKc9w9G44^NQH*t=ob91VPucV@nsZ+7Q)eYWv+v*0+O;lO8jh%^iEv+&@1 zBiDm6%s_Yh^7g8CL*|-vy&KqSw?EYzUqnCTaougQ7IT+BE-0_wYPQ^_>o!%pcgi}a z9dM4T&TOSLeT9wYkf$G^M9bQn>P4abdTJdDFr?fn@rW`lI=?y26O{)#;{@FQ$;%aU zCkH5kF}xuxVkQqon9QTGdg=*&;y=EEOwBmY=o=unsCXTZW+$~2ne_LL4%h&OS(Js5 z&x0t8{rE@Zr(%$#fq#^SQasM?3+acMpTzxyr-2BdPQ4H`u{pIzBtr9ge_+{3BzYgL zOviSpJt>YQuz*Vrte<7T21yi&7`Zr+f^B{4E@zSt4uGZNkTWs#_fj5-@kTFPXHidg zZGUl3^{pwZ4b__XfB|v#4R_2U!?*SGn4@?4T>TPisi*#*pgV%zzo7|b_5RwfAg_J1 z^wbOt->%(Jdh-oX`8h3!-Ld(%(yS&nFrZiMnI!sE)lknxI=UmRf3NE4Joes{`mOSJ l%DzHNT3b)N{q0HeOAWeBfdPB|x0uV*d+Jc%4K2C0{x7P(TxS3P literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/btctx/Makefile b/firmware/src/powhsm/test/btctx/Makefile similarity index 100% rename from ledger/src/signer/test/btctx/Makefile rename to firmware/src/powhsm/test/btctx/Makefile diff --git a/firmware/src/powhsm/test/btctx/btctx.o b/firmware/src/powhsm/test/btctx/btctx.o new file mode 100644 index 0000000000000000000000000000000000000000..8d39d231eea3c37b465d0638c0105a2dd011037d GIT binary patch literal 8128 zcmd6rZ)_Y#6~JeGc5Ekh_L>^uq^6uuTbata`qDO#s8nl*OSUv2r;=0n7ddC=Lap}f zaJLr>CA8}K%57IBR|(oG^aBAYd_t;#9FaeyhwGl>3V}ruB~mM4N*m>R7IHvDR)u`L zH#@Vt-rSQ42+@)5cIG$ly?OKI&Fr72qkDHZDGHNCVGlF6B`ITCkEhP78r#S^SzI^Y z({oEf-8`|Po7rXEio&%8C3K5lrauey^BkCS*F7B-M?|;c%eonBE6%^p?b(WIiA|O# zHVQM)dZ;7Y;kIfm=g`<8TP3%ofeRPROE7ehoeqFOp0(bUpS-TE9h_1s)9gn4-`x&(n_X7;*nWiP# z=p`$D-HKjP7Is80eQTc;zv?tJ=z*Xv>>j?3hV!g?^|n+GtS+w8hn5N_V>YZ)aNh z%xb+-XX=3_X%UtQhB0S!^ACJ3=P-lws zfLvW!$X!+Cvz)J>d8}JJ-4!|PCf;dd|Az#aIO9r{v3mLzO}29cXQcx z^(4yXR$7e|{HZ5Xyrmc$an&b(4&GM3>gwwjtT#0IdfQnkGV8Is%vey2GN*Nch#a%R zWTwv9TebR@+sO^$f?)!EXoGFeKz#34pZ6JDM;Yv1t0-EQ)}1dKt<$(iYAw^KEqV&U znp_L+=>}n#@1_b{-@xbYVy#bTR~TQkTv@3;2O18=C9fkr2DDh+@AkoNgXH*xl!Uz@ zs(kb&KDxWPAzQg4YH3p;)+>BbOImMXFyxwW_9L!cz&ime){~o2%vcZKRZJ zzY%aN)}4DF!Yh*w*U(v{P0xJLl5L%aZI3C}0T=U%;|xzoHQ(p@j`x@r=N?mG>uTGD zFIKFJFJc!|B+`OAX23XRD;S5PSB9YAZc%&Z%tKB&T9|tum36z{bvW9#9OB954_NBOYp8+{$Oa<%x=_g=>QOD_(Y8yj-Cc30G9j( zT~Rz7x2G%t#?MRHbglvBm2xnQiq>u|0fqTqdDX?z%1=ou5R+!-UG>LYk zK94=HLBVry#lm9_SCngH{}92C5&Ri~TLfpr#)vTy9%1lr*M~;OMh!N!XYc;OfxScf zckljE^uW-8fx*4eA(l#}GD$@~K9F4hV{;r36<4_~GiW?M)KW=>l-%jvBg2xGdnBZxGf0y6|!EvrC{A7Gy z@^IWQlK+&j^M*(MHjn&Ug#7yie*pst1^w9sKRNDc!ToXmHNjsa_&b85{o6hEgW|~a z+m8`^nBb!XKThyTg8zWvrwRTmf=?5Cj^LLG{wIR}jo{4~U?~20ZXkF!!S5lsM({@o zeu&`TAov);zen&N68u$ypC|Y{!LJeg?*v!Gt=k{}4uaoF@SOyY68s>+69hL1{w%>? zA^6V-K1c9(3I11te?ag~ys0$E^KOFQOYjE>t_hCI>^+|k67oj~o+kJSf=?0rWrF{P z;PV8(Lh!#3{3gMJ;?dHd=bH)MNAR5lKS1!W5&UU_ze4ac1pg($-yrw`!QUbHKL{QW zkM{m}b`pHE;Qsu)n~=Yc;DZE@5&Q{)rwRTd!Os%BOz__m{LchmBKRu7+r%rBKmJ{U z`{NuUCmv-fcgoAha z_*o&}>*L=P2aHkjHgn`F%W=P)ns_j7vo#ug>~c!A(ec5=x90tZ@2$_34sX= zl?aPtP!qMy_^r)TL|7ei2h=bnG>6!gSMkFIl(I+^{7Q?uGN0tS-y^tqJcgECzTz8K za{u_aj%d@be^}_t@ua@Ly&XExCgz#9NPYSKF8ky@k?jan8qNRM7F!}D9LD+M7Lnu2 z`9BN{Mf~Fwh5x`{e{{l(j>OTMg literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/btctx/hex_reader.o b/firmware/src/powhsm/test/btctx/hex_reader.o new file mode 100644 index 0000000000000000000000000000000000000000..4826ca386c46eade11a927efcad733a38956aab6 GIT binary patch literal 1920 zcmbu8%WD%s7{F(fKGK(|;-T1r5einZ+oWKnB6YQHI~1#;1}~O&n`}+6X(8E`R_z1g zqf00XUc87N{R>J@5-C_c2=SJSkc&`B4)NAQF@E1LZ3Ps1Zu-q-0EO@BBRHP}r=-nXR_i1~3=Vhr>`jD%!w~*3gTG{t3 zf=9{H)Y$H4mS0&;9WH0NjjaOpspV$YyamRgmHJKGD741yBy&oodlz)iQF|^+?O+D_ zWx-3Iq^-tHXjS_02IA?qUc|g@y?|5xVM;I15C-R{lG$I|G{h&1%H#B0CkDKt>o*iR zhKd-gp4HD^K2VFMf)eK zL52qh&-=Qrn3GXs#uxCby=tJl?-bX3z5d>SKM?Ta29DwYqCB`sl!aEMy}91=0?wxc z7=9?%akzA-^{H#HrOq`15oO;6wTn&-18JZ279cU-3iMG-6v|?oHkT5GCmbIVkYnOe^Wc8;~SE1K;va! zqthXhNlt(dnf!9T$$`9vj86iG-{_z7&peTvX-!-y=;f0RR91 literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/btctx/os.o b/firmware/src/powhsm/test/btctx/os.o new file mode 100644 index 0000000000000000000000000000000000000000..4c16a55e5570617ea568633d122f67422c48870a GIT binary patch literal 2064 zcmbu9&ubGw6vtl@ZL6&sMMS8FT+|A7NqQ(!MAFtIi^f)Lb5NA+CK;1pH(PhNwHAv? zK?uDRyoeY56FhqI;z7K47Vm;!5B1iAP~UfVrdhY!i+*9|&3xXE32!p{v`{W46A4mE z&=uVG=$+MVy|cL0scf!SHud!zTl#u|$rruz=?CIB zK7T~)d#rtMFW9GeA1otf^tIJ3T0G@fD{Oy2o~rdTpnJ~f7U$EbG&wnz8M-Q}Ewi1; zWwjA4H#~Ylt}-Lpkz6*H%c3spWMC+BQhbZ{G$t;tX>P=pv@^qv;pP$s;`t z4&W_(m%&+SOv-<~>%R-m>c^z~#jgJeIBN!z@+YT)0I(S0jt^Kjt6cP6tyK-!J3J7t z?#AyuvjxdZY$3nrY*%>1)p@=TC)?F(JQ_`MTo6p#fzz(etefGqH1JQVK$vZ8ff2H5B5 zn~Kj!o@9%ml$Q&|)jiHdxVo=r5w7lwH21OPnN_x)6WFF&Ibz<_JhAMNRyRG9w5scp zRA=uAw&2m1{!RL$CVD>Z1vURQKgYSKndK3dI)5k(d9BV@ zb}Yogp-B}GhB2|zl7;_!Na>ULudoS8^-rN|yol@nO+eP1KNF$<_zJ3g)qfllJsT-+ q)%numO(Hj%kGj#`GonipzQHCWS#Fo$yBe4OPX7MeyOF^nn*RsUhVM}T literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/btctx/resources/tx-001.hex b/firmware/src/powhsm/test/btctx/resources/tx-001.hex similarity index 100% rename from ledger/src/signer/test/btctx/resources/tx-001.hex rename to firmware/src/powhsm/test/btctx/resources/tx-001.hex diff --git a/ledger/src/signer/test/btctx/resources/tx-002.hex b/firmware/src/powhsm/test/btctx/resources/tx-002.hex similarity index 100% rename from ledger/src/signer/test/btctx/resources/tx-002.hex rename to firmware/src/powhsm/test/btctx/resources/tx-002.hex diff --git a/ledger/src/signer/test/btctx/resources/tx-003.hex b/firmware/src/powhsm/test/btctx/resources/tx-003.hex similarity index 100% rename from ledger/src/signer/test/btctx/resources/tx-003.hex rename to firmware/src/powhsm/test/btctx/resources/tx-003.hex diff --git a/ledger/src/signer/test/btctx/resources/tx-004.hex b/firmware/src/powhsm/test/btctx/resources/tx-004.hex similarity index 100% rename from ledger/src/signer/test/btctx/resources/tx-004.hex rename to firmware/src/powhsm/test/btctx/resources/tx-004.hex diff --git a/firmware/src/powhsm/test/btctx/svarint.o b/firmware/src/powhsm/test/btctx/svarint.o new file mode 100644 index 0000000000000000000000000000000000000000..64db7f1fce0a9bc3bbc55ee95627a80422651842 GIT binary patch literal 3096 zcmb`J-)mb{9Kg@Lw_WR2d*e@nn-Ijg3ig^r5m&0*uDk7J6jSElP zV`0^Hl1mVZ2-|}b-~0z8bbBc21{n?pV?GO_Rhrd@Dk6Ev8o%Fj&$&rXbMeJ*x#xS% z=lkQF`#txZ=CUz0AxjeBB9XUAYs4ub!N*#CopyCHKn{=@)A`L@{v%*Ig}PZX>Za3+ zRwQ{dd$YBN*`S^eQQ4R$@%GFhppUsX=;f%!p}3|vO#+(2uz-MfYj{Pi8M0VA((Oj-bwd)Yp>8F-=n44OjmcKY56-`+!-`eEw2t`$ePvX`#`8RWBZ1D%44CKh0754oJypIJaO&c8USF$X@~k?`9LcN5ETN>~m+l zgkDwh2$czCD9tpA0SMpN>UT2$lp%`(3ASUd^X`8*)9`>7uCRnbkMux7{HRaghK7*I z@$r$+&~a;aK9LSZ!dg^|48QR*>xH7>Xe1nogvry?nGosXNh0L~(!qhg{#E#R4gtpp zCaJziZO@OS6V5%PSCv3@HQM%q7gedUWO%%u^$^igU8^>C3QOG{t?a&J8>lpKa zLg*#Lhg7T3KH0WTT6{`A z?|t~X55McffA!)2`0x;|j$0r02~(mAoS&030_W#sN#OjPd@FE%PKcKMBxNUNLE9Nu zpXI%bbv~ilR^BGsT*6KeZ8n=FT5=(kveLldWLVndJ2S&@K9c8%M%}Hm@eeZzI1T@k zgdh)=OuVslU?_jL7YoL$ywrxxL3r>i>F~5mkR=>q@%Xb0WBEN9WX>-!F5bMai-7ry z^W%BOoTB@i4Dk6_xHmr^N1%f_!yGWpAQxTb Vwc`6f0hVs@YiuHZ&+-If{J(SUN8A7a literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/btctx/test.out b/firmware/src/powhsm/test/btctx/test.out new file mode 100755 index 0000000000000000000000000000000000000000..c1fd0ea3fa5cf2199e0d718958b8f632d2b6f025 GIT binary patch literal 33256 zcmeHw33yc1`S+cKkv$WTSX8Vd0z!p2lUXuRq6uVhP?m^^;yTQ7heWe=78VsngPL(n zr7cx#r5{!Q{;A!lrTj5f3`+rNt-&f%#TpfKV$jAtT4ese_bhkrOeVF@|M|Y}`JU(F z=E;4}dAIYP_q=Dj%iKHM^XB9k42nGRm5UY1RgdAA3PGs5MI-AjxeK^lUgm@JT2wBuH|D9fiX=MM9;J=Sj{;Ns-TnZ%pHS z5=y#OUInLX6%%<+5ywlYmm}XKZ{YM~VYXG<&>`$1G|BY~xqcxhVYhIEgwmhn z6Z+pR^k%~<(CCnmc6)q%7>a;)FveqRT~zjf~BpPl2cca=EQKL#IqN+DjCeYZzK+8%c6liFUs7j-+p`kgT zgu<#X2#tXiK5wYL$=6VS3utO%WAicREY%{88VNG|p*2{$WVSabn%~A4E6IR~{3%*ctU0+4GcNBTt7MPv!V$5slU-da1q&0sex!yb$B@j6W*f3v-ypXI9xisew?n*;i+tScyxH_BcfI7@M3CZB8zqS5mE`@ z5*>b|4qvCk)7U4E79GAoA^}(E@P#`3Y8_rQEu*&S@cRC{R);@Tr)RwmPjkn~^p zdf=o7PI};^2mXKZfT#7?Fi*nxhF4KMcXvkfQeB?b-NSZiE=W1v1}Qc92+pRnE0Cgm z9npKbQ#dBSMtNGo^mMWOOO&UjR8J?%@25O1WqLNV{7%Z#5~gP(%Xd(omM%SOS^g=? z(~_lUHOoIqd0MLUw6Of6l&2+1&k~mZG39A#(o@ayKcGA%Wce`VX(`g9u>4Jwr=?y`-w7Zl`zc>Y`EHhf3R|<#TIAVb{a|kV zz>S{x+n&}VebqJd+Ko3&g=^bK=QB{geG`#e((`V?SITa`7PD+-Vs&vP?J#bB>-1kd#vw~PFIw~kUYTYZzp6Uthml@)o3GG8(p;F>I z{`zkGBM`4(L^D#CB4yYgucq`xgsqs++CRi}_d^J8pr!(~r@}e}$+M93Br1kIN1D(_ z6ULE5R18QNh}PO^Ccm~rvS%?)%qht~Aho75Iucy3U(b}mK=*olQA0q2%-8&U-?%V4=MjbC6 zOL`KqeQ5XY`2551+Cy>o%Zb`#!u_(LtIYlK^7)C{Lt3T+6gaidW7x?++0O6`(2?%u zsBRBXXQbtig-5654@ZWwn)ObVGVS&}sS(YDV&XeJ@fVXt=;16j@9vD9is~P}j@*Sh zxlicqzqlHNkf}E#a($fgjo3GMbB>S&oe#n zV?=&y{|VEYTamcC({y(nu;(W@L180P$OVR*)=Xx+!%YtmZ)^Y1Xd_Oh2O3$<5G|lq zU-O@EWzV%-eg@=Odn3!*yXZ`YF^&UBESeOrE<`Cqk=a|pwlBzic`a3uBK03g?X8#q zQKjc~oPatE6jMkIMgdf`pJ9x<05pYLnV?j-3AsHAO%Fe1c&_k1t}p=-pVD11I6n=gX2FJ6N4F& zFfn7?dJ7cT`x?MEjayrZXRvYWVMe6NK7f=Qw^|7+#;v2MF~}`IiE&FslDU(bn^oyb zA}Tbd%_W)`w_br{&l5OlwljxM0gLAF(^*D3d?e|qu#&?SBoo!+Ti=I!Dd_reF^~#H zrH>*B1*^X@#)fv#A_5^tbAS9*X3QRtSwNcZp3ZIG!UU9=MmEPhf!rSDlwK#a{+M{H z$FW8nhXhdfGV#K)ols8E3gs9=$pwv|v{4rgA|c!DdBhY@S1>7xJ!-evjKK`Cblv%U zGYu3}VIr}A!+dk%Dza^m`Q|M~G^4Cnk&^B9C&G$$vvI?=0VUe)S4gsUqxvvc{e<{4 ztKY^{Q1vH5`7I=^3`MGighj(1#{kyzS3amMW*js?EkH_oWh*CM1Qd^E6BuTYirnEm zmPm=Bk;MNEZg~&a`3Jhi^VfGhY$DzVvM0f2-)AXl*pJl*`RO+#N4^uHr;jK=PAnU77IDKFyxEEYgk#vMF6b3Y$wgM zc(HuS7KLT3WF@@{oC*Y61)A1%igjMXc&bFQrJ<4MX6CVO`^A+^AaiLLUzMa~;Sshh zjPh3f3unZdpos-*!M7o@5F%~WG=#ZHxFQd2V7w5?y%jVCP;NTYYUp{IXU{^` zw6!8{X8tm{@Dv7OnRgoak1rxCw5f0d#4^lAt`BUlfX%eEIu9$&_kB`D}su zF^JnhOn9hHzeb9JhtiL75d(%<*bE~KYdT|-K!}5Yipxlu0n{>v;wz`#2?HYJi0Q67 zumOO?5#FBhRmW-95btVp_uskd_;FaheDdm5{Yq>Ei@P3L8ztPwv9`m~v8|9h`3FFP zJCy?Wh2YLxE*6Kk5!W8&Yqr3|+@GjD-c|_l9m!!_1G;D)v|z|rdKYr$6W_qh#0xd? ze4%i>h8Y5dG|Pz^^|!f?uU>Whg4<0vm)$WOl|9~?wDewp>=K3yN#xbNX8>8jkaHxm z6wyn&Os?)qwok{Bo2;a5#`ezm-sBIl7u(T2B)&`9u2EKkV!)#MhJM}!6(w9hhK*(JJ~pyw#oCCK z_F1UT7ax)s^&M=|3MKYugcTfaq_H5u)C-n`lG(PK(U^kZIgliUdo+cxk`$5uMHFE3MAh){vDK?n;GIxLY zDP&lcws2vVZbO>(6g*P+^?>xuBST+_ITJ;r7hoJQo{MwY&gj{=Ec47X49RoIqIQSv zECS_a0LgXGxySg~e2jl`B5E(cnkXZvIT3}ibMQAGQ$T6lKM$cre(X$3}m=6wfhj*cabT1!^OgD>;{`ih~*R*}T zLoiq!ZgYPD@CABC5>1Ha5myP;p|Wl6&w1$9AcLzjn2X$>U+DgV8Tjy27>FGj8Q6U$ ztNX8DXR;Col46emjZF=Hk-OV;R}*}&R=T+L7}ev6m%)R6um`TY7vj9UH+ta> z?D36D=0UL-Zvc}h4&~v}LObhZ5M&*B6K03FyT27vNwhSraEYeyekg=fzdjE(*K?bv zbDI~F&Fvs#!C>fl3^W*@V)k63iO(mx@h_Ki$vA~YW!N_jB?I3ob!F+JoXg&o85{QHZic*Dz37ckr^t^Rm82 zWvzq~SoJpeF}JoE|Aqu6kKv@`w@k^4ILrPu1xhID5Db4komDMPO6*+82B~Bn5^2k1 z6kw{s=$;V^KZG=Q;DH_y3)fSj?yk7;Y9#)Rp!nfeIfLSI)RAjm4$W}3nQVWU+x{(X z`)u$eSAaY)D88eKyNGVwF_%j|K$kk(%Ol7pUtzT#5ELFnDKB{lT3iIhqmxlOg&jQi z@Ob9AH(^Bbt0Z%O0QzR)S`_SDL7b0s&SuW}1lidI&VM5)rhzT(dL9%A_2abtx%bZ) zvNNufUJn1uE2Wnp&90OtiZ*#DdS1gBF~=^2?J=HB9_U#G4T+*QM(+^x2H+4vDP%GE zw-tSkglTKnwzDBH4J(Br6$n}xjD7}*wsFIHE@WC}A(t>lai&tHaV<|HJJZZO@x4j# z1WkePnffi}v)_@=_PmES!1Y#ec9@CGy73ZZlYat9jI7lp{T!D*k4tYL={B&yS_9Zw z!1rH@YW)&?h<7Bh$HJKm`U%7RT!&*;^`8s9d$`^gPh(cKlU@tgOZ-glMkIQ#O%z?v z6nqb7Y^~=fiWal{gDlS!{wFDXfh)Y7E4+;qzWFXQl=zv#g-G;{%Gj)>8+r*w+HLXJ z7A!M1#piFXin||A#5QBN+JxbLTf)7iGTz7BbSG5v==4HA2yx@bm@zThV(NBp+Fn71 zU~qZqGpy_Sc|%Ml3*X@u9xh^4zK<*{hX%~@U7om+X5EB)bKLkeOFSMoZXvCE-TNR$ zu#>^|+D?q=SOB=Ui6Qi5Y%cXa$)`ac z*nMx-#8(pCI2Oi`Y`g?K=I0tm!PFx+=#&j64H+j>M!Mg9z=!n+- zQPD`xD^QLyH=#_n@HVZXC{Gl9Qbp0*4m3sYFF4mffy8DNS0U;^NQ}M-=lJs;!vR`B zVh{(JF0lU&#X{!`jJpfhvA|})7<>_6Zvd1Fk-%!`x1eJ-G~>2U9MKY=zYTYPR^Yt$>#_`%W=VQ0n6`TE8cXxc6^*lVeQJ=`Ybcr`h1LA@Z|2XEGkBz_~c|r3Z*wO zCC1*_pzd{dqfrPRVz3=IO4{dl>tb*3C)62^wXQnG7dQwB>I`?BD(m!%w^?U+97Ah| zlNWqBFL*h4lD`C*b%ys)fVRN7Q4?g|Sz0STiK1xO!#iOo(&CFk78ITujRF)+^8Q7{5A zF?v4|C=`vzI$=JjVjSN_3TANyUanw1Dd>DFM~6DZI#eE8BpH{HPV}kMz{z#*O^)Dc zRBmtbME78QZA9$KMA2iF)Sui?fW|E8@Cf1eDVVscP@%S z*BA#@Hg=ChLKoi^VqMHPg)|FwE^6l8+>PJJ?Uh+TS8WBZjQR(dBUAtoqZpy=Z`(Z@#=$p)Y2cd7Kf%UXcutx8QaXYW&oJE)f zl79f_fKfH6A5{@idz0h9mL6U7i=xr7s)X^6m+&YwHlRe=v}>uz)x5~}3Yc-vVmwcJ zxN&pA%9^$U30>1#a&38bLy*`0{lBv|MN2AF);G807VP|Uv}6OEz%{OiMzrLYSiN=p zfSc>$<_5u&d>G_`EqS>nehtx$x4;9`lCPa0W##KGhUDk0q63z<^$0Cq@?->oXvtft z^hbE<9iy4E6e|5pXh%Po0QI6JuOQA1oO3PbJU}DIM{oRFEqNK(2DYSe91LdD+~}u~ zLSOA5AZNJ`%8|h=_X31r&3njVeTuG3^~91Ft#KbxX}zowF=U8tGhZ7(&xeM8qtQ~> z4d!UH|3ZDa>)tuc8tr;4>^s;klXgcd?qtFBzX4D32*|9_M#53rIR2m}{y2&6H6B1k z=zyh33iGcC9XD>J>b5%$@wVJI6AHh>+F?LjZqTk;Q5cA}+>51M#}3{?AC6>3*~zGd zq@CTJH(pOAh#_!2vG3&U&vEufOi4+z#y)y7v8M<3DWHhK{W=of#f9(U!i!1xo!6-> z<1yGy6{|sZkZ%5Ws-?J$Gy`m+5!q%qeF4RcUP&8wxQQmzNhpIi#I>v-?!JpDtzQxR ziV%E7!2Ej_%gYr3Q2eR{wt;fCdu%-FbAZ?9sS(U~Ng7X2g(Nj-?{~G<+=uFN8xFpP zV%i<<6oK;b7lHp4xQIs4#C*EAf-#Jh^dZ8Ei#!QBuGE~3j&GqN|Hg~FgctdHDsm&V zYCfY2)?{R4we*z%WZ^5W@?Biw*bX%mg!hsH7p?~J>v!$t2|}C)L`Ob2B-;|gehb$- z`NhiPTsTTt17VHCO9D_CA#5+=t&&~Xdm31vi^4!}=jrk>#4;Tdg<$zMXL*QN@K0LC z6U%VM^5h@>{KnH>&hiYg)Nq#1Xa;!~tF+2(VW(h~MJG zH(`ZiBD;g zf=J~g@8QH>Ym&m+yNOuOiO*}2f>=kyc_4Od9`n{1*@p9J)IaSDV8^`hk1f)hrG!-o ztLJqR_I>RCI+QHcS2#yRz+7wuxgAzF@ES{$6JUND^X(&h@{3qj|LFxTGeJ7>2^Yl?lKZP{wDL3rG zLwIY*e@f-m^V-Xs?MPfTH-50Pc5eK$%9_gfaTqmY3D8&0oAxzs0t`zA4x)e^U*|{9 zw7zaSTbURCcwYR&s`z`Asc~<5T6Y;dWpBjZr)M>${Q+gtn}g;J!KclAoe;QG>& z^a_Mh110rMOU**wT;Eh5t*7@|eNo647Z-~nrGC8K8dXW{teV+1i@jIYc&~CVx^nKq z1zCInyfEwc1#TwRDKg{L+oGA=9KwsYQDU?ZE)r{0gUs-{`iM7B7i+p1x}}}6Vxi`+ z`Mk-I^URUD=2%0}>{rc`gD`i5;-+_Q&Ge!!)vHcjVGh+ds27?iM@A?XWrlfqeYDQZ z)S4rBeb+oWhNZZ|{OApa>gsRxMoM=FXO0Y`$4DUi#Zd?-ds>^EJencX&nX zo4m`KV^N*gfeAFnnxg+xdD6xe2!CsSsc$k*F;i(~Mvs_tdI&tiO_>%pvxX{BL_J|< zOITeNUEz(csPjeYyy-TwfeFVs{59#RBD}H%rVqetk;gSoH`_|4L63|p;m4Nfie@j~ z%totep_|sN)4_NK%16}iHZ}iCQO2PtEw~{<|9fzy^j-W<$3_2V@h|aXL8E%={d?}@ zn3>#S=2bBJnu6#rWNQvzv*09-$uSm|qznher58atRaY1C@N~1&KHZ#!^!it#nOHQ! z?OKb8rr~X7Q?6QATccbxm-j$v@8pP?%#8%X^)1oC?9&-G&@L`I-OS&SPut7!({#pi zjLulC8iIm%?3YICSp9R8GFpsv86hbE4?j{M<1Skd^OP>?1}gcNL=oWAgp;Y8vA(S9 zy0U9$MJy|b@v{0!|FfP*Ex?C_?4gRs1aHxFVZ24Hq==F5lLI$L>l@Xy6%s=Z%Q8fg zm>F8!N^GtW5RsW#l+FgyBAZm`*spjTz{Zjg& z1oRmeZEVPuT^mXm<|{3;1xkVrhu`80mHHiipCuHuVW-UxzfTPXph0!00o73!3Y0pmC4QSF z5DckSpVjKHhWw#2OHlQxL7&f35(uewSJ2{6{g$BJZb|F0_)1{E-CyeRm05$O_MlJo zS%Ma;qm&A@220BP_F!qyQDP6Nj#5{kRJAy4cBeChN|m}wr9BpQ*aJ>fs>F)&f(~0K z;IP5*p%SarX}9{ErKLf*Gz15gl?8kuXNg61sip9!Rdrddz7m(;<_`peA&XzNLWj*+ z;2n3_A!n%_ruzdSzr|^DS<3uA{M3$(8VHrKme@&0 zz)@y*`fVZj%VP7PjZ17$=W^NtWh!*pRg0_C<#d!_IUTgmREk9o7xvY_2zv#M4#U@r~X9A#Ftgi9@Pl))z@W%eMNf$X+e zd1Hn`R%=O#4Q5-c8WKcwk)Xdch(3ZC4wU$Oc8e4Cqj>@@o6l8>euKuc+R)D|2tuC& z?O;I|!27B-#C7AGq5l7Xev1`xFOE>iAr32>9q{`jqLTmn>OBW_9;UIYlX6e)BY{|p*rO}!Eau&{-*QGEZlcxzr&WD1=@cd_l z6vLVM7cIdx-Sa^^wj-7LCDNmIVUGwn0q{0J!|qh-7~n9#QMg)uD&Ta$0N^~p2LT%Z zr~f6Dx*xC}@RxwM1O6HCw}8h07j!`$Hw4TFAP?9KI1lhQfDM2j0NxMy>`U0Y0`>sD z4EQDBr+`DSuN^l;QLYBG13vL`DpdpcF<=yM!z-!OI>1`m`vUHu{V(8k*#CYCco2Kw zakwk-9QM6-z#rjuUJYP7?tVo94Y)VG4zLk$3t%rELwFg`gQqw?1^oRH$e*Gpqp_y9 z1HOdyd=22=0i%E?@WjwMz?pdPZwufffX4yH3BMa|S)>?N6dKMPHFVfo!_Y#)<2JLh z9)2hP%Of|xqD%q<@w+-xDKpwbDJYy%F#a;r$mPRUE0>&c(RXZKLPdrJ?OaopO&vq z(`SPIBce?92Wf=>6K)8(%>$nq)PFMJ`DdP%Q8?*&!>+4l(O$3S10LBC9+KLh%i zi1!LT-QAkM3>+kX81#!kzgSOS$;4Uv9tZsz(7W_>$mi|hJcK4alhB_GFQOmm`Id4X zqE~@F8g$$mO4pM&6O#{u{x!-Otew|@o&^0$y?ovRRsiXL9P~4xeQDL;{m(pBI6+McN%>X=nvDlkx~9qt^6v`k7C^T zafbdMY4SnPy%B*oU(ddtZ-imSNUq|z_#s_>a~?5}e}`baQZY_7WXSUdX6+C9Z$ZC3qx_Xx`Bk8sFuvW8A-`BF zpMEHE9_aMidb<2NO@0mN^zg{y4EZZH`Nu&&0Qw&@Z6 zPa&~!Otx?SnVS3%jJN)`QYi=gl(x^3PX<&0H3{_97>`-~W)&1ZkTaJ3G-w4maq0#{{$rLth^tOE0_g7M&=RWOYGK3xO!tcM<|#>wNP z2Tpq6qz6uV;G_pmdf=o7{$KTg_WQVagp3Zkc6pd*6}IN0G+X>*A0Y5Aiz}|Di@f~Z zT|AS^4!KvvW2x+rzrRcCO*$m~vlFRimZ!BD4lJSAu~;Oq|z76YPYAeGz&!#U6!2XEKNs*65s#+{I7L8u??8WSYT>y{XV1RSJhe*o*W+f2)l!U~ zub$zYCQ{}S+?&8PLyKN=U^*YsFTXdSr_ygy(;hVY$VYS~bK-|6!*VoWKB8O3v0hg` zepz0|dnSIUBI6aE% ze$8M0-ghQHMuQeThNtt<+c)OKpRRP~#LH1It&95q5alB|jA;ZKZ}Z^K)meTn5cthm z_;Una{+_v1L^qBMO4=Sd-ppqBf&RHk=#le*)U%B75A^eofX`+B2ZP`@GCij&`-Few zIQsZE@ONeL|9TMqKLAgDt2rA995P(~j5OgN6Zi@u;&>JRgnvii*)=ra-obyadL;+J ze+Ik(ov3pj5;*Y66+1@3;eu2)tR~<@`jy ztV;Y90x#!1x`speB?2$!=XC5b+Sf6>zC@m;dp0r#^wc|qo&)D{>^4FC z{viC13I21;oUu#r{}Onze`A*Ye-ikqS^oJz=y3?6#$8_&%Y3wa_oZQz>9^D+<#Ax;9L9?wHPz>>4(b=YXH;J1MKa zvqbzK74>EJUckRd@UP3_ZxsA9Mdjppf?tPZ`qyXK`5%m5XP`*#8U%k3c#4PY^}suf zzd(6Nl*{fRL06x^kC@68vwH$a4#)bR>bp(Mc1pj_v54#5m`XZr!dRBcK1pjA~xe|6S3CSBV4iv(k zF2OI0XchdYI5=jMARHF)Q$2cG3@KQ#?E+>MQ&2BgBvR&-U9U z!T;Jsu2?MZlwRrOw9IP6>LRhyz= zeBmnW!*e;oSYzW#i0E>7R;NCi!O9*+2`#^w-ZzM@P$J9tQ||!+`xjLW8Gjk>b5{-ojax^Sle^%(>ECRkWmxt@4`1l*1fQ|aZm*_Gq5FHR5 znL3#Gnq3BmRwxA-zB*@kAkcOpK}ms@~6u&33F%;ip%H4{ylHeC0FAAi+E$?*SDHHvWYrsG93 zO)p4k8T{!l{$*Im-;l{bVbDfX^6&U%JVKts>G}r~GeTUv43XJP+7pKC%ZC|-GW#Xn zi+7i@z9z`)mkwXX5k#k{!|N*z?E8j+mX(@H49J>CvZIQ>Tq8RMMg)j^=PpEr@iLY- zhBwnhty%A+NarD*tq>+;qqG+0ks*Cg0}oTiztE^zNkb2Rr)xm_3!^Dgcpu30qzw41 zCJ~=^jYh-hZ^B}f^J%v3Itb~uydretc%7!T!lCjUk0a2xyl zWd;lCPj3chRYxCD+}B!!Xr7iBInj&P<50Vr`Lo5WlI1(`ATJxUbAF%_BeGbuw7~yi zH5#sGiy8eFH8af@FA|CejWw@f`QVjb-sE26WmAAF#gUbbQJ)_$8s@N0rtq4c8g5aF zG2p4iOPgZF{#ZS}Zd)G|sLEM$XGDEV6-J{svy|fC$|mUJFdF6*Ie{@YIlX}vRvUaI zAW|(2QKgtQdNGp4OPi5ptx-(tFfcW(&2hhVD1g(iYn&cF6lT5{l)!pmJU{3PYa3oTax;!>9;FYiN1n0UOFjwF z85FulD)aKbmV_1|pKZTDE4Ls)K9%zF{+EQEf>D;AUH>&gewN^q_sJxb_lZfKu4!k> ze-AkF3E9Vv!b~Wyg9|LPRi+8X@voOR3waG@IXp|fvMx)$Vhm|jwEJ|@UXD%MFYy~d z(3dZ-D@b_fR4K`!EMH8cmv9kjr&J*2Wd2Je2q*3DY~hs6OE@eP z_2)T7G0TL2Cjg1Xl7*M@=VjrgIz7~4SI2v33D0<_adFT*Gzb6EemVY9|B$vLsU2of bkMgVzB+HeI)ZKH*->{N%49ybA$}0a2*WiN- literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/btctx/test_btctx.c b/firmware/src/powhsm/test/btctx/test_btctx.c similarity index 100% rename from ledger/src/signer/test/btctx/test_btctx.c rename to firmware/src/powhsm/test/btctx/test_btctx.c diff --git a/firmware/src/powhsm/test/btctx/test_btctx.o b/firmware/src/powhsm/test/btctx/test_btctx.o new file mode 100644 index 0000000000000000000000000000000000000000..615dfcb6d087623a6d60400d58ba5b06af11eebd GIT binary patch literal 27720 zcmchf51dqGxyR1{iXymR=AVlskFFCe1HsBAi}QNa<#%P+4_+R!W6Tsn~~h-Ip=xKJoC;uWSPC6 z&oDFJ_xC>U^FHtMzUSW#x1^fp4D{wJ+TlMOC`|ql5N)>PULcsv}xy)RtpV4vm9OKzC%@FsR;M zB?Ve(wgW_a(&e$Jb*T7!dw;3UlJsh827T$<`-{}UM(iEi_G;<92c4#6GzeazL8s2? zG}85;ZR3y3LmQw*HFQh3;n4wgc%t%bRp^pwi+>_ZD^om=MR~Mef3N*YU6e zkVP<6rNQ#R+SL9u&BmeIpk3YOmi>0X2hz#Z;7zB&mqBYXhssZs2d3^hJfd!MYX92Q zoACB#x_ACTm_nGIAD4Hh%Rjdwvo`gH6=mzoZT&q{K>5bSsW&SQe$?GTG@SOqWaET? zC^cC3sSZftbsXX~FQec4%BAOeTb=_Atb^TYJMNYKdQ;DptysgTjzBjWyxS|IujOF6 zZ~hUx;WM0L<K!KX#h9B@jgVm>oY%TF0Tv zP#Q*8B35wk-N~zxGxLnhIE7Cwm*gtn*$nj**IIoCW2Uf!_H8?<5ysA9-(*;w$dH|C5pe z)6P3`4Z|wwbHBUt?@S6v^`mQsPOAINQ?O;1`_p}=-wyV{6>GM8M+{5f#rv0U;Mibw z_SD^8hE}vJ4y}UEYJEE}N};}mzO~jyShsm#%em0U)PcIq_Ra`hSo`zZ(@#2dv5S?d z6)O$?N+j?Q=n^y9cDMPl+F8cd#vyms$K6}234iDz(5b_^yM|S~+WpS#9{y;x(bD|t z?-hejze9tg*Bu_U?(oQUhexbC>=QffQrKy?luMi7G-E?~{>Itm)cw7sjj&y9fbD)u zZ)($w@)0LYl`RV@XrcABz@a;}VS6JwLMJC{hQvg?z z+|&E5_r4a$zWH!|k=i1*P`RfAuRTccp8g8jq7x`_0DsrZw;vpWlc~S5rw_UJPRZ0T zyfT}Aa#z+Y-+sBLg9G+CVP)sE_jG&tjx3H^Gc>wbIP_C6&Ix?PcUynmZJ6cNiB)&| zw=1f;%`iS|5%yXuu>54&w>J&v2z)B~6Kma&O<1}18H$hg;KMnpfwQ4&tGg+E*lG0c zx)@%a%?lx$_dvozwv^{@S)1CmdetticrtBRhey(fbZ==3r1+lRmi~EVI3(644uo!( zeN5|3^;1q-xkqQ;dk;eH;n@p?K3#@Gs}z){}d3k&{(M`2=SW zCIuJ6KI^@&1+E6>4=TA=PQAQl)ywt?4x~iwn0PV7+&i`w!*8Jjj}x39S;s<$|LS^Zba#Nx$YqRX98U>}Xy+w#3X|w8Lb;F6bT?45p!Qh{YM6DBWCxum zR-7~0gFD_@8&z7YB>GHRL43L|FE|#vJI8C3&#J_3-AL!f_C+D?hb{Z?M7VacE2qcS z4#kP|4?R=lM*`Yye@VC3s>G`b6IogMy5F7aD3`kpa*x{O@W$Y%&>&0wUh<9a`}_qTPl72EXo zwom9qXkTAnkDWnb`-P%jG|=qK=2^|xWEMAPu1YOhJa54jw#?Dx^!E0wo?C{}3;0V$ z`r=4CO|xJWQ5Zm0C@nYgmgB8$g-ous)Uga~v!6ULv$NYjc~W7rztGxQYR~(#hJR8X z+#RK*y1SvS+tBkku2!SRZ??4?7yBm_Mri?Uy8ouOVyoXW>o2r@0-BXZfqg5EnQo&{ zYA;TiS~bAg3$94n!R9D-E_0mccQ?-Yk)XS zj2k*SkK5Ez;0WGXk?}o$Qpt~D@!Lc2>m7MmFX*dFtgYlk#iWvzmed{QWd@RRiWmz< zc$z;JndVnuCc6Tr$;w6uyE9`nHTIl^wW}7iG;3GQvsWPdJE`DDcMG}hwyvU=f5Nd^ zzwD;d{Doq7yU|hc*XC1&vo;aVI>VqEXn%dN)rx?7Rn?4HONLs~o1K1Wfb&kZV?|12 zU9FMhR#Jjbr6A)nv(~a$y1cZNjI}zlwAT1I{?Qyk$c%MEA0Wa^dzl$q6C2_MiBkEdI|$)xVg+YNuQv)jNe zyx3jJ75&9l!{6E6c70oi-VSTV$~J4u<)sZqVK-ae)ov6GngQGU$~VbG55DMzitQjz);jkGF z=CYw^JgX-X;czY-4@P3qNI=(fp=dC!=VI}E9_j-*9&gNu#&V&o9uLGrc_W!jM2t{2 z7!D^AfqX2H4d#N0Y$Bi6v+-Eo2$;!8G8m30<3=`Q=3@Co(y^l_jC?*AHuPvP84ZPF z0X?DTjhK;3m}VrN4`#uKgqcn1@nkp`%15KwfNsXK(X1XY^Wg~F$?Arg0}Dpf$QjY3 znTtn*p=>yi%bP|}4+f(_GixRTc|$kyx*iDSOe2!W2ckwckdH(H6*~bv1pY^|@r0fX z=HrpPZs>u0AQ+8fr@?$EnT_P*`DiF&8qs(n7dHaYa3mHpVNmfzoc#${C6bH5ph7|D zFCPt?xo8*yZ-#=wSR|;&;_*C$)Pw*flR4dtg#t#xh(kn!Mj{y0Ly2rSo6G0TK-LI? zjc_a!3rF;9G!8x`bJ=h_tVh9Y%!tMGL@r{+;t_B?n=`Y4SU3?#X7y|=62=LF!30AQ zw2_M@Be87Qgm?wQI?Qn>4CWHCa4uF#EwsHW4-x`6xJ=2uG5Mgie`*trE$Ykx!c8 zNF02F~>Ks1#_5Vfv;9k=iz0!5;!PR;`3M2csjNBePWU3>ly1CKYHXz>)^Wj9N_rE zvH-8MXPi3r)5B(sIdS;qK9E>-4OXqDHQ_tg51WhCR{avH$7g(%`Ujl)l~iwCt~%`> zb?Wb-dVFy2v>$%G)Bj^s|L^$jw7=77zn|(qS=IhVr~Of?KU7tJz^Ok6Ih3DO)$euc z8>oH=MNa>(JN+-A`Xb(};rij7!%%Pzpp{hLUe*43r~N%te>1*2?N>PcKSuS}Rkgpy zX}_Q9mshoKb=n`L`fIA%FLv6WgMLH#VO9Hnr+ov}k46#uXHUO9|5Wds zc<+td4-X8t96*~c1x=06UOVPer44ue%SR13c2HY}gC(~zT(j=zR#lw}-+aJVTZ7fK zGpKeF@wl8aDzy#p9?jz2Ajwil_IK~T0koW*`j>BBy z2Z^6z%dLNhYk0e{whY%!u7yB`Ya?s;bzpy-nBN2`4B)4UJhApRs4D>HSV?2}M@4S@ z4iA2(2fy2cf6aq`(}QpH;P`aL&Cka@_-^1BAC3!rwF>Ta$T5Gh@Cx}OaEu$rtI4j` zM!_0(>-Q|+sK;?*v5o=oKEXpj*@K73&K!8hvc-PWW_#!tdGNoG|8J8W>zD$zG9G%< zgD(S)@o6MKXm}d#Wyog}=eXTVJgxA@fn$6=PD1M#2AZD{A3HQAk_tAIm_hH~Tu3JvDE39KH zeB2G(El)O+zLgxbjYgP#1B(6EiSJYFW1gY?^>ucIbuIxP#}I#wxOENzd^~U**PtzT@+wIDpu#UF zJ0HU*V^BCB7Zcx1+&agAdV}~U-)G4+Ivi>p#6LsaPXSs%{6RXAwaz85sdYlkPdzf3 zg^NI^%QUlS zw6{a6o8WG^2Dj_rR-3jQ9sqUbG!tz(1~oI+-dQlJuKF_YG{wGpvabRwH#_+mRrR$L z(@aJ$6pZd-#?;%|Z41_QXIH6MpxblS_u4B@`&ke1sylgF7e2-@(Q9^+FEJf288~;K zZv|6fFt7G$yPqMi(8d-&()eCu!IrWN; zb*<3sXCCB(b5UFp=w{HzjTdb?8qxcsLP|ha~ha*eF{0hPG+L$^1qz4P? z{}o=$yAVP_j(>o`d?i9C$j^lrb3Xq>?ic(Be8z(OJb1Cbj*c(LCkQ@Wa2yNklY+~B z^TaU@XTb}{h6Vqa5exE3@M1go$AefnZY${kc&ozgXdXMZR^fcS>?4l;PlgxU|Dw=O z1pa3-gx4WhxZm0KSM5Pz2OprYo$mVd40&9)AMD z91ii?dK%b1g>xK!rSNvUxpsiK8i&I|kA7l3mOltC$Mv@0(jUD3!NPH4f5s_%y)Dzu zAg=nu_gb(T{lOO&ye`6mZ?fO8!nxmz75=!@TGK8guJ-$&;L||M@!ur)biwy1_8+2o zc~0T%&;Kg?S@LI4*q8bFFK~X31*>tqFXI;|6N#h$7r~4DoG$c}1aB64yf?!7WkQek z&!BlN3B9zxQqk|C@vc=kj~B0tu(1CjvcF!~m*f4GqK}Y%lh8|ltUqic`xD`v*Y6Ht zN9OI5g3I;zjIb})?+QIWaN&Npc<^0K87ZuL_A5=Ksqy9Z{ ze3SnFQRt=rfAQcKpc7CyuSVbpC;{TwOs&StkBDT zzo6)k(!AfRaE{yk3g>;}o5H?~+vAF!_l+loUi$MBp~pD$zVUOxBfvR-UJzXF8!rj_ za^HAMaJg@cp!+~LFLK|gBhK^4@fojhj?V;z^S&`z*q8CC7kZgjNx{)&?l+}y?zc(d zmr%Z4NgT%|`|S~2?i&v%b{c5ke8hwQKyZxzSa@OCDR>ON^L*_Uya71R?=J?^|lWMTh4p@%=K zaN_(;557ro8UJm9%lPjRT+Z(^f+t14&kHWc`)h^scwbidE}ECuh^zB5B=mB;KDv>L z%_Tosa5>&O!R2_*7F>?^T){6En zJrcxum-8}(IL1>R$1f9l^q-I8^Mqc;XQ86!@h(v~k2j}qK908v`*OTDD|$YTuN8Xf z&*z06^MUvIFA0vn3gP|sUcoV+nSV{#m&fs~g3IIhPQm4I{25_i=EE-(&hdFs;d~tb zjj%7{^LwF}`9CDM?03W{7$g+T2jtxEDGKN7nX$yxbr%<09>;ZIXBOD!cy?sUG}l z!7<-PVnBK)p9KXu-{yCwSalTV<8PBf@J9EJn&-){S`vu=2xYX|x ze1gy)AdYdy@ivWtf1n&uIIp`m72ZVSJu2+W^*)lWlThY|7yExIaqPEI@TkzseZEQP z(NEszuM&D0=j#+bkE>1LJgzQ<^FCh^_T{*G6+Q3scM84q=We0LJRG8q9}s-Dh{MBz zWBzm89uf9GDEO0tUnuyqg5#QCJ1+?Pa^8QZaE{Mw3g>8Q{f<}oCdxPdJ1P7s`@KNuWxp2*-YDX5DRHzT&-3RAy^K$b!r9Ly3g`PEy09<( zTqE?-AN#+guI?{}F|A+_oy5_oeN^zRauV6g}@tF9^N#=YY^-oca9o zWx+oToa6tx;BsFY687c3R96R$pUWV zvxHve)fIx{JaWGuRXF#nEBpz{H#I%Z zF9Oc_)1~M)QG8Y^oa3`b;k>@q3i~pD{zK98`r07$(x2}LJ;syQ*Ji;N2>*W|xLjX5 zgnhZbo)=uMua^X$F6_S|>|;DRK5r?UTq|jd}_@@M4EO=RPx$ZtM z?8|lc4Z-EQ`>x<}-E9;0aUMCIyA{syd|KhW?*2#Em+}0i&@U3>IwZL4_x}{m{T@~L zCdxP8`@kp^%oEw~XyTYxGS1_LUY=K9AoS9okiyxYq{8=;KbH#o(w~&jOMm7Iz1$y) z9{gTm2mR#dA`c3^%+E&!p9^}=1%FO(ssEke6NLT^;=Fzj(0Uw3e<#bF<94#b z8%BaLD5nxv=kYv6&+G9*p_k(g34IILNB zlEOI-D;2(y;&7|5KUw&HpWrf2{!8#FLjMEB{vBk0htSsx{WFUGe$qedp+BJL+5RD+ z$Nx@|tScPqA!x26$)oNH+$Gwr|2IeJNGD@?R?e4&ZCNc1l`wuT;Uw&T^@G+ThTX> zo&5^uIKL?D%n@-usOYDSf=VcVQaIar+r!QYXV~pHPx55v4283u@x(EIq(2iBJ&!A_ zaE^1r!_H-jp2xLN;cTbH!_E>#&*NIIaJJL!VP}P+|02cbvkG5N{038=ik|c2sL(e-uJArK=FIARWBqBw zF|VZld_~Xu>J$%s(nEi#hyHR!&;BeB`h~*(YZX2Fv(!W1uIM@6Zt&3eD0=p1mC!c} ze{NIs>`&Q4zfRG!KX-cQ?@{!;zkSt1zd_NTd5S&X4-5TO!v9T*ej4ewdg%KVJwJE( zp@;q{MbFPO_Il_W={Y>^hxjt+crjbyZN$?G=fC@DQuuG_{C1(jgLItbzk}s|cN4!x z(XXO@mni&J;!71inYbUuf`#qd-!!d}J}~FsjV@I<|2}lJ!uj`}_bHrzzuB*F{vG9@ z!ufZUn$NCafB5%_eueYz5E~WFzY|=laQ;2uYK8Of_3l$R|6Z?O;r#o%L51`0@2mjB z5ZHhIJ)Iwc;QV{KMuqe5>6R*-e^0ks;rx3#t-i2gc~Q^8d$HSoZ{<(jM!Q~b{Sd4^ zuNQT#K3gbg^%m{!vKMgc!Q*H03_D2*Oe&sv5i8g5(omy`HI$i&9#aRA8??HHX8~+BHoPDIj z@#A%rI)1!n$NupeNS60uV4zH~-<*GW{QN!_YWTAwf)5{}_LAXeRl9_kI{rp#f0t6h z{wE9grWn7AE79P6-zYMY3*C^3GPn1TZNwn zDkM6}JPJKc9w9G44^NQH*t=ob91VPucV@nsZ+7Q)eYWv+v*0+O;lO8jh%^iEv+&@1 zBiDm6%s_Yh^7g8CL*|-vy&KqSw?EYzUqnCTaougQ7IT+BE-0_wYPQ^_>o!%pcgi}a z9dM4T&TOSLeT9wYkf$G^M9bQn>P4abdTJdDFr?fn@rW`lI=?y26O{)#;{@FQ$;%aU zCkH5kF}xuxVkQqon9QTGdg=*&;y=EEOwBmY=o=unsCXTZW+$~2ne_LL4%h&OS(Js5 z&x0t8{rE@Zr(%$#fq#^SQasM?3+acMpTzxyr-2BdPQ4H`u{pIzBtr9ge_+{3BzYgL zOviSpJt>YQuz*Vrte<7T21yi&7`Zr+f^B{4E@zSt4uGZNkTWs#_fj5-@kTFPXHidg zZGUl3^{pwZ4b__XfB|v#4R_2U!?*SGn4@?4T>TPisi*#*pgV%zzo7|b_5RwfAg_J1 z^wbOt->%(Jdh-oX`8h3!-Ld(%(yS&nFrZiMnI!sE)lknxI=UmRf3NE4Joes{`mOSJ l%DzHNT3b)N{q0HeOAWeBfdPB|x0uV*d+Jc%4K2C0{x7P(TxS3P literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/common/test_fwk.c b/firmware/src/powhsm/test/common/test_fwk.c similarity index 100% rename from ledger/src/signer/test/common/test_fwk.c rename to firmware/src/powhsm/test/common/test_fwk.c diff --git a/ledger/src/signer/test/difficulty/Makefile b/firmware/src/powhsm/test/difficulty/Makefile similarity index 100% rename from ledger/src/signer/test/difficulty/Makefile rename to firmware/src/powhsm/test/difficulty/Makefile diff --git a/firmware/src/powhsm/test/difficulty/bc_diff.o b/firmware/src/powhsm/test/difficulty/bc_diff.o new file mode 100644 index 0000000000000000000000000000000000000000..b490b13c3dc55a730d361cb3d99f4636871d13c1 GIT binary patch literal 3952 zcmdT`Uu;uV7(cfiY`|tGA`<6AAB0t~ednIjo_2SM$dli4 z?sv}b`*XhYecw6V$8>bqr6@#@LUxkIN}z=JI~(%=n+8Z1=_Enbysf71`c?B}Q8j~$ z=7M=|!VKP;FloVaAy`l?x~Q5zsb;Q-RykU=S;b~0WS$H3R=TK|w7m4bMaya=4^~B0 z$$MsqXJ*c%C5u+ovub9;X;fz}mAvJ*Xl1_Owt^*d{>NXrN~ff9(B}duDX}t_!nH{t7TphQ(eYpw9V-Ns z)>-n1$9%C?t7WqXM6RYFS7%i-m4!2(wTKDz$K8sgkY1OO?SiN5Ykb?zqxL_YHvlWC=VAb@=s^U3)9YIi1 zp^bC&?$fZ$QFa&9%qrW07IO5aEm%Y(M{nQ?n$My)l>Byj>Kr8TeA8ut#(*@`Qfpc2?(k$xJ0*jj2lW4t32cHTH{6(O zS1^wUH^%1D$4)psnkarqVs1wU2VeDW9@55R;UnH&zpu~NyJg#ReCF-*_x1XFd;M&u z4SYZ4!#zYf)~)n(ws&N~$y0#iK)Q;b{ztk$aSe8@c6|dHwrmIDK)v`8@<}FUw(lYi z^e29V+;zWh{}JLqZ5VW2UaQMLXHr63P4d6$@~^qPLzcVUiX8zLwlGv}Bfr;LV77ES z{*n>mhCe5AgC{3)6LwLXMC)LsNH|_tBrgoa1Hh34j&nC@N4AXI1Pb6lZnAnAdH|61 z(z#eI0ecok_cColURwbl0UZ4ZdscJ6_H+CX;7F|2z@sowzk~?~Vl@Vyg5k99sTJ_d z3izjhqyIAAE+Ez;z`umyj3c-hiXDwbH4+Jf@npQ& zDxM7Kny$x>Y9t(qr1WNw{ZT9hc^*GNZ7{lERN?m-={E#{5XT-Bcn{Aj;*U!BOA@|b z!uLqHte+J10bRTmJ76H4kn|sewb=JF377rMOSl~8&k`=j)5+_MV%%5w-@tJ^m#n{Y z1^r(nef&>C_~}6hK**keA@JK0F6(0=O$EkQ(H=z*d85oH3Hb98c&gD-$!?`=IMaT;q z-z)eC0A+1PuzqMO>_z>Ya)&18ctZtvVCW7(PWB5t L{;*Kwyw(0607y3b literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/difficulty/bigdigits.o b/firmware/src/powhsm/test/difficulty/bigdigits.o new file mode 100644 index 0000000000000000000000000000000000000000..919b94320dfb2d71e0157fe90590bd6635b2ab19 GIT binary patch literal 7920 zcmbtZeT-aH6~8mPrCVBoYo>+Z}_ zNGGlxmh|PNvPuaU!K|3*#+X=Rqa#^ywrto15}l?COv0iQUE*72{ussHuLU%zjN-n=j)z(-}XCv+a19`faw-sx3k)tMj0!ws*O9vu#+ugOIg&i-?HqK zYuU+y<#6=8Qv3);1?%`VL&PZ1KyFe@l7#K&EIV4ThO)`m08|`i^LdBQf8zx$%}&mO zBX3Re3Mo^(j@TLtOoK&GH}ZU69wXO@&f4K&Bdh||%Ega^QuauwSb?0whO&vJR+^Vd zLb9CQoIQ>ym}QN)pDYMmOViX7`s;BWf&O5G9E=IhieMf z#M%+eh7Vy%^770%w7Gvl$|SD}VUxT}{oENmq^iclw6N3S1F>|@iB(lpV=$vw1e1%ClsP!)NBMg#hgp?fZ8Y`hH4y!-?dfm0Q!w z=kgqJQ9>XKO>zKyc^$7JJLma{s>FB&W{E$l>GDb9ojc)4w17N}KD zBjxOIwa%2)ae6>R#o?s@uX?6uoMJVF9c40%mdlj1#&Lr8AhAWLf1Avn@+h*?~q%X8N+)Z`AL#NX&J$q z$*1JHGD9G1#14wk&ovAFS@zHxxk7|Ep^ix>$@XRwiJfK1{j?*ya}awBj8Mlg+PsiX z6)q;|gb-9<$<@lD(dQ{KwLj!)y zo-i*kja*|gCfze1NT=pm$bRC#RQ6qDUGX~qTEs3d5NSRipfiASu!GMZdDW~^WV%O50Jrpl~v4N5@dSPFm^INvbXgEt~s09_iGWc|VJHxglty ziu1U*93EZEOLAA1WW`LU%Bu(dfnAAp%l7!$7<>-VRQ{1f06i{p+`yb< z2Gd}cOpGPswmJ6;ZIYDgK1X#3p?cfSy^FFkn`tG6byyP4p5*g*W2QKF3uEgIb=X=y ziv{z_uMJs9AyTt}SC;a5J1Alf3u?E;k-o>VA1)f9*GWBZg!DPGTP#Hxhgfv*k%3Qp zfqD}fXhoOT3&pBV(-WjYEmBjS(~DBUM9ID6DE(5K<%`naE)*r5oZoC1f?AZ2EVSLc zSy-=T1AlmU|~p7#SYuY#NLQe2#Q88r!q#Tx7sAxT(}M`Z{N#px{ORczU| zocZvnpdge{5ZvOoFv0bxT+u26G%A;s%D9n}sl~hB&m>&bX&;J@F$fi^xm2` zcL&ghXn=Z54axy^E!l1;b#yp_&2 zi!U`flAmYwrn&h1#rLrt!I3-*1#us%$`SGvhE|j^Rnmk)=sIj2Y6ofI+N2f$`goZ4 zemsN-7pu!dyY@;F;kt2+(5Hg_JWbb*M(8BI3@IqzWPoTaG}Bb7@(K|g6rYU<*5j1R@J2dSWr;Na$!t0| z3vkI&7*DsD%0@ne0Q6J?lYAQa$HY>d&A8i&d7p726}prpt2icebSOOX9wj~H4{lN` zXr@D%b&C9(Q$mmfI0leYVvU*SNbtK!td7uB5hS=DH|I8xjXFrNneReV{6QtLOmg8< zbf*6%u>$IVpS3`~c@P;z0tKruLnks0>YT6>f^!Ru_@lT#UDODXJMajC^}dWLU%D}p z^-_%i_d;X-S-p5f$OzhgRpi+c%6&2^n!_MVw&h=Xf!(=f%WbVUY>n-XcO7iqu)h7~ z_6;}Q+NMUWH?O~W!}<*y)>A02p$A&v;d@!&a5%7P+2WRARIh7+(U00a^w@l5_|f2& zD=rJ(1rABuL^xW69)@li`cA^pzCaH{=Z1cSaJ2jAVd(c7`qPA?wNf?J^rlq-Vz?I2 z7!lES(nHgO_nG-KgrnV2H-EF4UzKF`Jid(0{HEVGYx(qd5NcP{&2KUDH!1qFb@XQp zeW#+2*3o}z=tmU&6vypSfNfUzkI+*SxvzSX z^OitW&SMi(h@=$6FH227(c?_Q2rFT0qlnge_$yFXd`vM6iFUP>`3lr{btm2Xh$sZwOC&-s2FXfX*7&K9P8aH zG5+mj*8vPS@7bd!#t$8M2*B3(KzvV(nD+PfVd?;eTY7sAb@fRwzBjQgwl{%E9!`Mw z#`o=~MHKJ--3d~fu|btzl$l}tP>)4hq5SQ~Z&WEv9l1vHcb*5|;lasenm>LX{8R(DGk64}OcMk?I9ZmU44#>k&~Wt~1;@Aq9k zT<`ZmAO4nlAMxROzh`~8u6qR^uInDQnrK>2T?blyxUK`8K3wnjT|Qjz>p>r`_w|Sm z*Yzap!*#tX_;6jHg@a*%)?e2d*53b6Poir#`b3}X_v=w#>_At0B6c{z+V^xNx>)<} z{(jcp-P_X>I|%GxZz9%y=RMII`x9N=53qK@9@~Ha-oCD$m~!L)-L*mjndCoFI)PDp zhBl|CDf11o3M0zJPJ_t7N;=rk#Q*o9r*x*dY8!}i53lSK3iqF+Z~E3HUTXgJ=^P`O zA9Vf(B~x4)G1g75e}e{8uh-Z8ZNT-|%esh)RDqrCC97BzpRkD&dhdFdQ( zVG=$+MVy|cL0scf!SHud!zTl#u|$rruz=?CIB zK7T~)d#rtMFW9GeA1otf^tIJ3T0G@fD{Oy2o~rdTpnJ~f7U$EbG&wnz8M-Q}Ewi1; zWwjA4H#~Ylt}-Lpkz6*H%c3spWMC+BQhbZ{G$t;tX>P=pv@^qv;pP$s;`t z4&W_(m%&+SOv-<~>%R-m>c^z~#jgJeIBN!z@+YT)0I(S0jt^Kjt6cP6tyK-!J3J7t z?#AyuvjxdZY$3nrY*%>1)p@=TC)?F(JQ_`MTo6p#fzz(etefGqH1JQVK$vZ8ff2H5B5 zn~Kj!o@9%ml$Q&|)jiHdxVo=r5w7lwH21OPnN_x)6WFF&Ibz<_JhAMNRyRG9w5scp zRA=uAw&2m1{!RL$CVD>Z1vURQKgYSKndK3dI)5k(d9BV@ zb}Yogp-B}GhB2|zl7;_!Na>ULudoS8^-rN|yol@nO+eP1KNF$<_zJ3g)qfllJsT-+ q)%numO(Hj%kGj#`GonipzQHCWS#Fo$yBe4OPX7MeyOF^nn*RsUhVM}T literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/difficulty/test.out b/firmware/src/powhsm/test/difficulty/test.out new file mode 100755 index 0000000000000000000000000000000000000000..4f11a51b99de3411ad2bea1c7ab31190b70cafe6 GIT binary patch literal 22432 zcmeHPe{@vUoxd{y2_i{UU{S0L0=pm*0s>14)CBVIMH4_E6)iFh$%Kp~ne6?C-c4c`|E!1_kQosH}n2cE8FCBIG9RV>@$o?ZFvGyBnhsqG6PV=*05># zyq0~6U4rr?juZ4E0YDY0#%YJy5}yS~a>pb+9bO~(6jT-xB)Rd@5i$r#K_=Tla+8T5 z%jxhZvLXc)-K?*GgptzVktqVLpjD1ciLDp(Sh*cG$aXhLsN|?fatSGyka7z4OGhZE z{7F8c|8r7bIxGQ=l7hrbY3r+@D$2Jm=fyGb23eniO71quNmmQOkN8w>-zMuD&o8s3 z{R+zJ*|J*S-qkCY)mAO7_0@-)mNu#`;{GdO71#kBZ)K4*W^X3Y6t6m@Z;dP#; z8;7^o|NA>TFaG%Mmnz6^vVrsw4<+JP?k6}6|3nwfdFC~Ob2@9U$Tcz339-6)=c2!dIJmG14 zsIx*pIY z!`XUt@+&tnrXTJIIg>qlLX$v{n#>*$EOk2mnR$ktVa&;@pJS~5t)Oc>UZd}kK z1M#gp%33DBHwUJ+On;bz_4@&mGiO0&BzJBJQP$swg5EOuUIK-Q&`dP%;%AUY^QI>I zbLSo+#b+f1|81Oq)hz@Tf1n$2z4PKtdS@a_cRZ~>_d#d|6#P^w$WHcG^Lmv0q4k$T zj)j+1=#ll`0~gbcS3{TS(e-bl5L=2S#cJ^J^yER59d{`?1qVM5Vg+Pc?>bAMojfVB zy3ridjc~sn)d01`&{fFw>n$@5gN1Rdqo<4VQ~+UXQa394(a!LTKqR8f&_<%#NJ^U# z9sozL-lZj|nxSinEwjQ1SU7d9)*I+WE*7mAF!H38Ff9So;zJ8SiCZ)zbVpB=!PC?9 zh!!Ue@u69Qhg%mX>weZwHmA(ujg)o~WoQ{BtakN7s~)WY>as_P0r{Bjcoq$Gq8f{# zU9Bkth3`nMQ4VSN5KReR+D<_>_ztvmX`@_Omlh{D_#8fjsiudi;wZ+4t&OOn&Qs__=O$#V+Ek2L-fsJtq%@T zUOaaQ!|WK`*akNqMHIKfk4MUk@?)A7{+x*a6tOSR05m$Cw%+D=|f*>NsMc<1r=k^@sbkP%HB1H)NoBA&TW_go*IU9J7$4`zr0?K9 z1tvwB`&ejSmv)XOx)0Uckx_46RO@i`V8o6~MJQuh8zy&0wR49%av%6DvXSOtmV5XG zLZ&wcp3`_^vaLD^%YC004WqJiXo3elNBSNTsv|Lnp`EkJnEmx}ti0#eKi`sHy+@XW zrot{|#RxhlwfItd(68NOU1cI#4l_?7NDv_5?ouOx#>An5LPWC*9@8C|8qOI`-cf5Z zkg*6vUUwL1B2-gcai#E9H+A!;{wUO@JDFT#Mogq`#1Uy8VY$Ym@6)s&L(~mjn_d^O ziw#6X8*$JYKrvXTjU0Tztec{~4XP2uU9ld-t&IZ9#CUid6h1K3>@~a5M&aMmwAV3o4Gm8*T8$ zvAMYqQoB*%F}*W38OEWr`D~FG+Rn{bt91tocy0-3DPxaQ@Yy#+?Q%oJcZt@9fsooI z+U$LdYL4{JMa3~*@z_eDG{?u#pne1pY>u(e9C#c7fgM;h+zv4`t1C7WbInw~+Z_D9 zYLd_zJ4y2py6SbK=Uq%I1MMziSb{3y>@IBtC1y^}mAtX`hDO8E7fp?;e@gX}Iuc=9FSn4gI}k{;9u3|v+SO|rEHUy>9_#_q+$v*d&$r6C zU+u_!ykovLG8LOL&SK68A1?P5Q!as>@ic6lwK(P^EEe<72V4_xK`&;8+`~S29&8BC z#XaW1CxHnejtL<)bTDAw|){KY}9ES^1~REa?@foX&vSh zvT0MV5k7BJ^kBH;KGA{M5}D3e9>NNX3&)_5JsdNPUdsIuX5ll`T3W5BIE;8gcX5J- z^<=<7<=9$nAUNhs1c!9?=NYt7hDO?RjCOisyr-g27jsC>q#wr`oJGXBMmTqpsAkxp zU4E|~>6pY%Y9c3&XZEJWaQwyj*eJ)6JOBf+9~%`p#48$_kj9LXCDetnC|iQLgRF=d zWEK!~co?xB9&!oKYZr@lsz@5)x=w|mqk=k~MpDZo0-)U}KM~bV9PVgxfw{vx(|7Q& z?Kbjwg@gC=)%S$zm=mI7AkiLW3zJD&lj5QzI*9VzGDW3XUSc>0_0L*#*25Ib@J6J0 zl!fL2NzJBpvmY**Mw47EtgvrEl<#XD?Ey2vWFIh z2R@*nr})86Y8FXGDY8zGe|w}7!~m87#1yZi?<6UHH;mfRHKXVxxF0*`#UPvJAjJCa zgQa+G8M;hx;V9Y{T*hm_JdnJe%L4Zl&u*;I;sYEnfHG9A>mUUS7Pz@7$+ zIM(HE`x|*_(L%51)q5YwDlvCun{-y*SS`z3KM~LnN1<@4y9EnA7$P6!)EO5plAaNvCt6NRwooOm53YnB9D9=CDeYv@(9PJjlP#@W z&r>dGB0ISqlP)vkr3gOghQe;qxRzCYxUe9@c5_jhK^?h= zpQU=hgdJ`irW7@_(Jb#+R9I50gW--qR&Y8hIjWLj1_mByCK`0n_OZu}xP7ds2S zyTHys`Y`QkZx1|x6AYaR$+h8QaN==uupD}wJVjv83`_$IcNiCR18NehH)sOwHFwEkG1eMbJF0BkGW#Wq}XKf$V}bBTGZft z6=&gDT$`473RUvZdh)+%-!`_6PT+;|Q>of;`MRgNOMBbNp4Q$)xMAXM(cTu}uLkKl zTufvN|EqBOA}8x1c~^-kIQQ|A$!!mGgf61>bbMaGXDp7TiTY_gLHRt+!@`m`Uc~^! z>t@WmkcVhAIwkG9QSTE74T)TcVk zp1I7u`}WiN$vt^1AOF+3U*jpv;Reiny76cef%b|uiRMdY%)D1WdE?h#TQ=vL^L~a< zK7=LXh>kv5{c`N3_b%$EznA~x-`BsiA;>34nkb*@cYL!W=U={dSU>&b{!f<=7X4_L z4;vajkUK1DJ)NqRE(hq6KkNklXsCPT2`H$#Cu~kP_dN*)REY+@g6DE z;`cnJmQB&q4`B`!xi4dz$8&d`t!^#8y{u*ZL-QCb{%oo7VsS;O@pkc!Vq>&IZ&`W> z=YyjL!G7LUWeCoI9758E=*u7fX!Sijy;bt4Gc{^ukxduhX;0&)rqL ztN5Gt1WzY5F`(nty@xe^pEJ z3ky~>xmd^>47sa()z!YraBb*7ekHe-e~Z|)#1+IhjQ!P%f`Ll+-UDD=>{`EGA*&!L zkW79xImLH_%cPPP`cCo6gz^}gpdBAUDuiOs!bHHA} z-vA~62LWee@mYrzZVjM@CmlNhzlF7{39tk3D4+}blzu=;^u2#dj(fK;M^m0-&Sg`w zTOCvK2v0xh=y)ZWTtW;oW#$+DCjLC|HxO@5-lm+{x8zQ{C;Je)>FTxD-?-p9LX&(6 z{&#{88+kL4>@NJTLZ3|`Y;jKBgU*f9FWCTtP$c?6f}r#7VJrHk6#X&Kr+~g0(3E$U zat4w=g@4k|zhbWBow`Zy1AQ;(w*aQ(HIqIH^p`-t-A3PL(&@qcSxhn++hvo#-IU)2dJ^(+m@ZtdTh>iY`NnZ#0OQ64OqrYg< zcY*#0#?F^*bi8DOr8Nuwf`qhVj%xM2K;w1#?IN~Pn+_mK-V$mmRsqyoXq9> zK)(a@KUwL{cTD+F&{xKj$w^lKIFly*8jRuDe@G^sHv0P}eI4lUfu3!pXJwiG-39su z%mwt@5VL*zQuZAL{UYdjR{E_e`eUH~2K4d9$0^XC0e!nw-nrSduMhN5(5Kq$n`GKI z3i_*?P7W`8+L%W<_#(sCAk zX>v(U!Go9RIcp+QZq6yXJ7-OCPC;?bq76B&4LP&Hzab}^|DNOl=vf0jWX43A@W6xz zCOk0Vfe8=%B|V^ipQwJ1sMa3(jU%PY1TcT_I9--c@Wq_5t7KXI?s1MRt3B}5vaEjp zNc$N|ivIQoNk1=R4W=Zw?`$j9LQ1&3>E4jiaRK;mb16Gpmg#!dnxq(h&@8an z>hRPmq1yNJy*Y67`&&v0X^6tFk!59f2j^mpo^nu9_2US_+XED5{XmvyOZlWMD?ek~ zCHN&BM;l%??dID5`XB0d<>@uA=9@IeHc9wd39BV+l<+|bmAv|0>&+WCe%iID#Jkt$ zsdp_ezz=qpFI~M@=3FZZRxB@AzPvz5WrkVIVZI;0%8`XT3-$YUJ3foWRL5HgS@?x` zb_PdhAqrKzS=jNr*GtT}wBr#avj6P(Y^M6%j-Sd@JlXM=nsH~xW9OUZPoigGbh0r7DlC>5q}linGvsMtCTJpr<2$p@I?W8qIuEDa#&BE z9iJodaFH#|lXx}HD&pTG{0W=MvforpSz`=LuvXOIsaHcKMH&%``gCB{{VPu z*IQR2gT&ADfKT9`@LS}B$Clv_Js%Iw0Zq zq~YlY0GagA4>dC3m7caVJ#;qZ`uQQ5ncZ`(#2=D))t%H2ne?yZ{8z9CsN>R7CjJei zh+R1*&bMRg=<~1j+j;cY@)}!FR0{wVguHRfOXmmG1 z_&ss~=XWWp=DmiQm0g;FY;f%-3Yk z;)Mdw?=Fzdk@&+h{?+HX{7O0nZyN`{ zU+VuaX+OVXfY`xt_#cw|Uy}ClI}PyvP~yY$`Uj{b4* zZ%I8{U@x@W7< zqduog{x%tCOC%vA@n4nw!tYu^`+~$T`a8ksgkDMy15f(X)iYiE3JPaxnq;P%#s0tZ-iz*FaSSB2~94nV|Ga)UEu zW91KRs_)qkoA&zlRr&V$LP6wjtMP<(`28Dv`&eB=IUYi75AS6`GlzHD(BmmEmKX1I zZz$Wc@m6<9>84Gk8!O6o+`-%{yen3%W`5F?_EZQMw|nb0ZO4u~+?y&kZ`@J3WwYCz zzdR$B8oX&+ak=K!HkY{Z?i;)PRm@#-$L8Yl(v5Zsf3yV@UXJ9}bg4lv*~Z*Amu=Zl zT;|@gY14LXhkHlyhBA$`@|W~f2E*KwXz=zLUv;R=TOCrb04n;pFY5_5l=vEbRbI5+ z-GJw0ezz~^uixwU1ggAM3_a4|hMVyMAyyNt3;OEZo~k-uy}Q1#&K>Yp`U6$&djh@? zUi#y$@`OBOiZ@h3og!a5WH-e6ULqT1%%eK-wjvvk&47L05G-}4Os#9!h`93v@Gc{= zLHmcWr&f6?^*SS)Lh&jj8%jisuc7t;so~Epp@fcaRty#YU~^uYDC{>uH92dk)aZ!oA#q1Q9X z7dP1&A>(12Z(j{5lzwqnQbG21WsNsoG2Y>%qLyCnl<|#CK@4(?Q}aPDMU5Q)4QOk? z8w&U^FVr;@S5+}jWo5X|%4~n6YN;H~wLfXp@2 zhFCuDm3(CL_xVu_d7JP_6BwBMJm&MgHFCuL;k!Bc2 zV<#V7%knXM)?re#P0)X4fwq}6^<(+tX}tIRNiyeEd4lutPkTQlug?7nE+8gL!ZKn@ zt5LGbtNQ^3T{dny3)oW$ig;}8SM{rV1O-+7>RLeE8!0Wczo4~J$*cPY1=V^<_g~~E zC9m$8J_{U{YExd_mnnE0G;5N}tclu<9Nk5!`px?bX|SqC*{}E%+z)xW+frq9&!M18 z)|76)M6-L5A)hLFbswT&hh$Xsr?>wBDZfGTB_yMQtrmHlj>hb$MqKbg+2$_mmwMlSx9yt>DVuP1G(coU^mS;_wn1d2T+ukO3l z`#t-m|5SV`In|FxAxkVuUfqlJ-UKAlA_2@#C9j~kCrQbh_h&^yL^mZxM#(Ao7SPuE z)j3fw68y?eQA)L6mH&tg=~DKqbI8sj!J+CAB~h2k6Z`=GRDS^#EJ?}BiCKqFeibTP6sem+$3h}S(QS%~=4`sXH6rXLk2-uhwf2w}POUKMi^0T%GjwxvZ HX+`$GUBBoX literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/difficulty/test_difficulty.c b/firmware/src/powhsm/test/difficulty/test_difficulty.c similarity index 100% rename from ledger/src/signer/test/difficulty/test_difficulty.c rename to firmware/src/powhsm/test/difficulty/test_difficulty.c diff --git a/firmware/src/powhsm/test/difficulty/test_difficulty.o b/firmware/src/powhsm/test/difficulty/test_difficulty.o new file mode 100644 index 0000000000000000000000000000000000000000..8fd2864c65241a6c47962531bd643539eb7cf53d GIT binary patch literal 3424 zcmbtXZ)jUp6u)WO&T0QSR}eec8&2u4%aXViJ61{my!HxRE45*4I$zWD#fCP2czNB@ zLUCFn3nkDmlTLK>i$gz%qEOl*ZCqhd1lb1>rUeWBTWuNj!!&56p7Y+l$@4b(;?8*Q zoclX}-#Pc*bg#-?9VIp!;bbGvlKhIJgh&tOWsf0xNF}KtUYh)wPHy%GGV;9=a#Q}3 z(3JNUP09Bb_JY}x9bPnRT=uQ{HPw^6-OIw^14rsQopQ$5#SHv2|e zzYD9RoZUD)C1)90J(o`2q^V}~n8%k9dQ#4UXLd6C_=Rtlu~ZYC*gm8mq^U}@TRa6X znmU0p^EZr)gi!P>O;wa&;frR?x$+X}d<;xmAjb5UD@G$;+f0K2^kN-*u|YEODmF7C zubJ$p67+|%YmX@}pIN4h{WZtu{yy~`I47bzJ3BOaC5~*~`%HGCe1GjYU3~iOUys#Y zJMz|HD;`XrlGh7NFC%YZXZW@RJq`YYuOtmLgo8--WC(mOic26U>1!$AJb@82P*4g}|1?l_>#JLZ` zxjf-?$0eexF*R@C8+i1tZ~@_^CqG zgmkvGos{a^)q$WdEV-Nxx5IU`@d%S7x6|!%x?E1Op9Qjw_YzyY##UFc=YeTx#sR?b zLE4MWX{oAtv!t!E++Jz}6GMjw3F+K_^xmBQB~wifBIo|+(7QNcs8aI#P9Y0>!5fJX zJNzp|c8FAn?4)cL{0Ja63x1ecJjU=eTR+UWli_P@UBfssJK1Adz5qr3m40}J` zj6lYoK|$Eqa2yr4>ORp(6y^C|xv%f6(&6oH>wB)JTTvXYf~a%%=}|hndRkk$l%9@` z7vw&rucft1R>)}ILYlWe^p;QWl^e30-&?SqHM{{cZD#PJMq{5J%F#Jqo)a1Q5r{}J#JzQzjy zNX+|-1-JI|0NX!kUkeYf=QzW8J*yZL$Rpsqo=yS(z%(aa3>WJOS?~(5<#{h!aJ*|d zF0pv1W+n#W5paHf`URYy6XJ-Cg>>Hla9uO`5SKJ{#OKh}xK12{KHWzg1F;x!Xc2Sa zkAy-hY;;FBqN|S1Ztqd}Rq_vm0lKL}NnFJAVWaUC64_m)(Z319yygBPS zkg(^T9AXOn?5eF{{`fZ^`tqChQD%>GMO^%)xFO_a=DYGYfC6LwUw;?)Vtz5*8UwaK zXC=wH0J#Ys^mhvQEmjb}U$`1=kvMO)$cBQwvf>9ZocnQG{M|uJte^YGxgq1c{~YcG zq0s!I_iT;?T(5KF@4Y>k(D~aEacWNR3 Nc~-yA>I|~z|1bBcH=FwE9grWn7AE79P6-zYMY3*C^3GPn1TZNwn zDkM6}JPJKc9w9G44^NQH*t=ob91VPucV@nsZ+7Q)eYWv+v*0+O;lO8jh%^iEv+&@1 zBiDm6%s_Yh^7g8CL*|-vy&KqSw?EYzUqnCTaougQ7IT+BE-0_wYPQ^_>o!%pcgi}a z9dM4T&TOSLeT9wYkf$G^M9bQn>P4abdTJdDFr?fn@rW`lI=?y26O{)#;{@FQ$;%aU zCkH5kF}xuxVkQqon9QTGdg=*&;y=EEOwBmY=o=unsCXTZW+$~2ne_LL4%h&OS(Js5 z&x0t8{rE@Zr(%$#fq#^SQasM?3+acMpTzxyr-2BdPQ4H`u{pIzBtr9ge_+{3BzYgL zOviSpJt>YQuz*Vrte<7T21yi&7`Zr+f^B{4E@zSt4uGZNkTWs#_fj5-@kTFPXHidg zZGUl3^{pwZ4b__XfB|v#4R_2U!?*SGn4@?4T>TPisi*#*pgV%zzo7|b_5RwfAg_J1 z^wbOt->%(Jdh-oX`8h3!-Ld(%(yS&nFrZiMnI!sE)lknxI=UmRf3NE4Joes{`mOSJ l%DzHNT3b)N{q0HeOAWeBfdPB|x0uV*d+Jc%4K2C0{x7P(TxS3P literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/run-all.sh b/firmware/src/powhsm/test/run-all.sh similarity index 100% rename from ledger/src/signer/test/run-all.sh rename to firmware/src/powhsm/test/run-all.sh diff --git a/ledger/src/signer/test/sha256/Makefile b/firmware/src/powhsm/test/sha256/Makefile similarity index 100% rename from ledger/src/signer/test/sha256/Makefile rename to firmware/src/powhsm/test/sha256/Makefile diff --git a/firmware/src/powhsm/test/sha256/sha256.o b/firmware/src/powhsm/test/sha256/sha256.o new file mode 100644 index 0000000000000000000000000000000000000000..fcb8c696885dc9e508af1fe353feba7f7f24363f GIT binary patch literal 4352 zcmbtYZ){W76@Sl8^A88R)S6(hEnCn44ZN6*l28UF^pdAGD~392D$*q;F*sl+kT@Z$ zY5{#D%G+x;m+eC)T8XZpb|6hm6Ra9r>X&MVK@WA5Y;>;!74w(|O7AY>D zQN5J7T@6}_Rk?AZC0MqSVr6+CySk~%J(rAYstpdi)N2hk$ zhnryIP$I0c?D0xuK{tF7$?HaoMCNs)RU&h`(JqmkZgff{s~bUyOzTESA{lymGdI*a z<&X%TQ)UZ5FU-ohJ_&oxp__| z@8fhinao4B;130WDWN8EGpvz9azX6@wTzn#W%PQ%k)NQcOI|N4g4YN07zm$Ew7@b3 zqD3cKWin?VT6Llwc4{Enb)pjzF%X?P5rjMqL{KL}P;&zjirsiey?{~_&Y$EH9uF29 zRUzRKn4a)>5C6U5i00uN`uXAOn%dHPw|l#$wr>0P-iw;rescfveVW?&Qt+X3ni{

VYfGLK^RD}oZpmqV$Zp)lL)6KMswDIArTH%jLwzWf6xuR6Jx21 zx%Gk+%|iMaL26DX$b!1lKDilgCdmkRP|%=)$9`=EYSN7nXSoV_JfmJ-g}fdLhz*A6qce2EBYW9&rkQ1W|TL(UzeWsB5ul_p+J~U-=`<|A` zuj`;h<5(ulPnBwZT0*c%C1aK1v~ny@OkeGx?1*=#UJoU!H5Pz744{K~e#-#DcMMu1 zUhH6YFmDe2~jL-X>Pyx?4+bJaG7eo8X8mSS$&Z7{mE7IU)|%+_Aa%~9aiS=r;$?c&n%jb`sKjQeDa$!|@XzLf7P6+F+{^rUze`#A& z|HP&AQ+sc|a^P-{EBKEWe;DcMxH#w>Or9yXBwqS-aXdB~@?QAl^?T$08azJ9HSXTM zt$O|AfrDNC?rL|fYqQI}>Cp{TtKM9@*8G5%N@g(-BqR57p&l-a@$pwOXB5YqZ*ds7dUgyw z{l7&u%z!Oy?l=!%IF6cHl(xG@!slvuu;w0kjN=Mk2pF}R;Iwo4EG-7_2c_8gW$5`0Qb#;LjAilc{BS?!wK3#82EZ7j p8(s!FKIV8#(|mRSadmY4<7gO$Isb=&D;D2E|F7^HVo^26{|Al+PG|rC literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/sha256/test.out b/firmware/src/powhsm/test/sha256/test.out new file mode 100755 index 0000000000000000000000000000000000000000..b48a2106cf6b2d5ba255400195cb1d5c17787952 GIT binary patch literal 17288 zcmeHOeRNbsmak3+(m?10j7$)emJbOEAz=i9$j}LS;ROQ(NE8K*aEA)JX5W_3AdSJDoXm z_K!VhcT+hpx9;zLRMoAj_o`mMdP2&{iZU1&B_sOOvV zpUfy^j3~*2V*l)9gCtg;I)3g=jz7A&YiB!mdZy5pBl`K_W`= z#A@L6p70k=GtmeVQPjnhd(Lgge9fJl?L)U}Fe6HK%fL>AT4?-zLSbJn%IhyKiK6~Q zMRVEolH&EV?wwv@pH@;_R#`QzDs9%ZS@$Np%9CgCb|*mbIHndZ$!Cp!we6U__{@I$ z8)sImo~`-{6B2m$U>(pO>R>{B3O~}JaG_jl*EYy$7}ArD4@;5um(Xrx1YrSSmI(OI z0E?tQq#yi_e(<^d;FJ2np8(tfS9p2`082Os{8YHcN5EM{rMsZW=46UubGaN&w^C>; zE@2hU;xcz3D|M8*9Bw29r4^u3P-RmJi_2^!#g93Fg}y9MTy7g!mD-BS81mSav)IC% z?2HA?Y$z=+6FwA8HKL-{!%@)B z+8;Ir``Q41i-FR(th}ulLLbE*LIp@PUuk|-jL`6IF&_y}5x8vCK|?1O_575P|<45s*DyCfPgai|LHXwN37* zK&$L|&vZ0c`M}IGAPP)63;*NBSs{mf5z0H;1CSko#H!r7d&?4BG%XP!Q8jfV%Qdr~$ zZoLa^uEveaw$K;bY+zH^|lyG1Qv={Pn$i8OYXs~0I)AMD|yn~>{Wc8doR`$;O0ho?y z(4>wc_;+m3CEyKf$&P5};~>ljoBFj!ku+lDw5+_XtA+b}x8+74Agc$OfHX^|0b|Wl z84rKR6jS=VNK@LK3In_wMAIR2dz1vuYC3C`EfgQpyCiBjIr06t4h5= zCQp@mg3L-)x*BBGs8V;3S*J=}LB_619YLl@mCgp45>;v!z1Ml1$EnNTG8kh6bQre1 z%ik1(w7o7i3b+YU2bX@=Izc*{+G@Z?%5@2~V2k7184IzFj;c#A04{=UXjP?8yi%{f zB??V}@<8|cn}(_r5-GhVAfJ=IrZHo*-6>ROlZK3YK@oaKVAZe%-m!M|py3-cE$Q3#za7kngpjwE=a>;3H} zocMZFjjay_yb1NtD{_PEX^NKXV)=-K-jEGw2vrg{8ujFmzMeeLYo6*Z(eBnp$PKt{z{*XwqC6spxGFj9?hW z@*Jsc^NxBN5uPqfuyUXaMe-X4&v|-gZ%%<))@2w3sD5-TI=<$@Eqy`esqUS<>FWy* z^%eE2KY!ELVJ-Red#xqDGzifl3=_8RS3T4|twB&pf4fm_5|P89K+Wf4sAE^|d;(;D zhc>VP{DlsTC(U^}5S}r}?aIZ`u7%UzVIgp?4oo8OJ{_1s;2a&8MqpZ4ThBwQ#8~K@ z3lB-O@#f|>;!5HkxYI!k{U4uKPX>oct9oKryrz{GrUm^9BbN_z7*8#vwlb2MHXHP6 zYa*$|_VKnZl3IKpHG3qrgg$CTk<=3VsFg%g8>>^pVGU!?7`O8sc;E%c^|r1iK6>6= ziMMg}KrSb{Wlrj>Na~~-99>`W*|VGLafr{Ug+Jn$)AYS{+?oqNM3YIqXuf-0&Sm@x9y~7w(vb@)G|{(p;mwj)O!h$z zk`dZpn}Ur{cc&p~{N>c7K{@4@N65Yp^CvhKz4Yic(BQ#RwNNxZ`_{z|m(8e1lzqRK zsz3c8A@Oz45W&R|HuHL-ce(N1g$b{O~g^e^~{(6!yu9=IZ+tox8%f8?CF1xqki?6POY!Arx%FRvhRkXY&`wZ;zpu2HesnUKBG|G)^!ktkKD^G0z z+2M87g$M4w1hOWOwaAT!?)m(}@xf=4WS{!RqLGVSq7jA{CF<+%wj$-d0P=Z>{kWWjpAHePF3B5zn%p6#)>*&v_nE1P@b+~kCHr$ED^ zX(S=3+s*as4)A!?iEcRQ+rkTK?wI{kAQ0MFP}9)PI@>ll;l|#7OO<`2y07nRxWjiE zG(tLSjs3G*8!ZJJW#5x~r+m~hacMSa2FWi0THQz7(r)kWJiW2JmecC``XPP-Hkm7GSOK% zq9S+XHrc<;L4ZPs+aGq9;Kn`s+G&Bv#fJ5SliQluDwM|$&Cr>EbQkiqh}`&t zE&1{4KmP4~+4sl!4=tHHWKlV^ocE5pTkFl~kG?u#)?2UKCHpQcx;?seZOQkb@sIT8 zQ=&JE;cmiv^Z3#9hjL((H;%FN2eZ{r)AO^{Yw3CEYHz+=H_Zz0ikvAw;hwc)!6j(A z|0kn+OzP)x<5-S*IY+&iseYXvNcd0LbJQTu`J(bX?qyf6O<$9~HvQpr1@>SJceZ@b z8?ws<@c(Htg#0SiHwX>WpUQYHbM~Wu{;}!6>z^O!Tz%xhIhRIUTJ_rY`OlwvcfV;g#{JDttU7#USo^Vs&%JSKS;2|H8>UQ2 zs2%!;$!T|vN$xG3y7-piX)E$vLmlr7-MA_F_>pb3Q=QMh+;RAo2MTZ7Tj71+$g9gr znn!m$e{$mBUwv9T(|omJ&&K#s{?|sEN@m}Yvss>e;7|MSeLHsSoJITEmMlH->(y7v zlZ!5Hf7V@I@Oo83Rm%=jRP)n61P;|-D9L^8yH~$Ibh+x$V++bl;g?Q_-BM(872RiH zlTv0>F}K6zR$N8488c@k7iclle(Fp@t*I7ARfVGfjHX&v$myV@WZ)!MR%HK^G{rJ+ zo+X7bd%1#Mm|=`@F8;P|hHKBoKmgwWux|qad>X|AZ2)==s0r@Xy+D(I#&pBb2fFJ@ zAb@XPqOJx4yMX=#bT80)k3xjP~%_hMB;x2?3GNb`4zT0O!9arkmq;MlBdVI0GsKILf!e^#RC-0c9l5x+(uP zz<&VwHe4f;+_=?<8fgC~xDqc10*?U=%A+c|1C*bJ%L(!yL*&$^apE~Nguc>OVETS49q%dxds zeug>z*{E!D;xk6cY^jTu%t=oV$~33!94wpDJTVK+){W-0baP6&IVrMu1|l#Jfq@7NL|`BS0}=SY83Fo!k-k@?wI6;1i78ei!4D$g z*H)gc;)kb@Mr$PaUE~Aa|7k+sm4}x*D_%pg1btA@ zLP0kPN_MhU%Pm~6;66)Irel4vt;~{|0w40GPMbAFQs#Iu7bX6*TL`|tC4j?)Q@JS2mv<2=%aBK>Sr*c@feE7FzUBZ+{CEAL-8Su#!)Cf zG&tTuaTwiU@kF^1W~C(}KAhD=#LdBT8=?N=7|r8Q9GqD6h?Y095y5i+dZ`h=SRb!P zNdK1LeL*iZ!mOkFK`4GJi!|kh4V9- zT?*Vpv>e_Kqu{MfQ&^nwJq_aBVfdW_r~9ksg|XR?F~HrE>O=Q~1sv}ipN+x~-LJ{d zCa&K%&btARRR6|)@IBm5JhNCJgGp5A706<{o)q7+^LHqKy$x3+|9);7&#LZ(3?#Z= zqPs}?e*xS8<0pC|YKNvs`scXHEq%t%b-)d*@A%O=uy1@u^7i!|&yxT*u)gE!I^a?G zvI2RI(u9^@3jEq!6OItuZ=NnSBie2 z=hT~k$AcdlS5%aQ`cZx7`+n|+v~JR){or5pgLiY>%uJ%5{9PKj>lJwQD9ty2M+VuU z&|Zw&R#AU?j^lesxSRAzS^eOv0LS)Pt)V7`fLlT#&Q$_FA}W#5bBR>8BaWRbjKt%Z zJqI|}vtINsf5!$!m*9$r`Mc5z8C_CHUyPG`gzRO3Ult1{{;m&XZvu{f!u#uh&^L+& z6@T{!`aZz1{^9z^0Jn&;^rT(*xebOiCjJf*=r@3m=SbMU0;k*Mt}HBs7uYw?*eLE& zr2tRaxZs2hyrSMvQoi0+qS)Q#PM2b_HHn&Y2tO_kdfAT6sq8+~qfkdGga*Awa1$YiC zeuKlU6uXr2vi0RQr`-V&3qPzC;#K?ABLsqR1NGHTW`T9+F)hXJDp!hZWp+HmmAw?S z?9k>)*Uf@3s=Si)1Bs%nce#W+eppOV;3ODzFdh+$c%$of<8o92{kHI4f9kS-IPhyrHZzd3|Lu96&6#3n)D!dz#y}fpHoB^23ttTgt$n zM%_+LvdQ6e6_=NVFbc?=juIOhh+IX9n|w{io_%; zvV#-iG*fLhX%>`+5^SZ#1yFps8$Cnia6lzPSXna6=TexaVfTjr28*{Zcm%++Q%kgd zCrbN4A?CW2M>+v6e72E2t@DY7FB|B-jkcI(!KJsS{Qyx5D(O@$R3 zn@}WLrL)IJTzLGR0Sse8?-B43&y%3yu_!>Tu0aMeDqMPdi?AcQPOl94F!$_*F#8&z zK$PlBZipv}>m_~pbpD>G4L2UTMCB9oDrEHbwBI92?=MJS3=d-2o5G&@k6DCB&>D2E zOBP)ov%iB2RmeX4Jo#2s(xve74}(l^A6&GI*NjZ$Soom0k;~(d!4Tmb!bInH>704E zKJi3PflVA-WKa9n?rG@l=6KV%n>^Wn2?88@WKa8BI>+BG;z#3??5H0bz!p`=p7z0Q z(*cB(q>05hD&eq3Y@F~pGy^WG58Z!oeo)=Hq4?J` bTg%XMfMirI@wmN-WY6Ym8Zlu8VJ!PEMe##% literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/sha256/test_fwk.o b/firmware/src/powhsm/test/sha256/test_fwk.o new file mode 100644 index 0000000000000000000000000000000000000000..4ebfd3efdd8231f4f8d686b416a261fbdbdfba65 GIT binary patch literal 1368 zcmbtTy-piJ5T3IE6YNBel_C-pPK80R@>wE9grWn7AE79P6-zYMY3*C^3GPn1TZNwn zDkM6}JPJKc9w9G44^NQH*t=ob91VPucV@nsZ+7Q)eYWv+v*0+O;lO8jh%^iEv+&@1 zBiDm6%s_Yh^7g8CL*|-vy&KqSw?EYzUqnCTaougQ7IT+BE-0_wYPQ^_>o!%pcgi}a z9dM4T&TOSLeT9wYkf$G^M9bQn>P4abdTJdDFr?fn@rW`lI=?y26O{)#;{@FQ$;%aU zCkH5kF}xuxVkQqon9QTGdg=*&;y=EEOwBmY=o=unsCXTZW+$~2ne_LL4%h&OS(Js5 z&x0t8{rE@Zr(%$#fq#^SQasM?3+acMpTzxyr-2BdPQ4H`u{pIzBtr9ge_+{3BzYgL zOviSpJt>YQuz*Vrte<7T21yi&7`Zr+f^B{4E@zSt4uGZNkTWs#_fj5-@kTFPXHidg zZGUl3^{pwZ4b__XfB|v#4R_2U!?*SGn4@?4T>TPisi*#*pgV%zzo7|b_5RwfAg_J1 z^wbOt->%(Jdh-oX`8h3!-Ld(%(yS&nFrZiMnI!sE)lknxI=UmRf3NE4Joes{`mOSJ l%DzHNT3b)N{q0HeOAWeBfdPB|x0uV*d+Jc%4K2C0{x7P(TxS3P literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/sha256/test_sha256.c b/firmware/src/powhsm/test/sha256/test_sha256.c similarity index 100% rename from ledger/src/signer/test/sha256/test_sha256.c rename to firmware/src/powhsm/test/sha256/test_sha256.c diff --git a/firmware/src/powhsm/test/sha256/test_sha256.o b/firmware/src/powhsm/test/sha256/test_sha256.o new file mode 100644 index 0000000000000000000000000000000000000000..8746029e3c4b61de408b667912d1c8e507598f80 GIT binary patch literal 3512 zcmbtWeNa?Y6u-*~rh=joF=ONwexTvHFlqUf3%GDahE-rkZK}s(d9nw$NF*+SlL`PmC12Y9BBrtMdY?g**l0f2#jRt$@`de)P(ct0b{r&wk z*s?@YjZ{)0GpdlKo(9{mqbJ?kDDfodyb6{0TSJn!WbBFaec7m;$wzqxd>DWU>9qEmo z2FC^r`@s;VVUqStOw;mnuY>JKSzTqzw0mG{16v0TfBD?So1Jmj(y18yxM18u_Xi`v zb_#44XxL%ySotY#C}`JegXI4!P~7Lrfp;ATOlgPV2jLR`|r=Fc;! zn0)vC-lnI;OTZY^tXC?&e)GssY41Qq>Y+x^td->GsHA0LG8MZ=pP7c8 z1RHBsA?qX+TUjT;wiEoCX*iX2l8OnelVD^0x{r;-WW|2gOt3)}uwMk4ssBZImWsda z*<$Tpm1Y7P>z8%ay|uxLYqzNwn7!uU3;R#O`L}d~-*p^w$DZneu(;}AkLG7Lh%BiO+y z!%#xAfyCutS-Fx$FI%P>=Fc~n2&t&%FbX00xw&%;=?jH&C+{|7nv7Y-%;~eHvXLRn zl$B}9%rucCc^RUsEhf4^qHcWr@W&e9jd==id{D;X#hX1k@!go*ggAY?4k(gso@6B? zq*vQF>(L%fFw`(|uYV}Je#jdht|<5$O7swEDAAMHN8mAl=m1~NEb0vPWcVX|1oTAB z8ldP&+`xp5CV?KO%3rD(VAJ7AWE{21je=XF;9L~k6$P)2g0GK)2czH(QScpr<9?NW zN@oBt%^BvnCB>G~(iL2utthv2k+q29jHbvTk%N#L!rJ9sa9aR|rpKA+(AbCtZainw^E z8TK|6lHx)br literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/srlp/Makefile b/firmware/src/powhsm/test/srlp/Makefile similarity index 100% rename from ledger/src/signer/test/srlp/Makefile rename to firmware/src/powhsm/test/srlp/Makefile diff --git a/ledger/src/signer/test/srlp/mocks/os.h b/firmware/src/powhsm/test/srlp/mocks/os.h similarity index 100% rename from ledger/src/signer/test/srlp/mocks/os.h rename to firmware/src/powhsm/test/srlp/mocks/os.h diff --git a/ledger/src/signer/test/srlp/resources/block-0900123.rlp b/firmware/src/powhsm/test/srlp/resources/block-0900123.rlp similarity index 100% rename from ledger/src/signer/test/srlp/resources/block-0900123.rlp rename to firmware/src/powhsm/test/srlp/resources/block-0900123.rlp diff --git a/ledger/src/signer/test/srlp/resources/block-1234000.rlp b/firmware/src/powhsm/test/srlp/resources/block-1234000.rlp similarity index 100% rename from ledger/src/signer/test/srlp/resources/block-1234000.rlp rename to firmware/src/powhsm/test/srlp/resources/block-1234000.rlp diff --git a/ledger/src/signer/test/srlp/resources/block-1900456.rlp b/firmware/src/powhsm/test/srlp/resources/block-1900456.rlp similarity index 100% rename from ledger/src/signer/test/srlp/resources/block-1900456.rlp rename to firmware/src/powhsm/test/srlp/resources/block-1900456.rlp diff --git a/ledger/src/signer/test/srlp/resources/block-2221171.rlp b/firmware/src/powhsm/test/srlp/resources/block-2221171.rlp similarity index 100% rename from ledger/src/signer/test/srlp/resources/block-2221171.rlp rename to firmware/src/powhsm/test/srlp/resources/block-2221171.rlp diff --git a/ledger/src/signer/test/srlp/resources/block-fakelen.rlp b/firmware/src/powhsm/test/srlp/resources/block-fakelen.rlp similarity index 100% rename from ledger/src/signer/test/srlp/resources/block-fakelen.rlp rename to firmware/src/powhsm/test/srlp/resources/block-fakelen.rlp diff --git a/ledger/src/signer/test/srlp/resources/block-post-wasabi.rlp b/firmware/src/powhsm/test/srlp/resources/block-post-wasabi.rlp similarity index 100% rename from ledger/src/signer/test/srlp/resources/block-post-wasabi.rlp rename to firmware/src/powhsm/test/srlp/resources/block-post-wasabi.rlp diff --git a/ledger/src/signer/test/srlp/resources/block-pre-wasabi.rlp b/firmware/src/powhsm/test/srlp/resources/block-pre-wasabi.rlp similarity index 100% rename from ledger/src/signer/test/srlp/resources/block-pre-wasabi.rlp rename to firmware/src/powhsm/test/srlp/resources/block-pre-wasabi.rlp diff --git a/firmware/src/powhsm/test/srlp/srlp.o b/firmware/src/powhsm/test/srlp/srlp.o new file mode 100644 index 0000000000000000000000000000000000000000..24a802bd737a876fcf2c9392cf4458eb56934c4b GIT binary patch literal 11080 zcmdU!4{TLe9mmh>>qaTiS2i|AVDn``HiXueEo@-HcI?4}b)#`rfFtl=Z!* z9kE({W9?gM)|gBe(WuKb)1h0YwpEcmAY+&qQ;^M?n8^|lnsxzZWG@bV{(kqK@4L6Z z-c!q#;5^N{_uS9)T^y(wJK3F)W&f7 zbT~Cy8cw%o!`-25IDHkj9=4=5C#h6)bM6vfxeA7i~9z{>CpKJ z2I?*>NM#EHo#&@3mCleAyIodLBU^Tzg?xj#lcbZBsV6dRpAL6hhK9S?*J z>FNP)2&Z4q9nZH_m*xhCANE^Tv!<$!q+1gY;f6u6 znvrQUd)E0pJG=VHecf1(JXg-xvO|I0n`wAw0i+ETZDQ=FV0htCdwD;I_VgdDosk~( zi41Lg{>>Yo-%K1_+T5i>XH)HG{mB4Sbyo*-gCo}x^d)CFkTz{vd+My-L2)$QkC}aR z&rayKe$2c>>(>NwdiUi>T)D?gsWYf&Ui4GOC3U4I#XZ*cN^iS)m;C`I#g8V=lQk(u zQ|+T(lVbF8C&jmE&bs0?@y&20Z|@O*?})G0F)ba+4$r3O@;jTf(t1Pk2X?B? zckc;WIflZ%qnN$4oTcSbHbAZ^`_(s{jip1QF`AJoIc0!1KO@Wd%7?2(e09f{blZ(b z=oNTmYV2V1Xc60LcRbG~(_?S5^)~IOoOCy~$5hs=TD3fQ>)p|&3^#UYI-;$bZzRro(BH~2v83kf15}}6 z<(AG*(~sq!)7;7_3&dNSc9u6NIz}22ZIPXcR@AL?thK&58i^^My zUD-Ucrgr^ZHMNoTt5-h|+7Q`Lb60IBqM~g(n;IJ$6OpaEqOC1<=awDuWOGzKnvBNd z5gsz0XpQV_jm8?=BJsvuQA?_+F`gI$+01MCK!x}DoPEsAISi?QzfVgLmjyP?bDjrW z7TG6D2Zw@}EG|nlhaT|Nf>ZU!Its7NpSeJP;l6}LU8!CPH^P0M{wwQ&cI(Z@K+4{h~V(|Ex|EvR&e<1*RK#V zKK!+x3po5;EI97pI|awMwSosNtx7#8IOKN-4*ACghkTFVuydc_kUu0iMMJ(DSn3h(o{Ni2p&sq5loRVb2-CA%975*fWd%H_ip|2mhGh&~uyML94e?D+P!A z{enY(OmO)7nBa)dlLr2b;28HO27W+r%#&k+!=Aqx_}>M`xR(rkn)Tt_i8K6~EjaWn z5*%?}Dmdit6&&&p2@d%t!I2mH1HWS@SsLmwFqL=Tr3hqNjhJzoYfw+a&AY-wRrCP`88YOI0oS z27SFnaD1oi5FFnrReAjJ=0yEgIwxA~^ET94qfPbYiD+9wm4CiIQLoCk#^b8oqOC19 zX=rI~j_x3V9W9Ay`I`GSmeD86hV5D^x-DXT-_&D&m{X8C^Cu(yI+0gZt!sbQc|(K# zyo5_Nmuei+>O8S4+w_Oepgwb&xG(Z|gO*>Qx&BO{sZw*0xID2da{R@FS*PqD)cw0e z|Dd>DO4qED=YhMR|13A8I_4#CrDoLt`rO5iQNj0n_Mcx}rT;65@%R<=bC=t-{kOUy z)!{$RYh27Nx@nT}+obzT|F`J=&$^XT9rgo1NENUAt6OY|En1NM=UW*4k$tnyRu2!wJkWEnrWdYY}14T=%Ez!@%%z`#m)L5glzyEpMx%Xz$?)Ka7 z>-X*EqnSn{oOs+3byc}SG>hD)tu1V>R;D$1m1r>rbn z>E}~~oT7@a*Hu1mTJT$znduA)08*c%N{_-pdTFVbmU@cz$v`No z;z==~&t4f%D_sa4B}GY=Qr+8eALXB};>98Kgn*f%O79xzk)QwFq{4o!tZ%rubV>ge zmCa=rhk^~WXI>ogm4$-MiPo~#IkU@V&n%Bc%By(0C&Cd5BJ4*&`WBBrmJu^c0kdFWPkra*Pp1>7f7Ru*l{AKLId(tf>cp z(+Z+I4xfDTTZX}J9tK}93_fER{NiD78vgnGNeqM2u+Jy|DsU%0)-(@5KKUiX;IoIp zsekg>q2(zb{x)zYKGqZfaE=wEav;*;Z)SnGKNMmuiFl0ud7C^@=5~8xF@H4f4tRoK zMT5=p0E_z92b+B?5cB)jvamnwZP~yA-cTgwXJJn$6!9{DYfC8T4aVIK8~xD;3q<`M zA8dJBJ?=oT*%JzG^rMK;?RCfE9+(e%f~emgjYgu3U>f7I*;Pvy&tKrKDzBQQXDesw z*{bqc%)PjNncL@&`Wu6>xIbFIY(Xf}?63DUgs6hXaHLsQ;1;5J1rY$65d}m3XtoHH zW>Nv>Ng>;YoSN6Sf9oDhn<93f#J#z$o6XOdq+R7JCmLDCRo|&Z{fdVS`BhkZX$lBFN-w&H7e7VAk)jshp0?j zlT3=2|AWf3HOM^4%g<4nwgj06c)5qlv=zv7@$yqtrY%6GjhFwG%5>?^wD9snRHjRQ z=4M|09+l}*pQ+>JZ&R7JK$#j|zLUyy$+tx(3v%Nwaom;OvCFCV%BHvwHJ z^HllX;^e`bwB(yw`&<2W^-DYLJ*Oj7o#R$=QoVLEqBH3Z=$vp&TS%PhS{T$i?Uxam zI}o3Q@ZJPIg?CK0&oQly3_mX^u2fv6}XH1jnu zS3#$1&GSUMsV7AiL!(qnZXVD&TmxFtJ^}vivv*Jx&t6aUbXNa>s_6M5n|184$B=jI zNNM+JofH2ZYzo2Gf$cBi+tjWXxOv#DfXySx{;jUVZJQ6*tt;;S93EtjV3UQ4j-a9k zp|#JIWtla=96MHJId1FKlCFMKRGgfjXKR6OetD7+P|F_7H$EoL5tt?akbP zaV;&)YfF%&<2bh=OH?&wA8Vq7qTx2+0G?xrjB|Ia3DFh01}Vp zvGxqHc}Jp!#W1aPl*(qK;`UUVV`qwjlUahibIQK;}T z7|*q_SAf$2@-|N8?${@BVjf**1A|jEy!1+_jhV}NJUZ`OjG&pC`5`#6nR|thiTx_E zc{4L@h@5K3Cyp(0y$Tw3s*M+DAA!Ix6thKtT zfg@c#J&(Z)iLH916$P!MZnADV6(~zF)h9nUR+=jN1Vuw9+>DhGG5h&t#+F?zzy|>G zmfedCgt|B}w`@Bw_(AKrUOjb!Psn!OImX(uW^iQ7uFPZb8e+?qx%xHKuO;o<0A^0Z zA`i>Od6cFQwzH@paC^#edjift?#;PG%-+5aO!fmLQbNM9W6}-q{|s7v;l zjHFzgzRPtDi_=zNj25Q^vZlo;#CgLkPAjA(Y71YSuE<%skSy^=%4P1HoTdDW(=Bt1 zV@CE)2p}IbUS!bP)ts1np$QmbG-PqA5VF?AsT!~xFeQ1cIf*SpZV#jIzp^-K*kQo^ z?_X+c<0S&z3Xr$)>&QT;l@oItZvzIWhAd7?g>0V1={j&^GtbLoa4xZVGlyB6KERP_ zZgJX*9TQypJwWd2VPsH#i4(J{zXb-vLl&n8g>0V1=}~Z`tDEu|+(vBGBfmr8Z(W?8 z$2Jg7PlkzH%N`eCAwb@;KhNSqA97-DSr!=l7_vC+7qWR4r-R_gmOYfm;M2sGEz=jL zKLN~a6pKzckJ4tsc21;=>vF;FTw=a1-3VCLdQlz&S8xMG1y~*S^o>qFr!TarG0(y1 zr!y%4spLV^N;F2=%=DpSA@yq^rFnY|tJzxw?wmNjbBWEQ{7c}{q5GwtabNeSP@@)Y z%CYs;Y#V16*#dK)bKJg$Z*1&`fngY6%^J6dXA!>h4~XS`4;He=2u!}rcSbNf9mU&H z*!W;`na%t{1h*8Rbw!^F3_HK1E8V_1U6^pdRFF({)Ht)f$4&ugON;|pFFkr9~6%uV;B?@ zAe8x@=*n$*D*I=`#Pp5`wsm@M0xSc!ERO*uEC=E~X}J6zezT!$UE-t#AZ5Bmhq`eOzTF#QRl)XU(IcmGnG$w9+lLLXI>v#Yo zk|jp*+w5a=sbo{73#oMJddWMJZh?=D3G4|UA5Fdr#eQ-bmpyTZo-_GBQllGtt~%)0 z=^9M#!=3y%+-h@Q(`(<)W^*^|PTZ`gwPd1iH*R`a`iu9n+5N6TYSgg{I$VQvHR*7r zaYv1NX+)0OdIz_u!qzm{YIhA{L=B=>=eqjVzqp%DX3{%gCr>4?)rTuU`cmj=7|B}4 zsy?k_SsFM_An4+d9!so_RdguPhidoHSRf%1poT>B${#Y+(OKOBJiUUT+~J0ZL5IDj zoNpzP_Dhk`L-G~f()Bq@9rja5IBiSXi;+QvE6MQ3$Bl;T=!647!->TzjEQBbg-O>g zxCo3~tk4Z-p|;=tOc}+K8sbV(6Wh>48Dv0ojU1!(y!1S6ix|V9*DQ$7BJnjse320Mk@%Sq?{MwnaR~wtHslTd$_-Zp6gT zjk`LnySuv9*%*vBX+4Psr#BJ~2VwY0^jo*q9e0NPv6!b(>+w6|O`fY7sTF(aOdJn!luvIy$b!$PG!ZUgx{qXil z-P;rA!COuD_WQU4PyYlbV>xe~TK6ldt=s@Siu&&iZ*T^bWrQIb^fyx&d@)lP?kB^! zFx*In>rI9$wC=taw=9TwT7z1TC-ht`)naH4clb`;oB&ngQ^;2EFdLu5Ty3W=c zF@V9APGj}WH3A_YnBQIFZ}uW|zF>2s)5H5xh8*8qKseXI4{*YfsNadYWXRD4&CWnD zfRLl%!F8M`Lr!1N@Oa~XttT3D2AiEB3UD8~gT_a5Bl_1E>#bjgn+tU}qvU4o5I2_{ z;4#s9f}Ri$J4{M9sRt?iT8{`w?1`M4Xio&rW2naQ6%k~bz>{wBLF0=+4?f15f-!0y zcT?+b!FNA`-UJQoe#~o6)agZU4tiqyTwnN2?!Pb{?yu0@e+I`Q>03WDM!6K%judpV zde7WVIl#Qf8DJGo?b#>qapDqNQv(`Y2){(o?Y7KV{^w4dv zI$THxiNhD{{pm6;MRzn<9O+CE%lQ8EC-3GY9z`CD$S8gUdd$luJ9rJ_bzOvzbdP8q z6(CsCu$JNykvu4yyg!{VSlnR9FEd%U^R>frQk^)gVGyAK3^dJY=PI;xSwF8*T$YYu zVUeq5{8E9_Qoj-h24YE@NR?t8M09%oK(;z(T``JC^;M8bPvSnoY)7KML+mVSlLw$M z^;{9o2S3$2SQtF|=WJHw%F!nxcSz5jjo~b?c0K3BtQXiTdM=Bc=$Ovx6#Plsuvb#R ziv;weWeRwe0NOk$;0*#^HURGt@QeW%B;YXu;0Gd5T};ir9{_h{&GUhB$F$ohs(8GF zIa&J;OFOH7a}F}sEl$2#yJ~UrquTn~w7rYH~dp<9WpHcZc z$27Jy`N7iU`wNrr)@COj)!Lu8X>)&{_)mJ4b>o`a)wOGCZ>n|UnFo8GVo%S!Oi#IZ z{UiTIA}|txkqG?1ihvE@B0TYCHv1;F+!Ju0L-|MF$!1s5cTs8o(y$@!_e7%}>}9b} z#?FeiQ_gDV^h7apPOqqHW!L(>er(5lmpP}$E+PTqZUlRg_W?KtaeRjsLOy>B zd0p+q?K@9(o@k7$<2$&h$L|v^D1Gego6A;Q?Gz@^FkdkX2U{T)Tc-|c5wr~e7v@-Vs1r6Wz{9+h|v%p@R=1A75RD4n>lNC zUS3sIRb}O+m7F)kXiFp(FI(@4c^ZOwm0P0zzr+rB*7`Amgl&qWFXEFU@6ZCb^r*NA)2x|Xh zHaivD(|MrtKz*RAL0{`G4w${16>XJ`X|r_oi~up?ggDl!9cQY zyq4KoOKoS29W}bkHma2HsrX!vI9x~qGUb|F3ke#YzBEZ@|YlrAcnyu@+x`q6Fd z$|;v$aLKvnkO|UXh)+M{uw&B`>8{4-CDezl9U5LzdPl*6aVO1(Lnsn|6FyIak6X z6SEvYnyY^*`h5WW8AiT0$Dap2!&>M!@(XU(?XL#k1-{S3ckBF3;3vU9#mE=#asRi2 zzX|-|{M!ZoUEuSMQ1M-p^Y3-=?*@MbsNVjB2dV<3}d`Lppyu`1gX(za*pDSJ0#LcY!|} z^J=D1Kf>9f|G{7K7x;tV-vs_qqkh3_y8Wq`cV}Xr(xJW{zk<7U{ygyS1^ODgU-Nh_JtKI*EHny;43sV%9f zEtxUD#5uoYGUVr%jOM?a_!rn|fgS3`ku(y4kqC@LU?c+n$0IO7v`_u6P5qv1^Em=n zzZX-#4^zJf8!jqJU;X}UIDK`E*(MF)X^2Rrg5a4HPbV%A^mJKPztcNImepQxiY%+& z>(Rc0lHz~#MK;3AxW-Yk3&Kie24CXgsY3GUxfG?WAozW`NRuUx z#Y~N3Gmcp!<7&poGG|_V94ocNpY#e@iT?fvvmFOh>w_7G@jQJ|$j0mM6EMq9U_Zt; zm8_`{zqVKFjgeP~yHT~ynDI$W{Vv#ypUU!$>q4vo>i4r|dCc-UBO>yJ>~yv@FFu7m zkQZ00WX=|?2Sw~pYFX16wEh+#&UKdf(=9LIZ5I4&iL2{|GDP=~HkR{8tv?GmJ~VD$ zm3Gwct(Bd1Tz+W$?*^XF|KALQKfvuwVJR6O<pXRcjpfGA3@JYf4im0^_pR{p94}=*mUh(j ziQ1RXpYyo<1ojPnlP`@+l23jX8N&Ftj`Ky_&d~A9@BQ=4mj-TU=)6mCJ446$Z?Ucw z(ABoo>|+PyCtw`*%l!a13z7RdZkDCe6TqEAVRjSjJM+w=7rC7hw*6e8#LpU#eTCyg z4ZSlA{;9O1_CNg02I{9_9hX}zld0>#4L&1C9d`dD}k57|NAWS{VP(w z>C3`AKkGm?$Z=DZys$~izkHtH@v{wN?ldxo+9$S^parBFY< zagH#+&!mt&C~=4MXScNf?l5+2=tr{iZ)XcZHLOpS_*m(unin%UE{z(k;! zPG>3A_^lBY>gAtcp$@+&T1 z!n)+V;AcP(IXaA;EEG$zzSYTfN!8mR?KsB^G|^utV_=$oTWKPw1Q_@nv5U z2E@9+*q0@)?kjxK{z8eX`wP{N*8wL#t>e5w%0F?wFmOoPX_R<@><~4c*GYVml;>w` z(78q8v!(n|Y3ExKAC%*PpDBX(5XYsEfjlkcKRQ={{0tM>mxqy01E+qsw(EqnqwcTd z^k7A}KXDrBQ`xhCD;b4x>W#)@@kAhiM^L$!uejr3H{Jq+M>%-)3LarJh9V7~klPoJ zL}PAGqLtyRW-TEY}rkA!vx*@!5bcC#iMwwOw<$hyM2jpcmq@nB{wAFCQ<%e zEUB-B<83t!9`D+i>7g1ueG<>kP-We2H% zUr@hz#d5d1ypqM@KDW0a#`u#Np35gkZCrG1?J}3!wS1u)@1HTd>|^eQH!QDRws?V= zBfN9F@xCUvOOqC~h1W9oRZCaQuU+b1v1rjsSG~KwcK%WqS>n>o#M8uhl)v&PW>OQc<1s<_HkvQwck7Qw-QK1|^IE(k$lc^`6|ea*$@7kgG{+KQ zKWmDGW5KZ7;|m9y-OcO5cvR_)M1Ah{(O?`e>+$_8mgrSk$9BKYd5|8$Yg{n<--I|_5#6HcZ^z#nh$rgvqqm`8dfk!9Aa9kdlma1}G{jlaQvRYQlfLy`M{Zv%;uhNS4Nbau zG^fN1`FCJr&H(gi$#sb}e+VH_Pjwf~gp{P2ilWZ=l@}Nug*ynm6u%-(iq?LJ3N0t)K1#DgLS&bxx;fnkI)KS?hlRJUYWtV(L6kz3VA5w)K`8gGrFDxPJ%LF zs{QJm^FFEnq*9dBX(^v9>#wljN?#r~=v?xZl98&hCphANsz%VZVnNRYnTwC|U#(v> lzm)GnQv9#ETF|*_;gd{Nuac$P@qGFl>V(8Zi-M)d{tEy-7gGQL literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/srlp/test_fwk.o b/firmware/src/powhsm/test/srlp/test_fwk.o new file mode 100644 index 0000000000000000000000000000000000000000..4ebfd3efdd8231f4f8d686b416a261fbdbdfba65 GIT binary patch literal 1368 zcmbtTy-piJ5T3IE6YNBel_C-pPK80R@>wE9grWn7AE79P6-zYMY3*C^3GPn1TZNwn zDkM6}JPJKc9w9G44^NQH*t=ob91VPucV@nsZ+7Q)eYWv+v*0+O;lO8jh%^iEv+&@1 zBiDm6%s_Yh^7g8CL*|-vy&KqSw?EYzUqnCTaougQ7IT+BE-0_wYPQ^_>o!%pcgi}a z9dM4T&TOSLeT9wYkf$G^M9bQn>P4abdTJdDFr?fn@rW`lI=?y26O{)#;{@FQ$;%aU zCkH5kF}xuxVkQqon9QTGdg=*&;y=EEOwBmY=o=unsCXTZW+$~2ne_LL4%h&OS(Js5 z&x0t8{rE@Zr(%$#fq#^SQasM?3+acMpTzxyr-2BdPQ4H`u{pIzBtr9ge_+{3BzYgL zOviSpJt>YQuz*Vrte<7T21yi&7`Zr+f^B{4E@zSt4uGZNkTWs#_fj5-@kTFPXHidg zZGUl3^{pwZ4b__XfB|v#4R_2U!?*SGn4@?4T>TPisi*#*pgV%zzo7|b_5RwfAg_J1 z^wbOt->%(Jdh-oX`8h3!-Ld(%(yS&nFrZiMnI!sE)lknxI=UmRf3NE4Joes{`mOSJ l%DzHNT3b)N{q0HeOAWeBfdPB|x0uV*d+Jc%4K2C0{x7P(TxS3P literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/srlp/test_srlp.c b/firmware/src/powhsm/test/srlp/test_srlp.c similarity index 100% rename from ledger/src/signer/test/srlp/test_srlp.c rename to firmware/src/powhsm/test/srlp/test_srlp.c diff --git a/firmware/src/powhsm/test/srlp/test_srlp.o b/firmware/src/powhsm/test/srlp/test_srlp.o new file mode 100644 index 0000000000000000000000000000000000000000..6ec09981d9e5281cc379fd0cde42d9f0e89161ae GIT binary patch literal 9584 zcmc&(eQX@X6`!*c0tR9iXq%Q$Hk7pC!^hc#ARwl8k~LeJ!~tvyCDCSmx0k!-zPh_d z9280_w<#CbA_cWg+x!8o5LBXV5E4C|qQ)dr97LgpLWwG%R;#Km=^u`S8do)>@6EnB zKhNC-AyM^7w>$fLzxU?No831v_Cx0S-lj-ID2a$$#oUuZg*douuH7x0-J(@276Vr4 zZ`SZX+e$OZk~!P@8*{dF%o^=NMj0A@+hRGd6~t5S}ev&cDl^@urZ z#V4#0bIOWLv_3CdpC7B^YuKEPAalQUlR3HLrNb@CPn}M{*Q8Y%moZo+bH*AOn6ySV zOaVS)m0qc;Mg~9y)X2m!Awm)o8V@8KU^uodYHXB)k%c&%;ju_bHqM?BB2N*SGN(D- z1W7vqNt>`r1IMk>hOu=e^AH3KSZ#>ovR4cN7-MRPlw^R8Tf<}LS(TT67m9WIFIH*7 zdSR-$WWG0U&YV=)!KIi z^pIY2vh{g6i={uR-r>y{esES47Y~~=FnKe#nD6a6a5AzF=J6KuP;j|5dLi~(xeuL< z-hgeMiQxwiiQ-jZs=hN8+@R=N>eENeLv`}PUyt%*rXM)jyl+*EAfL$lMn=Y78kib4 zr}Oc=pBy*e+wEAR=46k2ja8SQ!Y-@cwU>L7RW5h+7~9f8%BmCxjd(trO@rfuFmGk6 z92i;G_nmE4#WjMI6Bs_|V1{5$%c*=ZlQ435s}dL~r%-Tnpu_n-VU>+yF5!Ac)~f6@ zb~r&i^{@)oDqCrA<$5k4(-7^!`O#Wui`KBpZ;U-G9Y92$yEnVjNGi{e1~2XAFbxU+ zBc>r{l_y{N?%KRFl(s5P=133r!iFOQ-YbWb#7+{b(_`i|_BAno5LkH5mhzc3_T&v>w zMmlF?Fu{{B9r%9aw!!??#G4sqA*qoU^Gq_GPoEfy){Sj?qYITq=J}v}Q4Cd8vbEeV+J^vPd&^=XmSD5X&QzyC2NO|SHX&vx z*Tw0P4X>kzp3-qLP${93IJZuJJgsnI*b@1_0cK(T_$ncT-*OZa3vyS0?>~GmgF6G) z@jM4=C)8#5lJWC3x{T$;7GW%pbql$p+ehN*IAlgZw3q!SAMBw^??R%L*G%h@&tIKeQ3NDnLgbh{E_FTW12?W~P z3AcbzcNsAXV3Xtd=shX>aT8$(${tpdTzlVFjL-!PEYTve=^>!`vWoaZ78NH4Kq~LS zQlwxE7G-W&3D+$cIfxXy170y66g@X|Ajc+M&GCsU+-v~~t7L@Dun*x43e)rQ9t7ve zik(bnT+DrohzSTdU-aUxf8AgvAK%^{yD1jy=)67(IjYeCzA_ez)z^XD${SYI)pd4u zc68j>A$2uQ3wb|i-{JVqV7jhx!E?{1PCDCNc!NUUn8!rk##s)hT8;_P|AXANcJ0l^ zigoT_8kW6|ShO?R(Z1>`Y8joe&W>0|M@(Eop+z3JQ$&W^B9~sU=-ho!^_BvTKa>@C z=~>*ir)lkl=fr^kkEmOXIEafErEl6Q38>$UI7k97RlQx+??N2pV!SB*#yS575C^#t zFG}yt=?@_eas^(Le#@NxEyO|ku!<{v^X(C2ECpy5l_2-xMd_RRr32J2MLUpR;iano zMOD9=^o{H{lRh)gep}Uk7wMmxr~g@1e}MFd=jkg|{UOq?b01&Gq*yRFo>P#J#Xs&w_6@WL_qXW922FHU% zgyEdgEUIUvs@)RFUnm}?vEaL{q*$0S`miJZv(JZgm=RoMd97hjzGWr$p87M zBxx4ssphtOdY-6YzTZdAkAr*9Q1M z8sO6n@Y4-b(mk!exy@0^ft-W+mKe3ESRur`g|suiZPa zac%#X`!?Ekv_tqo!j2F6LN4U8RgV`FaI{QhT)VpWwBgSUULfq-*7vRHS#S6C_TFXo z+xBC?e^*?skz3+)M@- zJJK+&q>Fn`kwgQLjA!z`8%7lF&9Y89hi`@Ww7d#|pD}(4c-lZ&MmTi669+^^wJpfSjO8ve@= z7F!8N|DS`O@}FURp0^zg$NZ>%hc#UFyH~@HQNNE6uJ`*>jgRX%%9D)G^Z730<1R+U z|8It4oQo;HA22_cGX8#AH&M;~JjHPIvy}WiLpa9I{hVTa?nh1_aM3^dxt{ziL&&3Q!KWZPdgm68cqm0kT^%}#`&o+wZ%?5r>Gd}lo z4jO}~{Ct!AoKLtO&ozwC{oKrOY?jE+mm2tSH2x2XpJx0O;77ez!wkQQ;g2x`sD?jF{(r>$^ZIj;@o|1vlbg%~sl&dYN6sd!o${so3#O1R4ZbCe&0@vme2Yc>AwiQmzH z-=*M+^zZSzUqBh<(F`V~%55sxC zTN%##H3-MFP--O7t>G)^d8>x2^Y(5HKSj@vYq&Zmk7>9%Cr@g)T3=)$L8szW=UW34 z#&C7M?bdL0zTK+f>U_If!`1oraSd1J+c6DS=i5mQSLa)mTou1M-x`#3g{yO8w}z{8 zqlo%Dvw<@R_rMG9Db@1aj1vvqp+H0vPT+{>pzn*Qmk%GL7MoFM0UCvqnv)Sx{4cSa z1DjkvaHF?v9B79VS$sPfqB}QbCp`y_TpyDd;0IGg%Tm>AH?_X6J~Vo!bXIv-yRkNQ zSCO!>1Q$J!A^H>61<*!Y7yoYhLtaW5(%sOWZ-VD~`P+w!D9Chp6PQ1oBh|mk-yMKq z|1tP+nWFwza1h!mf9n1-CLxsl|8|Vn0pzh0w-2uG{15slPh_RsYa{{_hO%QXN1 literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/svarint/Makefile b/firmware/src/powhsm/test/svarint/Makefile similarity index 100% rename from ledger/src/signer/test/svarint/Makefile rename to firmware/src/powhsm/test/svarint/Makefile diff --git a/firmware/src/powhsm/test/svarint/svarint.o b/firmware/src/powhsm/test/svarint/svarint.o new file mode 100644 index 0000000000000000000000000000000000000000..64db7f1fce0a9bc3bbc55ee95627a80422651842 GIT binary patch literal 3096 zcmb`J-)mb{9Kg@Lw_WR2d*e@nn-Ijg3ig^r5m&0*uDk7J6jSElP zV`0^Hl1mVZ2-|}b-~0z8bbBc21{n?pV?GO_Rhrd@Dk6Ev8o%Fj&$&rXbMeJ*x#xS% z=lkQF`#txZ=CUz0AxjeBB9XUAYs4ub!N*#CopyCHKn{=@)A`L@{v%*Ig}PZX>Za3+ zRwQ{dd$YBN*`S^eQQ4R$@%GFhppUsX=;f%!p}3|vO#+(2uz-MfYj{Pi8M0VA((Oj-bwd)Yp>8F-=n44OjmcKY56-`+!-`eEw2t`$ePvX`#`8RWBZ1D%44CKh0754oJypIJaO&c8USF$X@~k?`9LcN5ETN>~m+l zgkDwh2$czCD9tpA0SMpN>UT2$lp%`(3ASUd^X`8*)9`>7uCRnbkMux7{HRaghK7*I z@$r$+&~a;aK9LSZ!dg^|48QR*>xH7>Xe1nogvry?nGosXNh0L~(!qhg{#E#R4gtpp zCaJziZO@OS6V5%PSCv3@HQM%q7gedUWO%%u^$^igU8^>C3QOG{t?a&J8>lpKa zLg*#Lhg7T3KH0WTT6{`A z?|t~X55McffA!)2`0x;|j$0r02~(mAoS&030_W#sN#OjPd@FE%PKcKMBxNUNLE9Nu zpXI%bbv~ilR^BGsT*6KeZ8n=FT5=(kveLldWLVndJ2S&@K9c8%M%}Hm@eeZzI1T@k zgdh)=OuVslU?_jL7YoL$ywrxxL3r>i>F~5mkR=>q@%Xb0WBEN9WX>-!F5bMai-7ry z^W%BOoTB@i4Dk6_xHmr^N1%f_!yGWpAQxTb Vwc`6f0hVs@YiuHZ&+-If{J(SUN8A7a literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/svarint/test.out b/firmware/src/powhsm/test/svarint/test.out new file mode 100755 index 0000000000000000000000000000000000000000..a23bc5afa0560fec98260b9a382fb53911fd9d3e GIT binary patch literal 17584 zcmeHPeRNbsmak3|iHJ!+aX^`&MbMz637{+}(N4&NjvF9C!s?FLG)X6EO}caX1A@Yc z!Z_&(QDzr+$FH-vj$i2P_?Z!KAbe~)IO?GIIl`D>VC(>5K+%XHy}w&kxAVG_=-K^a z&zW;loR?d5@9*Bab?d%*@73$aokq#*G>b)Wv5IR2wbo}VjzbIb@^uBoA*PFS@b^dJ zhvF=>2T7iiI~0Lbm726VaoBO zn9#9X+e@WIq=dqhuvAJ9hbpQ5(j~Ili*8VC!IbrGfSw+@MtnEnurJX4^%s|s+JB~c zxMEVRcj>e%C)HNw)_Q&6hTMkf({iU>X%G7CQ{=eMNB5LdbLN$cr`FBLZ^^mo;0+@d zm5pEjJ-G!Rs5q;b9Rvpp)$`S}{eF(|k@ILtD zZ(n@syD$Dl{qU#v!ynrZebZXmMVKFZ7;GvNEZI^H!gCe16prQ-Y2ZexBw#9ZJr4Zhv^4;?ulRE^uix@y+K^ z%*1C~q|;&I!_h?PH1R2axr}tE+F%ehV%4^p_>})#avZ8gcs|F8ljoqnLJ(iBpRy&y zbcd=CpN@et5P^XR3`Afc0s|2kh`>Mu1|snH5dr6#V;Rn-^aGQGaQ?J4losFXT(di4 zSHk)DRR@YTx&jeswDXvaFZJ!aVd1Z z%ojlgia?WkioXUE&J#;hj8yEFy1;AOossk{F#(Of(IdpVxwk{v;#&2jI0*1wl!-*tG3vb9%5!gCLmR+H8U*?kJE2dt)uC$ zkZG+FSrvr&q1ZJ)PmX* zr0hr|pB_T>HHUmuL91C>wX|=B7MednGpogsHq*K+C&?W|Cv*V-izU80tHp?~X|=RJ z0<~mZR!aw9)1;l!wC3wAjn1^JmYqA=tZ?dYk&_UPg0RU+W6DC!^12$IRjF9k9I?P> zIAK}a8XgDGk%@BPy33=vV0|E2aT)%jqt|OuqY}@nU?^@N>1+SNnU%jeRgoj8Q?N5T!WOPM#Vn#X|vsIA)1x%phaiFgTI&Jx2)#FM+ zMa3B+PK2SUysI%A>N{c?$^w{autF#A(fJD8{XJl*o}Ey)YJ(#aoIx;150X0Fn)82t z4$hm$zeP?r=f8CY>K$-3t0jFW>X@xDIQO?_A|Yre!r6S)D!_qUM_Ttm3&;n0koObv za)n%|kUu4)MmsRH;~0v|rj;Q109Cd;vN0k$jf6AF9@fnNbwFArD~@~|evB6}lq z_eV}PmLF;~+F&#rIMw+b0Mog8)SjBat&u2@T`;VWHvriy#R7Yv*4AX~m*Dpk;BnGy zx21gyPDE&ROZnl1d=TWY{=>`R?{$bo)HoxeMwe*+2;))x-43=6OD2u9P>u9eY+pe0 zGMI|J^$odH-bEc)c2c6x*tzm-qL&+8M+XtR(fAew$J{PwQ#qEI*WpRzgV=mnZ!}J; zu1>=n-PL15(UqaPxLZI0SG*N-_2z0IV$2cvFGs{-Ylr9;p{{ZX2xabiwI0xVo2vf3j8tkbAjr-8;eGxL91vt zMdhA%&meL6g0$wCO=d1#OyJ)ipr`Eb`TDyv_Ih-rkpBTBjMEa`vnU4kz}o%fMZGkH z9DP$>Ms$uAB-EEc4(y7{fPDxaC*|n(r=9ZQB`E6DT7neWQmvx#6*lc)+l{@iScY=5 zcaA;--9(Nq>M`^KGUQc;eyt2WM25D1Wy;Z$7~+;&6{t~x))DAIfDn|P933tVe@~8n z1|Mg3%SnBJ4EvSgNy@MfF^d%_!-z_HJBCC$!3fM+hz*v)UOfE{p5)>kStv~lvZL6gp#d0^|yz#XJ{ zx6=Fuw;dQ|CuyDoNKeWyQAu+#P9ZGHo1D!?eDfwKZJ{$U>2yRgZi*V+TLC#^g3xUb z^&FQLy1F3l+DsSvWD9Lle7Y-Yd`lKin;>lAcM|gTnW)i;j=mw-*PAzOg(bS4Z=*ld z(Z5O9Nx;4U?8~iDl!-w=sOWgdYa{Z-9Racnt7%1m}n)Y8*|A8po_qJ#11%oTX!DFl|v|KaK;#qQ;-c zMvYIVMvb~$2xI@|VPmHjZ9!^@ZS;r6wN0x35$b!P{x;O#f%-nE zzYDeZaJ-M>0~{a1laJuZpR7^i<3TX@N0T{RxTHD1G#7=r*I@4VFt-QhUWd6qK>ZDv zc@xK5#IXykp|Yqr@_s>iapY7%SwW<$+}WJl z0rtX@31{dTIQB&c){Y%#tf7l0f1EW<fOJM2;6lJ}ro!|A}+WE{k)+WeA~iB1q+JjmAMv{xtvBpk+DD|Ab1Z* zh`a>HUsZ)ShRM8T?%J@1U95X^1w6rUZ764gV1~~hl5Y|{m0+^#O0&uzu#L@Y5aaWv zG{DKRwqT7vTw7^d>amRv+uT0XR$wT$fX7{#B*Peoh+NxpZ>YwGSC9384-p9$l6qVk zgiBDr7Gu$cJ!4l>LQyn-o*|JOjKnZK4fURikf+imIU?i_xoeemgeoDV?xcQhuJoLy zs@@$8@d#FUJs6|ghk1h?Z>7x>2>1igNDKfS2g7xqoTcF^+ZDE+ZYJ6$PXO+_{5KXX za23y6R8Ue}ln8dcI}ju%INXUiCp-zGzxsNA0Ao|$P!fG_KjrflmY0^!Ur=Tgeb;zH z0dIA+C(wJulngeHufktR-i;5-Sv8GMiaa?o*b@;-O00>tAX3v`m7|&yCeY+1LSO6g zRflS%Gx&3{dcB>);vO5!aVZ4~DvCU7=wwn&)z-n&EJ-BJ6f%}czH(YvF0x)j8)o$C zx%OB*z8~}r&_TG#*bn+F+B-gr$48_6d(fGn`#^67%|0HFuLK6S3Al47v{V5Gehgfr{n!1;WyhZMkUZ z;EeT_!P&$gjUxwsT|od{`o;?}4syab9*xJB5H>S=cIL?Iv(8zbv07Yr;Wd{}9XFQP zq)(aA3LM=ra3S5BaXf74lYaypAZ9+b~NB%I_e#rC9 z@`fJytKhGLe1utE+9Tf&{#}qyHOqZH@-FZi5goao>BOA8@JgEbobVVIY9%=&3> zN&_UH3HdI_ZAtnUCG>A5Ip$ODq4D^wFQ>8nm5?t!8ILc(y!G@yHz9u*^7}CFk0$m1 zaH9WLArQJFqSQS3v?lBeZEbo+5l<-Ho}BXwKed+9n6ttNy+G3nNZ z3O)N#;rmT_Pl)ypBv*(JwIj?QsoU&#tH#l`5*6+rx4m*aU`Z(UDP_A;j|ck^vdwYE zZMAIwS+Km5D$)Sjp5JeaNNB2B9_U8X7PIUTAtXV$E%Z8=4rrCvOQ zPR_$`c_-&io1km9DS1;S=S`lR$69?;D>jJudjK=SioJ^6Jh3K$6|*1flRqetZzed< z>4NhtnSWLyACvim16TM;+N^pab^zV&r7TeW~mit9j^z;{1KwByt9f6 z1pi(-8IQBoVdkj16=$QPPyQ%T+9#h^sUBN&ehv~Ruz8tWXgy35nW8l%&Un8o`5h_z zi#4CuSGM*Ks8~dgKfE5ylKkHBxmDZY^_uO_D-(<89q0SO@5}$E`{8etc1DRC9jKu2 zI`=Eo`?B*Q_!cB*%_W5H`5s~q>cnr*e7;_MqWSAJU;jK_oYMTKG@q|G{l)(r2rS6A zXD@|fO6kkbQ8KXS^~$%)rJdgSHdW*KcmCYPY{~DP|2IiHz4LICmGYtY`RfOMIP%A# zubE%} z#~S~nJ~bZI#y-{ja(%&*dj*hnYW~ybDWKe=Ky?N2(|WHngE21hf4BCBuiF<&zV6IK za{J-W>4*Q%+Wyet%81-kLG@P6U#a`$`-jGU>^#vAe>3qd=(xIJaN#`E`iS7?z1c}V!w z`8^kWvhUP4Y;w;AI>R;pXF5J|uM7M!n*WfVD7l9O{zUMH!Tu5l8YsMOT&eLNX*+Vy z3-VcnM;uc9nGe2=45Sn<_+wLevRM(p7Js;^3a=V^J_mAz>Rc7{K@fd{ROxqB*ZP-Y zySy^w4+LHAa0A{f)YaE|u;pye>l;B|Bzax#K)}7i<}#exg0pCWaLp;1UszD$nm>E? zLZi%8R!~@CkX8A4Rz)x@1N5DrVfAcj)3;y_^VeH7!MdQg&gHJG^ZH!AWp#LwQQ;3% zx|RpLA$-5(sdR_jDr|a7yVtfizlYFrZuY!>(O;V-b({1#T9QP4la|C{llp~-Nb~W$7q%}Ad-0K`w^FkT3X5|??rI@rHSS=Iuvf0| z!JeX_fRZfp;5Cxpm(*}U7Vy-%NkP}@YeT{=2X05zUhPMdUQ-G?oz4LHWoFquHTndu zse}=3DOGhQD-Eur2X~#f0^R#VWEsv;hT0K&VaHlhhb5w~#p!>~qh%ONJMI}&;pZHt z{M@X?63ca>m*AjlI_vZE5YyD#bH2`yE|qCG%=-M?#MDM0Q%Th?f();M{M`l!b0X7L4dnh)$G=wV7i!#x z8pxFQJBUqt9I5*Ef=4mo{T8|@=@K&-^%V2+J94xBY7Jn@ z{<0ZvGkpXCvp(MkF@2sM&`gEz?J4^FJkGQx;g~YSaZ@cJ=(&wT#BTEQ4}XuJisv@d_n@0) z(&y)U`i(yo#;I0MoB4l%fO3!f=Y0VF{|?$HI4GQ-tjBTuC1eC)ecmtla1v?ZJ+mT- zzpT&n2qb2G;n2`LMY*ZDiSe-h7Z8~B9a_Pm_1Vu+?FtcBQr@5q=I9RTI&>ut?w|dl^Mietiu%vS>8i3eMaca! VmL3yQAW}4Lra}x(QAlZu{{aZLRj&X5 literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/svarint/test_fwk.o b/firmware/src/powhsm/test/svarint/test_fwk.o new file mode 100644 index 0000000000000000000000000000000000000000..4ebfd3efdd8231f4f8d686b416a261fbdbdfba65 GIT binary patch literal 1368 zcmbtTy-piJ5T3IE6YNBel_C-pPK80R@>wE9grWn7AE79P6-zYMY3*C^3GPn1TZNwn zDkM6}JPJKc9w9G44^NQH*t=ob91VPucV@nsZ+7Q)eYWv+v*0+O;lO8jh%^iEv+&@1 zBiDm6%s_Yh^7g8CL*|-vy&KqSw?EYzUqnCTaougQ7IT+BE-0_wYPQ^_>o!%pcgi}a z9dM4T&TOSLeT9wYkf$G^M9bQn>P4abdTJdDFr?fn@rW`lI=?y26O{)#;{@FQ$;%aU zCkH5kF}xuxVkQqon9QTGdg=*&;y=EEOwBmY=o=unsCXTZW+$~2ne_LL4%h&OS(Js5 z&x0t8{rE@Zr(%$#fq#^SQasM?3+acMpTzxyr-2BdPQ4H`u{pIzBtr9ge_+{3BzYgL zOviSpJt>YQuz*Vrte<7T21yi&7`Zr+f^B{4E@zSt4uGZNkTWs#_fj5-@kTFPXHidg zZGUl3^{pwZ4b__XfB|v#4R_2U!?*SGn4@?4T>TPisi*#*pgV%zzo7|b_5RwfAg_J1 z^wbOt->%(Jdh-oX`8h3!-Ld(%(yS&nFrZiMnI!sE)lknxI=UmRf3NE4Joes{`mOSJ l%DzHNT3b)N{q0HeOAWeBfdPB|x0uV*d+Jc%4K2C0{x7P(TxS3P literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/svarint/test_svarint.c b/firmware/src/powhsm/test/svarint/test_svarint.c similarity index 100% rename from ledger/src/signer/test/svarint/test_svarint.c rename to firmware/src/powhsm/test/svarint/test_svarint.c diff --git a/firmware/src/powhsm/test/svarint/test_svarint.o b/firmware/src/powhsm/test/svarint/test_svarint.o new file mode 100644 index 0000000000000000000000000000000000000000..a4f24c4720678aca8801e0e3dae6ff5192661410 GIT binary patch literal 9848 zcmbtZeRLGn6`##oMJfi+T0hz{rb2_lo+PwZIFUmj50@hZnh&+-*shyoLbfKmIlHqo zQfaAL%u3PpXnXpHJqH!FjrF@kk`zRxqp_e=X{`b^wNX(JmDZ1jB-?vu-krJon31Y4 zXJ+2}z2E(K_ucp2?Bpk6>EfbLNTU+c=4)PyP))n&>t20s7vIrHct$v2SIFTz1ZhNw#0bot!YIX=n~^T{d^iMF{W8! zRD0`X7?0-}56eRTk%IkEG!S|c?!$ARy!K>#o-alZo`7(dI0_HAmW@W&H^AVY1y6D> z*%{L%M*K|)e^YDMjA&lu7yFaI+K48`xZ>;?=!quK&rt|k@pWhC^ZA3JZjV%1Do@n_4ZtiL`lhLtR%R{4{CGHS+nVMgWF z9E#?$L%H2u;=p=w$alh*9fh8L+`^-|=VbCADc%#^Ao6`ZAk>d5v0ypEhS>wjI{=h1MuFYdU9qsAjzafn-)Mk_kx@$= zMGYg2QmEmhF-v?5hW?ARkNSEBz?U%kf;SqXC5`~?-$47%fF(ZIX^9W_1N{i2JK=P8 z5=*=@Zi&M{dw0Jj-aBlG_wzu1r*G%}!+AUK+Y0Hg1N{x4zX|jMKz}Q5iMKKsc9Ra@epaMHX6*T3KzhL-`cuWw4poa+9Qaa?%w z#`Qdi?*{R|fcOg_{vwF)0kOZr^*6X)g6r?#$;;r$D`89QJpt4`&(z_&ho{a0bx(u3 zXF%N`sCyRF{Tak}f|^}$J%`>{iVp)I^hXfd3PRgJ=y4F*4nj|Wz>{!21=kK}|EUOs z2ey5&z+yjY?6=b=nzJ5@d6&@x(|sQd>i2Nn4+DDu zt@X$iiDL+nuDgMG&wfkX3(4_Yu=+c+dbi8mzjL5RTHOfDJHYClaNPyhCbYiMWx{cs zx0&|(8+-}|q}3Z4Gm%`WH>HxM(P`?5WWr3u+Y+neW+Ii0L?W6Aj96w>Je^3IktUSE zBKeVw88;36;*0gV%c^RZ)YQl7>SIw+RV`{gN@BImD07iiOH0NuQOd(s#oMxycCNG* zOBtcnJF{g=4gkoxSeRumY+S__8h0GBc3s71lJ@C7-KvM^9Fhn&AO3J zr_vzd4ge-9lWjLj8?!C?1-fTumR^oO7Cy;;QCk~ZQgd0=(k0byush=E3_3yKcH``N zk_CGm9Vwh7#~Vzdkz8rE+Rni3+;*eAslB6=x;-6)#2f(( zDinLw;9_!`PFn^~LiWSvv5--pjXO?j+9it?&C^S(jm8Abba`2%B2qs4!kMzBSCmzh zmz9@0DS5h75L#WUg*qpP&N=0z3Egn6eg$y6u;_TsR-HO|UD2XRCx*`n0mbgCw0q&~ z!_(32-&{ofSIYj{g8pT0|FyFJ4t$b)(d{U1>%U$0--5>~^@nc?+XUICKG4+@wD)1( zJhp^=e@Sav82l z0r*1!I3CJ=`dBY@jskWPj2rdOlA*J66Y$dj_w%PD z0G}!K?2>xy90on=@feG(s1^0~-;FJ9s999MWO+?27MY{@p%uPpxi9J-lWbp!U9xof z!m6dQ<%<{BiTYT5)xxDBrgdb^jJw&|`%f$u&t#0W8Ec6r+T1Q@%X6FFF;}=#b>OMr z;?m?{;&Aw`#kVUuQsnOCY@AwqJdwotz?eb7Ed*EHD87_Hp>=^P6z7HT)1Zz8`MA~y zKNCSH$j7xt_%sBesQmLC*tJ_P^W;JW|C(&uU)-b~^z)k%UnrkwcPdr0z{BozMwaKSyHzRSf3qJ+z@?(Z`yEiE~+5LrrCuI9q z@~PUTy`1byns%?EhsOJ;f|K2T1z#iExL;sV?G8Gyjbm<5{P#$l;zo9d6rAk7so>qR zeMml4ySTq#K^)ImvP++KRlAd5zraE`**#ss?{sL|SrS+6Rx13*B!4mEp8**8)1vTq zNq$EF|5k-har{jH|51e>mhG(p{2h$X*Y6WSHz+vyi$k-_t8S*Bk9VV@=Qhc|oAG%bZe=*1 zuV)lJeW2(eyCL~|NX>@{3QqgLB#Eo}5LNg)WPEBF zzhK=l{A|cAI z%G&J(_T9tjyUJAxPTxt^DmZ;7*{I<3-9w9Hu4y;pjqo(n&a;(jX`?M3!T%y?k>JcAAD;tBA3)O%!W_-O;-Z}#f;WiOFG_eNVA{&p@Rl|^^nWM z)we*_u9R`54*8lwO%2yJ&cy;3aVnE>Q-l&NcAlsPWo260xraS7BrcaVLUy@bu}ipW ze-?D0PE~%RlqY*6ueQsf19kG;KrYE|QWWFa!^>P~pnMqzp zs=Fkpv`Kl6VO`~3E-}^r4k^DyQJ{{$7W)0>?}`#fuv5xoI8m15aqqx_{;0MQFO~DY sMRwvpBJsUXmB(eSgcuM_8^V`CC=q4AO4I(PJ@5-C_c2=SJSkc&`B4)NAQF@E1LZ3Ps1Zu-q-0EO@BBRHP}r=-nXR_i1~3=Vhr>`jD%!w~*3gTG{t3 zf=9{H)Y$H4mS0&;9WH0NjjaOpspV$YyamRgmHJKGD741yBy&oodlz)iQF|^+?O+D_ zWx-3Iq^-tHXjS_02IA?qUc|g@y?|5xVM;I15C-R{lG$I|G{h&1%H#B0CkDKt>o*iR zhKd-gp4HD^K2VFMf)eK zL52qh&-=Qrn3GXs#uxCby=tJl?-bX3z5d>SKM?Ta29DwYqCB`sl!aEMy}91=0?wxc z7=9?%akzA-^{H#HrOq`15oO;6wTn&-18JZ279cU-3iMG-6v|?oHkT5GCmbIVkYnOe^Wc8;~SE1K;va! zqthXhNlt(dnf!9T$$`9vj86iG-{_z7&peTvX-!-y=;f0RR91 literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/trie/os.o b/firmware/src/powhsm/test/trie/os.o new file mode 100644 index 0000000000000000000000000000000000000000..4c16a55e5570617ea568633d122f67422c48870a GIT binary patch literal 2064 zcmbu9&ubGw6vtl@ZL6&sMMS8FT+|A7NqQ(!MAFtIi^f)Lb5NA+CK;1pH(PhNwHAv? zK?uDRyoeY56FhqI;z7K47Vm;!5B1iAP~UfVrdhY!i+*9|&3xXE32!p{v`{W46A4mE z&=uVG=$+MVy|cL0scf!SHud!zTl#u|$rruz=?CIB zK7T~)d#rtMFW9GeA1otf^tIJ3T0G@fD{Oy2o~rdTpnJ~f7U$EbG&wnz8M-Q}Ewi1; zWwjA4H#~Ylt}-Lpkz6*H%c3spWMC+BQhbZ{G$t;tX>P=pv@^qv;pP$s;`t z4&W_(m%&+SOv-<~>%R-m>c^z~#jgJeIBN!z@+YT)0I(S0jt^Kjt6cP6tyK-!J3J7t z?#AyuvjxdZY$3nrY*%>1)p@=TC)?F(JQ_`MTo6p#fzz(etefGqH1JQVK$vZ8ff2H5B5 zn~Kj!o@9%ml$Q&|)jiHdxVo=r5w7lwH21OPnN_x)6WFF&Ibz<_JhAMNRyRG9w5scp zRA=uAw&2m1{!RL$CVD>Z1vURQKgYSKndK3dI)5k(d9BV@ zb}Yogp-B}GhB2|zl7;_!Na>ULudoS8^-rN|yol@nO+eP1KNF$<_zJ3g)qfllJsT-+ q)%numO(Hj%kGj#`GonipzQHCWS#Fo$yBe4OPX7MeyOF^nn*RsUhVM}T literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/trie/svarint.o b/firmware/src/powhsm/test/trie/svarint.o new file mode 100644 index 0000000000000000000000000000000000000000..64db7f1fce0a9bc3bbc55ee95627a80422651842 GIT binary patch literal 3096 zcmb`J-)mb{9Kg@Lw_WR2d*e@nn-Ijg3ig^r5m&0*uDk7J6jSElP zV`0^Hl1mVZ2-|}b-~0z8bbBc21{n?pV?GO_Rhrd@Dk6Ev8o%Fj&$&rXbMeJ*x#xS% z=lkQF`#txZ=CUz0AxjeBB9XUAYs4ub!N*#CopyCHKn{=@)A`L@{v%*Ig}PZX>Za3+ zRwQ{dd$YBN*`S^eQQ4R$@%GFhppUsX=;f%!p}3|vO#+(2uz-MfYj{Pi8M0VA((Oj-bwd)Yp>8F-=n44OjmcKY56-`+!-`eEw2t`$ePvX`#`8RWBZ1D%44CKh0754oJypIJaO&c8USF$X@~k?`9LcN5ETN>~m+l zgkDwh2$czCD9tpA0SMpN>UT2$lp%`(3ASUd^X`8*)9`>7uCRnbkMux7{HRaghK7*I z@$r$+&~a;aK9LSZ!dg^|48QR*>xH7>Xe1nogvry?nGosXNh0L~(!qhg{#E#R4gtpp zCaJziZO@OS6V5%PSCv3@HQM%q7gedUWO%%u^$^igU8^>C3QOG{t?a&J8>lpKa zLg*#Lhg7T3KH0WTT6{`A z?|t~X55McffA!)2`0x;|j$0r02~(mAoS&030_W#sN#OjPd@FE%PKcKMBxNUNLE9Nu zpXI%bbv~ilR^BGsT*6KeZ8n=FT5=(kveLldWLVndJ2S&@K9c8%M%}Hm@eeZzI1T@k zgdh)=OuVslU?_jL7YoL$ywrxxL3r>i>F~5mkR=>q@%Xb0WBEN9WX>-!F5bMai-7ry z^W%BOoTB@i4Dk6_xHmr^N1%f_!yGWpAQxTb Vwc`6f0hVs@YiuHZ&+-If{J(SUN8A7a literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/trie/test.out b/firmware/src/powhsm/test/trie/test.out new file mode 100755 index 0000000000000000000000000000000000000000..07d6a8d52af393822e00641114b582fd383ba062 GIT binary patch literal 40664 zcmeHwd3;k<+W$>Uq#!g^K7)SEZ4Ud=p+I@ZpyDa+&fAIf4#p7lDbdTk>^FK2>%|N2pTylYBzIEmCe` zISDvAR7tdSlztraP<_`NZXQxjlKNDs_$~k++4;{N%Iz0QeLeXlQ`)aesa_jhRast; zH@eC*s;aW4e!-{(g$1Ju^0EW9*}2^B!7zkeIb}wf_WKiVov>g@*W|~(I_`r}qkbql zW5qW$WH;GB@`#2GqL=Epw4hCR(XSg((=>w7vBUd%wWuZkOYS>535tf#ngmXIlF^^g z1DyJojGk;w1|QY~oO+&&es~Y?CjhtNmw4C!NG4}&5Af+dz}Eq8#V_$V7Xa$RAxB+( zFrYb|u0X)+4?2CW$||kSUs)6MX@Q`>%3GsVd#eN9AQkTFIxgxKYSpf)s#-Vr+zVVz zUuBJ}s`6SdA**ZWc>zXrxt)Qa3nHssl{K2r@AYZ~qzEg}rc9eUVWKlPJ10-C=4R(> z&Z)DeJ3U^%cTQy>==INnNC5Plu*QA3L-G}k7AQrvG_Eh zRfV>iN6YWH2ScB#&6BYD<170S^^MYDD&MI5(0Y_Wbjf_8;0+R9w@ly_T(x)KF5nbr zYOWBZ!vI%21P>eF{RtqCE(1JW0a11v;1&ZsQ`$r6oaTx;tOmGBorKFWz*UYSxXl3P z{7*m}g$B5o?*d+8fXh<}BOC@e9IYRv2KbRWRMRdszy}!MR~z614e;J-uLpWP(CdL- z5A=GV*8{yC_`mXiqj7(lquKoaVoh@_Z4IVG+Z~Nt(l+brqxl~J6+L|){#u5XphoQq z!bduyI8J|$+O$NAv~znWwP~psY325IYSU6JvYOkQs7*_>$b;NoPiT+!S{1=Xm-Kh@KR>zKm!NCx)R0>FocKBG2;%_Ma0Vu70 zbeW^E*hf`I=;Po3M|1H`G{U3MrEmrQY&Gvd+jOPkQ)T2jAj`nB?8?nltfP?-RSd1w z5n9yk2-SCm%Jw^&?WmgXf*2Td8;bQd&~CsFI@`kjgV87u0U)+ANhMR3bvZ(%6e5?S z*<7|iRGP8u6;=hnCh?K#*laYh!nR%PqeJG}P*78N8IOYcXF|4CQ@N94j0xL#CtdFtuYS)|SCy z`wE9?6ZEZT5l1(bTG4n0jjbgkOsGDLYIA8uBS#uI&IND~ zag+=p>NF!hMN0hodXi|4lnROaxY;K%UNqlA6MhO%Iq;(j8;{bFtwq{Z!WnyCh zpy2>*)zTt23(3bbn>H?OaXF9!2q~;IF+%pjDy`gq9WnQh{2te*Ab%gt<`Q_l{us30 zU}V&?)*fwaHANm1G%ql;U*vkxd@`QsMnEGj{D}{NC7`mbl~FUFSVYuRp{hp>R9?Z- zQe({RGz>%M&x(g2I9f_6>PCV-RGNv}Fw{7%Xl8O;WsvNW%*L>3V>mTLv3u}ZO>5kQ z0L_eS$S|5Hw9KoF*D@{|yd)k%dY3f_M?VW;LiOXQ#jCy>ka*RNG1U{H8piw*kgZw@ zYIBHR4k{rdr?7GMB}9>`KLgN zW$nBXC6=|{A+H_HLfa@cb+y^|(0-_=|eZnp0-wHMiU z&7a;}wp(wM0E1cI#j_qo(I)>W-~s9opbi2ZALHNe9~k4`6X?tNs549PwB)5Ii7f+C zpavrndLz6KDTtFPVr~$8F?%6-g<|etBp*8!0674%taXe)wV11A2Tj|XN=KmYuGs@CYY(_Q$b9(%5}4=xpqc2J0d# z&~!8pd3OP8-HD?4!V|>^zsxWsEj_rNCv;qJJp_mdE~s9P##SwLS!5y$H80^dn@dw^ zwt&_!RG(mW0lk!#jvqu8AQs6K=8(J)S%)6wP#qy+&7{~)HwzE_Cq63<=a;QR8w;m zHkjbP7XUKk+b5Y#<=d5n6jt8Bh=hE5Ju~-@j25!0(TwF=CnNQ6C=fJL8QL#$0Q+80 ze|9|4Q6P$ZC{ROzLbrx2X|2x(Wd>1}j36d6suUjx?;quFgR zdMAo3Xgt%m3rcaO-;9RL+3Qd>2Hz^QrSSU&ix5tWPYCDC1K}{^21b_-!8BfuL|VQ=B5eSYxsW)L(JGct=2k*1_XE%n%RdG=`eiKd=T*qSYE|VJ(lld78T3QMgc08=Mjg9lDS5_isg$5AB*KF+|*;a zkXckLk1z^Qu{^{GRI#i9sA72!h8*tuEI^9%wZjK!()m`b9oh*gtbCaf39-DInfph4 zLe@iQ#$x#{M(VMAji6b?(0-9IqFED9WCt{oi9hji=m3?T`OYC0v39VbYK%iG({cDG zoX8ROsX)Gvg}@n?WtpQ0gE-$6qL^s5X%y5UDNW(!>{A^b4o zIQ$}YxI6;ysu=nGMsm8C0y%9z%V@oU(TM*~Rs1hOS{^RMxPVmgACq{#Q6gQAK_X5Q zO5#XH>+#R6#P|o$82`T%V=UIr`?-}E{{X7^H{$j9C%hs4xfzRpX3^u{C_s;Y;*jxg z#Ov`-ctiYiGZz2MqQ}2cfFA!wpdSAK>hX`Ur1-BRMX~rt(-8lJl=07q#Q10C{*g){ z>mf7^@z2Ou{0o{z4DA;w5Y3u+B0Hdw6Yysp23QN%qqd|qcqHt!6CqMLmODKy3U3GX zp^L%+U^FZWf2t)H@S<>An|+H|6t>Dm;kwZDHKDTAA^X$KWv$Kjr)g36G%X5O>kTXl zL2chAR)E{&qHr}p>jY?>Tofw)Ewm_9{A&!0Lczm}LLreCg-?q`;Ty;S#zo;|n5`Ct zR-6Rjkudhd8+?wDO|x0i3q5D6}jo###ysL(7u$ zP>I|EFw)42;D+`;pwJhGs~CpGp#`JHXQg`x&6iPUfw&1ReYJrLuf=q26##In=BD*4 zEeOwJ@#ZU;R88lZMn-ihd^R(hA}hs}>REzAp3Y7(a;T+Q8gYm?{;Aqviki-00BJg( zCnUbh%|4NHL~}c{sOkKoQGlAxj}wPbu+oTE)A<&{V>(CRA9Q^IH;;(CCz_SaqNej~ zqX0FXCmVrkI_ChWrt?57WFYxufM_~52+0;^qtn?HK$-|Cto*LZ;0C%Brj3*j0mP+n zXAt$bP>;>!Hpb|4`2oZOXr5(gzs^ah|5rT4^`Ph+33v;`^<}?DaL$jXobtT8q=v&7o>haS4thsQUUoG5bm#K z=|f`J-&8b16wO9J3=z9R&^<+*YTE~reuK8`z)5J{MoeN2dLydbmkcGbR?_17-V=Yy zFJp}CnnTE-%l%>{<0vKLET%Mc?sx#&N-}|`K^h=vx9($0PDNn4Is|yw5tl*%YkV^vf{kZna`(!&g^BK8Ou5cF6->S zth4X3&OXaJP0J(+E_|tWwtczfrsMZVsj*yc95(LH;EhSKBiWCQFsGncPYa0+`0`ia%Hd&V33u7WhKugDmvGqu&;sf(X$3ZgSqF*pO7HfUb$VCI&D15qz zoPLM^?4OMK39{E?erchNZ+--pXa!u%+ehD`wzVXMhW1lb+e+w~g<5+EfeptOMDsN? z5!ETXi9%ujhKA+N%9T1v0a#x$Hnw2G}=-(}V;7Qy_(}I%f)E?9=>RVrI|K*;A#!OdZk( z0_nO?_NcqbexPB|fzdZu@V97jKXmp$W7yU?8qKR2=u^N;I*$jign^S4a4e#i5|j{k z5#P7L4jNfWNn%55s4aXKX6nX{KB3LZb{(@27!&r$uIv_5Fr=Gv1etR~CR;&u-wgv; z`9S=gytprWR!*G84%~mBn+&8q3p2O_gS6WbDno*@?*`U^S<`B5{(L9aL|Zqf*42RqAsoe7?x)5*0WlF$m$f(I32lw3*n<6TxGkK;#*I{ zlKbv`(dhbZNFp1scT6{__IUt3285Qi=G~}cx(~%&t&h(}Mj62*`2jG3@>=3w3VzJP zwV-q~c3;P|FA(inf_93ats&aWK-+A-3#7%Qk!f3qcBG&^LC{`9w4*>P?>wRRHpE1j zcX2Us_h9(D!J$Q#;180{9(Jgy9iz}OABzZk2hWx6(8f^v@NJ!aFeCOf*}q5eJ=~8y z-m-3eXZa;Kr^)`E@Xum2aLWk^&;H%n_V3xiK4f5?F!0(_x#M9J;oJVkd1a5ogu$c% zJ;&Z*xv2&ruuQoaXCs~t@Z>t2@{pKuUR{G4meqft!nDHyOIz}nQ3G4U6)e--%)|(1 z^X*L4?g*Keq85`&{-BL%%#p1aiMmtO71SpmaR>t57T!+v9dH}c4W%4_j)elWX`7o# z9w(B}MtDSmI4J$dbR5%N?15oL@PI>jV8Jloa z+stj{U?py8!(FV?{4~G>Vh6lNw+LH`D*y}snw>z~ava65pN;zJCl$r-f?%ARO}nKK zrd>$FTk_vOg-z>ArhV}t6p^?sRKEqudL2e=U31wMcyODD%TkykX4VV{6!5liF4g1XaxsBKT!OVNY~i+w zOMo~8-unSmlxxL+ZZAOJZxem*7|MNr2`&hKwU>3RBSBlK&bm6F9;X%fU+ALg!z7Oo z3C{ruVqG;#R|os~D$=z~=n4v5&!0l$59Vh3mXP@;C)Or38Gd0R2g}LefjzBAjLZ-3C!amf93*?h z?0E|`a`wpFN~;|cX3G4d5Z>286bHN?m1VIxm5?x_Ry8hvfIMMzTlhYz#|P#o1TrMd zdE8cksk%D;dr-v!^8%bM*7G{LC4b6EJOXE&jP70rW{#03;0irPN`MkEGMw<{KVC_W zQc*A{3ehdaGXM-Xz+FkAV0X8Qf|o!bqu{kMuwj#M`Q{VZhRhf_5EV$`BwikM;fp(!5V-{_=S4{qHHN zQiZUKSy(Gp7!Q-M<{{Tnp%QyGHK6$jK|Gv^Npl%fk>>MJi`<&RUYmnDF1pC+kLEya zr%-#XPZpgQsH2yo z7NJcas9lV@RQo3z)P672-f^Xvc3AjW@+fhSDpP)i@^a^UAqj`e(5+6q>#=^i@;YnkM^d2cO3&ee8gsb?B}Z-un*cC_cY$raEVJ zc*hREw1qRE%n`yWMJ@pzBobZ%ND!aE=6(q%W%YJG13sS(%TExN|MFONTPZpaZY1W$ zMXR*ne8^ix@=JA<-2inH=zdngD{m$lrK_ZsH$beiyGyFHSn;4!T7Byv^; zF^fH}`!4~wanXZ9`-7xv=i9)>pT>p??HyoZlHU^vcUXd0`?X5DSYK@#1??k*_6DK- zofDw_PGaW8y!lLM$BArBlR011RyUbPqSkC*88V-N%2xYcQ{;G_;`Y6q<1aW?4bs_= zv(@~{#WVrh%&k<4>Yr6r`p(7Hnl}L~^tOd(2+$t|s69kiQS*L)T`k3@0v0YqhjFUh zizO+Ix>`X#gCP|WvK$2RRQVn*Ki3zFey$h-9WBM1j)9CP-{Sc&9P%&?8yBtAEO%q~ zbEg>WzAvCx*u{K-j5ci-V~_wW5|Oiz6r3v*j1>xAKOPFELV*xgiFv!Z462LlV&o?i z%Xq=kN3eWNEXNQ_^T0n6EnUXOE>=ziMlQGd5%UDW+%}jy^Z_xyyNmT9R!HA$p-+tU z+qhg`Zx<}f1w>-x8LCeMBlX=!%##K4C4!mzSINxg{=|&9JYFOf|@M{F(fo%(KL_PT`B%`t0 zY`LXBMk;O_NS8Tc0NLn*ttFSRnrrlD{pZ$vguUw4Kz}^*uq%b%J@O zU>-!wF2TI!LgfxC*x-(%s8H^>4OnuAM-bn_#N>`nLa;kNM6I&~YQw0+)aH`f`9ke( z+$KRcS5jjBbO+n~2oZ0yHkp4->?XrWrIfE-yKq{;jo{WMyWz@pI|Rr?0Vyib7EnDt zv%X9q!it^Op%-`jsm^ z7k}uL>zYrcE^*;Dl5~ZHuJsx0oqpt!$cfk<4#RvrLHOYyQ&DBJ|=lU%*f9ULLvgprpidH$I& z`d(qQSr|PUW`vJr3(UJAProufpJ-PI+IKD7!3vyX!kurBwFB1>ZTyw#m%zx>l}^m} z3Fei8`Fvvj9Y_#pbHI$-WDSe9XxJa_i>`GJLdNc(Rw1>-Gw3qUZ#)CSel3K}6vDDe zn2Rkjk048sx{gLO*@e}u;xczP(R}_oyE;tuk5D&W^2V-etq5RRK7fqYKga2(*1ZPy z%~anJ4%xfq>6G*%WGR`m{D+Bv7XuQ+i-GEJG^)-<-KV2tPl}GsOJ^6qMQ6w+a8kf@ z&eNmCkA92coDC#2hUnB>BCcYaW`JouyS6OaJe^Kon0>5n5TaJ_{RliZVd>hVf%HBn z^d20@dY6&j42ae}IFNM1QcL4}ab*gTZQ*BL)14;7_N9A%EyZ5qUrSS@rT7V|KPl>V z8mI?EeFxR=6!j}JQNLN#zoh!LqFzjitp;@=JsVMsHwfAR-9TXi>HjkX6mJXoO9X#T z!2d>^8w9)*XNwJ(phSNcNq8feNDctemzmhe-5^%Zz+W@≤w-Kc>=zj;E+r3 zzYzQ?h8Len>$M*~=idH_?D-7!@h`k%)-=4Zav2~mKnb{pOb6u#Q7?9pC5_(@B|Jow zqYaeT5hcK+>yIS=GNyd;Pp`fY%3`cfUl7YW;Lx_M;j>z87RL%UCBI)E`iKU zIlt*XZ9F?ziTuEz{9z*8^EH`CgiziJEK{y03zWc}M7M_N2y74-M|Ob7TK*v!UyAxb z_ChL_74Y1txU^Nh>^m4T9>6;Eg)zg9BIFDM@>bNtHxiP}0CE!{MZK7I>cSoaa+d+= zpdE%O2IO-9D9)z{Il_Rv+kkwVkOK|K1qS3nLUwh>44Q2~enrSPfy6L>PxYq%;raop zUoYysuUIGQDOSKeqMk|hOGW((s!v0m$B|w$qPsR2hD)Zk6u&eDm5Zl_-X32zHT3QH zS>ru<6LS7)8LCYSeKjrg`J~W)kB<)C>uB6; zaumH^|0%s&Hv7u)SB$@M{8i(fP@-*y4&sl0>x@3o})Yz~%fYyQ0yZ_|5VLf|WIMtnS*H zpm#ygT3J&Wtfa4Lxq_9oHQCwOS`ZY@puf_a?S{RQE*sz03VN-@#nxFDPPIEPn&q54 zZTu8$EGfJjALuG~x#to|7I8b><<8*noZK;@(~8dTrSEgW0%!R`Xd?2w`~ngasIT^V zs2!}R3^?5t^)++Bs_gZ<=3AAHfYn#)x1M==;7n_vqPD)uV=ebu>7!lNV6D~fC0Rj# zy*mg=UTdwtat?hj%vw|H@uGkIg*|?+%j2x@F32J#Dp# zud~+Yqwk%`;}r4Tvn-){q?Jb_jvfuz3UR}A=lH5zbF3Z+bE`oVqZp`g`Mn-zo!{%L zT;TLBr~?7o<&{AvzO*(6T|v*($OwqCL-}2ZunG~${C;}974iaBSB-~E zVRUs89K4H~;Wta>#c5|;$eAKA64P8r z6*FC>oW%I9qW&9$S^*HrRORqx7#pY03(-#_qYeQl*O~S2`a^_!Rut7Q? z%-x{#^jI9De!oF zu3S%!&z+xBl$TpR##i9=_{Qdqb>$bj#}v78UEXp}PGNp|Q9(|jFUMxH<=S|qlIP1U zV41l^Hrv>--dvl{TVCYzmFIaq`L1%0yF4$~+{9q$!}wF<6-}Z=P-FTrj(|m zcKD)76WwL0A})O1oP1;x90GNidZ66Ons|Qra**_lhax#l8lkD+Fl9pN9+CeKQ?91i zR&sN4{>`+&Y%w``o}Vk}@XofJ0@1^wqJ-1MztkK%R{06}{;=nlpKF`XtKt^%h7vjCPN9Ys>0y<}*PpcctO7=s*wUem zU}t5G*a8kD;F-_3ADVzyd&EvAjN46P${xVF6vij+!|7P;cguZlAzy8MBW7s^|4ui_h&&!ZfS=cO`V1wYCF?pe%2`2g-&1W|6oljzG)E_xUIC_^ZB zp?nT6pnQXJ+6Umrmx`W7c?C*5A;gF2+6y()f(+9M1Nx>dGxg0NIG%#iRy`h#;(2QQ zNKUV5r-6d#*F6@Et|sdAjLGSl=UI-NpVpxL;`nn$j5%!>fr)<-ekG8bMgVyb?-lr+ zgz=*%*0k~I88@d)9C*Y87=$L_ug9+s@JFK5@snftl>mPMxmO$UDYKb?_+P|tH28V3 zqU6`a`1b%m0r(@xNQF-|4JHcWKY(A>i_vH?N*%u-#(yH>%MLuAPK)77WB75vpACFZ z`YB$g1AjkCU4H5clhS`Z;M@O<`%^~wDX*~tvTr5u*CTFc#^KM?@h<}Z6!0ZRyuC4X z9w>-^5Ac5h{#+w|A+z)N9soW9e7g}3{*|ZeNFIN8<77Kg8iz>-b5)(@PQqjQyVyv)=>! zGr$jzv;Q>R{w2V#MZUWecE;>)NhJxB0D2U78{Vn9lH^ZF&$vBhYI^3cQtj#1mOl3M ztlP|!(rq^%;YcrR>^mjBw#Vm^m?Gz1HB&T^+2x&dOgtVfnE>vdf@*b52*kDSN(s#>e{_Zn#g+&ROihn zO~Y%vd@PwP%Hw2P{lCI^g_94pSBZB>`B4AAFzv_Cq43`xjMj3S_9k#(%axDS*h`=T zTdsWABwjvdt?`~7Fudo5GEa3VlD9_fP@D+q!(Lkct(2 zw=_)I-74w&$x`XZo08lgfSL55Y_F31QQ200?vm}BBp&a2GQV!Ol>dKSsQ*_!QE!2a zgUPbISe8Cn&XeWMvb;x@kI8baEVs&1$yfic^puGc@nqm6Z+Ru2>&vlazdRu#AL z@V=TF-*|YMrs5(V-cM8U77y>Qskn@XV-_U%lkln90L_{dK2U2<3QyNMlEN*Tn(y&? zL0oEthdBccJ#Vk)2pQ+k0+V0zpl%k$WvwB%F zc&1j76n>o6kQA=6Sxgqq<38G#(HKP3C~u}{=~@Q9dtp5A`2~iTB*0IRaFvG@4?PfL z(qi_gyfKmChx+FlDW^3-{ye5X)X#SVp3MHwdVoL3a*orQq<>UCeDojCFH4~RT@Uns z0-XHjkx%~4M4OIR@gw;25?(?;9Pi*q@UJDD@5KQ2H~f&Hf!65j4g~K?fYXfoPQ6E&tVKdG@sxLBX_zeFY#yq! z0Y3`!tK<#=SMglM^zkyNwFq$Qp@EAw6orH z?Kfu$B~M9R=kyi!uap7K_lkgfPtuQ)^s3umNWC_xSM~QNra!a;={V1kf9T6)bnv}C zlvcpW&hMn1N=}ZX&l$nwTDvH;vnBjxnSWq5AD0520skzJawJ%DO8T*KV)4CRAm>W> zomqlXt@o}4oa}KV^eYYHPWDeJ6!d&A4%IU1Z_1(PuX|a(pf&z|QtEx?3;|W^$v;cI zUDAFvj&$!&X*A^$FDRahaqaDd`nF!1B{I zhnz=zuN)kUB>XBlUh*`ft(0)9%qM*B6!cFsT<9|XeF<=~vm?Pj?@D-Kg8e4MZ3gH| zC0xnslzJ~1FCgmrY=iV?2f9p$?1mPV^!w$+;(OS@AA|Wq_H-xMV*{M@CeG7wfYW&0 zJb}e)d@mW*@e*ElhJf?49;nU$oaBEi<*U3w|Myt3IA0{`ze%9Ki|Ny~ca9SBuNH-N zzogGh@Y`w$w$`Rl>6*y|ObR;b{qS`pZ0gQ0B=?rJU0x{2JLgekKOE zTnYD&6NLN>0IHKEeA5{MuJT?P;N-XA3HJC2j(L$dE;j&f6(ZvPey8F=&M$s80u(Ex z-eMUbDnI;A!mW~ikd!t^!Y>{r0Q?LGs+#~GCTWZXJu^jda;1z(=*3-DgI zc+1(7ZA(t!^x+{ur_1kmEp+1DR{uiH=Xc@xKTmyi^+K>1T6iW9FD@HN`C&cZ{JF5n z9bBLV=DGZpH9@rSdYzNrF!TD^T(^A3+v&l(;6d2002f*X_JAAl0plULdPbB79@q{CxzxEg^o!I%}ol;NeZRD zO}=pabi30&W0KQ}R-DT{nsd@+GsaJ!Ix!xDZv*&)08N=u=CnJc1jnQcHRqIRGbfCn z=A1cs@*V=(;cYi!8g9bDISRQ`MutfDbuD-nCQ&K#sYjWb=Gue zEb3-WpGYw`i(dIRa_jGWix(E<3++6j#wSMU^?Sj_&!5%?oOND*pw?L#sI4ilb@@GB zk5MZAGqJk*U?9$*L!VM*E$VSlCwSBgj#@>aI#5~dba|@rOl!@&Y6Pac*6(r7_g4nJ zn$zoX1zpB(2&gc|bf7Rbnxc15y{oB-Zx+PaCT9WO3&(`Tz^LBDJqsIqSvK}D0IiN@ zk1tM`)9DHXy#An*-b9bX;5!BQY(X4IX_np*mg_!=d)qh8DRaC*INurbzKjqy-$~z# zh*KlJkPruA@5gsgz88zM1phikh#ndWI@O%&TD(3^{zBZxKja%H7t!lMtW@B02M9hg zrEZ~aN={xvpY;KYy|Rp8o(V-B1Vep5jg9UkoxvT@C{{#}#M^Vo)5(Sj#SvYNXOwH* zx>YoTk~m0wyucV<(i!pE#52k9FlBB+Z;daCJDuf$fOI>JpdQt1A)Axf4~{W%X?5+q z`1zm2ddx6>A2=pX8HG<<_<{+RvHR7xN)m9o%f*)ySeGsKUdU6o2dmXUm@>rUC!W}rfAR>iOO;Z@ln7w}lVbKe!e zx<7L<;J7r``PF{CDt7{BJft`sbQNlJ4@c=&`}(T1N=jwFqEqEu;OU-_YODQ!RjTWf zMEj*!?OIgGr;1bGs_dr-Wl3XYJf1*<`me@MzkgCHsNPI)V50tK6ZqAA7FAA42-rmZFD3A+`!TAt zslXBD=;JS&+AFBgo-@rMI@Eoe@FLMxeip4*{3!TaKv?io{ObNr*FVYsA$TeF6u-I; z)GhftWdBusD!s~&E5J)6ieKF?+PxS+99g2!|0;e}ehQ3{U%#)^AXqANPEk>Os{9&Y zBfr{5t7s7P%1+UW`A@ZfK!s!}`_+A_1r36tT@?CXt6me8gD6P9Edj3h&rE<5Egi;E zk6nS{zYjKu#wE9grWn7AE79P6-zYMY3*C^3GPn1TZNwn zDkM6}JPJKc9w9G44^NQH*t=ob91VPucV@nsZ+7Q)eYWv+v*0+O;lO8jh%^iEv+&@1 zBiDm6%s_Yh^7g8CL*|-vy&KqSw?EYzUqnCTaougQ7IT+BE-0_wYPQ^_>o!%pcgi}a z9dM4T&TOSLeT9wYkf$G^M9bQn>P4abdTJdDFr?fn@rW`lI=?y26O{)#;{@FQ$;%aU zCkH5kF}xuxVkQqon9QTGdg=*&;y=EEOwBmY=o=unsCXTZW+$~2ne_LL4%h&OS(Js5 z&x0t8{rE@Zr(%$#fq#^SQasM?3+acMpTzxyr-2BdPQ4H`u{pIzBtr9ge_+{3BzYgL zOviSpJt>YQuz*Vrte<7T21yi&7`Zr+f^B{4E@zSt4uGZNkTWs#_fj5-@kTFPXHidg zZGUl3^{pwZ4b__XfB|v#4R_2U!?*SGn4@?4T>TPisi*#*pgV%zzo7|b_5RwfAg_J1 z^wbOt->%(Jdh-oX`8h3!-Ld(%(yS&nFrZiMnI!sE)lknxI=UmRf3NE4Joes{`mOSJ l%DzHNT3b)N{q0HeOAWeBfdPB|x0uV*d+Jc%4K2C0{x7P(TxS3P literal 0 HcmV?d00001 diff --git a/ledger/src/signer/test/trie/test_trie.c b/firmware/src/powhsm/test/trie/test_trie.c similarity index 100% rename from ledger/src/signer/test/trie/test_trie.c rename to firmware/src/powhsm/test/trie/test_trie.c diff --git a/firmware/src/powhsm/test/trie/test_trie.o b/firmware/src/powhsm/test/trie/test_trie.o new file mode 100644 index 0000000000000000000000000000000000000000..7f9bf22bca112d55dc75d27edc8771537825fe97 GIT binary patch literal 32744 zcmc(o51dqG)yMAw{z<`AGxOhDBZ7e9IJ_nhaRbLTf_?_iv-KAAA>mLR!7~Fs@v)weC_9@%;j;Y?9dagh961}~YUi+rq>9q?;`tgBB(*w`A_V=e= z+`{_Y!J4hhCzIrh=cQgMJD8-}kcPA3bQRfV`{$>2R=>AvaBy(_`fsV<#||9mPaTv< zR&U;#Uh4vxUi%uhm#+G5nmm<&4m|1X2g2Jmtkkdp7vQp9j>ofP_1QGF!tcp)3w-{V z)0X}&g)Oz8(Ejv*pn(*HfKS!qhbSU~z7x<}DVqDs5lDwe;L+4z)t+OhGbt2^DZ@xjHp?)aq4(g=NQZOgM_web4{jAhn0v;>TQj5}I62c1@bp!M+1krK9=|j4I9E z^M11JXN^CCnjbC);F@s1B$N8KR`ojv_s$J+Yq*K1{`c*>gfem4z|u$30}HlLk8N4I z;1O!*wurnW{ZNhnBxw8_gG!`n_iY^k)hlhDop4N(50h_fZA($>y$oY#lj zTAO;rAD?b8To^qV9`(mUx?)U#Pa`-cZVz`=5@1?YxltR#CCj4+0`Q3_SsgtbWSUrl z2;%6uBkJV8IeNYjK6+$srD3wWibl$^<7~pOFOR8z{)Bm7cynEje3t4WCQQwd5t$hu z4);Ogge&_u!X?AzvWsYmqi)`C{P1OJxGqw| zPY$VJ*z5eBF_D&c{evyPe^d}P4Eo-1v;I;%A*O&OPE~ zp4$?&VLAHcDS(ai653|ag1%tWz_xh0rGd=WszWqL#Wc^ zfwIXnB1}5PE`iDVM&J6zz*OkIpO@#dh_f!J(mL$>&x*9ZKke^&X!gFx-(b?GyZujV zQyX+kw4-XzDQ<|Tc7)9Fy4=B*2tHQC&TneyMZ|WRf`(p}(nZ7$+LCgwZ-e-TUqnm~ zZ>MBG4a2@w8@%dU9pFBbY%`(DO4Q zPSJ}r})kfjz!BqWx-+ENE|b)X9Fo>Aqi93OQVz+CkS! zJN#><9dxa32QTXsmZecNKb&wHz2QMtrjyV5+i zV9UUpw)Us~xmT{&hkHy3ZkDYPxN;o`w?z~7BYs@grnc&YO*eGfNSx|IZ|LCo^G|{6 zS)I;Dy)+a^z|`Z0_2F>T?k;H`@^gpBIiBuaVNw~s?8TWne>rebdCH>kc zol%lQbuR0_&70u@>~>k|X1E|4zn?`O94f~I6b?)5zR|R;P?v1v?yDPrTy&-Hm>(bO z+UKQmX~53T^*&4Y-h){*-}S$S4~Zg zS0af_si&h*lOuVNtLZIeONH3<>9N*J=cY23wPt3|n=yy(=xcp0+u7Nc%`IY)$$WMu z*OnzQ>Z3S6k@nn4itLa_3xRB@LQhP^lCfB~SYZ0BN{`O>- z#neV`tk~TXn>4X^QmnVVdueAr)>epR+d2!eQg^JUz`9C3OLHaCRETx=bX?WZmF|DzzN4HwUQZ#L&$JhoPiD*?rpD-`&O%oJrc8~sEiD!cJyY1J-i~Vv-Z`;l9i{e| z^Uaai#HB}huC+ad-ld(T$xc>7H0$E|Dc_ps@%gTC99?QmCfB`qNoS!{$aEKry@is> zoxZrRIJbDoWZ(4EnCp!Sc{(6pN!^qnIK|HFRk1uN%V{V2z1Z8H?J49lOL_{$j^&xc z@+Bld$88;@47KzsY6`VXd(bE9hsNDk5%X1q#eL$^80qVcWxMjOOC-cWd;_cE1%^7L zj-qa;3#nll*Bvf4m2K>H37GJ_uoHs#n{%)OH2&5L>50lS{U#0Z*m*a_kEF)2tDAC_ zd&7oO;^o@X)t#v{P|S98ve$91&=o6m#tPRIx+upv>rQuPboOL8fqToH+nFgWZi}q# zakYm$)%UwHD}u;{*eeuE&>cese3LI*9}U-bQOKS|xSDe_hbqmrcXZ}^3SGV*egj_N zzpXMa&O7r`H&gUZrD5)C^+&o+IX1sLx&4^b3MiBLqf1}MT+RmL!fz*@7!W$seRiiF zG9G@qPo7NSxF8mfT^LKm&WpvT#LkXQRyPRN1~4!YP)SoS@Nj5XyDFWfbbK(BF%fjR z&jL+Ob=m!)iv2p(?01;zcXif)z_QLMetuk&?Oa+Y4}tbF=m>na%qQMJyX%P%A0 zAO5Wwa%h5S4!QG#xzbOVpx=Gv*zWjvqAc1sdz)F?G3Cn$qz>6M&9sWZ8Js$|*ZCaOy`&_8vxED@igX%s9;xH_-sD9{?6 zr5UWJr@M#ZLH2`q9BTdLIu{Ioy60U*u+C1SNs&rpJl+tGCu+0#y4t43#%!WKTUXzh zXvpV_+1h-fn5$1TCu`g4iVcN)u`$`0t#8WJHD_zHg|>X6slKhbA< zQgyXC8XKFMnwzuPwzga@pDz@O#mah)TU~7>`&;LXP-M$Sc{q9_msOtM zT&LB~i((;BPqPUXziNb9pkZ~E-1sOaXwt)?A|qsxEH#YKOeo>;=l>C!t2wt-ZzAz` zP7Cg|vYupqxSB?Gv?Ut+7B)AV<>D0`Ha2RUXucou`DM7i6$_fTly9^^|NW&-?p}Ca zeJ)<#);3&i!){qoTc)E_`=P#x{TsIafkGpu z$z(jC`?ulFR2t7@aya9^-tEy?S3`Wbn*1GsryGOvvglE>Ww!uO8ZeA-7GBX*V1$GC z#s9S)Bx#ptTzf@_xm?_>1>AeD=tLvz^dz(KdL6ihLcGCC)*DdI+f&-yNJ&uNdVE&7 zgDY$4{D>;)fMio5@%PVrxm;~+g+Y&Yq$8@&U4Qb;XH6J+r&~IFBRJF1<=+DCHTCX1 zydP@n^&WA?30B-qbCMA_(BkUteYl{O?qkb+ZePFN`Y`vYBIVtcblH#cp?^K@u8%!$ z&P5l|RrjnyTL)b;C*n1=HHmW?rpTvQZJe)S68?7CJ3(w!U3;llwfxwsQ^y{0 z^;_`X^XT~wd-Z1K-afgrkG)ee%)0k6n-wp)zUk&OP`qkd${2tU_7Sykl`p5Yj z7_A@u%_pY^WEvL{sF1~0@jb(6zG3W>aXLcef0d%D@LjQgHrEqK4^Wu ztp7Cji%Oxwzbga(rb+$V=}FnL{+vL z4@mu3c2fPHQ}+Kksh`5{T0eS1;Qv9Xzlk1ME!VFb?Q3AALkpiW#{2!?&>GJh9r~9{ z%-O)uGMY4nmC>GiP^Y4bp9QEQ-p}7^QjxD=yb1J~`9|T#yIRjXPxw~DFA=^|_-P_v z6z;v&2QKI6<4WN%;c}XHlkgVd^5$(4ez|~S=$H$Cp~-$O5w7FzY2p3Ck7i*izor+< z-)cD5jrM2&hLq9Xt3oKt^Viy@P)8mI@t5hqJCgYEWLb+F`*d(Tp<@-o`{W3IP6X$N zpThL;^J{EZ?YTLH?7THXJ|DsP5hiX|&>r#i2H{O|tP#AOINQz9I~O-s(fj>$9OmaH zk^j2LySa0wtK7Cb#pV-tPq|O1#V6zexvAF;Ga%s`sFhs|Bb`_ zW4%FqxA1+!-P}wfkBXkR$oZ=08R6Qm+TPy_zf$Ctk0rl34(*1YBYcVB7Yko*c$@Im zhF>GRU%2}DA>jjt-z}W~R*H+p|8e3R=QoSvZVjUPr-a|-76s39YY*|Cik|hXgo@hz zo$yH2iqsn}n;LbA{g}T>ZR+KCqw9$RKcQ9m%{+c$FlkTjPl5g>QCG zSa_Z^!&@x;Vc~8~Bl+dR_sYcV)-v|NZN%g;giPj=OH-|_Z_CVHF#n>~xfjpRWNK&w z6o#8aX;Ua|45baBv_6z3Lup+otqrA#P#V|gD*Q0GeR5{byo+bfn3uVD_Uy}2t(n#t zGv}o;-jb!IUjGRMUnrC9?Je|_GW^Z4K2-smY5&O#e~*n1F8FqEU(F9Ggi!gqsd5{P z=Xv}9!;%%=lAeyPQql7ts_+)mwz)eOeCy+c7BBINJ%xgAgdbtZ1dlNItYY^rPcekm zh)+Ye_T{ex%a1&SDp+Lp^%a)=Gwd~iM7ZK|z{>b%>P14PdyxV7&8qW05Uu!Xw6ZFA zvLX1Q)o2X_%HNY32|m*xCu>-s$bY6F!i_^dQjqI4k<}LZru=UfH7;`GKaSz7`NY3W z0uVT+-&vxzpwd5C9&4#gSYKl$^Dn;m=_H!FoTvM?33yGG{47Dvncb#gq%@TqbeP zE~!6jfU`~I9|X>N^g4*2r{=xfJBlpDRFq68OV^5Y2_#h5Sa) z!+w5C;_yL`=UWikuKPir^M_wtwgNw!j#d8Kz*+xuGQOTMT;uS(;k(42p9{DB@@tTv z3U>b(!4Cpw-*p~4oE1~yJmIxf{T~PXEa0aAXFWQ9ju*~vF_52Pp}_i zU_V|9@|@>?k#*s{z&U?(y|@YVV0>-^dCc=q13!oKX#RfzIOnV&!T+xU z$9cg0VI|3NJaHa)671qU@I&A@59|W{oQE2p{f29NUNT(gfrFqQ<1A z&h4EhdH9Io+TL#){!OvFUAS%UGa%0oK&aiF5quwT{?1P2{|p@cJp5H8L`BDu`Z>;U z-7g+5-1>Pk$fKX*BX|vPjOR4q=x5q+_48uGHJ+`)t)FiPdEBoSfHzV+G;W>1>wvES zj{DX32xq%7kncD0XHp%Pn}DPK4H0}3aO~gBz%gzQ8?JHtmf_mJ-w|%(_I;4Yxa|Pm zMD5YI{StT*_#c5|-2Nim#%qnsDpqgCLLnz705z(5^>(T4VUBcOJ4C24n$m=-$6L8c&7{QM| znv_!Ec@@X$iNG;#;|nf(!VvrZQPO|kNGwocmw&Q`8F3g`m?}r^=F~sCGjUK z-1^fF@|bT|NAOj^F>d|9(a)O=S3f^yxW;XxaO>x1Kpyk$%fNAd+X6fZ@%$!m%(wp$ z&URxU|Fn_Ue0v@^>far~UjUBdbPzbk?dY-O1QomPA8)vh)7J{OaeE!eWB*Qy;BnyC zzvlx-Kj#>({X5@q?cd9UTR*P=dGs?E!50DNe&iRItAU?S$2yKy0!RP*4OjpF!|=P< zVJbHZxBh<&$97E;ZrfF7xVGy&!&geXE(HD9t~Y=@ zt~;&3alZO@;5a{A1suoSD&XvjUZ=lLIL86=d>zR1IMVC%TY&TWuJ`>m0_S;H`Q4x& zbQFzIL}GSe-8TbzQLb?p91n@s_B3V#|Q5lR13HH zaH`>&591Bj`v#LhKjuRX$m2Y=1UUDj&JQaMSG#?NKOlM7FPz(jc0UaAxPQA7INJS^ z;c9oY;d+1b>%y(whe00m;rk%ZYrgj5PLM}`_8G4J{L%1fhm$fY2S7i@;c$6wjQf}K zS?#_WINE)^;cE9x!#l<9*}`ocYC#_JJO%O?hf6>n{aI+Z`jaz!gZR@9`Y{gOAdmgB z4CL|t(sdw@{@)NG|K$k&NCe*=!K;qr-YoCaTI7D*xCnkS@C)cX?O*x{CRe!Mk=I1< z#t41^@EM?gE^zLzPFdd<7_R-b(C{auzp}z@{g|j^7)k(l-LOg4LbN}l8zX|k@2l-jRF%EA8 zJuM)ADR3Say8mAYobynxBi;%8BG7X+aQ>+Ic8ze31Mb_`0mps&M}XtL{SM(8XU(fG z8m|3vui?6HzaR8tUOfczI6r&`ILBY@{>X5(`%}a3k$m{2aGMXm0r?h)nZsYJ;!_}YH8UD2Ra|YO+H`?)2;Z5)^n{5cmY}r&^w4;&!3@MBo!aJ|SHD@n)GP zryH*EoMreL@qaGp$9`OBR%||$4rcnpKA2KAo7U_`6eT;-#1K;ke_Ab_sRYDxe@Z0 z0iO(UyTa(XMeffQ4cGWD0zEaLr^m=|5Ixr!{)F(p2tDsN@+rCh_+i5}J|BzFbBB>{ z6+K@xT>Is#5qj=7^0$kgM-9JA__rhUe9y=qA@|FkH~a+QKabG!Ya_o> zjl7PFzeLC%$&&~b&2#Pd6D$|IF~cc7D7336ZQ4Tg6Lzc@nw zLL)y$?sv2s{)G5nGJKxMuZYlpgOOMLHyOT9^nBd#q+Ivj8KM8{Mqc$lX86;h=ZOeC zKQ!{H=XZurmFt-oBJ`ZdlQ@c%n13pM*cG*KR-f#fsxn0d%hwJjrg#0cJJQeO2eyx{%)NaGimHp2?!*3P&{f3_{`-jz4A+ch6G+ck5V5{N!`vf};*Kz6w z2{l3e*WV}bYI;{JE@j*3z0~8sx9g{#LT9#y|5pXCCZ8>3y_&Y(Ua!W{o^GGeul_Hl zpK$kTy1Gk+nmO|qoJ0SyLT-^r71}e!p6ud+#B?}sF*=!>rnl2oSBrdDCG&)G34YGfIK8ms zYW<_h2Wz*<0yDSo>FB>r1Q_gWP_e ziuHWiK01Gl33uYAq<{WaNlcz*dCOwYXPvh1`OJ2H7=y|xSwH-vq3!2sH|%`(gHTjg L)Dz|1#_#_DPSq$a literal 0 HcmV?d00001 diff --git a/firmware/src/powhsm/test/trie/trie.o b/firmware/src/powhsm/test/trie/trie.o new file mode 100644 index 0000000000000000000000000000000000000000..715a3edd2a001d68770e88eee3d996fc1bb75439 GIT binary patch literal 14168 zcmeI2dvH|M9mnrx^AZCaFwqEhT&%^AVoX4=&iV5jHfI8BM zn`pM%l%0WgQmu4orLVy;9qfwyfg7{|96P2RM$u{~Oh=n_(su(y+~}VlbX~YKiliwJLH|vGOu1{)I~*I zN7J$KNv?-~K{THB^;PtUR`rSICJGCD{l30RfgHmVBd%0nf_l~Oa~w13o7U@h%fyhU z#v!8#e|hX}2Q?iOsgQEMgs1db);}?9Xr$hCU2CK~6|Ph|Hd5Y`{((!vAy^=sHw!c!F+bqtO=7W3()#|AwJ}bzaqAfUhjFD7y1QA zWc6NOVm`Hs27OzN$CY~Dm$;dezSwczn$8~gj!mLuJUZ%2MEhx@8i}udJsvn6_nt}w zMibssj^TygQ`=W30;i3HhjM7upB1Z~ZVQivuBUuLBRU#kG~Fye7Mg69e?43x_M>dI zD${pkfzsGlRzTIzjKp6OeL2iiMmBeuF)D0M=QHzN#z47Jz8aZJT|V!4q1Ru-5w=ao zFimlLaAujkS3bTOX&_PHP(*TLTOVqO;6dbD`nYtjm=h8CpOgr z8cEam{Z(Q+uA)`YlXmqSnQR%)FZWyXiShs6Z*M3wrULG_3rrc_Z_iz76d5u%<*6i; zIb&wIQl850bacM5K~Ig^YuG-dd6OMI@Ihg;6k7_P2BWfx4KEnQ4BMGwo(_564$O z6%P!=y$2J4bi#X(ox+3c6b={(atcY>dqVdBPe`Y5fY4zb9hOd^D*rq?g{u5h7N<}z zBb-8Aqi_lje!NrYriXyB@n2M@&@G(8ee~EOr_j}XGx<{F7`nP|p-ARo!g4=QbA5qx zNbah|`4Y#duNzI37D@-NF7s^F%Kj@mgtrLw!cC+D&nGzw|2+4kdJ&Gox0o9FDEv(` zd6AC785$pD%yblf%}ie8qwoW{noGOxRMmo`uzHa)q)p03)cm4z@IJB!rBAygyTXVY z3;BMM$j&ji;r4H|mNcYqW&66$%#zQrX|lZV>*+-enbzldE-J6fs;Kf*aaeI^6Yj zwR3ChuU{}*#@uu3=GNEM*VhTHY&aYo_pQ+!JIWn1%1TO;WDr*o;~$6hd|5iB{Go#7 zlZy-PAPGIMfjI^7N>$}|h-^{zPCZ*I=1Nq)(@~*I$V}Ufs@4j%cP4CDB%OKR=xUmi z{_+JUX|e})yc`zJX%(EB*tS*DxH~ngl!2*M@^JG6r^XIrZeUk)nx*~gW%lKC=VfFM za|q<)Jl3pdy(}Qcp5jX+-y^vgbBZ_8FQ1<80Nw_81n?N(S|rpKtZmg=BRfR2xviru zqBXB-ylvUi#^&2ru3YO~*Sv1&vPN&S)*fsR2P3*zC>W03E90$OJHpZSpcdZN5^C#+ z=qgk~Wo`{OQ~CC-+e|sBLrHdQjf5jDp-6BewRJlEIM607tl%6kRthr(y^yQ%WlQ2Y zRPu{}{0hL=0)7wRQNVe;IoR7jpyLbpu!WO9YPA1#!2e_6+-KEaWxDoyFXaVG!Omv^ zJ`Zp&;A;Wj4ET1ydjNj~@B@G!0sJK3rvZNp@c#l{%mbWfoM!-D1NcI~R{?$};NJs$ zr{ruq>_sd4=?3z90N)SzLBIzA9|rvIfWHg4Q$Aui+qy1h1HJ(8rGVcK_%6T`fIkNK zlYpNCyqG&l!QS60z-s_+0DL9jYb58J)qb{FI6u#nUHu5?c@*$v@)6J3?0PCaYb3Y# zHwbtq;7P#u0se&K+#dERReMeW`M&`^3itjC!wekDOO z$3D*GfZqUkBj8PdZvcE3;JX2T9PmSc4+8!&;Aa4TAMhf6b4$TKo)v&!1NcpVF9W;@ z@J)b60gnOR5BL*+KO?z)y{CcvOMt%t_$c5X0$#?SCiBe8binHXUjld#@DSiT0q+C+ z_kbS-{3PHn1I{0+^NmjtACf89?YSIq{(PQKz7g;yz&8NC3-H~5KMwdIzy|?;8SpcJ zzYlnkcwu?rcvb*@4d6Ecz6|gtz&8ON1w00LKj2RQ{*2@o><>WxCBWYRd=&5x0WafE zw-oGlJ{|Bnz?T4im*m{v%jl=h1)G6T6X2%+ z{|Dgj0A9>SlV_Z#0zM1y`GBtgd=23D0M7sOny;O`lH2#0-9UaH;0FPJ8t@kZKMnX> zfS&`rlot;LyZyTXUjX>+fUgI9C*VH>{3n1P06Ycw3BX?id<^gc-hA_n+cdyu0zL=u z#ejbs@F3uwfIkTM9>Dhl{s+MS0(b`Svw%;LA0qAcc^%*j0bdKaK8w2ja~*F=!0Vg? zGyYvI--pWMufbcTpmfs=ez$xdB)3C@KPnZ-<`{g7^qa+JZA-nslJe@Ct7=bJ%DYLH zgW}ue^ZQyI8$2ZKxZ1|AljH8TahcRSHojh_)m_!QM{=z;{QdSw%LckfLi&BPiiLvr zw$w&~J0e=`#+FEnR=Xh_)@lU}ZPiKZ*7o*b2MN%}xnS+8TLahAC%V=xQYyH)c~hu` zzWjau;3gIPNkvYRq0l2^KT{JV)AI9+Avc3!JoO%f=#gqUf#X-|X`Uu7tL#S2?<~os zS?R)bebrX4%COfzhcZ~Fz5IwQuj*6f?db)S!8&>VtU;A${nnt?gJSg*$=84PTwS76 zHkkX*ubNf;s{f0Lu}B^Ltf5T&cfO`oTOq|&|J8k!g;_;!l;y3Adifficulty_b)); } uint8_t dif_offset = diff --git a/firmware/src/tcpsigner/src/ui_comm.c b/firmware/src/tcpsigner/src/ui_comm.c new file mode 120000 index 00000000..179ef4da --- /dev/null +++ b/firmware/src/tcpsigner/src/ui_comm.c @@ -0,0 +1 @@ +../../ledger/ui/src/ui_comm.c \ No newline at end of file diff --git a/firmware/src/tcpsigner/src/ui_comm.h b/firmware/src/tcpsigner/src/ui_comm.h new file mode 120000 index 00000000..c843c64e --- /dev/null +++ b/firmware/src/tcpsigner/src/ui_comm.h @@ -0,0 +1 @@ +../../ledger/ui/src/ui_comm.h \ No newline at end of file diff --git a/ledger/src/tcpsigner/ui_deps.c b/firmware/src/tcpsigner/src/ui_deps.c similarity index 100% rename from ledger/src/tcpsigner/ui_deps.c rename to firmware/src/tcpsigner/src/ui_deps.c diff --git a/ledger/src/tcpsigner/ui_deps.h b/firmware/src/tcpsigner/src/ui_deps.h similarity index 100% rename from ledger/src/tcpsigner/ui_deps.h rename to firmware/src/tcpsigner/src/ui_deps.h diff --git a/firmware/src/tcpsigner/src/ui_err.h b/firmware/src/tcpsigner/src/ui_err.h new file mode 120000 index 00000000..d0d2490c --- /dev/null +++ b/firmware/src/tcpsigner/src/ui_err.h @@ -0,0 +1 @@ +../../ledger/ui/src/ui_err.h \ No newline at end of file diff --git a/firmware/src/tcpsigner/src/ui_heartbeat.c b/firmware/src/tcpsigner/src/ui_heartbeat.c new file mode 120000 index 00000000..af68be46 --- /dev/null +++ b/firmware/src/tcpsigner/src/ui_heartbeat.c @@ -0,0 +1 @@ +../../ledger/ui/src/ui_heartbeat.c \ No newline at end of file diff --git a/firmware/src/tcpsigner/src/ui_heartbeat.h b/firmware/src/tcpsigner/src/ui_heartbeat.h new file mode 120000 index 00000000..9850b56c --- /dev/null +++ b/firmware/src/tcpsigner/src/ui_heartbeat.h @@ -0,0 +1 @@ +../../ledger/ui/src/ui_heartbeat.h \ No newline at end of file diff --git a/firmware/src/tcpsigner/src/ui_instructions.h b/firmware/src/tcpsigner/src/ui_instructions.h new file mode 120000 index 00000000..f968d39c --- /dev/null +++ b/firmware/src/tcpsigner/src/ui_instructions.h @@ -0,0 +1 @@ +../../ledger/ui/src/ui_instructions.h \ No newline at end of file diff --git a/ledger/src/tcpsigner/test/hmac_sha256/Makefile b/firmware/src/tcpsigner/test/hmac_sha256/Makefile similarity index 100% rename from ledger/src/tcpsigner/test/hmac_sha256/Makefile rename to firmware/src/tcpsigner/test/hmac_sha256/Makefile diff --git a/ledger/src/tcpsigner/test/hmac_sha256/test_hmac_sha256.c b/firmware/src/tcpsigner/test/hmac_sha256/test_hmac_sha256.c similarity index 100% rename from ledger/src/tcpsigner/test/hmac_sha256/test_hmac_sha256.c rename to firmware/src/tcpsigner/test/hmac_sha256/test_hmac_sha256.c diff --git a/firmware/src/tcpsigner/test/run-all.sh b/firmware/src/tcpsigner/test/run-all.sh new file mode 100755 index 00000000..771858e8 --- /dev/null +++ b/firmware/src/tcpsigner/test/run-all.sh @@ -0,0 +1,13 @@ +#!/bin/bash +BASEDIR=$(dirname $0) +TESTDIRS="hmac_sha256" +TESTDIRS=${1:-"$TESTDIRS"} + +for d in $TESTDIRS; do + echo "******************************" + echo "Testing $d..." + echo "******************************" + cd "$BASEDIR/$d" + make clean test || exit $? + cd - > /dev/null +done diff --git a/ledger/static-analysis/.gitignore b/firmware/static-analysis/.gitignore similarity index 100% rename from ledger/static-analysis/.gitignore rename to firmware/static-analysis/.gitignore diff --git a/ledger/static-analysis/gen-static-analysis b/firmware/static-analysis/gen-static-analysis similarity index 94% rename from ledger/static-analysis/gen-static-analysis rename to firmware/static-analysis/gen-static-analysis index b25f8d72..992f58b9 100755 --- a/ledger/static-analysis/gen-static-analysis +++ b/firmware/static-analysis/gen-static-analysis @@ -4,8 +4,8 @@ if [[ $1 == "exec" ]]; then BASEDIR=$(realpath $(dirname $0)) SRCDIR=$(realpath $BASEDIR/../src) REPOROOT=$(realpath $BASEDIR/../..) - SIGNER_SRC_DIR=$REPOROOT/ledger/src/signer - UI_SRC_DIR=$REPOROOT/ledger/src/ui + SIGNER_SRC_DIR=$REPOROOT/firmware/src/ledger/signer + UI_SRC_DIR=$REPOROOT/firmware/src/ledger/ui SIGNER_OUTPUT=$BASEDIR/output/signer UI_OUTPUT=$BASEDIR/output/ui diff --git a/ledger/test/.gitignore b/firmware/test/.gitignore similarity index 100% rename from ledger/test/.gitignore rename to firmware/test/.gitignore diff --git a/ledger/test/README.md b/firmware/test/README.md similarity index 68% rename from ledger/test/README.md rename to firmware/test/README.md index 21e1bc09..fe59292f 100644 --- a/ledger/test/README.md +++ b/firmware/test/README.md @@ -9,7 +9,7 @@ ### Example command to build a signer to run the tests against ```bash -~/repo> ledger/build/build-signer 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b 50 regtest +~/repo> firmware/build/build-ledger-signer 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b 50 regtest ``` ## Running the tests @@ -17,11 +17,11 @@ To test using the TCPSigner, issue: ```bash -~/repo> ledger/test/test-all +~/repo> firmware/test/test-all ``` To test against a physical dongle, issue: ```bash -~/repo> ledger/test/test-all dongle +~/repo> firmware/test/test-all dongle ``` diff --git a/ledger/test/cases/__init__.py b/firmware/test/cases/__init__.py similarity index 100% rename from ledger/test/cases/__init__.py rename to firmware/test/cases/__init__.py diff --git a/ledger/test/cases/admin_is_onboarded.py b/firmware/test/cases/admin_is_onboarded.py similarity index 100% rename from ledger/test/cases/admin_is_onboarded.py rename to firmware/test/cases/admin_is_onboarded.py diff --git a/ledger/test/cases/advance.py b/firmware/test/cases/advance.py similarity index 100% rename from ledger/test/cases/advance.py rename to firmware/test/cases/advance.py diff --git a/ledger/test/cases/case.py b/firmware/test/cases/case.py similarity index 100% rename from ledger/test/cases/case.py rename to firmware/test/cases/case.py diff --git a/ledger/test/cases/get.py b/firmware/test/cases/get.py similarity index 100% rename from ledger/test/cases/get.py rename to firmware/test/cases/get.py diff --git a/ledger/test/cases/heartbeat.py b/firmware/test/cases/heartbeat.py similarity index 100% rename from ledger/test/cases/heartbeat.py rename to firmware/test/cases/heartbeat.py diff --git a/ledger/test/cases/nvm_stats.py b/firmware/test/cases/nvm_stats.py similarity index 100% rename from ledger/test/cases/nvm_stats.py rename to firmware/test/cases/nvm_stats.py diff --git a/ledger/test/cases/parameters.py b/firmware/test/cases/parameters.py similarity index 100% rename from ledger/test/cases/parameters.py rename to firmware/test/cases/parameters.py diff --git a/ledger/test/cases/reconnect.py b/firmware/test/cases/reconnect.py similarity index 100% rename from ledger/test/cases/reconnect.py rename to firmware/test/cases/reconnect.py diff --git a/ledger/test/cases/reset.py b/firmware/test/cases/reset.py similarity index 100% rename from ledger/test/cases/reset.py rename to firmware/test/cases/reset.py diff --git a/ledger/test/cases/sign_auth.py b/firmware/test/cases/sign_auth.py similarity index 100% rename from ledger/test/cases/sign_auth.py rename to firmware/test/cases/sign_auth.py diff --git a/ledger/test/cases/sign_helpers.py b/firmware/test/cases/sign_helpers.py similarity index 100% rename from ledger/test/cases/sign_helpers.py rename to firmware/test/cases/sign_helpers.py diff --git a/ledger/test/cases/sign_noauth.py b/firmware/test/cases/sign_noauth.py similarity index 100% rename from ledger/test/cases/sign_noauth.py rename to firmware/test/cases/sign_noauth.py diff --git a/ledger/test/cases/suite.py b/firmware/test/cases/suite.py similarity index 100% rename from ledger/test/cases/suite.py rename to firmware/test/cases/suite.py diff --git a/ledger/test/cases/update.py b/firmware/test/cases/update.py similarity index 100% rename from ledger/test/cases/update.py rename to firmware/test/cases/update.py diff --git a/ledger/test/comm b/firmware/test/comm similarity index 100% rename from ledger/test/comm rename to firmware/test/comm diff --git a/ledger/test/ledger b/firmware/test/ledger similarity index 100% rename from ledger/test/ledger rename to firmware/test/ledger diff --git a/ledger/test/misc/blockbin.py b/firmware/test/misc/blockbin.py similarity index 98% rename from ledger/test/misc/blockbin.py rename to firmware/test/misc/blockbin.py index 61ec10b2..0f6bc426 100644 --- a/ledger/test/misc/blockbin.py +++ b/firmware/test/misc/blockbin.py @@ -23,7 +23,7 @@ """Turn a json rlp block list into a binary byte array. This command is specially designed to produce test data for -ledger/src/simul/bc_advance_host.c +firmware/src/powhsm/src/{bc_advance.c,bc_update.c} """ import click diff --git a/ledger/test/misc/blockdump.py b/firmware/test/misc/blockdump.py similarity index 100% rename from ledger/test/misc/blockdump.py rename to firmware/test/misc/blockdump.py diff --git a/ledger/test/misc/blocksplit.py b/firmware/test/misc/blocksplit.py similarity index 100% rename from ledger/test/misc/blocksplit.py rename to firmware/test/misc/blocksplit.py diff --git a/ledger/test/misc/comm b/firmware/test/misc/comm similarity index 100% rename from ledger/test/misc/comm rename to firmware/test/misc/comm diff --git a/ledger/test/misc/genPaths.py b/firmware/test/misc/genPaths.py similarity index 100% rename from ledger/test/misc/genPaths.py rename to firmware/test/misc/genPaths.py diff --git a/ledger/test/misc/hex2c.py b/firmware/test/misc/hex2c.py similarity index 100% rename from ledger/test/misc/hex2c.py rename to firmware/test/misc/hex2c.py diff --git a/ledger/test/misc/ledger b/firmware/test/misc/ledger similarity index 100% rename from ledger/test/misc/ledger rename to firmware/test/misc/ledger diff --git a/ledger/test/misc/mine.py b/firmware/test/misc/mine.py similarity index 100% rename from ledger/test/misc/mine.py rename to firmware/test/misc/mine.py diff --git a/ledger/test/misc/rsk_block.py b/firmware/test/misc/rsk_block.py similarity index 100% rename from ledger/test/misc/rsk_block.py rename to firmware/test/misc/rsk_block.py diff --git a/ledger/test/misc/rsk_netparams.py b/firmware/test/misc/rsk_netparams.py similarity index 100% rename from ledger/test/misc/rsk_netparams.py rename to firmware/test/misc/rsk_netparams.py diff --git a/ledger/test/misc/rsk_utils.py b/firmware/test/misc/rsk_utils.py similarity index 100% rename from ledger/test/misc/rsk_utils.py rename to firmware/test/misc/rsk_utils.py diff --git a/ledger/test/misc/tcpsigner_admin.py b/firmware/test/misc/tcpsigner_admin.py similarity index 100% rename from ledger/test/misc/tcpsigner_admin.py rename to firmware/test/misc/tcpsigner_admin.py diff --git a/ledger/test/misc/thirdparty b/firmware/test/misc/thirdparty similarity index 100% rename from ledger/test/misc/thirdparty rename to firmware/test/misc/thirdparty diff --git a/ledger/test/options.py b/firmware/test/options.py similarity index 100% rename from ledger/test/options.py rename to firmware/test/options.py diff --git a/ledger/test/output.py b/firmware/test/output.py similarity index 100% rename from ledger/test/output.py rename to firmware/test/output.py diff --git a/ledger/test/resources/000-blockchain-parameters.json b/firmware/test/resources/000-blockchain-parameters.json similarity index 100% rename from ledger/test/resources/000-blockchain-parameters.json rename to firmware/test/resources/000-blockchain-parameters.json diff --git a/ledger/test/resources/001-get-at-startup.json b/firmware/test/resources/001-get-at-startup.json similarity index 100% rename from ledger/test/resources/001-get-at-startup.json rename to firmware/test/resources/001-get-at-startup.json diff --git a/ledger/test/resources/002-sign-noauth.json b/firmware/test/resources/002-sign-noauth.json similarity index 100% rename from ledger/test/resources/002-sign-noauth.json rename to firmware/test/resources/002-sign-noauth.json diff --git a/ledger/test/resources/003-heartbeat-initial.json b/firmware/test/resources/003-heartbeat-initial.json similarity index 100% rename from ledger/test/resources/003-heartbeat-initial.json rename to firmware/test/resources/003-heartbeat-initial.json diff --git a/ledger/test/resources/100-reset.json b/firmware/test/resources/100-reset.json similarity index 100% rename from ledger/test/resources/100-reset.json rename to firmware/test/resources/100-reset.json diff --git a/ledger/test/resources/101-get-initial.json b/firmware/test/resources/101-get-initial.json similarity index 100% rename from ledger/test/resources/101-get-initial.json rename to firmware/test/resources/101-get-initial.json diff --git a/ledger/test/resources/102-advance.json b/firmware/test/resources/102-advance.json similarity index 100% rename from ledger/test/resources/102-advance.json rename to firmware/test/resources/102-advance.json diff --git a/ledger/test/resources/103-get-after-advance.json b/firmware/test/resources/103-get-after-advance.json similarity index 100% rename from ledger/test/resources/103-get-after-advance.json rename to firmware/test/resources/103-get-after-advance.json diff --git a/ledger/test/resources/104-heartbeat-after-advance.json b/firmware/test/resources/104-heartbeat-after-advance.json similarity index 100% rename from ledger/test/resources/104-heartbeat-after-advance.json rename to firmware/test/resources/104-heartbeat-after-advance.json diff --git a/ledger/test/resources/105-advance-brothers.json b/firmware/test/resources/105-advance-brothers.json similarity index 100% rename from ledger/test/resources/105-advance-brothers.json rename to firmware/test/resources/105-advance-brothers.json diff --git a/ledger/test/resources/106-get-after-advance-brothers.json b/firmware/test/resources/106-get-after-advance-brothers.json similarity index 100% rename from ledger/test/resources/106-get-after-advance-brothers.json rename to firmware/test/resources/106-get-after-advance-brothers.json diff --git a/ledger/test/resources/110-get-initial-partial.json b/firmware/test/resources/110-get-initial-partial.json similarity index 100% rename from ledger/test/resources/110-get-initial-partial.json rename to firmware/test/resources/110-get-initial-partial.json diff --git a/ledger/test/resources/111-advance-partial.json b/firmware/test/resources/111-advance-partial.json similarity index 100% rename from ledger/test/resources/111-advance-partial.json rename to firmware/test/resources/111-advance-partial.json diff --git a/ledger/test/resources/112-get-final-partial.json b/firmware/test/resources/112-get-final-partial.json similarity index 100% rename from ledger/test/resources/112-get-final-partial.json rename to firmware/test/resources/112-get-final-partial.json diff --git a/ledger/test/resources/113-reset.json b/firmware/test/resources/113-reset.json similarity index 100% rename from ledger/test/resources/113-reset.json rename to firmware/test/resources/113-reset.json diff --git a/ledger/test/resources/114-advance-partial.json b/firmware/test/resources/114-advance-partial.json similarity index 100% rename from ledger/test/resources/114-advance-partial.json rename to firmware/test/resources/114-advance-partial.json diff --git a/ledger/test/resources/115-get-final-partial.json b/firmware/test/resources/115-get-final-partial.json similarity index 100% rename from ledger/test/resources/115-get-final-partial.json rename to firmware/test/resources/115-get-final-partial.json diff --git a/ledger/test/resources/116-reset.json b/firmware/test/resources/116-reset.json similarity index 100% rename from ledger/test/resources/116-reset.json rename to firmware/test/resources/116-reset.json diff --git a/ledger/test/resources/117-advance-partial.json b/firmware/test/resources/117-advance-partial.json similarity index 100% rename from ledger/test/resources/117-advance-partial.json rename to firmware/test/resources/117-advance-partial.json diff --git a/ledger/test/resources/118-get-final-partial.json b/firmware/test/resources/118-get-final-partial.json similarity index 100% rename from ledger/test/resources/118-get-final-partial.json rename to firmware/test/resources/118-get-final-partial.json diff --git a/ledger/test/resources/120-reset.json b/firmware/test/resources/120-reset.json similarity index 100% rename from ledger/test/resources/120-reset.json rename to firmware/test/resources/120-reset.json diff --git a/ledger/test/resources/121-advance-cap.json b/firmware/test/resources/121-advance-cap.json similarity index 100% rename from ledger/test/resources/121-advance-cap.json rename to firmware/test/resources/121-advance-cap.json diff --git a/ledger/test/resources/122-get-final-cap.json b/firmware/test/resources/122-get-final-cap.json similarity index 100% rename from ledger/test/resources/122-get-final-cap.json rename to firmware/test/resources/122-get-final-cap.json diff --git a/ledger/test/resources/123-reset.json b/firmware/test/resources/123-reset.json similarity index 100% rename from ledger/test/resources/123-reset.json rename to firmware/test/resources/123-reset.json diff --git a/ledger/test/resources/124-advance-cap.json b/firmware/test/resources/124-advance-cap.json similarity index 100% rename from ledger/test/resources/124-advance-cap.json rename to firmware/test/resources/124-advance-cap.json diff --git a/ledger/test/resources/125-get-final-cap.json b/firmware/test/resources/125-get-final-cap.json similarity index 100% rename from ledger/test/resources/125-get-final-cap.json rename to firmware/test/resources/125-get-final-cap.json diff --git a/ledger/test/resources/200-update-iris.json b/firmware/test/resources/200-update-iris.json similarity index 100% rename from ledger/test/resources/200-update-iris.json rename to firmware/test/resources/200-update-iris.json diff --git a/ledger/test/resources/201-get-after-update-iris.json b/firmware/test/resources/201-get-after-update-iris.json similarity index 100% rename from ledger/test/resources/201-get-after-update-iris.json rename to firmware/test/resources/201-get-after-update-iris.json diff --git a/ledger/test/resources/202-sign-iris.json b/firmware/test/resources/202-sign-iris.json similarity index 100% rename from ledger/test/resources/202-sign-iris.json rename to firmware/test/resources/202-sign-iris.json diff --git a/ledger/test/resources/203-get-after-sign-iris.json b/firmware/test/resources/203-get-after-sign-iris.json similarity index 100% rename from ledger/test/resources/203-get-after-sign-iris.json rename to firmware/test/resources/203-get-after-sign-iris.json diff --git a/ledger/test/resources/204-heartbeat-after-sign-iris.json b/firmware/test/resources/204-heartbeat-after-sign-iris.json similarity index 100% rename from ledger/test/resources/204-heartbeat-after-sign-iris.json rename to firmware/test/resources/204-heartbeat-after-sign-iris.json diff --git a/ledger/test/resources/210-advance-for-segwit.json b/firmware/test/resources/210-advance-for-segwit.json similarity index 100% rename from ledger/test/resources/210-advance-for-segwit.json rename to firmware/test/resources/210-advance-for-segwit.json diff --git a/ledger/test/resources/211-update-segwit.json b/firmware/test/resources/211-update-segwit.json similarity index 100% rename from ledger/test/resources/211-update-segwit.json rename to firmware/test/resources/211-update-segwit.json diff --git a/ledger/test/resources/212-get-after-advance-segwit.json b/firmware/test/resources/212-get-after-advance-segwit.json similarity index 100% rename from ledger/test/resources/212-get-after-advance-segwit.json rename to firmware/test/resources/212-get-after-advance-segwit.json diff --git a/ledger/test/resources/213-sign-segwit-t1i0.json b/firmware/test/resources/213-sign-segwit-t1i0.json similarity index 100% rename from ledger/test/resources/213-sign-segwit-t1i0.json rename to firmware/test/resources/213-sign-segwit-t1i0.json diff --git a/ledger/test/resources/214-sign-segwit-t1i1.json b/firmware/test/resources/214-sign-segwit-t1i1.json similarity index 100% rename from ledger/test/resources/214-sign-segwit-t1i1.json rename to firmware/test/resources/214-sign-segwit-t1i1.json diff --git a/ledger/test/resources/215-sign-segwit-t2i0.json b/firmware/test/resources/215-sign-segwit-t2i0.json similarity index 100% rename from ledger/test/resources/215-sign-segwit-t2i0.json rename to firmware/test/resources/215-sign-segwit-t2i0.json diff --git a/ledger/test/resources/216-sign-segwit-t2i1.json b/firmware/test/resources/216-sign-segwit-t2i1.json similarity index 100% rename from ledger/test/resources/216-sign-segwit-t2i1.json rename to firmware/test/resources/216-sign-segwit-t2i1.json diff --git a/ledger/test/resources/299-advance-cap-for-partial-check.json b/firmware/test/resources/299-advance-cap-for-partial-check.json similarity index 100% rename from ledger/test/resources/299-advance-cap-for-partial-check.json rename to firmware/test/resources/299-advance-cap-for-partial-check.json diff --git a/ledger/test/resources/300-update.json b/firmware/test/resources/300-update.json similarity index 100% rename from ledger/test/resources/300-update.json rename to firmware/test/resources/300-update.json diff --git a/ledger/test/resources/301-get-after-update.json b/firmware/test/resources/301-get-after-update.json similarity index 100% rename from ledger/test/resources/301-get-after-update.json rename to firmware/test/resources/301-get-after-update.json diff --git a/ledger/test/resources/302-sign.json b/firmware/test/resources/302-sign.json similarity index 100% rename from ledger/test/resources/302-sign.json rename to firmware/test/resources/302-sign.json diff --git a/ledger/test/resources/303-get-after-sign.json b/firmware/test/resources/303-get-after-sign.json similarity index 100% rename from ledger/test/resources/303-get-after-sign.json rename to firmware/test/resources/303-get-after-sign.json diff --git a/ledger/test/resources/304-sign-noauth.json b/firmware/test/resources/304-sign-noauth.json similarity index 100% rename from ledger/test/resources/304-sign-noauth.json rename to firmware/test/resources/304-sign-noauth.json diff --git a/ledger/test/resources/305-get-after-sign-noauth.json b/firmware/test/resources/305-get-after-sign-noauth.json similarity index 100% rename from ledger/test/resources/305-get-after-sign-noauth.json rename to firmware/test/resources/305-get-after-sign-noauth.json diff --git a/ledger/test/resources/306-heartbeat-after-sign.json b/firmware/test/resources/306-heartbeat-after-sign.json similarity index 100% rename from ledger/test/resources/306-heartbeat-after-sign.json rename to firmware/test/resources/306-heartbeat-after-sign.json diff --git a/ledger/test/resources/307-reconnect-dongle.json b/firmware/test/resources/307-reconnect-dongle.json similarity index 100% rename from ledger/test/resources/307-reconnect-dongle.json rename to firmware/test/resources/307-reconnect-dongle.json diff --git a/ledger/test/resources/308-get-after-reconnection.json b/firmware/test/resources/308-get-after-reconnection.json similarity index 100% rename from ledger/test/resources/308-get-after-reconnection.json rename to firmware/test/resources/308-get-after-reconnection.json diff --git a/ledger/test/resources/309-heartbeat-after-reconnection.json b/firmware/test/resources/309-heartbeat-after-reconnection.json similarity index 100% rename from ledger/test/resources/309-heartbeat-after-reconnection.json rename to firmware/test/resources/309-heartbeat-after-reconnection.json diff --git a/ledger/test/resources/400-advance-partial-before-sign.json b/firmware/test/resources/400-advance-partial-before-sign.json similarity index 100% rename from ledger/test/resources/400-advance-partial-before-sign.json rename to firmware/test/resources/400-advance-partial-before-sign.json diff --git a/ledger/test/resources/401-get-before-sign.json b/firmware/test/resources/401-get-before-sign.json similarity index 100% rename from ledger/test/resources/401-get-before-sign.json rename to firmware/test/resources/401-get-before-sign.json diff --git a/ledger/test/resources/410-sign-fail-invalid-version.json b/firmware/test/resources/410-sign-fail-invalid-version.json similarity index 100% rename from ledger/test/resources/410-sign-fail-invalid-version.json rename to firmware/test/resources/410-sign-fail-invalid-version.json diff --git a/ledger/test/resources/411-sign-fail-zero-byte-tx.json b/firmware/test/resources/411-sign-fail-zero-byte-tx.json similarity index 100% rename from ledger/test/resources/411-sign-fail-zero-byte-tx.json rename to firmware/test/resources/411-sign-fail-zero-byte-tx.json diff --git a/ledger/test/resources/412-sign-fail-malformed-redeem-script.json b/firmware/test/resources/412-sign-fail-malformed-redeem-script.json similarity index 100% rename from ledger/test/resources/412-sign-fail-malformed-redeem-script.json rename to firmware/test/resources/412-sign-fail-malformed-redeem-script.json diff --git a/ledger/test/resources/413-sign-fail-malformed-output.json b/firmware/test/resources/413-sign-fail-malformed-output.json similarity index 100% rename from ledger/test/resources/413-sign-fail-malformed-output.json rename to firmware/test/resources/413-sign-fail-malformed-output.json diff --git a/ledger/test/resources/414-sign-fail-receipt-nomatch.json b/firmware/test/resources/414-sign-fail-receipt-nomatch.json similarity index 100% rename from ledger/test/resources/414-sign-fail-receipt-nomatch.json rename to firmware/test/resources/414-sign-fail-receipt-nomatch.json diff --git a/ledger/test/resources/415-sign-fail-receipt-no-match-single-log.json b/firmware/test/resources/415-sign-fail-receipt-no-match-single-log.json similarity index 100% rename from ledger/test/resources/415-sign-fail-receipt-no-match-single-log.json rename to firmware/test/resources/415-sign-fail-receipt-no-match-single-log.json diff --git a/ledger/test/resources/416-sign-fail-receipt-top-level-size-mismatch.json b/firmware/test/resources/416-sign-fail-receipt-top-level-size-mismatch.json similarity index 100% rename from ledger/test/resources/416-sign-fail-receipt-top-level-size-mismatch.json rename to firmware/test/resources/416-sign-fail-receipt-top-level-size-mismatch.json diff --git a/ledger/test/resources/417-sign-fail-receipt-malformed-nologs.json b/firmware/test/resources/417-sign-fail-receipt-malformed-nologs.json similarity index 100% rename from ledger/test/resources/417-sign-fail-receipt-malformed-nologs.json rename to firmware/test/resources/417-sign-fail-receipt-malformed-nologs.json diff --git a/ledger/test/resources/418-sign-fail-proof-only-receipts-root.json b/firmware/test/resources/418-sign-fail-proof-only-receipts-root.json similarity index 100% rename from ledger/test/resources/418-sign-fail-proof-only-receipts-root.json rename to firmware/test/resources/418-sign-fail-proof-only-receipts-root.json diff --git a/ledger/test/resources/419-sign-fail-proof-first-non-leaf.json b/firmware/test/resources/419-sign-fail-proof-first-non-leaf.json similarity index 100% rename from ledger/test/resources/419-sign-fail-proof-first-non-leaf.json rename to firmware/test/resources/419-sign-fail-proof-first-non-leaf.json diff --git a/ledger/test/resources/420-sign-fail-proof-leaf-nomatch.json b/firmware/test/resources/420-sign-fail-proof-leaf-nomatch.json similarity index 100% rename from ledger/test/resources/420-sign-fail-proof-leaf-nomatch.json rename to firmware/test/resources/420-sign-fail-proof-leaf-nomatch.json diff --git a/ledger/test/resources/421-sign-fail-proof-wrong-version-node.json b/firmware/test/resources/421-sign-fail-proof-wrong-version-node.json similarity index 100% rename from ledger/test/resources/421-sign-fail-proof-wrong-version-node.json rename to firmware/test/resources/421-sign-fail-proof-wrong-version-node.json diff --git a/ledger/test/resources/422-sign-fail-proof-does-not-connect.json b/firmware/test/resources/422-sign-fail-proof-does-not-connect.json similarity index 100% rename from ledger/test/resources/422-sign-fail-proof-does-not-connect.json rename to firmware/test/resources/422-sign-fail-proof-does-not-connect.json diff --git a/ledger/test/resources/423-sign-auth-fail-invalid-path.json b/firmware/test/resources/423-sign-auth-fail-invalid-path.json similarity index 100% rename from ledger/test/resources/423-sign-auth-fail-invalid-path.json rename to firmware/test/resources/423-sign-auth-fail-invalid-path.json diff --git a/ledger/test/resources/424-sign-noauth-fail-invalid-path.json b/firmware/test/resources/424-sign-noauth-fail-invalid-path.json similarity index 100% rename from ledger/test/resources/424-sign-noauth-fail-invalid-path.json rename to firmware/test/resources/424-sign-noauth-fail-invalid-path.json diff --git a/ledger/test/resources/425-sign-auth-fail-invalid-length.json b/firmware/test/resources/425-sign-auth-fail-invalid-length.json similarity index 100% rename from ledger/test/resources/425-sign-auth-fail-invalid-length.json rename to firmware/test/resources/425-sign-auth-fail-invalid-length.json diff --git a/ledger/test/resources/426-sign-noauth-fail-invalid-length.json b/firmware/test/resources/426-sign-noauth-fail-invalid-length.json similarity index 100% rename from ledger/test/resources/426-sign-noauth-fail-invalid-length.json rename to firmware/test/resources/426-sign-noauth-fail-invalid-length.json diff --git a/ledger/test/resources/499-get-after-failed-sign.json b/firmware/test/resources/499-get-after-failed-sign.json similarity index 100% rename from ledger/test/resources/499-get-after-failed-sign.json rename to firmware/test/resources/499-get-after-failed-sign.json diff --git a/ledger/test/resources/500-advance-inconsistent-list-length.json b/firmware/test/resources/500-advance-inconsistent-list-length.json similarity index 100% rename from ledger/test/resources/500-advance-inconsistent-list-length.json rename to firmware/test/resources/500-advance-inconsistent-list-length.json diff --git a/ledger/test/resources/501-advance-long-mmmp.json b/firmware/test/resources/501-advance-long-mmmp.json similarity index 100% rename from ledger/test/resources/501-advance-long-mmmp.json rename to firmware/test/resources/501-advance-long-mmmp.json diff --git a/ledger/test/resources/502-advance-brother-pow-invalid-mp.json b/firmware/test/resources/502-advance-brother-pow-invalid-mp.json similarity index 100% rename from ledger/test/resources/502-advance-brother-pow-invalid-mp.json rename to firmware/test/resources/502-advance-brother-pow-invalid-mp.json diff --git a/ledger/test/resources/503-advance-brother-pow-invalid-dif.json b/firmware/test/resources/503-advance-brother-pow-invalid-dif.json similarity index 100% rename from ledger/test/resources/503-advance-brother-pow-invalid-dif.json rename to firmware/test/resources/503-advance-brother-pow-invalid-dif.json diff --git a/ledger/test/resources/504-advance-brother-pow-invalid-mmh.json b/firmware/test/resources/504-advance-brother-pow-invalid-mmh.json similarity index 100% rename from ledger/test/resources/504-advance-brother-pow-invalid-mmh.json rename to firmware/test/resources/504-advance-brother-pow-invalid-mmh.json diff --git a/ledger/test/resources/505-advance-brother-too-many.json b/firmware/test/resources/505-advance-brother-too-many.json similarity index 100% rename from ledger/test/resources/505-advance-brother-too-many.json rename to firmware/test/resources/505-advance-brother-too-many.json diff --git a/ledger/test/resources/506-advance-brother-not-brother.json b/firmware/test/resources/506-advance-brother-not-brother.json similarity index 100% rename from ledger/test/resources/506-advance-brother-not-brother.json rename to firmware/test/resources/506-advance-brother-not-brother.json diff --git a/ledger/test/resources/507-advance-brother-same-as-block.json b/firmware/test/resources/507-advance-brother-same-as-block.json similarity index 100% rename from ledger/test/resources/507-advance-brother-same-as-block.json rename to firmware/test/resources/507-advance-brother-same-as-block.json diff --git a/ledger/test/resources/508-advance-brothers-not-ordered.json b/firmware/test/resources/508-advance-brothers-not-ordered.json similarity index 100% rename from ledger/test/resources/508-advance-brothers-not-ordered.json rename to firmware/test/resources/508-advance-brothers-not-ordered.json diff --git a/ledger/test/resources/509-get-after-failed-advance.json b/firmware/test/resources/509-get-after-failed-advance.json similarity index 100% rename from ledger/test/resources/509-get-after-failed-advance.json rename to firmware/test/resources/509-get-after-failed-advance.json diff --git a/ledger/test/resources/600-advance-partial-before-sign.json b/firmware/test/resources/600-advance-partial-before-sign.json similarity index 100% rename from ledger/test/resources/600-advance-partial-before-sign.json rename to firmware/test/resources/600-advance-partial-before-sign.json diff --git a/ledger/test/resources/601-get-before-sign.json b/firmware/test/resources/601-get-before-sign.json similarity index 100% rename from ledger/test/resources/601-get-before-sign.json rename to firmware/test/resources/601-get-before-sign.json diff --git a/ledger/test/resources/602-sign-long-redeemscript.json b/firmware/test/resources/602-sign-long-redeemscript.json similarity index 100% rename from ledger/test/resources/602-sign-long-redeemscript.json rename to firmware/test/resources/602-sign-long-redeemscript.json diff --git a/ledger/test/resources/610-sign-tx-with-many-inputs.json b/firmware/test/resources/610-sign-tx-with-many-inputs.json similarity index 100% rename from ledger/test/resources/610-sign-tx-with-many-inputs.json rename to firmware/test/resources/610-sign-tx-with-many-inputs.json diff --git a/ledger/test/resources/612-sign-sample-mainnet-tx.json b/firmware/test/resources/612-sign-sample-mainnet-tx.json similarity index 100% rename from ledger/test/resources/612-sign-sample-mainnet-tx.json rename to firmware/test/resources/612-sign-sample-mainnet-tx.json diff --git a/ledger/test/resources/613-sign-sample-testnet-tx-erp.json b/firmware/test/resources/613-sign-sample-testnet-tx-erp.json similarity index 100% rename from ledger/test/resources/613-sign-sample-testnet-tx-erp.json rename to firmware/test/resources/613-sign-sample-testnet-tx-erp.json diff --git a/ledger/test/resources/614-sign-match-not-last-log.json b/firmware/test/resources/614-sign-match-not-last-log.json similarity index 100% rename from ledger/test/resources/614-sign-match-not-last-log.json rename to firmware/test/resources/614-sign-match-not-last-log.json diff --git a/ledger/test/resources/615-sign-match-long-proof.json b/firmware/test/resources/615-sign-match-long-proof.json similarity index 100% rename from ledger/test/resources/615-sign-match-long-proof.json rename to firmware/test/resources/615-sign-match-long-proof.json diff --git a/ledger/test/resources/616-sign-3input-5output-testnet.json b/firmware/test/resources/616-sign-3input-5output-testnet.json similarity index 100% rename from ledger/test/resources/616-sign-3input-5output-testnet.json rename to firmware/test/resources/616-sign-3input-5output-testnet.json diff --git a/ledger/test/resources/617-get-after-success-sign.json b/firmware/test/resources/617-get-after-success-sign.json similarity index 100% rename from ledger/test/resources/617-get-after-success-sign.json rename to firmware/test/resources/617-get-after-success-sign.json diff --git a/ledger/test/resources/620-sign-segwit-basic.json b/firmware/test/resources/620-sign-segwit-basic.json similarity index 100% rename from ledger/test/resources/620-sign-segwit-basic.json rename to firmware/test/resources/620-sign-segwit-basic.json diff --git a/ledger/test/resources/621-sign-segwit-with-many-inputs.json b/firmware/test/resources/621-sign-segwit-with-many-inputs.json similarity index 100% rename from ledger/test/resources/621-sign-segwit-with-many-inputs.json rename to firmware/test/resources/621-sign-segwit-with-many-inputs.json diff --git a/ledger/test/resources/622-sign-segwit-long-witnessscript.json b/firmware/test/resources/622-sign-segwit-long-witnessscript.json similarity index 100% rename from ledger/test/resources/622-sign-segwit-long-witnessscript.json rename to firmware/test/resources/622-sign-segwit-long-witnessscript.json diff --git a/ledger/test/resources/700-dongle-fake-receipt-root-fails.json b/firmware/test/resources/700-dongle-fake-receipt-root-fails.json similarity index 100% rename from ledger/test/resources/700-dongle-fake-receipt-root-fails.json rename to firmware/test/resources/700-dongle-fake-receipt-root-fails.json diff --git a/ledger/test/resources/800-advance-single-block-with-brothers.json b/firmware/test/resources/800-advance-single-block-with-brothers.json similarity index 100% rename from ledger/test/resources/800-advance-single-block-with-brothers.json rename to firmware/test/resources/800-advance-single-block-with-brothers.json diff --git a/ledger/test/resources/801-get-after-single-block-with-brothers.json b/firmware/test/resources/801-get-after-single-block-with-brothers.json similarity index 100% rename from ledger/test/resources/801-get-after-single-block-with-brothers.json rename to firmware/test/resources/801-get-after-single-block-with-brothers.json diff --git a/ledger/test/resources/900-set-is-onboarded-no.json b/firmware/test/resources/900-set-is-onboarded-no.json similarity index 100% rename from ledger/test/resources/900-set-is-onboarded-no.json rename to firmware/test/resources/900-set-is-onboarded-no.json diff --git a/ledger/test/resources/901-no-onboarded-sign-noauth-fails.json b/firmware/test/resources/901-no-onboarded-sign-noauth-fails.json similarity index 100% rename from ledger/test/resources/901-no-onboarded-sign-noauth-fails.json rename to firmware/test/resources/901-no-onboarded-sign-noauth-fails.json diff --git a/ledger/test/resources/902-no-onboard-sign-auth-fails.json b/firmware/test/resources/902-no-onboard-sign-auth-fails.json similarity index 100% rename from ledger/test/resources/902-no-onboard-sign-auth-fails.json rename to firmware/test/resources/902-no-onboard-sign-auth-fails.json diff --git a/ledger/test/resources/903-no-onboarded-get-bs-fails.json b/firmware/test/resources/903-no-onboarded-get-bs-fails.json similarity index 100% rename from ledger/test/resources/903-no-onboarded-get-bs-fails.json rename to firmware/test/resources/903-no-onboarded-get-bs-fails.json diff --git a/ledger/test/resources/904-no-onboarded-advance-fails.json b/firmware/test/resources/904-no-onboarded-advance-fails.json similarity index 100% rename from ledger/test/resources/904-no-onboarded-advance-fails.json rename to firmware/test/resources/904-no-onboarded-advance-fails.json diff --git a/ledger/test/resources/905-no-onboard-update-fails.json b/firmware/test/resources/905-no-onboard-update-fails.json similarity index 100% rename from ledger/test/resources/905-no-onboard-update-fails.json rename to firmware/test/resources/905-no-onboard-update-fails.json diff --git a/ledger/test/resources/906-set-is-onboarded-yes.json b/firmware/test/resources/906-set-is-onboarded-yes.json similarity index 100% rename from ledger/test/resources/906-set-is-onboarded-yes.json rename to firmware/test/resources/906-set-is-onboarded-yes.json diff --git a/ledger/test/resources/907-dongle-set-is-onboarded-fails.json b/firmware/test/resources/907-dongle-set-is-onboarded-fails.json similarity index 100% rename from ledger/test/resources/907-dongle-set-is-onboarded-fails.json rename to firmware/test/resources/907-dongle-set-is-onboarded-fails.json diff --git a/ledger/test/resources/nvm/00-blockchain-parameters.json b/firmware/test/resources/nvm/00-blockchain-parameters.json similarity index 100% rename from ledger/test/resources/nvm/00-blockchain-parameters.json rename to firmware/test/resources/nvm/00-blockchain-parameters.json diff --git a/ledger/test/resources/nvm/01-nvm-stats-reset.json b/firmware/test/resources/nvm/01-nvm-stats-reset.json similarity index 100% rename from ledger/test/resources/nvm/01-nvm-stats-reset.json rename to firmware/test/resources/nvm/01-nvm-stats-reset.json diff --git a/ledger/test/resources/nvm/10-reset.json b/firmware/test/resources/nvm/10-reset.json similarity index 100% rename from ledger/test/resources/nvm/10-reset.json rename to firmware/test/resources/nvm/10-reset.json diff --git a/ledger/test/resources/nvm/11-get-initial-mainnet.json b/firmware/test/resources/nvm/11-get-initial-mainnet.json similarity index 100% rename from ledger/test/resources/nvm/11-get-initial-mainnet.json rename to firmware/test/resources/nvm/11-get-initial-mainnet.json diff --git a/ledger/test/resources/nvm/12-advance-mainnet.json b/firmware/test/resources/nvm/12-advance-mainnet.json similarity index 100% rename from ledger/test/resources/nvm/12-advance-mainnet.json rename to firmware/test/resources/nvm/12-advance-mainnet.json diff --git a/ledger/test/resources/nvm/13-get-after-advance-mainnet.json b/firmware/test/resources/nvm/13-get-after-advance-mainnet.json similarity index 100% rename from ledger/test/resources/nvm/13-get-after-advance-mainnet.json rename to firmware/test/resources/nvm/13-get-after-advance-mainnet.json diff --git a/ledger/test/resources/nvm/20-nvm-stats-print.json b/firmware/test/resources/nvm/20-nvm-stats-print.json similarity index 100% rename from ledger/test/resources/nvm/20-nvm-stats-print.json rename to firmware/test/resources/nvm/20-nvm-stats-print.json diff --git a/ledger/test/run.py b/firmware/test/run.py similarity index 100% rename from ledger/test/run.py rename to firmware/test/run.py diff --git a/ledger/test/test-all b/firmware/test/test-all similarity index 75% rename from ledger/test/test-all rename to firmware/test/test-all index 93f9c0b4..239ba396 100755 --- a/ledger/test/test-all +++ b/firmware/test/test-all @@ -35,18 +35,18 @@ if [[ "$WITH_DONGLE" == "no" ]]; then # Build and run tcp signer $TEST_ROOT/../build/build-tcpsigner - $TEST_ROOT/../../docker/mware/do-notty-nousb /hsm2/ledger/src/tcpsigner ./tcpsigner --checkpoint 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b --difficulty 0x32 --network regtest > /dev/null & + $TEST_ROOT/../../docker/mware/do-notty-nousb /hsm2/firmware/src/tcpsigner ./tcpsigner --checkpoint 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b --difficulty 0x32 --network regtest > /dev/null & sleep 1 # Run tests - docker exec -t -w /hsm2/ledger/test hsm-mware-notty python run.py + docker exec -t -w /hsm2/firmware/test hsm-mware-notty python run.py err_code=$? # Kill (and remove) container docker kill hsm-mware-notty > /dev/null else # Run tests against a dongle - $TEST_ROOT/../../docker/mware/do /hsm2/ledger/test "python run.py -d ${RUN_ARGS}" + $TEST_ROOT/../../docker/mware/do /hsm2/firmware/test "python run.py -d ${RUN_ARGS}" err_code=$? fi diff --git a/ledger/test/thirdparty b/firmware/test/thirdparty similarity index 100% rename from ledger/test/thirdparty rename to firmware/test/thirdparty diff --git a/ledger/src/tcpsigner/signer_authorization_status.c b/ledger/src/tcpsigner/signer_authorization_status.c deleted file mode 120000 index 105c1b9b..00000000 --- a/ledger/src/tcpsigner/signer_authorization_status.c +++ /dev/null @@ -1 +0,0 @@ -../ui/src/signer_authorization_status.c \ No newline at end of file diff --git a/ledger/src/tcpsigner/signer_authorization_status.h b/ledger/src/tcpsigner/signer_authorization_status.h deleted file mode 120000 index 4295054c..00000000 --- a/ledger/src/tcpsigner/signer_authorization_status.h +++ /dev/null @@ -1 +0,0 @@ -../ui/src/signer_authorization_status.h \ No newline at end of file diff --git a/ledger/src/tcpsigner/ui_comm.c b/ledger/src/tcpsigner/ui_comm.c deleted file mode 120000 index c7a15e2a..00000000 --- a/ledger/src/tcpsigner/ui_comm.c +++ /dev/null @@ -1 +0,0 @@ -../ui/src/ui_comm.c \ No newline at end of file diff --git a/ledger/src/tcpsigner/ui_comm.h b/ledger/src/tcpsigner/ui_comm.h deleted file mode 120000 index a57ebda6..00000000 --- a/ledger/src/tcpsigner/ui_comm.h +++ /dev/null @@ -1 +0,0 @@ -../ui/src/ui_comm.h \ No newline at end of file diff --git a/ledger/src/tcpsigner/ui_err.h b/ledger/src/tcpsigner/ui_err.h deleted file mode 120000 index 717d3db2..00000000 --- a/ledger/src/tcpsigner/ui_err.h +++ /dev/null @@ -1 +0,0 @@ -../ui/src/ui_err.h \ No newline at end of file diff --git a/ledger/src/tcpsigner/ui_heartbeat.c b/ledger/src/tcpsigner/ui_heartbeat.c deleted file mode 120000 index 114336f0..00000000 --- a/ledger/src/tcpsigner/ui_heartbeat.c +++ /dev/null @@ -1 +0,0 @@ -../ui/src/ui_heartbeat.c \ No newline at end of file diff --git a/ledger/src/tcpsigner/ui_heartbeat.h b/ledger/src/tcpsigner/ui_heartbeat.h deleted file mode 120000 index fe78c323..00000000 --- a/ledger/src/tcpsigner/ui_heartbeat.h +++ /dev/null @@ -1 +0,0 @@ -../ui/src/ui_heartbeat.h \ No newline at end of file diff --git a/ledger/src/tcpsigner/ui_instructions.h b/ledger/src/tcpsigner/ui_instructions.h deleted file mode 120000 index 3c094b86..00000000 --- a/ledger/src/tcpsigner/ui_instructions.h +++ /dev/null @@ -1 +0,0 @@ -../ui/src/ui_instructions.h \ No newline at end of file diff --git a/ledger/src/ui/src/constants.h b/ledger/src/ui/src/constants.h deleted file mode 120000 index af2a9633..00000000 --- a/ledger/src/ui/src/constants.h +++ /dev/null @@ -1 +0,0 @@ -../../hal/include/hal/constants.h \ No newline at end of file diff --git a/ledger/src/ui/test/mock/apdu.h b/ledger/src/ui/test/mock/apdu.h deleted file mode 120000 index 946c51db..00000000 --- a/ledger/src/ui/test/mock/apdu.h +++ /dev/null @@ -1 +0,0 @@ -../../../common/src/apdu.h \ No newline at end of file diff --git a/lint-c b/lint-c index b408f015..65270971 100755 --- a/lint-c +++ b/lint-c @@ -11,12 +11,12 @@ if [[ $1 == "exec" ]]; then CLANG_ARGS="-i" fi - SRC_DIR="ledger/src" - SEARCH_DIRS="$SRC_DIR/signer $SRC_DIR/ui $SRC_DIR/tcpsigner $SRC_DIR/common $SRC_DIR/hal" + SRC_DIR="firmware/src" + SEARCH_DIRS="$SRC_DIR/ledger/signer $SRC_DIR/ledger/ui $SRC_DIR/tcpsigner $SRC_DIR/common $SRC_DIR/hal" find $SEARCH_DIRS -name "*.[ch]" | \ egrep -v "(bigdigits|bigdtypes|keccak256)\.[ch]$" | \ - egrep -v "ledger/src/ui/src/glyphs.[ch]" | \ + egrep -v "firmware/src/ledger/ui/src/glyphs.[ch]" | \ xargs clang-format-10 --style=file $CLANG_ARGS else # Script directory diff --git a/middleware/README.md b/middleware/README.md index e8237b0e..e5a9ffae 100644 --- a/middleware/README.md +++ b/middleware/README.md @@ -66,7 +66,7 @@ Aside from the main `manager.py` and `manager-tcp.py` scripts, there are other t - `adm.py`: administrative utility for a powHSM dongle. It provides common utilities that can be performed on a powHSM dongle. - `lbutils.py`: common frontend to some of the `ledgerblue` modules. In particular, it ultimately serves the purpose of being able to build a binary for these utilities. -- `signapp.py`: signer authorization generator. Serves the purpose of generating authorization files for Signer versions (see [the signer authorization documentation](../docs/signer-authorization.md) for details). It can be used to sign with a powHSM Certificate Signer Ledger app (see [the ledger readme](../ledger/README.md) for details), to add manually fed signatures (externally generated), or to sign with a manually input key (for testing purposes). It can also be used to calculate the message to be signed to authorize a specific signer version (so that then the signature can be generated on a third-party application, e.g., MetaMask). Last, it has an option to calculate and output a ledger app's hash. +- `signapp.py`: signer authorization generator. Serves the purpose of generating authorization files for Signer versions (see [the signer authorization documentation](../docs/signer-authorization.md) for details). It can be used to sign with a powHSM Certificate Signer Ledger app (see [the ledger readme](../firmware/src/ledger/README.md) for details), to add manually fed signatures (externally generated), or to sign with a manually input key (for testing purposes). It can also be used to calculate the message to be signed to authorize a specific signer version (so that then the signature can be generated on a third-party application, e.g., MetaMask). Last, it has an option to calculate and output a ledger app's hash. - `signonetime.py`: ledger app signer. Serves the purpose of signing firmware builds with a securely generated random one-time key. It is used in the distribution building process targeting the initial device setup process. The remaining `client.py` is a shorthand client utility for manually testing communication with a running manager or TCP manager. diff --git a/utils/tcpsigner-bundle/build.sh b/utils/tcpsigner-bundle/build.sh index dd0122d9..b3198bda 100755 --- a/utils/tcpsigner-bundle/build.sh +++ b/utils/tcpsigner-bundle/build.sh @@ -8,8 +8,8 @@ mkdir -p $DESTDIR echo "Building TCPSigner..." -$ROOTDIR/ledger/build/build-tcpsigner > /dev/null 2>&1 -cp $ROOTDIR/ledger/src/tcpsigner/tcpsigner $DESTDIR +$ROOTDIR/firmware/build/build-tcpsigner > /dev/null 2>&1 +cp $ROOTDIR/firmware/src/tcpsigner/tcpsigner $DESTDIR echo "Building TCPManager..." From ac571b4fd626ebdd2bfa1ef521dcef46225cb93c Mon Sep 17 00:00:00 2001 From: Ariel Mendelzon Date: Wed, 12 Jun 2024 20:30:09 +1200 Subject: [PATCH 4/5] Firmware unit test fixing (#181) - Fixing existing unit tests - New unit tests for the TCPSigner BIP32 library - Moving TCPSigner unit tests to HAL (TCPSigner is now basically a shell) - Moving Signer unit tests to PowHSM - Fixing code coverage generation to: - Forcibly terminate the TCPSigner after tests run - Ignore unit test sources - Unifying firmware .gitignore files - Organising common unit test Makefile rules into common.mk files - Removed unnecessary testing comments - Incidentally fixing some include style (angle bracket x quotes) --- .github/workflows/run-tests.yml | 9 +- firmware/coverage/gen-coverage | 9 ++ firmware/deploy/.gitignore | 1 - firmware/src/.gitignore | 32 +++-- firmware/src/common/test/.gitignore | 3 - firmware/src/common/test/common.mk | 28 ++++ firmware/src/common/test/ints/Makefile | 7 +- firmware/src/common/test/memutil/Makefile | 9 +- .../memutil/{os.h => common_requirements.h} | 7 +- .../src/common/test/memutil/test_memutil.c | 18 +-- firmware/src/hal/src/x86/bip32.c | 21 +-- firmware/src/hal/src/x86/bip32.h | 2 +- firmware/src/hal/test/bip32/Makefile | 42 ++++++ firmware/src/hal/test/bip32/test_bip32.c | 120 ++++++++++++++++++ firmware/src/hal/test/common.mk | 32 +++++ .../test/hmac_sha256/Makefile | 19 +-- .../test/hmac_sha256/test_hmac_sha256.c | 0 .../src/{tcpsigner => hal}/test/run-all.sh | 2 +- firmware/src/ledger/signer/.gitignore | 7 - firmware/src/ledger/ui/.gitignore | 9 -- firmware/src/ledger/ui/src/bootloader.c | 2 +- firmware/src/ledger/ui/src/ux_handlers.c | 2 +- .../ui/{src => src_common}/bolos_ux_common.h | 0 .../src/ledger/ui/test/attestation/Makefile | 8 +- .../src/ledger/ui/test/bootloader/Makefile | 7 +- .../ui/test/bootloader/mock/bootloader_mock.h | 2 +- firmware/src/ledger/ui/test/mock/common.mk | 33 +++++ firmware/src/ledger/ui/test/mock/mock.h | 2 +- firmware/src/ledger/ui/test/mock/ui_deps.h | 0 firmware/src/ledger/ui/test/onboard/Makefile | 8 +- firmware/src/ledger/ui/test/pin/Makefile | 7 +- firmware/src/ledger/ui/test/run-all.sh | 2 +- .../ui/test/signer_authorization/Makefile | 10 +- .../test/{communication => ui_comm}/Makefile | 13 +- .../test_ui_comm.c} | 10 +- .../src/ledger/ui/test/ui_heartbeat/Makefile | 7 +- .../ui/test/ui_heartbeat/test_ui_heartbeat.c | 6 +- firmware/src/ledger/ui/test/unlock/Makefile | 7 +- .../src/ledger/ui/test/ux_handlers/Makefile | 7 +- firmware/src/powhsm/test/btcscript/Makefile | 21 +-- firmware/src/powhsm/test/btctx/Makefile | 31 +---- firmware/src/powhsm/test/btctx/btctx.o | Bin 8128 -> 0 bytes firmware/src/powhsm/test/btctx/os.o | Bin 2064 -> 0 bytes firmware/src/powhsm/test/btctx/test.out | Bin 33256 -> 0 bytes firmware/src/powhsm/test/btctx/test_btctx.o | Bin 27720 -> 0 bytes firmware/src/powhsm/test/common/common.mk | 15 +++ firmware/src/powhsm/test/common/ui_deps.h | 0 firmware/src/powhsm/test/difficulty/Makefile | 28 +--- firmware/src/powhsm/test/difficulty/bc_diff.o | Bin 3952 -> 0 bytes .../src/powhsm/test/difficulty/bigdigits.o | Bin 7920 -> 0 bytes firmware/src/powhsm/test/difficulty/os.o | Bin 2064 -> 0 bytes firmware/src/powhsm/test/difficulty/test.out | Bin 22432 -> 0 bytes firmware/src/powhsm/test/sha256/Makefile | 16 +-- firmware/src/powhsm/test/srlp/Makefile | 21 +-- firmware/src/powhsm/test/srlp/srlp.o | Bin 11080 -> 0 bytes firmware/src/powhsm/test/srlp/test.out | Bin 22864 -> 0 bytes firmware/src/powhsm/test/svarint/Makefile | 16 +-- firmware/src/powhsm/test/trie/Makefile | 31 +---- firmware/src/powhsm/test/trie/os.o | Bin 2064 -> 0 bytes firmware/src/powhsm/test/trie/test.out | Bin 40664 -> 0 bytes firmware/src/powhsm/test/trie/trie.o | Bin 14168 -> 0 bytes 61 files changed, 375 insertions(+), 314 deletions(-) delete mode 100644 firmware/deploy/.gitignore delete mode 100644 firmware/src/common/test/.gitignore create mode 100644 firmware/src/common/test/common.mk rename firmware/src/common/test/memutil/{os.h => common_requirements.h} (86%) create mode 100644 firmware/src/hal/test/bip32/Makefile create mode 100644 firmware/src/hal/test/bip32/test_bip32.c create mode 100644 firmware/src/hal/test/common.mk rename firmware/src/{tcpsigner => hal}/test/hmac_sha256/Makefile (75%) rename firmware/src/{tcpsigner => hal}/test/hmac_sha256/test_hmac_sha256.c (100%) rename firmware/src/{tcpsigner => hal}/test/run-all.sh (90%) delete mode 100644 firmware/src/ledger/signer/.gitignore delete mode 100644 firmware/src/ledger/ui/.gitignore rename firmware/src/ledger/ui/{src => src_common}/bolos_ux_common.h (100%) create mode 100644 firmware/src/ledger/ui/test/mock/common.mk create mode 100644 firmware/src/ledger/ui/test/mock/ui_deps.h rename firmware/src/ledger/ui/test/{communication => ui_comm}/Makefile (82%) rename firmware/src/ledger/ui/test/{communication/test_communication.c => ui_comm/test_ui_comm.c} (92%) delete mode 100644 firmware/src/powhsm/test/btctx/btctx.o delete mode 100644 firmware/src/powhsm/test/btctx/os.o delete mode 100755 firmware/src/powhsm/test/btctx/test.out delete mode 100644 firmware/src/powhsm/test/btctx/test_btctx.o create mode 100644 firmware/src/powhsm/test/common/common.mk create mode 100644 firmware/src/powhsm/test/common/ui_deps.h delete mode 100644 firmware/src/powhsm/test/difficulty/bc_diff.o delete mode 100644 firmware/src/powhsm/test/difficulty/bigdigits.o delete mode 100644 firmware/src/powhsm/test/difficulty/os.o delete mode 100755 firmware/src/powhsm/test/difficulty/test.out delete mode 100644 firmware/src/powhsm/test/srlp/srlp.o delete mode 100755 firmware/src/powhsm/test/srlp/test.out delete mode 100644 firmware/src/powhsm/test/trie/os.o delete mode 100755 firmware/src/powhsm/test/trie/test.out delete mode 100644 firmware/src/powhsm/test/trie/trie.o diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index be09adae..9171fd6f 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -23,15 +23,14 @@ jobs: - name: Firmware tests using TCPSigner run: firmware/test/test-all - - name: Firmware TCPSigner's unit tests - working-directory: - run: firmware/src/tcpsigner/test/run-all.sh + - name: Firmware HAL's unit tests + run: firmware/src/hal/test/run-all.sh - name: Firmware common lib unit tests run: firmware/src/common/test/run-all.sh - - name: Ledger Signer's unit tests - run: firmware/src/ledger/signer/test/run-all.sh + - name: Firmware PowHSM's unit tests + run: firmware/src/powhsm/test/run-all.sh - name: Ledger UI's unit tests run: firmware/src/ledger/ui/test/run-all.sh diff --git a/firmware/coverage/gen-coverage b/firmware/coverage/gen-coverage index dde649fc..c0cc2072 100755 --- a/firmware/coverage/gen-coverage +++ b/firmware/coverage/gen-coverage @@ -19,6 +19,7 @@ if [[ $1 == "exec" ]]; then pushd $REPOROOT/firmware/src/tcpsigner > /dev/null COVERAGE=y make clean all ./tcpsigner --checkpoint 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b --difficulty 0x32 --network regtest > /dev/null & + TCPSIGNER_PID=$! popd > /dev/null pushd $REPOROOT/firmware/test > /dev/null @@ -26,7 +27,15 @@ if [[ $1 == "exec" ]]; then err_code=$? popd > /dev/null + kill $TCPSIGNER_PID + + # Capture coverage data lcov --capture --directory $SRCDIR --list-full-path --output-file $BASEDIR/coverage.info + # Remove unwanted coverage info (test files, tcpsigner, x86 HAL implementation) + lcov --remove $BASEDIR/coverage.info "*/test_*.c" --output-file $BASEDIR/coverage.info + lcov --remove $BASEDIR/coverage.info "*/tcpsigner/src/*" --output-file $BASEDIR/coverage.info + lcov --remove $BASEDIR/coverage.info "*/hal/src/x86/*" --output-file $BASEDIR/coverage.info + # Generate report and summary genhtml $BASEDIR/coverage.info --output $BASEDIR/output -p $SRCDIR -t "powHSM firmware" lcov --summary $BASEDIR/coverage.info | grep lines | sed -e "s/.\+lines.\+: \([[:digit:].]\+\).\+/\1/g" > $BASEDIR/output/total mv $BASEDIR/coverage.info $BASEDIR/output diff --git a/firmware/deploy/.gitignore b/firmware/deploy/.gitignore deleted file mode 100644 index 5ceb3864..00000000 --- a/firmware/deploy/.gitignore +++ /dev/null @@ -1 +0,0 @@ -venv diff --git a/firmware/src/.gitignore b/firmware/src/.gitignore index 4157b184..51faf1b8 100644 --- a/firmware/src/.gitignore +++ b/firmware/src/.gitignore @@ -1,19 +1,25 @@ -bin/ -debug/ -dep/ -obj/ +# Build artifacts +**/bin +**/debug +**/dep +**/obj +**/objs +**/static-analysis +**/test/**/*.o +**/test/**/*.out + +# UI glyphs +ledger/ui/src/glyphs.c +ledger/ui/src/glyphs.h + +# Icons hex +ledger/signer/icon.hex +ledger/ui/icon.hex # TCPSigner tcpsigner/tcpsigner -tcpsigner/objs -tcpsigner/test/**/*.o -tcpsigner/test/**/test.out tcpsigner/**/*.json -# Icons hex -signer/icon.hex -ui/icon.hex - # Code coverage artifacts -*.gcda -*.gcno +**/*.gcda +**/*.gcno diff --git a/firmware/src/common/test/.gitignore b/firmware/src/common/test/.gitignore deleted file mode 100644 index eb46c5fd..00000000 --- a/firmware/src/common/test/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -# Ignore generated artifacts -**/*.o -**/*.out diff --git a/firmware/src/common/test/common.mk b/firmware/src/common/test/common.mk new file mode 100644 index 00000000..3a69b0e5 --- /dev/null +++ b/firmware/src/common/test/common.mk @@ -0,0 +1,28 @@ +# The MIT License (MIT) +# +# Copyright (c) 2021 RSK Labs Ltd +# +# Permission is hereby granted, free of charge, to any person obtaining a copy of +# this software and associated documentation files (the "Software"), to deal in +# the Software without restriction, including without limitation the rights to +# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +# of the Software, and to permit persons to whom the Software is furnished to do +# so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +SRCDIR = ../../src +CFLAGS = -iquote $(SRCDIR) -iquote . + +include ../../../../coverage/coverage.mk + +CFLAGS += $(COVFLAGS) diff --git a/firmware/src/common/test/ints/Makefile b/firmware/src/common/test/ints/Makefile index 0a1f031b..b5deed2f 100644 --- a/firmware/src/common/test/ints/Makefile +++ b/firmware/src/common/test/ints/Makefile @@ -20,8 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -CFLAGS = -I $(SRCDIR) -I ./ +include ../common.mk PROG = test.out OBJS = test_ints.o @@ -29,14 +28,14 @@ OBJS = test_ints.o all: $(PROG) $(PROG): $(OBJS) - $(CC) -o $@ $^ + $(CC) $(COVFLAGS) -o $@ $^ test_ints.o: test_ints.c $(SRCDIR)/ints.h .PHONY: clean test clean: - rm -f $(PROG) ./*.o + rm -f $(PROG) ./*.o $(COVFILES) test: all ./$(PROG) diff --git a/firmware/src/common/test/memutil/Makefile b/firmware/src/common/test/memutil/Makefile index ae413179..dce34187 100644 --- a/firmware/src/common/test/memutil/Makefile +++ b/firmware/src/common/test/memutil/Makefile @@ -20,8 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -CFLAGS = -I $(SRCDIR) -I ./ +include ../common.mk PROG = test.out OBJS = test_memutil.o @@ -29,14 +28,14 @@ OBJS = test_memutil.o all: $(PROG) $(PROG): $(OBJS) - $(CC) -o $@ $^ + $(CC) $(COVFLAGS) -o $@ $^ -test_memutil.o: test_memutil.c $(SRCDIR)/memutil.h os.h +test_memutil.o: test_memutil.c $(SRCDIR)/memutil.h .PHONY: clean test clean: - rm -f $(PROG) ./*.o + rm -f $(PROG) ./*.o $(COVFILES) test: all ./$(PROG) diff --git a/firmware/src/common/test/memutil/os.h b/firmware/src/common/test/memutil/common_requirements.h similarity index 86% rename from firmware/src/common/test/memutil/os.h rename to firmware/src/common/test/memutil/common_requirements.h index bdafac20..f3a69730 100644 --- a/firmware/src/common/test/memutil/os.h +++ b/firmware/src/common/test/memutil/common_requirements.h @@ -22,4 +22,9 @@ * IN THE SOFTWARE. */ -void os_memmove(void *dst, const void *src, unsigned int length); \ No newline at end of file +#ifndef __COMMON_REQUIREMENTS_H +#define __COMMON_REQUIREMENTS_H + +void platform_memmove(void *dst, const void *src, unsigned int length); + +#endif // __COMMON_REQUIREMENTS_H diff --git a/firmware/src/common/test/memutil/test_memutil.c b/firmware/src/common/test/memutil/test_memutil.c index 5c0212fa..1ef3bdad 100644 --- a/firmware/src/common/test/memutil/test_memutil.c +++ b/firmware/src/common/test/memutil/test_memutil.c @@ -46,11 +46,11 @@ unsigned char* expected_src; unsigned int expected_length; int copied; -void os_memmove_reset_mock() { +void platform_memmove_reset_mock() { copied = 0; } -void os_memmove(void* dst, const void* src, unsigned int length) { +void platform_memmove(void* dst, const void* src, unsigned int length) { assert(expected_dst == dst); assert(expected_src == src); assert(expected_length == length); @@ -62,7 +62,7 @@ void test_ok() { char src[15]; char dst[10]; - os_memmove_reset_mock(); + platform_memmove_reset_mock(); TEST_MEMMOVE( dst, sizeof(dst), 0, src, sizeof(src), 0, 10, { assert(false); }); TEST_MEMMOVE( @@ -82,7 +82,7 @@ void test_negatives() { char dst[10]; int failed = 0; - os_memmove_reset_mock(); + platform_memmove_reset_mock(); TEST_MEMMOVE(dst, sizeof(dst), 0, src, sizeof(src), 0, -1, { failed++; }); TEST_MEMMOVE(dst, sizeof(dst), 0, src, sizeof(src), 0, -5, { failed++; }); TEST_MEMMOVE(dst, sizeof(dst), -1, src, sizeof(src), 0, 2, { failed++; }); @@ -97,7 +97,7 @@ void test_src_outofbounds() { char dst[10]; int failed = 0; - os_memmove_reset_mock(); + platform_memmove_reset_mock(); TEST_MEMMOVE(dst, sizeof(dst), 0, src, sizeof(src), 0, 6, { failed++; }); TEST_MEMMOVE(dst, sizeof(dst), 0, src, sizeof(src), 0, 7, { failed++; }); assert(failed == 2); @@ -110,7 +110,7 @@ void test_src_outofbounds_offset() { char dst[10]; int failed = 0; - os_memmove_reset_mock(); + platform_memmove_reset_mock(); TEST_MEMMOVE(dst, sizeof(dst), 0, src, sizeof(src), 6, 10, { failed++; }); TEST_MEMMOVE(dst, sizeof(dst), 0, src, sizeof(src), 15, 4, { failed++; }); assert(failed == 2); @@ -123,7 +123,7 @@ void test_dst_outofbounds() { char dst[10]; int failed = 0; - os_memmove_reset_mock(); + platform_memmove_reset_mock(); TEST_MEMMOVE(dst, sizeof(dst), 0, src, sizeof(src), 0, 11, { failed++; }); TEST_MEMMOVE(dst, sizeof(dst), 0, src, sizeof(src), 0, 13, { failed++; }); assert(failed == 2); @@ -136,7 +136,7 @@ void test_dst_outofbounds_offset() { char dst[10]; int failed = 0; - os_memmove_reset_mock(); + platform_memmove_reset_mock(); TEST_MEMMOVE(dst, sizeof(dst), 8, src, sizeof(src), 0, 3, { failed++; }); TEST_MEMMOVE(dst, sizeof(dst), 10, src, sizeof(src), 0, 1, { failed++; }); assert(failed == 2); @@ -149,7 +149,7 @@ void test_overflow() { char dst[10]; int failed = 0; - os_memmove_reset_mock(); + platform_memmove_reset_mock(); TEST_MEMMOVE( dst, sizeof(dst), 10, src, sizeof(src), 0, UINT_MAX - 5, { failed++; }); TEST_MEMMOVE( diff --git a/firmware/src/hal/src/x86/bip32.c b/firmware/src/hal/src/x86/bip32.c index 4e5f807f..7ccd8460 100644 --- a/firmware/src/hal/src/x86/bip32.c +++ b/firmware/src/hal/src/x86/bip32.c @@ -83,6 +83,10 @@ size_t bip32_parse_path(const char* path, uint8_t* out) { number = true; start = ++pos; if (parts == EXPECTED_PARTS) { + if (pos < pathlen) { + DEBUG_LOG("Path has too many parts: %s\n", path); + return 0; + } out[0] = (char)parts; return 1 + parts * sizeof(uint32_t); } @@ -92,20 +96,3 @@ size_t bip32_parse_path(const char* path, uint8_t* out) { DEBUG_LOG("Unexpected code path reached for path: %s\n", path); return 0; } - -// Testing: move somewhere else -// #include -// int main() { -// char* bip32path = "m/44'/137'/1'/0/0"; -// uint8_t path[100]; -// size_t pathlen = bip32_parse_path(bip32path, path); -// printf("BIP32: %s\n", bip32path); -// printf("Len: %lu\n", pathlen); -// printf("Path: "); -// for (int i = 0; i < pathlen; i++) { -// printf("%02X", path[i]); -// if (i==0 || i%4 == 0) printf(" "); -// } -// printf("\n"); -// return 0; -// } \ No newline at end of file diff --git a/firmware/src/hal/src/x86/bip32.h b/firmware/src/hal/src/x86/bip32.h index ec01d80a..29af0251 100644 --- a/firmware/src/hal/src/x86/bip32.h +++ b/firmware/src/hal/src/x86/bip32.h @@ -40,7 +40,7 @@ * @param path the bip32 path as string * @param out the destination buffer for the parsed path * - * @returns the size of the parsed path in bytes + * @returns the size of the parsed path in bytes, or zero in case of error */ size_t bip32_parse_path(const char* path, uint8_t* out); diff --git a/firmware/src/hal/test/bip32/Makefile b/firmware/src/hal/test/bip32/Makefile new file mode 100644 index 00000000..d6b661c3 --- /dev/null +++ b/firmware/src/hal/test/bip32/Makefile @@ -0,0 +1,42 @@ +# The MIT License (MIT) +# +# Copyright (c) 2021 RSK Labs Ltd +# +# Permission is hereby granted, free of charge, to any person obtaining a copy of +# this software and associated documentation files (the "Software"), to deal in +# the Software without restriction, including without limitation the rights to +# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +# of the Software, and to permit persons to whom the Software is furnished to do +# so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +include ../common.mk + +ifneq ($(DEBUG),) + CFLAGS += -DDEBUG_BIP32 +endif + +PROG = test.out +OBJS = bip32.o test_bip32.o log.o + +all: $(PROG) + +$(PROG): $(OBJS) + $(CC) $(COVFLAGS) -o $@ $^ + +.PHONY: clean test +clean: + rm -f $(PROG) ./*.o $(COVFILES) + +test: all + ./$(PROG) diff --git a/firmware/src/hal/test/bip32/test_bip32.c b/firmware/src/hal/test/bip32/test_bip32.c new file mode 100644 index 00000000..cae7a116 --- /dev/null +++ b/firmware/src/hal/test/bip32/test_bip32.c @@ -0,0 +1,120 @@ +/** + * The MIT License (MIT) + * + * Copyright (c) 2021 RSK Labs Ltd + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#include +#include +#include + +#include "bip32.h" + +void test_parses_correctly(const char* path, + const uint32_t expected_parts[], + const size_t expected_parts_count) { + + printf("Testing path \"%s\" is parsed correctly... ", path); + fflush(stdout); + + uint8_t binpath[5 * sizeof(uint32_t) + 1]; + size_t binpathlen = bip32_parse_path(path, binpath); + + // Return value + assert(binpathlen == expected_parts_count * sizeof(uint32_t) + 1); + + // First byte should be the number of parts + assert(binpath[0] == (uint8_t)expected_parts_count); + + uint32_t* parts = (uint32_t*)(&binpath[1]); + + // Validate parts + for (int i = 0; i < expected_parts_count; i++) { + assert(parts[i] == expected_parts[i]); + } + + printf("OK!\n"); +} + +void test_parsing_fails(const char* path) { + uint8_t binpath[5 * sizeof(uint32_t) + 1]; + + printf("Testing path \"%s\" parsing fails... ", path); + fflush(stdout); + + assert(!bip32_parse_path(path, binpath)); + + printf("OK!\n"); +} + +int main() { + test_parses_correctly("m/0/0/0/0/0", (const uint32_t[]){0, 0, 0, 0, 0}, 5); + test_parses_correctly( + "m/10/20/30/40/50", (const uint32_t[]){10, 20, 30, 40, 50}, 5); + + // PowHSM authorized paths + test_parses_correctly( + "m/44'/0'/0'/0/0", + (const uint32_t[]){0x8000002c, 0x80000000, 0x80000000, 0, 0}, + 5); + + test_parses_correctly( + "m/44'/1'/0'/0/0", + (const uint32_t[]){0x8000002c, 0x80000001, 0x80000000, 0, 0}, + 5); + + test_parses_correctly( + "m/44'/1'/1'/0/0", + (const uint32_t[]){0x8000002c, 0x80000001, 0x80000001, 0, 0}, + 5); + + test_parses_correctly( + "m/44'/1'/2'/0/0", + (const uint32_t[]){0x8000002c, 0x80000001, 0x80000002, 0, 0}, + 5); + + test_parses_correctly( + "m/44'/137'/0'/0/0", + (const uint32_t[]){0x8000002c, 0x80000089, 0x80000000, 0, 0}, + 5); + + test_parses_correctly( + "m/44'/137'/1'/0/0", + (const uint32_t[]){0x8000002c, 0x80000089, 0x80000001, 0, 0}, + 5); + + // Some failure cases + test_parsing_fails("somethingelse"); + test_parsing_fails("f/0/0/0/0/0"); + test_parsing_fails("m/0/0/0/0/0/0"); + test_parsing_fails("m/0/0/0/0/1suffix"); + test_parsing_fails("m/123/notanumber/0/0/0"); + + // Part limits + test_parses_correctly("m/2147483647/0/0/0/2147483647'", + (const uint32_t[]){0x7fffffff, 0, 0, 0, 0xffffffff}, + 5); + test_parsing_fails("m/2147483648/0/0/0/0"); + test_parsing_fails("m/2147483648'/0/0/0/0"); + test_parsing_fails("m/01234567890/0/0/0/0"); + + return 0; +} \ No newline at end of file diff --git a/firmware/src/hal/test/common.mk b/firmware/src/hal/test/common.mk new file mode 100644 index 00000000..4d2a8ea3 --- /dev/null +++ b/firmware/src/hal/test/common.mk @@ -0,0 +1,32 @@ +# The MIT License (MIT) +# +# Copyright (c) 2021 RSK Labs Ltd +# +# Permission is hereby granted, free of charge, to any person obtaining a copy of +# this software and associated documentation files (the "Software"), to deal in +# the Software without restriction, including without limitation the rights to +# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +# of the Software, and to permit persons to whom the Software is furnished to do +# so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +INCDIR = ../../include +SRCDIR = ../../src/x86 +CFLAGS = -iquote $(INCDIR) -iquote $(SRCDIR) +CFLAGS += -DHSM_PLATFORM_X86 + +include ../../../../coverage/coverage.mk + +CFLAGS += $(COVFLAGS) + +VPATH += $(SRCDIR):$(INCDIR) diff --git a/firmware/src/tcpsigner/test/hmac_sha256/Makefile b/firmware/src/hal/test/hmac_sha256/Makefile similarity index 75% rename from firmware/src/tcpsigner/test/hmac_sha256/Makefile rename to firmware/src/hal/test/hmac_sha256/Makefile index c8b76dcb..08c87864 100644 --- a/firmware/src/tcpsigner/test/hmac_sha256/Makefile +++ b/firmware/src/hal/test/hmac_sha256/Makefile @@ -20,9 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../.. -SIGNERSRCDIR = ../../../signer/src -CFLAGS = -I $(SRCDIR) -I $(SIGNERSRCDIR) +include ../common.mk PROG = test.out OBJS = sha256.o hmac_sha256.o test_hmac_sha256.o @@ -30,22 +28,11 @@ OBJS = sha256.o hmac_sha256.o test_hmac_sha256.o all: $(PROG) $(PROG): $(OBJS) - $(CC) -o $@ $^ - -sha256.o: $(SIGNERSRCDIR)/sha256.c - $(CC) $(CFLAGS) -c -o $@ $^ - -hmac_sha256.o: $(SRCDIR)/hmac_sha256.c - $(CC) $(CFLAGS) -c -o $@ $^ - -test_sha256.o: test_sha256.c hmac_sha256.o sha256.o - -$(SRCDIR)/hmac_sha256.c: $(SRCDIR)/hmac_sha256.h -$(SIGNERSRCDIR)/sha256.c: $(SIGNERSRCDIR)/sha256.h + $(CC) $(COVFLAGS) -o $@ $^ .PHONY: clean test clean: - rm -f $(PROG) ./*.o + rm -f $(PROG) ./*.o $(COVFILES) test: all ./$(PROG) diff --git a/firmware/src/tcpsigner/test/hmac_sha256/test_hmac_sha256.c b/firmware/src/hal/test/hmac_sha256/test_hmac_sha256.c similarity index 100% rename from firmware/src/tcpsigner/test/hmac_sha256/test_hmac_sha256.c rename to firmware/src/hal/test/hmac_sha256/test_hmac_sha256.c diff --git a/firmware/src/tcpsigner/test/run-all.sh b/firmware/src/hal/test/run-all.sh similarity index 90% rename from firmware/src/tcpsigner/test/run-all.sh rename to firmware/src/hal/test/run-all.sh index 771858e8..48b5e871 100755 --- a/firmware/src/tcpsigner/test/run-all.sh +++ b/firmware/src/hal/test/run-all.sh @@ -1,6 +1,6 @@ #!/bin/bash BASEDIR=$(dirname $0) -TESTDIRS="hmac_sha256" +TESTDIRS="bip32 hmac_sha256" TESTDIRS=${1:-"$TESTDIRS"} for d in $TESTDIRS; do diff --git a/firmware/src/ledger/signer/.gitignore b/firmware/src/ledger/signer/.gitignore deleted file mode 100644 index 2916a8cd..00000000 --- a/firmware/src/ledger/signer/.gitignore +++ /dev/null @@ -1,7 +0,0 @@ -bin -debug -dep -obj -static-analysis -test/**/*.o -test/**/*.out diff --git a/firmware/src/ledger/ui/.gitignore b/firmware/src/ledger/ui/.gitignore deleted file mode 100644 index 020cf959..00000000 --- a/firmware/src/ledger/ui/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -bin -debug -dep -obj -static-analysis -src/glyphs.c -src/glyphs.h -test/**/*.o -test/**/*.out diff --git a/firmware/src/ledger/ui/src/bootloader.c b/firmware/src/ledger/ui/src/bootloader.c index 8001f323..8beedf37 100644 --- a/firmware/src/ledger/ui/src/bootloader.c +++ b/firmware/src/ledger/ui/src/bootloader.c @@ -22,7 +22,7 @@ * IN THE SOFTWARE. */ -#include +#include "bolos_ux_common.h" #include "apdu.h" #include "ux_handlers.h" diff --git a/firmware/src/ledger/ui/src/ux_handlers.c b/firmware/src/ledger/ui/src/ux_handlers.c index 70ef8419..2985fe03 100644 --- a/firmware/src/ledger/ui/src/ux_handlers.c +++ b/firmware/src/ledger/ui/src/ux_handlers.c @@ -21,7 +21,7 @@ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS * IN THE SOFTWARE. */ -#include +#include "bolos_ux_common.h" #include "ux_handlers.h" #include "bootloader.h" #include "ui_heartbeat.h" diff --git a/firmware/src/ledger/ui/src/bolos_ux_common.h b/firmware/src/ledger/ui/src_common/bolos_ux_common.h similarity index 100% rename from firmware/src/ledger/ui/src/bolos_ux_common.h rename to firmware/src/ledger/ui/src_common/bolos_ux_common.h diff --git a/firmware/src/ledger/ui/test/attestation/Makefile b/firmware/src/ledger/ui/test/attestation/Makefile index 0d48df55..1e37ec92 100644 --- a/firmware/src/ledger/ui/test/attestation/Makefile +++ b/firmware/src/ledger/ui/test/attestation/Makefile @@ -20,13 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I$(COMMONDIR) -I$(MOCKDIR) -I$(SRCDIR) -CFLAGS += -DHSM_SIMULATOR - -include ../../../../coverage/coverage.mk +include ../mock/common.mk PROG = test.out OBJS = mock.o attestation.o test_attestation.o diff --git a/firmware/src/ledger/ui/test/bootloader/Makefile b/firmware/src/ledger/ui/test/bootloader/Makefile index 2a77271f..a666ec38 100644 --- a/firmware/src/ledger/ui/test/bootloader/Makefile +++ b/firmware/src/ledger/ui/test/bootloader/Makefile @@ -20,12 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I./mock -I$(COMMONDIR) -I$(MOCKDIR) -I$(SRCDIR) - -include ../../../../coverage/coverage.mk +include ../mock/common.mk PROG = test.out OBJS = mock.o bootloader.o test_bootloader.o diff --git a/firmware/src/ledger/ui/test/bootloader/mock/bootloader_mock.h b/firmware/src/ledger/ui/test/bootloader/mock/bootloader_mock.h index bc5e72c8..06224a34 100644 --- a/firmware/src/ledger/ui/test/bootloader/mock/bootloader_mock.h +++ b/firmware/src/ledger/ui/test/bootloader/mock/bootloader_mock.h @@ -31,7 +31,7 @@ #include #include #include "attestation.h" -#include "os_exceptions.h" +#include "hal/exceptions.h" #include "apdu_utils.h" #include "mock.h" diff --git a/firmware/src/ledger/ui/test/mock/common.mk b/firmware/src/ledger/ui/test/mock/common.mk new file mode 100644 index 00000000..6e7f396c --- /dev/null +++ b/firmware/src/ledger/ui/test/mock/common.mk @@ -0,0 +1,33 @@ +# The MIT License (MIT) +# +# Copyright (c) 2021 RSK Labs Ltd +# +# Permission is hereby granted, free of charge, to any person obtaining a copy of +# this software and associated documentation files (the "Software"), to deal in +# the Software without restriction, including without limitation the rights to +# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +# of the Software, and to permit persons to whom the Software is furnished to do +# so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +SRCDIR = ../../src +COMMONDIR = ../../../../common/src +MOCKDIR = ../mock +THISMOCKDIR = ./mock +HALINCDIR = ../../../../hal/include +HALSRCDIR = ../../../../hal/src/x86 +CFLAGS = -iquote $(THISMOCKDIR) -iquote $(COMMONDIR) -iquote $(MOCKDIR) +CFLAGS += -iquote $(SRCDIR) -iquote $(HALINCDIR) -iquote $(HALSRCDIR) +CFLAGS += -DHSM_PLATFORM_X86 + +include ../../../../../coverage/coverage.mk \ No newline at end of file diff --git a/firmware/src/ledger/ui/test/mock/mock.h b/firmware/src/ledger/ui/test/mock/mock.h index c2869ca3..07a90c35 100644 --- a/firmware/src/ledger/ui/test/mock/mock.h +++ b/firmware/src/ledger/ui/test/mock/mock.h @@ -29,7 +29,7 @@ #include #include -#include "os_exceptions.h" +#include "hal/exceptions.h" #include "apdu_utils.h" #include "defs.h" diff --git a/firmware/src/ledger/ui/test/mock/ui_deps.h b/firmware/src/ledger/ui/test/mock/ui_deps.h new file mode 100644 index 00000000..e69de29b diff --git a/firmware/src/ledger/ui/test/onboard/Makefile b/firmware/src/ledger/ui/test/onboard/Makefile index 137dff66..39bedced 100644 --- a/firmware/src/ledger/ui/test/onboard/Makefile +++ b/firmware/src/ledger/ui/test/onboard/Makefile @@ -20,13 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I$(SRCDIR) -I$(MOCKDIR) -I./ -I$(COMMONDIR) -CFLAGS += -DHSM_SIMULATOR - -include ../../../../coverage/coverage.mk +include ../mock/common.mk PROG = test.out OBJS = mock.o onboard.o test_onboard.o diff --git a/firmware/src/ledger/ui/test/pin/Makefile b/firmware/src/ledger/ui/test/pin/Makefile index d02979d2..f8f1d26f 100644 --- a/firmware/src/ledger/ui/test/pin/Makefile +++ b/firmware/src/ledger/ui/test/pin/Makefile @@ -20,12 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I $(SRCDIR) -I $(MOCKDIR) -I ./ -I$(COMMONDIR) - -include ../../../../coverage/coverage.mk +include ../mock/common.mk PROG = test.out OBJS = mock.o pin.o test_pin.o diff --git a/firmware/src/ledger/ui/test/run-all.sh b/firmware/src/ledger/ui/test/run-all.sh index b13403c3..2be0d676 100755 --- a/firmware/src/ledger/ui/test/run-all.sh +++ b/firmware/src/ledger/ui/test/run-all.sh @@ -1,6 +1,6 @@ #!/bin/bash BASEDIR=$(dirname $0) -TESTDIRS="attestation signer_authorization communication onboard pin unlock bootloader ux_handlers ui_heartbeat" +TESTDIRS="attestation bootloader onboard pin signer_authorization ui_comm ui_heartbeat unlock ux_handlers" TESTDIRS=${1:-"$TESTDIRS"} for d in $TESTDIRS; do diff --git a/firmware/src/ledger/ui/test/signer_authorization/Makefile b/firmware/src/ledger/ui/test/signer_authorization/Makefile index 93f996ea..b9ab69cf 100644 --- a/firmware/src/ledger/ui/test/signer_authorization/Makefile +++ b/firmware/src/ledger/ui/test/signer_authorization/Makefile @@ -20,14 +20,10 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -SIGNERDIRS=$(SRCDIR)/signer_authorization_signers -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I$(MOCKDIR) -I$(COMMONDIR) -I$(SRCDIR) -I$(SIGNERDIRS) -CFLAGS += -DHSM_SIMULATOR +include ../mock/common.mk -include ../../../../coverage/coverage.mk +SIGNERDIRS=$(SRCDIR)/signer_authorization_signers +CFLAGS += -iquote $(SIGNERDIRS) PARAM_INITIAL_SIGNER_HASH="\x09\x09\x66\x04\x52\xeb\x7a\x3a\x44\xb6\xca\x07$\ \xed\x0b\x9c\xcf\xdd\xb9\xa6\x99\x9e\xb4\xad\xc3\x99\x50\x91\x71\xd2\x68\xe7$\ diff --git a/firmware/src/ledger/ui/test/communication/Makefile b/firmware/src/ledger/ui/test/ui_comm/Makefile similarity index 82% rename from firmware/src/ledger/ui/test/communication/Makefile rename to firmware/src/ledger/ui/test/ui_comm/Makefile index 39385e62..c20869d1 100644 --- a/firmware/src/ledger/ui/test/communication/Makefile +++ b/firmware/src/ledger/ui/test/ui_comm/Makefile @@ -20,25 +20,20 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I$(COMMONDIR) -I$(MOCKDIR) -I$(SRCDIR) - -include ../../../../coverage/coverage.mk +include ../mock/common.mk PROG = test.out -OBJS = mock.o communication.o test_communication.o +OBJS = mock.o ui_comm.o test_ui_comm.o all: $(PROG) $(PROG): $(OBJS) $(CC) $(COVFLAGS) -o $@ $^ -test_communication.o: test_communication.c +test_ui_comm.o: test_ui_comm.c $(CC) $(CFLAGS) -c -o $@ $^ -communication.o: $(SRCDIR)/communication.c +ui_comm.o: $(SRCDIR)/ui_comm.c $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ mock.o: $(MOCKDIR)/mock.c diff --git a/firmware/src/ledger/ui/test/communication/test_communication.c b/firmware/src/ledger/ui/test/ui_comm/test_ui_comm.c similarity index 92% rename from firmware/src/ledger/ui/test/communication/test_communication.c rename to firmware/src/ledger/ui/test/ui_comm/test_ui_comm.c index 86df5b7d..72f0232e 100644 --- a/firmware/src/ledger/ui/test/communication/test_communication.c +++ b/firmware/src/ledger/ui/test/ui_comm/test_ui_comm.c @@ -88,7 +88,7 @@ void test_process_exception_ok() { SET_APDU("\xaa\xbb\xcc", tx); assert(tx + 2 == - comm_process_exception(APDU_OK, tx, process_exception_callback)); + ui_process_exception(APDU_OK, tx, process_exception_callback)); ASSERT_APDU("\xaa\xbb\xcc\x90\x00"); assert(!M_process_exception_callback_called); @@ -105,8 +105,8 @@ void test_process_exception_start_6_or_9() { unsigned int tx; SET_APDU("\xaa\xbb\xcc", tx); - assert(tx + 2 == comm_process_exception( - error[i], tx, process_exception_callback)); + assert(tx + 2 == + ui_process_exception(error[i], tx, process_exception_callback)); ASSERT_APDU(expected[i]); assert(M_process_exception_callback_called); @@ -121,7 +121,7 @@ void test_process_exception_start_somethingelse() { SET_APDU("\xaa\xbb\xcc", tx); assert(tx + 2 == - comm_process_exception(0x1234, tx, process_exception_callback)); + ui_process_exception(0x1234, tx, process_exception_callback)); ASSERT_APDU("\xaa\xbb\xcc\x6a\x34"); assert(M_process_exception_callback_called); @@ -138,7 +138,7 @@ void test_process_exception_apdu_too_large() { unsigned int tx; SET_APDU(apdu, tx); - assert(2 == comm_process_exception(0x9000, tx, process_exception_callback)); + assert(2 == ui_process_exception(0x9000, tx, process_exception_callback)); ASSERT_APDU("\x69\x83"); assert(M_process_exception_callback_called); diff --git a/firmware/src/ledger/ui/test/ui_heartbeat/Makefile b/firmware/src/ledger/ui/test/ui_heartbeat/Makefile index 731aa350..68d5688e 100644 --- a/firmware/src/ledger/ui/test/ui_heartbeat/Makefile +++ b/firmware/src/ledger/ui/test/ui_heartbeat/Makefile @@ -20,12 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I$(COMMONDIR) -I$(MOCKDIR) -I$(SRCDIR) - -include ../../../../coverage/coverage.mk +include ../mock/common.mk PROG = test.out OBJS = mock.o ui_heartbeat.o test_ui_heartbeat.o diff --git a/firmware/src/ledger/ui/test/ui_heartbeat/test_ui_heartbeat.c b/firmware/src/ledger/ui/test/ui_heartbeat/test_ui_heartbeat.c index 6b13f8e3..28a873a5 100644 --- a/firmware/src/ledger/ui/test/ui_heartbeat/test_ui_heartbeat.c +++ b/firmware/src/ledger/ui/test/ui_heartbeat/test_ui_heartbeat.c @@ -151,9 +151,9 @@ unsigned short io_exchange(unsigned char channel_and_flags, return M_apdu_size; } -unsigned int comm_process_exception(unsigned short ex, - unsigned int tx, - comm_reset_cb_t comm_reset_cb) { +unsigned int ui_process_exception(unsigned short ex, + unsigned int tx, + comm_reset_cb_t comm_reset_cb) { M_last_exception = ex; return tx; } diff --git a/firmware/src/ledger/ui/test/unlock/Makefile b/firmware/src/ledger/ui/test/unlock/Makefile index ec85f6e6..8668ca01 100644 --- a/firmware/src/ledger/ui/test/unlock/Makefile +++ b/firmware/src/ledger/ui/test/unlock/Makefile @@ -20,12 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I $(SRCDIR) -I $(MOCKDIR) -I $(COMMONDIR) - -include ../../../../coverage/coverage.mk +include ../mock/common.mk PROG = test.out OBJS = mock.o unlock.o test_unlock.o diff --git a/firmware/src/ledger/ui/test/ux_handlers/Makefile b/firmware/src/ledger/ui/test/ux_handlers/Makefile index f89e8491..a940a1f2 100644 --- a/firmware/src/ledger/ui/test/ux_handlers/Makefile +++ b/firmware/src/ledger/ui/test/ux_handlers/Makefile @@ -20,12 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -SRCDIR = ../../src -COMMONDIR = ../../../common/src -MOCKDIR = ../mock -CFLAGS = -I./mock -I$(MOCKDIR) -I$(SRCDIR) -I$(COMMONDIR) -g - -include ../../../../coverage/coverage.mk +include ../mock/common.mk PROG = test.out OBJS = ux_handlers.o test_ux_handlers.o diff --git a/firmware/src/powhsm/test/btcscript/Makefile b/firmware/src/powhsm/test/btcscript/Makefile index 797276c9..f1ee3833 100644 --- a/firmware/src/powhsm/test/btcscript/Makefile +++ b/firmware/src/powhsm/test/btcscript/Makefile @@ -20,12 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -TESTCOMMONDIR = ../common -SRCDIR = ../../src -TCPSIGNERSRCDIR = ../../../tcpsigner -CFLAGS = -I $(SRCDIR) -I $(TCPSIGNERSRCDIR) -I $(TESTCOMMONDIR) - -include ../../../../coverage/coverage.mk +include ../common/common.mk PROG = test.out OBJS = test_fwk.o btcscript.o hex_reader.o test_btcscript.o @@ -35,20 +30,6 @@ all: $(PROG) $(PROG): $(OBJS) $(CC) $(COVFLAGS) -o $@ $^ -test_fwk.o: $(TESTCOMMONDIR)/test_fwk.c - $(CC) $(CFLAGS) -c -o $@ $^ - -btcscript.o: $(SRCDIR)/btcscript.c - $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ - -hex_reader.o: $(TCPSIGNERSRCDIR)/hex_reader.c - $(CC) $(CFLAGS) -c -o $@ $^ - -test_btcscript.o: test_btcscript.c test_fwk.o btcscript.o hex_reader.o - -$(SRCDIR)/btcscript.c: $(SRCDIR)/btcscript.h -$(TCPSIGNERSRCDIR)/hex_reader.c: $(TCPSIGNERSRCDIR)/hex_reader.h - .PHONY: clean test clean: rm -f $(PROG) *.o $(COVFILES) diff --git a/firmware/src/powhsm/test/btctx/Makefile b/firmware/src/powhsm/test/btctx/Makefile index ba3c350e..cc6aedeb 100644 --- a/firmware/src/powhsm/test/btctx/Makefile +++ b/firmware/src/powhsm/test/btctx/Makefile @@ -20,43 +20,16 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -TESTCOMMONDIR = ../common -SRCDIR = ../../src -TCPSIGNERSRCDIR = ../../../tcpsigner -COMMONPATH = ../../../common/src -CFLAGS = -I $(SRCDIR) -I $(TCPSIGNERSRCDIR) -I $(COMMONPATH) -I $(TESTCOMMONDIR) - -include ../../../../coverage/coverage.mk +include ../common/common.mk PROG = test.out -OBJS = test_fwk.o btctx.o svarint.o hex_reader.o os.o test_btctx.o +OBJS = test_fwk.o btctx.o svarint.o hex_reader.o test_btctx.o platform.o log.o all: $(PROG) $(PROG): $(OBJS) $(CC) $(COVFLAGS) -o $@ $^ -test_fwk.o: $(TESTCOMMONDIR)/test_fwk.c - $(CC) $(CFLAGS) -c -o $@ $^ - -btctx.o: $(SRCDIR)/btctx.c - $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ - -svarint.o: $(SRCDIR)/svarint.c - $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ - -hex_reader.o: $(TCPSIGNERSRCDIR)/hex_reader.c - $(CC) $(CFLAGS) -c -o $@ $^ - -os.o: $(TCPSIGNERSRCDIR)/os.c - $(CC) $(CFLAGS) -c -o $@ $^ - -test_btctx.o: test_btctx.c test_fwk.o btctx.o svarint.o hex_reader.o os.o - -$(SRCDIR)/btctx.c: $(SRCDIR)/btctx.h -$(SRCDIR)/svarint.c: $(SRCDIR)/svarint.h -$(TCPSIGNERSRCDIR)/hex_reader.c: $(TCPSIGNERSRCDIR)/hex_reader.h - .PHONY: clean test clean: rm -f $(PROG) *.o $(COVFILES) diff --git a/firmware/src/powhsm/test/btctx/btctx.o b/firmware/src/powhsm/test/btctx/btctx.o deleted file mode 100644 index 8d39d231eea3c37b465d0638c0105a2dd011037d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8128 zcmd6rZ)_Y#6~JeGc5Ekh_L>^uq^6uuTbata`qDO#s8nl*OSUv2r;=0n7ddC=Lap}f zaJLr>CA8}K%57IBR|(oG^aBAYd_t;#9FaeyhwGl>3V}ruB~mM4N*m>R7IHvDR)u`L zH#@Vt-rSQ42+@)5cIG$ly?OKI&Fr72qkDHZDGHNCVGlF6B`ITCkEhP78r#S^SzI^Y z({oEf-8`|Po7rXEio&%8C3K5lrauey^BkCS*F7B-M?|;c%eonBE6%^p?b(WIiA|O# zHVQM)dZ;7Y;kIfm=g`<8TP3%ofeRPROE7ehoeqFOp0(bUpS-TE9h_1s)9gn4-`x&(n_X7;*nWiP# z=p`$D-HKjP7Is80eQTc;zv?tJ=z*Xv>>j?3hV!g?^|n+GtS+w8hn5N_V>YZ)aNh z%xb+-XX=3_X%UtQhB0S!^ACJ3=P-lws zfLvW!$X!+Cvz)J>d8}JJ-4!|PCf;dd|Az#aIO9r{v3mLzO}29cXQcx z^(4yXR$7e|{HZ5Xyrmc$an&b(4&GM3>gwwjtT#0IdfQnkGV8Is%vey2GN*Nch#a%R zWTwv9TebR@+sO^$f?)!EXoGFeKz#34pZ6JDM;Yv1t0-EQ)}1dKt<$(iYAw^KEqV&U znp_L+=>}n#@1_b{-@xbYVy#bTR~TQkTv@3;2O18=C9fkr2DDh+@AkoNgXH*xl!Uz@ zs(kb&KDxWPAzQg4YH3p;)+>BbOImMXFyxwW_9L!cz&ime){~o2%vcZKRZJ zzY%aN)}4DF!Yh*w*U(v{P0xJLl5L%aZI3C}0T=U%;|xzoHQ(p@j`x@r=N?mG>uTGD zFIKFJFJc!|B+`OAX23XRD;S5PSB9YAZc%&Z%tKB&T9|tum36z{bvW9#9OB954_NBOYp8+{$Oa<%x=_g=>QOD_(Y8yj-Cc30G9j( zT~Rz7x2G%t#?MRHbglvBm2xnQiq>u|0fqTqdDX?z%1=ou5R+!-UG>LYk zK94=HLBVry#lm9_SCngH{}92C5&Ri~TLfpr#)vTy9%1lr*M~;OMh!N!XYc;OfxScf zckljE^uW-8fx*4eA(l#}GD$@~K9F4hV{;r36<4_~GiW?M)KW=>l-%jvBg2xGdnBZxGf0y6|!EvrC{A7Gy z@^IWQlK+&j^M*(MHjn&Ug#7yie*pst1^w9sKRNDc!ToXmHNjsa_&b85{o6hEgW|~a z+m8`^nBb!XKThyTg8zWvrwRTmf=?5Cj^LLG{wIR}jo{4~U?~20ZXkF!!S5lsM({@o zeu&`TAov);zen&N68u$ypC|Y{!LJeg?*v!Gt=k{}4uaoF@SOyY68s>+69hL1{w%>? zA^6V-K1c9(3I11te?ag~ys0$E^KOFQOYjE>t_hCI>^+|k67oj~o+kJSf=?0rWrF{P z;PV8(Lh!#3{3gMJ;?dHd=bH)MNAR5lKS1!W5&UU_ze4ac1pg($-yrw`!QUbHKL{QW zkM{m}b`pHE;Qsu)n~=Yc;DZE@5&Q{)rwRTd!Os%BOz__m{LchmBKRu7+r%rBKmJ{U z`{NuUCmv-fcgoAha z_*o&}>*L=P2aHkjHgn`F%W=P)ns_j7vo#ug>~c!A(ec5=x90tZ@2$_34sX= zl?aPtP!qMy_^r)TL|7ei2h=bnG>6!gSMkFIl(I+^{7Q?uGN0tS-y^tqJcgECzTz8K za{u_aj%d@be^}_t@ua@Ly&XExCgz#9NPYSKF8ky@k?jan8qNRM7F!}D9LD+M7Lnu2 z`9BN{Mf~Fwh5x`{e{{l(j>OTMg diff --git a/firmware/src/powhsm/test/btctx/os.o b/firmware/src/powhsm/test/btctx/os.o deleted file mode 100644 index 4c16a55e5570617ea568633d122f67422c48870a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2064 zcmbu9&ubGw6vtl@ZL6&sMMS8FT+|A7NqQ(!MAFtIi^f)Lb5NA+CK;1pH(PhNwHAv? zK?uDRyoeY56FhqI;z7K47Vm;!5B1iAP~UfVrdhY!i+*9|&3xXE32!p{v`{W46A4mE z&=uVG=$+MVy|cL0scf!SHud!zTl#u|$rruz=?CIB zK7T~)d#rtMFW9GeA1otf^tIJ3T0G@fD{Oy2o~rdTpnJ~f7U$EbG&wnz8M-Q}Ewi1; zWwjA4H#~Ylt}-Lpkz6*H%c3spWMC+BQhbZ{G$t;tX>P=pv@^qv;pP$s;`t z4&W_(m%&+SOv-<~>%R-m>c^z~#jgJeIBN!z@+YT)0I(S0jt^Kjt6cP6tyK-!J3J7t z?#AyuvjxdZY$3nrY*%>1)p@=TC)?F(JQ_`MTo6p#fzz(etefGqH1JQVK$vZ8ff2H5B5 zn~Kj!o@9%ml$Q&|)jiHdxVo=r5w7lwH21OPnN_x)6WFF&Ibz<_JhAMNRyRG9w5scp zRA=uAw&2m1{!RL$CVD>Z1vURQKgYSKndK3dI)5k(d9BV@ zb}Yogp-B}GhB2|zl7;_!Na>ULudoS8^-rN|yol@nO+eP1KNF$<_zJ3g)qfllJsT-+ q)%numO(Hj%kGj#`GonipzQHCWS#Fo$yBe4OPX7MeyOF^nn*RsUhVM}T diff --git a/firmware/src/powhsm/test/btctx/test.out b/firmware/src/powhsm/test/btctx/test.out deleted file mode 100755 index c1fd0ea3fa5cf2199e0d718958b8f632d2b6f025..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33256 zcmeHw33yc1`S+cKkv$WTSX8Vd0z!p2lUXuRq6uVhP?m^^;yTQ7heWe=78VsngPL(n zr7cx#r5{!Q{;A!lrTj5f3`+rNt-&f%#TpfKV$jAtT4ese_bhkrOeVF@|M|Y}`JU(F z=E;4}dAIYP_q=Dj%iKHM^XB9k42nGRm5UY1RgdAA3PGs5MI-AjxeK^lUgm@JT2wBuH|D9fiX=MM9;J=Sj{;Ns-TnZ%pHS z5=y#OUInLX6%%<+5ywlYmm}XKZ{YM~VYXG<&>`$1G|BY~xqcxhVYhIEgwmhn z6Z+pR^k%~<(CCnmc6)q%7>a;)FveqRT~zjf~BpPl2cca=EQKL#IqN+DjCeYZzK+8%c6liFUs7j-+p`kgT zgu<#X2#tXiK5wYL$=6VS3utO%WAicREY%{88VNG|p*2{$WVSabn%~A4E6IR~{3%*ctU0+4GcNBTt7MPv!V$5slU-da1q&0sex!yb$B@j6W*f3v-ypXI9xisew?n*;i+tScyxH_BcfI7@M3CZB8zqS5mE`@ z5*>b|4qvCk)7U4E79GAoA^}(E@P#`3Y8_rQEu*&S@cRC{R);@Tr)RwmPjkn~^p zdf=o7PI};^2mXKZfT#7?Fi*nxhF4KMcXvkfQeB?b-NSZiE=W1v1}Qc92+pRnE0Cgm z9npKbQ#dBSMtNGo^mMWOOO&UjR8J?%@25O1WqLNV{7%Z#5~gP(%Xd(omM%SOS^g=? z(~_lUHOoIqd0MLUw6Of6l&2+1&k~mZG39A#(o@ayKcGA%Wce`VX(`g9u>4Jwr=?y`-w7Zl`zc>Y`EHhf3R|<#TIAVb{a|kV zz>S{x+n&}VebqJd+Ko3&g=^bK=QB{geG`#e((`V?SITa`7PD+-Vs&vP?J#bB>-1kd#vw~PFIw~kUYTYZzp6Uthml@)o3GG8(p;F>I z{`zkGBM`4(L^D#CB4yYgucq`xgsqs++CRi}_d^J8pr!(~r@}e}$+M93Br1kIN1D(_ z6ULE5R18QNh}PO^Ccm~rvS%?)%qht~Aho75Iucy3U(b}mK=*olQA0q2%-8&U-?%V4=MjbC6 zOL`KqeQ5XY`2551+Cy>o%Zb`#!u_(LtIYlK^7)C{Lt3T+6gaidW7x?++0O6`(2?%u zsBRBXXQbtig-5654@ZWwn)ObVGVS&}sS(YDV&XeJ@fVXt=;16j@9vD9is~P}j@*Sh zxlicqzqlHNkf}E#a($fgjo3GMbB>S&oe#n zV?=&y{|VEYTamcC({y(nu;(W@L180P$OVR*)=Xx+!%YtmZ)^Y1Xd_Oh2O3$<5G|lq zU-O@EWzV%-eg@=Odn3!*yXZ`YF^&UBESeOrE<`Cqk=a|pwlBzic`a3uBK03g?X8#q zQKjc~oPatE6jMkIMgdf`pJ9x<05pYLnV?j-3AsHAO%Fe1c&_k1t}p=-pVD11I6n=gX2FJ6N4F& zFfn7?dJ7cT`x?MEjayrZXRvYWVMe6NK7f=Qw^|7+#;v2MF~}`IiE&FslDU(bn^oyb zA}Tbd%_W)`w_br{&l5OlwljxM0gLAF(^*D3d?e|qu#&?SBoo!+Ti=I!Dd_reF^~#H zrH>*B1*^X@#)fv#A_5^tbAS9*X3QRtSwNcZp3ZIG!UU9=MmEPhf!rSDlwK#a{+M{H z$FW8nhXhdfGV#K)ols8E3gs9=$pwv|v{4rgA|c!DdBhY@S1>7xJ!-evjKK`Cblv%U zGYu3}VIr}A!+dk%Dza^m`Q|M~G^4Cnk&^B9C&G$$vvI?=0VUe)S4gsUqxvvc{e<{4 ztKY^{Q1vH5`7I=^3`MGighj(1#{kyzS3amMW*js?EkH_oWh*CM1Qd^E6BuTYirnEm zmPm=Bk;MNEZg~&a`3Jhi^VfGhY$DzVvM0f2-)AXl*pJl*`RO+#N4^uHr;jK=PAnU77IDKFyxEEYgk#vMF6b3Y$wgM zc(HuS7KLT3WF@@{oC*Y61)A1%igjMXc&bFQrJ<4MX6CVO`^A+^AaiLLUzMa~;Sshh zjPh3f3unZdpos-*!M7o@5F%~WG=#ZHxFQd2V7w5?y%jVCP;NTYYUp{IXU{^` zw6!8{X8tm{@Dv7OnRgoak1rxCw5f0d#4^lAt`BUlfX%eEIu9$&_kB`D}su zF^JnhOn9hHzeb9JhtiL75d(%<*bE~KYdT|-K!}5Yipxlu0n{>v;wz`#2?HYJi0Q67 zumOO?5#FBhRmW-95btVp_uskd_;FaheDdm5{Yq>Ei@P3L8ztPwv9`m~v8|9h`3FFP zJCy?Wh2YLxE*6Kk5!W8&Yqr3|+@GjD-c|_l9m!!_1G;D)v|z|rdKYr$6W_qh#0xd? ze4%i>h8Y5dG|Pz^^|!f?uU>Whg4<0vm)$WOl|9~?wDewp>=K3yN#xbNX8>8jkaHxm z6wyn&Os?)qwok{Bo2;a5#`ezm-sBIl7u(T2B)&`9u2EKkV!)#MhJM}!6(w9hhK*(JJ~pyw#oCCK z_F1UT7ax)s^&M=|3MKYugcTfaq_H5u)C-n`lG(PK(U^kZIgliUdo+cxk`$5uMHFE3MAh){vDK?n;GIxLY zDP&lcws2vVZbO>(6g*P+^?>xuBST+_ITJ;r7hoJQo{MwY&gj{=Ec47X49RoIqIQSv zECS_a0LgXGxySg~e2jl`B5E(cnkXZvIT3}ibMQAGQ$T6lKM$cre(X$3}m=6wfhj*cabT1!^OgD>;{`ih~*R*}T zLoiq!ZgYPD@CABC5>1Ha5myP;p|Wl6&w1$9AcLzjn2X$>U+DgV8Tjy27>FGj8Q6U$ ztNX8DXR;Col46emjZF=Hk-OV;R}*}&R=T+L7}ev6m%)R6um`TY7vj9UH+ta> z?D36D=0UL-Zvc}h4&~v}LObhZ5M&*B6K03FyT27vNwhSraEYeyekg=fzdjE(*K?bv zbDI~F&Fvs#!C>fl3^W*@V)k63iO(mx@h_Ki$vA~YW!N_jB?I3ob!F+JoXg&o85{QHZic*Dz37ckr^t^Rm82 zWvzq~SoJpeF}JoE|Aqu6kKv@`w@k^4ILrPu1xhID5Db4komDMPO6*+82B~Bn5^2k1 z6kw{s=$;V^KZG=Q;DH_y3)fSj?yk7;Y9#)Rp!nfeIfLSI)RAjm4$W}3nQVWU+x{(X z`)u$eSAaY)D88eKyNGVwF_%j|K$kk(%Ol7pUtzT#5ELFnDKB{lT3iIhqmxlOg&jQi z@Ob9AH(^Bbt0Z%O0QzR)S`_SDL7b0s&SuW}1lidI&VM5)rhzT(dL9%A_2abtx%bZ) zvNNufUJn1uE2Wnp&90OtiZ*#DdS1gBF~=^2?J=HB9_U#G4T+*QM(+^x2H+4vDP%GE zw-tSkglTKnwzDBH4J(Br6$n}xjD7}*wsFIHE@WC}A(t>lai&tHaV<|HJJZZO@x4j# z1WkePnffi}v)_@=_PmES!1Y#ec9@CGy73ZZlYat9jI7lp{T!D*k4tYL={B&yS_9Zw z!1rH@YW)&?h<7Bh$HJKm`U%7RT!&*;^`8s9d$`^gPh(cKlU@tgOZ-glMkIQ#O%z?v z6nqb7Y^~=fiWal{gDlS!{wFDXfh)Y7E4+;qzWFXQl=zv#g-G;{%Gj)>8+r*w+HLXJ z7A!M1#piFXin||A#5QBN+JxbLTf)7iGTz7BbSG5v==4HA2yx@bm@zThV(NBp+Fn71 zU~qZqGpy_Sc|%Ml3*X@u9xh^4zK<*{hX%~@U7om+X5EB)bKLkeOFSMoZXvCE-TNR$ zu#>^|+D?q=SOB=Ui6Qi5Y%cXa$)`ac z*nMx-#8(pCI2Oi`Y`g?K=I0tm!PFx+=#&j64H+j>M!Mg9z=!n+- zQPD`xD^QLyH=#_n@HVZXC{Gl9Qbp0*4m3sYFF4mffy8DNS0U;^NQ}M-=lJs;!vR`B zVh{(JF0lU&#X{!`jJpfhvA|})7<>_6Zvd1Fk-%!`x1eJ-G~>2U9MKY=zYTYPR^Yt$>#_`%W=VQ0n6`TE8cXxc6^*lVeQJ=`Ybcr`h1LA@Z|2XEGkBz_~c|r3Z*wO zCC1*_pzd{dqfrPRVz3=IO4{dl>tb*3C)62^wXQnG7dQwB>I`?BD(m!%w^?U+97Ah| zlNWqBFL*h4lD`C*b%ys)fVRN7Q4?g|Sz0STiK1xO!#iOo(&CFk78ITujRF)+^8Q7{5A zF?v4|C=`vzI$=JjVjSN_3TANyUanw1Dd>DFM~6DZI#eE8BpH{HPV}kMz{z#*O^)Dc zRBmtbME78QZA9$KMA2iF)Sui?fW|E8@Cf1eDVVscP@%S z*BA#@Hg=ChLKoi^VqMHPg)|FwE^6l8+>PJJ?Uh+TS8WBZjQR(dBUAtoqZpy=Z`(Z@#=$p)Y2cd7Kf%UXcutx8QaXYW&oJE)f zl79f_fKfH6A5{@idz0h9mL6U7i=xr7s)X^6m+&YwHlRe=v}>uz)x5~}3Yc-vVmwcJ zxN&pA%9^$U30>1#a&38bLy*`0{lBv|MN2AF);G807VP|Uv}6OEz%{OiMzrLYSiN=p zfSc>$<_5u&d>G_`EqS>nehtx$x4;9`lCPa0W##KGhUDk0q63z<^$0Cq@?->oXvtft z^hbE<9iy4E6e|5pXh%Po0QI6JuOQA1oO3PbJU}DIM{oRFEqNK(2DYSe91LdD+~}u~ zLSOA5AZNJ`%8|h=_X31r&3njVeTuG3^~91Ft#KbxX}zowF=U8tGhZ7(&xeM8qtQ~> z4d!UH|3ZDa>)tuc8tr;4>^s;klXgcd?qtFBzX4D32*|9_M#53rIR2m}{y2&6H6B1k z=zyh33iGcC9XD>J>b5%$@wVJI6AHh>+F?LjZqTk;Q5cA}+>51M#}3{?AC6>3*~zGd zq@CTJH(pOAh#_!2vG3&U&vEufOi4+z#y)y7v8M<3DWHhK{W=of#f9(U!i!1xo!6-> z<1yGy6{|sZkZ%5Ws-?J$Gy`m+5!q%qeF4RcUP&8wxQQmzNhpIi#I>v-?!JpDtzQxR ziV%E7!2Ej_%gYr3Q2eR{wt;fCdu%-FbAZ?9sS(U~Ng7X2g(Nj-?{~G<+=uFN8xFpP zV%i<<6oK;b7lHp4xQIs4#C*EAf-#Jh^dZ8Ei#!QBuGE~3j&GqN|Hg~FgctdHDsm&V zYCfY2)?{R4we*z%WZ^5W@?Biw*bX%mg!hsH7p?~J>v!$t2|}C)L`Ob2B-;|gehb$- z`NhiPTsTTt17VHCO9D_CA#5+=t&&~Xdm31vi^4!}=jrk>#4;Tdg<$zMXL*QN@K0LC z6U%VM^5h@>{KnH>&hiYg)Nq#1Xa;!~tF+2(VW(h~MJG zH(`ZiBD;g zf=J~g@8QH>Ym&m+yNOuOiO*}2f>=kyc_4Od9`n{1*@p9J)IaSDV8^`hk1f)hrG!-o ztLJqR_I>RCI+QHcS2#yRz+7wuxgAzF@ES{$6JUND^X(&h@{3qj|LFxTGeJ7>2^Yl?lKZP{wDL3rG zLwIY*e@f-m^V-Xs?MPfTH-50Pc5eK$%9_gfaTqmY3D8&0oAxzs0t`zA4x)e^U*|{9 zw7zaSTbURCcwYR&s`z`Asc~<5T6Y;dWpBjZr)M>${Q+gtn}g;J!KclAoe;QG>& z^a_Mh110rMOU**wT;Eh5t*7@|eNo647Z-~nrGC8K8dXW{teV+1i@jIYc&~CVx^nKq z1zCInyfEwc1#TwRDKg{L+oGA=9KwsYQDU?ZE)r{0gUs-{`iM7B7i+p1x}}}6Vxi`+ z`Mk-I^URUD=2%0}>{rc`gD`i5;-+_Q&Ge!!)vHcjVGh+ds27?iM@A?XWrlfqeYDQZ z)S4rBeb+oWhNZZ|{OApa>gsRxMoM=FXO0Y`$4DUi#Zd?-ds>^EJencX&nX zo4m`KV^N*gfeAFnnxg+xdD6xe2!CsSsc$k*F;i(~Mvs_tdI&tiO_>%pvxX{BL_J|< zOITeNUEz(csPjeYyy-TwfeFVs{59#RBD}H%rVqetk;gSoH`_|4L63|p;m4Nfie@j~ z%totep_|sN)4_NK%16}iHZ}iCQO2PtEw~{<|9fzy^j-W<$3_2V@h|aXL8E%={d?}@ zn3>#S=2bBJnu6#rWNQvzv*09-$uSm|qznher58atRaY1C@N~1&KHZ#!^!it#nOHQ! z?OKb8rr~X7Q?6QATccbxm-j$v@8pP?%#8%X^)1oC?9&-G&@L`I-OS&SPut7!({#pi zjLulC8iIm%?3YICSp9R8GFpsv86hbE4?j{M<1Skd^OP>?1}gcNL=oWAgp;Y8vA(S9 zy0U9$MJy|b@v{0!|FfP*Ex?C_?4gRs1aHxFVZ24Hq==F5lLI$L>l@Xy6%s=Z%Q8fg zm>F8!N^GtW5RsW#l+FgyBAZm`*spjTz{Zjg& z1oRmeZEVPuT^mXm<|{3;1xkVrhu`80mHHiipCuHuVW-UxzfTPXph0!00o73!3Y0pmC4QSF z5DckSpVjKHhWw#2OHlQxL7&f35(uewSJ2{6{g$BJZb|F0_)1{E-CyeRm05$O_MlJo zS%Ma;qm&A@220BP_F!qyQDP6Nj#5{kRJAy4cBeChN|m}wr9BpQ*aJ>fs>F)&f(~0K z;IP5*p%SarX}9{ErKLf*Gz15gl?8kuXNg61sip9!Rdrddz7m(;<_`peA&XzNLWj*+ z;2n3_A!n%_ruzdSzr|^DS<3uA{M3$(8VHrKme@&0 zz)@y*`fVZj%VP7PjZ17$=W^NtWh!*pRg0_C<#d!_IUTgmREk9o7xvY_2zv#M4#U@r~X9A#Ftgi9@Pl))z@W%eMNf$X+e zd1Hn`R%=O#4Q5-c8WKcwk)Xdch(3ZC4wU$Oc8e4Cqj>@@o6l8>euKuc+R)D|2tuC& z?O;I|!27B-#C7AGq5l7Xev1`xFOE>iAr32>9q{`jqLTmn>OBW_9;UIYlX6e)BY{|p*rO}!Eau&{-*QGEZlcxzr&WD1=@cd_l z6vLVM7cIdx-Sa^^wj-7LCDNmIVUGwn0q{0J!|qh-7~n9#QMg)uD&Ta$0N^~p2LT%Z zr~f6Dx*xC}@RxwM1O6HCw}8h07j!`$Hw4TFAP?9KI1lhQfDM2j0NxMy>`U0Y0`>sD z4EQDBr+`DSuN^l;QLYBG13vL`DpdpcF<=yM!z-!OI>1`m`vUHu{V(8k*#CYCco2Kw zakwk-9QM6-z#rjuUJYP7?tVo94Y)VG4zLk$3t%rELwFg`gQqw?1^oRH$e*Gpqp_y9 z1HOdyd=22=0i%E?@WjwMz?pdPZwufffX4yH3BMa|S)>?N6dKMPHFVfo!_Y#)<2JLh z9)2hP%Of|xqD%q<@w+-xDKpwbDJYy%F#a;r$mPRUE0>&c(RXZKLPdrJ?OaopO&vq z(`SPIBce?92Wf=>6K)8(%>$nq)PFMJ`DdP%Q8?*&!>+4l(O$3S10LBC9+KLh%i zi1!LT-QAkM3>+kX81#!kzgSOS$;4Uv9tZsz(7W_>$mi|hJcK4alhB_GFQOmm`Id4X zqE~@F8g$$mO4pM&6O#{u{x!-Otew|@o&^0$y?ovRRsiXL9P~4xeQDL;{m(pBI6+McN%>X=nvDlkx~9qt^6v`k7C^T zafbdMY4SnPy%B*oU(ddtZ-imSNUq|z_#s_>a~?5}e}`baQZY_7WXSUdX6+C9Z$ZC3qx_Xx`Bk8sFuvW8A-`BF zpMEHE9_aMidb<2NO@0mN^zg{y4EZZH`Nu&&0Qw&@Z6 zPa&~!Otx?SnVS3%jJN)`QYi=gl(x^3PX<&0H3{_97>`-~W)&1ZkTaJ3G-w4maq0#{{$rLth^tOE0_g7M&=RWOYGK3xO!tcM<|#>wNP z2Tpq6qz6uV;G_pmdf=o7{$KTg_WQVagp3Zkc6pd*6}IN0G+X>*A0Y5Aiz}|Di@f~Z zT|AS^4!KvvW2x+rzrRcCO*$m~vlFRimZ!BD4lJSAu~;Oq|z76YPYAeGz&!#U6!2XEKNs*65s#+{I7L8u??8WSYT>y{XV1RSJhe*o*W+f2)l!U~ zub$zYCQ{}S+?&8PLyKN=U^*YsFTXdSr_ygy(;hVY$VYS~bK-|6!*VoWKB8O3v0hg` zepz0|dnSIUBI6aE% ze$8M0-ghQHMuQeThNtt<+c)OKpRRP~#LH1It&95q5alB|jA;ZKZ}Z^K)meTn5cthm z_;Una{+_v1L^qBMO4=Sd-ppqBf&RHk=#le*)U%B75A^eofX`+B2ZP`@GCij&`-Few zIQsZE@ONeL|9TMqKLAgDt2rA995P(~j5OgN6Zi@u;&>JRgnvii*)=ra-obyadL;+J ze+Ik(ov3pj5;*Y66+1@3;eu2)tR~<@`jy ztV;Y90x#!1x`speB?2$!=XC5b+Sf6>zC@m;dp0r#^wc|qo&)D{>^4FC z{viC13I21;oUu#r{}Onze`A*Ye-ikqS^oJz=y3?6#$8_&%Y3wa_oZQz>9^D+<#Ax;9L9?wHPz>>4(b=YXH;J1MKa zvqbzK74>EJUckRd@UP3_ZxsA9Mdjppf?tPZ`qyXK`5%m5XP`*#8U%k3c#4PY^}suf zzd(6Nl*{fRL06x^kC@68vwH$a4#)bR>bp(Mc1pj_v54#5m`XZr!dRBcK1pjA~xe|6S3CSBV4iv(k zF2OI0XchdYI5=jMARHF)Q$2cG3@KQ#?E+>MQ&2BgBvR&-U9U z!T;Jsu2?MZlwRrOw9IP6>LRhyz= zeBmnW!*e;oSYzW#i0E>7R;NCi!O9*+2`#^w-ZzM@P$J9tQ||!+`xjLW8Gjk>b5{-ojax^Sle^%(>ECRkWmxt@4`1l*1fQ|aZm*_Gq5FHR5 znL3#Gnq3BmRwxA-zB*@kAkcOpK}ms@~6u&33F%;ip%H4{ylHeC0FAAi+E$?*SDHHvWYrsG93 zO)p4k8T{!l{$*Im-;l{bVbDfX^6&U%JVKts>G}r~GeTUv43XJP+7pKC%ZC|-GW#Xn zi+7i@z9z`)mkwXX5k#k{!|N*z?E8j+mX(@H49J>CvZIQ>Tq8RMMg)j^=PpEr@iLY- zhBwnhty%A+NarD*tq>+;qqG+0ks*Cg0}oTiztE^zNkb2Rr)xm_3!^Dgcpu30qzw41 zCJ~=^jYh-hZ^B}f^J%v3Itb~uydretc%7!T!lCjUk0a2xyl zWd;lCPj3chRYxCD+}B!!Xr7iBInj&P<50Vr`Lo5WlI1(`ATJxUbAF%_BeGbuw7~yi zH5#sGiy8eFH8af@FA|CejWw@f`QVjb-sE26WmAAF#gUbbQJ)_$8s@N0rtq4c8g5aF zG2p4iOPgZF{#ZS}Zd)G|sLEM$XGDEV6-J{svy|fC$|mUJFdF6*Ie{@YIlX}vRvUaI zAW|(2QKgtQdNGp4OPi5ptx-(tFfcW(&2hhVD1g(iYn&cF6lT5{l)!pmJU{3PYa3oTax;!>9;FYiN1n0UOFjwF z85FulD)aKbmV_1|pKZTDE4Ls)K9%zF{+EQEf>D;AUH>&gewN^q_sJxb_lZfKu4!k> ze-AkF3E9Vv!b~Wyg9|LPRi+8X@voOR3waG@IXp|fvMx)$Vhm|jwEJ|@UXD%MFYy~d z(3dZ-D@b_fR4K`!EMH8cmv9kjr&J*2Wd2Je2q*3DY~hs6OE@eP z_2)T7G0TL2Cjg1Xl7*M@=VjrgIz7~4SI2v33D0<_adFT*Gzb6EemVY9|B$vLsU2of bkMgVzB+HeI)ZKH*->{N%49ybA$}0a2*WiN- diff --git a/firmware/src/powhsm/test/btctx/test_btctx.o b/firmware/src/powhsm/test/btctx/test_btctx.o deleted file mode 100644 index 615dfcb6d087623a6d60400d58ba5b06af11eebd..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 27720 zcmchf51dqGxyR1{iXymR=AVlskFFCe1HsBAi}QNa<#%P+4_+R!W6Tsn~~h-Ip=xKJoC;uWSPC6 z&oDFJ_xC>U^FHtMzUSW#x1^fp4D{wJ+TlMOC`|ql5N)>PULcsv}xy)RtpV4vm9OKzC%@FsR;M zB?Ve(wgW_a(&e$Jb*T7!dw;3UlJsh827T$<`-{}UM(iEi_G;<92c4#6GzeazL8s2? zG}85;ZR3y3LmQw*HFQh3;n4wgc%t%bRp^pwi+>_ZD^om=MR~Mef3N*YU6e zkVP<6rNQ#R+SL9u&BmeIpk3YOmi>0X2hz#Z;7zB&mqBYXhssZs2d3^hJfd!MYX92Q zoACB#x_ACTm_nGIAD4Hh%Rjdwvo`gH6=mzoZT&q{K>5bSsW&SQe$?GTG@SOqWaET? zC^cC3sSZftbsXX~FQec4%BAOeTb=_Atb^TYJMNYKdQ;DptysgTjzBjWyxS|IujOF6 zZ~hUx;WM0L<K!KX#h9B@jgVm>oY%TF0Tv zP#Q*8B35wk-N~zxGxLnhIE7Cwm*gtn*$nj**IIoCW2Uf!_H8?<5ysA9-(*;w$dH|C5pe z)6P3`4Z|wwbHBUt?@S6v^`mQsPOAINQ?O;1`_p}=-wyV{6>GM8M+{5f#rv0U;Mibw z_SD^8hE}vJ4y}UEYJEE}N};}mzO~jyShsm#%em0U)PcIq_Ra`hSo`zZ(@#2dv5S?d z6)O$?N+j?Q=n^y9cDMPl+F8cd#vyms$K6}234iDz(5b_^yM|S~+WpS#9{y;x(bD|t z?-hejze9tg*Bu_U?(oQUhexbC>=QffQrKy?luMi7G-E?~{>Itm)cw7sjj&y9fbD)u zZ)($w@)0LYl`RV@XrcABz@a;}VS6JwLMJC{hQvg?z z+|&E5_r4a$zWH!|k=i1*P`RfAuRTccp8g8jq7x`_0DsrZw;vpWlc~S5rw_UJPRZ0T zyfT}Aa#z+Y-+sBLg9G+CVP)sE_jG&tjx3H^Gc>wbIP_C6&Ix?PcUynmZJ6cNiB)&| zw=1f;%`iS|5%yXuu>54&w>J&v2z)B~6Kma&O<1}18H$hg;KMnpfwQ4&tGg+E*lG0c zx)@%a%?lx$_dvozwv^{@S)1CmdetticrtBRhey(fbZ==3r1+lRmi~EVI3(644uo!( zeN5|3^;1q-xkqQ;dk;eH;n@p?K3#@Gs}z){}d3k&{(M`2=SW zCIuJ6KI^@&1+E6>4=TA=PQAQl)ywt?4x~iwn0PV7+&i`w!*8Jjj}x39S;s<$|LS^Zba#Nx$YqRX98U>}Xy+w#3X|w8Lb;F6bT?45p!Qh{YM6DBWCxum zR-7~0gFD_@8&z7YB>GHRL43L|FE|#vJI8C3&#J_3-AL!f_C+D?hb{Z?M7VacE2qcS z4#kP|4?R=lM*`Yye@VC3s>G`b6IogMy5F7aD3`kpa*x{O@W$Y%&>&0wUh<9a`}_qTPl72EXo zwom9qXkTAnkDWnb`-P%jG|=qK=2^|xWEMAPu1YOhJa54jw#?Dx^!E0wo?C{}3;0V$ z`r=4CO|xJWQ5Zm0C@nYgmgB8$g-ous)Uga~v!6ULv$NYjc~W7rztGxQYR~(#hJR8X z+#RK*y1SvS+tBkku2!SRZ??4?7yBm_Mri?Uy8ouOVyoXW>o2r@0-BXZfqg5EnQo&{ zYA;TiS~bAg3$94n!R9D-E_0mccQ?-Yk)XS zj2k*SkK5Ez;0WGXk?}o$Qpt~D@!Lc2>m7MmFX*dFtgYlk#iWvzmed{QWd@RRiWmz< zc$z;JndVnuCc6Tr$;w6uyE9`nHTIl^wW}7iG;3GQvsWPdJE`DDcMG}hwyvU=f5Nd^ zzwD;d{Doq7yU|hc*XC1&vo;aVI>VqEXn%dN)rx?7Rn?4HONLs~o1K1Wfb&kZV?|12 zU9FMhR#Jjbr6A)nv(~a$y1cZNjI}zlwAT1I{?Qyk$c%MEA0Wa^dzl$q6C2_MiBkEdI|$)xVg+YNuQv)jNe zyx3jJ75&9l!{6E6c70oi-VSTV$~J4u<)sZqVK-ae)ov6GngQGU$~VbG55DMzitQjz);jkGF z=CYw^JgX-X;czY-4@P3qNI=(fp=dC!=VI}E9_j-*9&gNu#&V&o9uLGrc_W!jM2t{2 z7!D^AfqX2H4d#N0Y$Bi6v+-Eo2$;!8G8m30<3=`Q=3@Co(y^l_jC?*AHuPvP84ZPF z0X?DTjhK;3m}VrN4`#uKgqcn1@nkp`%15KwfNsXK(X1XY^Wg~F$?Arg0}Dpf$QjY3 znTtn*p=>yi%bP|}4+f(_GixRTc|$kyx*iDSOe2!W2ckwckdH(H6*~bv1pY^|@r0fX z=HrpPZs>u0AQ+8fr@?$EnT_P*`DiF&8qs(n7dHaYa3mHpVNmfzoc#${C6bH5ph7|D zFCPt?xo8*yZ-#=wSR|;&;_*C$)Pw*flR4dtg#t#xh(kn!Mj{y0Ly2rSo6G0TK-LI? zjc_a!3rF;9G!8x`bJ=h_tVh9Y%!tMGL@r{+;t_B?n=`Y4SU3?#X7y|=62=LF!30AQ zw2_M@Be87Qgm?wQI?Qn>4CWHCa4uF#EwsHW4-x`6xJ=2uG5Mgie`*trE$Ykx!c8 zNF02F~>Ks1#_5Vfv;9k=iz0!5;!PR;`3M2csjNBePWU3>ly1CKYHXz>)^Wj9N_rE zvH-8MXPi3r)5B(sIdS;qK9E>-4OXqDHQ_tg51WhCR{avH$7g(%`Ujl)l~iwCt~%`> zb?Wb-dVFy2v>$%G)Bj^s|L^$jw7=77zn|(qS=IhVr~Of?KU7tJz^Ok6Ih3DO)$euc z8>oH=MNa>(JN+-A`Xb(};rij7!%%Pzpp{hLUe*43r~N%te>1*2?N>PcKSuS}Rkgpy zX}_Q9mshoKb=n`L`fIA%FLv6WgMLH#VO9Hnr+ov}k46#uXHUO9|5Wds zc<+td4-X8t96*~c1x=06UOVPer44ue%SR13c2HY}gC(~zT(j=zR#lw}-+aJVTZ7fK zGpKeF@wl8aDzy#p9?jz2Ajwil_IK~T0koW*`j>BBy z2Z^6z%dLNhYk0e{whY%!u7yB`Ya?s;bzpy-nBN2`4B)4UJhApRs4D>HSV?2}M@4S@ z4iA2(2fy2cf6aq`(}QpH;P`aL&Cka@_-^1BAC3!rwF>Ta$T5Gh@Cx}OaEu$rtI4j` zM!_0(>-Q|+sK;?*v5o=oKEXpj*@K73&K!8hvc-PWW_#!tdGNoG|8J8W>zD$zG9G%< zgD(S)@o6MKXm}d#Wyog}=eXTVJgxA@fn$6=PD1M#2AZD{A3HQAk_tAIm_hH~Tu3JvDE39KH zeB2G(El)O+zLgxbjYgP#1B(6EiSJYFW1gY?^>ucIbuIxP#}I#wxOENzd^~U**PtzT@+wIDpu#UF zJ0HU*V^BCB7Zcx1+&agAdV}~U-)G4+Ivi>p#6LsaPXSs%{6RXAwaz85sdYlkPdzf3 zg^NI^%QUlS zw6{a6o8WG^2Dj_rR-3jQ9sqUbG!tz(1~oI+-dQlJuKF_YG{wGpvabRwH#_+mRrR$L z(@aJ$6pZd-#?;%|Z41_QXIH6MpxblS_u4B@`&ke1sylgF7e2-@(Q9^+FEJf288~;K zZv|6fFt7G$yPqMi(8d-&()eCu!IrWN; zb*<3sXCCB(b5UFp=w{HzjTdb?8qxcsLP|ha~ha*eF{0hPG+L$^1qz4P? z{}o=$yAVP_j(>o`d?i9C$j^lrb3Xq>?ic(Be8z(OJb1Cbj*c(LCkQ@Wa2yNklY+~B z^TaU@XTb}{h6Vqa5exE3@M1go$AefnZY${kc&ozgXdXMZR^fcS>?4l;PlgxU|Dw=O z1pa3-gx4WhxZm0KSM5Pz2OprYo$mVd40&9)AMD z91ii?dK%b1g>xK!rSNvUxpsiK8i&I|kA7l3mOltC$Mv@0(jUD3!NPH4f5s_%y)Dzu zAg=nu_gb(T{lOO&ye`6mZ?fO8!nxmz75=!@TGK8guJ-$&;L||M@!ur)biwy1_8+2o zc~0T%&;Kg?S@LI4*q8bFFK~X31*>tqFXI;|6N#h$7r~4DoG$c}1aB64yf?!7WkQek z&!BlN3B9zxQqk|C@vc=kj~B0tu(1CjvcF!~m*f4GqK}Y%lh8|ltUqic`xD`v*Y6Ht zN9OI5g3I;zjIb})?+QIWaN&Npc<^0K87ZuL_A5=Ksqy9Z{ ze3SnFQRt=rfAQcKpc7CyuSVbpC;{TwOs&StkBDT zzo6)k(!AfRaE{yk3g>;}o5H?~+vAF!_l+loUi$MBp~pD$zVUOxBfvR-UJzXF8!rj_ za^HAMaJg@cp!+~LFLK|gBhK^4@fojhj?V;z^S&`z*q8CC7kZgjNx{)&?l+}y?zc(d zmr%Z4NgT%|`|S~2?i&v%b{c5ke8hwQKyZxzSa@OCDR>ON^L*_Uya71R?=J?^|lWMTh4p@%=K zaN_(;557ro8UJm9%lPjRT+Z(^f+t14&kHWc`)h^scwbidE}ECuh^zB5B=mB;KDv>L z%_Tosa5>&O!R2_*7F>?^T){6En zJrcxum-8}(IL1>R$1f9l^q-I8^Mqc;XQ86!@h(v~k2j}qK908v`*OTDD|$YTuN8Xf z&*z06^MUvIFA0vn3gP|sUcoV+nSV{#m&fs~g3IIhPQm4I{25_i=EE-(&hdFs;d~tb zjj%7{^LwF}`9CDM?03W{7$g+T2jtxEDGKN7nX$yxbr%<09>;ZIXBOD!cy?sUG}l z!7<-PVnBK)p9KXu-{yCwSalTV<8PBf@J9EJn&-){S`vu=2xYX|x ze1gy)AdYdy@ivWtf1n&uIIp`m72ZVSJu2+W^*)lWlThY|7yExIaqPEI@TkzseZEQP z(NEszuM&D0=j#+bkE>1LJgzQ<^FCh^_T{*G6+Q3scM84q=We0LJRG8q9}s-Dh{MBz zWBzm89uf9GDEO0tUnuyqg5#QCJ1+?Pa^8QZaE{Mw3g>8Q{f<}oCdxPdJ1P7s`@KNuWxp2*-YDX5DRHzT&-3RAy^K$b!r9Ly3g`PEy09<( zTqE?-AN#+guI?{}F|A+_oy5_oeN^zRauV6g}@tF9^N#=YY^-oca9o zWx+oToa6tx;BsFY687c3R96R$pUWV zvxHve)fIx{JaWGuRXF#nEBpz{H#I%Z zF9Oc_)1~M)QG8Y^oa3`b;k>@q3i~pD{zK98`r07$(x2}LJ;syQ*Ji;N2>*W|xLjX5 zgnhZbo)=uMua^X$F6_S|>|;DRK5r?UTq|jd}_@@M4EO=RPx$ZtM z?8|lc4Z-EQ`>x<}-E9;0aUMCIyA{syd|KhW?*2#Em+}0i&@U3>IwZL4_x}{m{T@~L zCdxP8`@kp^%oEw~XyTYxGS1_LUY=K9AoS9okiyxYq{8=;KbH#o(w~&jOMm7Iz1$y) z9{gTm2mR#dA`c3^%+E&!p9^}=1%FO(ssEke6NLT^;=Fzj(0Uw3e<#bF<94#b z8%BaLD5nxv=kYv6&+G9*p_k(g34IILNB zlEOI-D;2(y;&7|5KUw&HpWrf2{!8#FLjMEB{vBk0htSsx{WFUGe$qedp+BJL+5RD+ z$Nx@|tScPqA!x26$)oNH+$Gwr|2IeJNGD@?R?e4&ZCNc1l`wuT;Uw&T^@G+ThTX> zo&5^uIKL?D%n@-usOYDSf=VcVQaIar+r!QYXV~pHPx55v4283u@x(EIq(2iBJ&!A_ zaE^1r!_H-jp2xLN;cTbH!_E>#&*NIIaJJL!VP}P+|02cbvkG5N{038=ik|c2sL(e-uJArK=FIARWBqBw zF|VZld_~Xu>J$%s(nEi#hyHR!&;BeB`h~*(YZX2Fv(!W1uIM@6Zt&3eD0=p1mC!c} ze{NIs>`&Q4zfRG!KX-cQ?@{!;zkSt1zd_NTd5S&X4-5TO!v9T*ej4ewdg%KVJwJE( zp@;q{MbFPO_Il_W={Y>^hxjt+crjbyZN$?G=fC@DQuuG_{C1(jgLItbzk}s|cN4!x z(XXO@mni&J;!71inYbUuf`#qd-!!d}J}~FsjV@I<|2}lJ!uj`}_bHrzzuB*F{vG9@ z!ufZUn$NCafB5%_eueYz5E~WFzY|=laQ;2uYK8Of_3l$R|6Z?O;r#o%L51`0@2mjB z5ZHhIJ)Iwc;QV{KMuqe5>6R*-e^0ks;rx3#t-i2gc~Q^8d$HSoZ{<(jM!Q~b{Sd4^ zuNQT#K3gbg^%m{!vKMgc!Q*H03_D2*Oe&sv5i8g5(omy`HI$i&9#aRA8??HHX8~+BHoPDIj z@#A%rI)1!n$NupeNS60uV4zH~-<*GW{QN!_YWTAwf)5{}_LAXeRl9_kI{rp#f0t6h z{0t~ednIjo_2SM$dli4 z?sv}b`*XhYecw6V$8>bqr6@#@LUxkIN}z=JI~(%=n+8Z1=_Enbysf71`c?B}Q8j~$ z=7M=|!VKP;FloVaAy`l?x~Q5zsb;Q-RykU=S;b~0WS$H3R=TK|w7m4bMaya=4^~B0 z$$MsqXJ*c%C5u+ovub9;X;fz}mAvJ*Xl1_Owt^*d{>NXrN~ff9(B}duDX}t_!nH{t7TphQ(eYpw9V-Ns z)>-n1$9%C?t7WqXM6RYFS7%i-m4!2(wTKDz$K8sgkY1OO?SiN5Ykb?zqxL_YHvlWC=VAb@=s^U3)9YIi1 zp^bC&?$fZ$QFa&9%qrW07IO5aEm%Y(M{nQ?n$My)l>Byj>Kr8TeA8ut#(*@`Qfpc2?(k$xJ0*jj2lW4t32cHTH{6(O zS1^wUH^%1D$4)psnkarqVs1wU2VeDW9@55R;UnH&zpu~NyJg#ReCF-*_x1XFd;M&u z4SYZ4!#zYf)~)n(ws&N~$y0#iK)Q;b{ztk$aSe8@c6|dHwrmIDK)v`8@<}FUw(lYi z^e29V+;zWh{}JLqZ5VW2UaQMLXHr63P4d6$@~^qPLzcVUiX8zLwlGv}Bfr;LV77ES z{*n>mhCe5AgC{3)6LwLXMC)LsNH|_tBrgoa1Hh34j&nC@N4AXI1Pb6lZnAnAdH|61 z(z#eI0ecok_cColURwbl0UZ4ZdscJ6_H+CX;7F|2z@sowzk~?~Vl@Vyg5k99sTJ_d z3izjhqyIAAE+Ez;z`umyj3c-hiXDwbH4+Jf@npQ& zDxM7Kny$x>Y9t(qr1WNw{ZT9hc^*GNZ7{lERN?m-={E#{5XT-Bcn{Aj;*U!BOA@|b z!uLqHte+J10bRTmJ76H4kn|sewb=JF377rMOSl~8&k`=j)5+_MV%%5w-@tJ^m#n{Y z1^r(nef&>C_~}6hK**keA@JK0F6(0=O$EkQ(H=z*d85oH3Hb98c&gD-$!?`=IMaT;q z-z)eC0A+1PuzqMO>_z>Ya)&18ctZtvVCW7(PWB5t L{;*Kwyw(0607y3b diff --git a/firmware/src/powhsm/test/difficulty/bigdigits.o b/firmware/src/powhsm/test/difficulty/bigdigits.o deleted file mode 100644 index 919b94320dfb2d71e0157fe90590bd6635b2ab19..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 7920 zcmbtZeT-aH6~8mPrCVBoYo>+Z}_ zNGGlxmh|PNvPuaU!K|3*#+X=Rqa#^ywrto15}l?COv0iQUE*72{ussHuLU%zjN-n=j)z(-}XCv+a19`faw-sx3k)tMj0!ws*O9vu#+ugOIg&i-?HqK zYuU+y<#6=8Qv3);1?%`VL&PZ1KyFe@l7#K&EIV4ThO)`m08|`i^LdBQf8zx$%}&mO zBX3Re3Mo^(j@TLtOoK&GH}ZU69wXO@&f4K&Bdh||%Ega^QuauwSb?0whO&vJR+^Vd zLb9CQoIQ>ym}QN)pDYMmOViX7`s;BWf&O5G9E=IhieMf z#M%+eh7Vy%^770%w7Gvl$|SD}VUxT}{oENmq^iclw6N3S1F>|@iB(lpV=$vw1e1%ClsP!)NBMg#hgp?fZ8Y`hH4y!-?dfm0Q!w z=kgqJQ9>XKO>zKyc^$7JJLma{s>FB&W{E$l>GDb9ojc)4w17N}KD zBjxOIwa%2)ae6>R#o?s@uX?6uoMJVF9c40%mdlj1#&Lr8AhAWLf1Avn@+h*?~q%X8N+)Z`AL#NX&J$q z$*1JHGD9G1#14wk&ovAFS@zHxxk7|Ep^ix>$@XRwiJfK1{j?*ya}awBj8Mlg+PsiX z6)q;|gb-9<$<@lD(dQ{KwLj!)y zo-i*kja*|gCfze1NT=pm$bRC#RQ6qDUGX~qTEs3d5NSRipfiASu!GMZdDW~^WV%O50Jrpl~v4N5@dSPFm^INvbXgEt~s09_iGWc|VJHxglty ziu1U*93EZEOLAA1WW`LU%Bu(dfnAAp%l7!$7<>-VRQ{1f06i{p+`yb< z2Gd}cOpGPswmJ6;ZIYDgK1X#3p?cfSy^FFkn`tG6byyP4p5*g*W2QKF3uEgIb=X=y ziv{z_uMJs9AyTt}SC;a5J1Alf3u?E;k-o>VA1)f9*GWBZg!DPGTP#Hxhgfv*k%3Qp zfqD}fXhoOT3&pBV(-WjYEmBjS(~DBUM9ID6DE(5K<%`naE)*r5oZoC1f?AZ2EVSLc zSy-=T1AlmU|~p7#SYuY#NLQe2#Q88r!q#Tx7sAxT(}M`Z{N#px{ORczU| zocZvnpdge{5ZvOoFv0bxT+u26G%A;s%D9n}sl~hB&m>&bX&;J@F$fi^xm2` zcL&ghXn=Z54axy^E!l1;b#yp_&2 zi!U`flAmYwrn&h1#rLrt!I3-*1#us%$`SGvhE|j^Rnmk)=sIj2Y6ofI+N2f$`goZ4 zemsN-7pu!dyY@;F;kt2+(5Hg_JWbb*M(8BI3@IqzWPoTaG}Bb7@(K|g6rYU<*5j1R@J2dSWr;Na$!t0| z3vkI&7*DsD%0@ne0Q6J?lYAQa$HY>d&A8i&d7p726}prpt2icebSOOX9wj~H4{lN` zXr@D%b&C9(Q$mmfI0leYVvU*SNbtK!td7uB5hS=DH|I8xjXFrNneReV{6QtLOmg8< zbf*6%u>$IVpS3`~c@P;z0tKruLnks0>YT6>f^!Ru_@lT#UDODXJMajC^}dWLU%D}p z^-_%i_d;X-S-p5f$OzhgRpi+c%6&2^n!_MVw&h=Xf!(=f%WbVUY>n-XcO7iqu)h7~ z_6;}Q+NMUWH?O~W!}<*y)>A02p$A&v;d@!&a5%7P+2WRARIh7+(U00a^w@l5_|f2& zD=rJ(1rABuL^xW69)@li`cA^pzCaH{=Z1cSaJ2jAVd(c7`qPA?wNf?J^rlq-Vz?I2 z7!lES(nHgO_nG-KgrnV2H-EF4UzKF`Jid(0{HEVGYx(qd5NcP{&2KUDH!1qFb@XQp zeW#+2*3o}z=tmU&6vypSfNfUzkI+*SxvzSX z^OitW&SMi(h@=$6FH227(c?_Q2rFT0qlnge_$yFXd`vM6iFUP>`3lr{btm2Xh$sZwOC&-s2FXfX*7&K9P8aH zG5+mj*8vPS@7bd!#t$8M2*B3(KzvV(nD+PfVd?;eTY7sAb@fRwzBjQgwl{%E9!`Mw z#`o=~MHKJ--3d~fu|btzl$l}tP>)4hq5SQ~Z&WEv9l1vHcb*5|;lasenm>LX{8R(DGk64}OcMk?I9ZmU44#>k&~Wt~1;@Aq9k zT<`ZmAO4nlAMxROzh`~8u6qR^uInDQnrK>2T?blyxUK`8K3wnjT|Qjz>p>r`_w|Sm z*Yzap!*#tX_;6jHg@a*%)?e2d*53b6Poir#`b3}X_v=w#>_At0B6c{z+V^xNx>)<} z{(jcp-P_X>I|%GxZz9%y=RMII`x9N=53qK@9@~Ha-oCD$m~!L)-L*mjndCoFI)PDp zhBl|CDf11o3M0zJPJ_t7N;=rk#Q*o9r*x*dY8!}i53lSK3iqF+Z~E3HUTXgJ=^P`O zA9Vf(B~x4)G1g75e}e{8uh-Z8ZNT-|%esh)RDqrCC97BzpRkD&dhdFdQ( zVG=$+MVy|cL0scf!SHud!zTl#u|$rruz=?CIB zK7T~)d#rtMFW9GeA1otf^tIJ3T0G@fD{Oy2o~rdTpnJ~f7U$EbG&wnz8M-Q}Ewi1; zWwjA4H#~Ylt}-Lpkz6*H%c3spWMC+BQhbZ{G$t;tX>P=pv@^qv;pP$s;`t z4&W_(m%&+SOv-<~>%R-m>c^z~#jgJeIBN!z@+YT)0I(S0jt^Kjt6cP6tyK-!J3J7t z?#AyuvjxdZY$3nrY*%>1)p@=TC)?F(JQ_`MTo6p#fzz(etefGqH1JQVK$vZ8ff2H5B5 zn~Kj!o@9%ml$Q&|)jiHdxVo=r5w7lwH21OPnN_x)6WFF&Ibz<_JhAMNRyRG9w5scp zRA=uAw&2m1{!RL$CVD>Z1vURQKgYSKndK3dI)5k(d9BV@ zb}Yogp-B}GhB2|zl7;_!Na>ULudoS8^-rN|yol@nO+eP1KNF$<_zJ3g)qfllJsT-+ q)%numO(Hj%kGj#`GonipzQHCWS#Fo$yBe4OPX7MeyOF^nn*RsUhVM}T diff --git a/firmware/src/powhsm/test/difficulty/test.out b/firmware/src/powhsm/test/difficulty/test.out deleted file mode 100755 index 4f11a51b99de3411ad2bea1c7ab31190b70cafe6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22432 zcmeHPe{@vUoxd{y2_i{UU{S0L0=pm*0s>14)CBVIMH4_E6)iFh$%Kp~ne6?C-c4c`|E!1_kQosH}n2cE8FCBIG9RV>@$o?ZFvGyBnhsqG6PV=*05># zyq0~6U4rr?juZ4E0YDY0#%YJy5}yS~a>pb+9bO~(6jT-xB)Rd@5i$r#K_=Tla+8T5 z%jxhZvLXc)-K?*GgptzVktqVLpjD1ciLDp(Sh*cG$aXhLsN|?fatSGyka7z4OGhZE z{7F8c|8r7bIxGQ=l7hrbY3r+@D$2Jm=fyGb23eniO71quNmmQOkN8w>-zMuD&o8s3 z{R+zJ*|J*S-qkCY)mAO7_0@-)mNu#`;{GdO71#kBZ)K4*W^X3Y6t6m@Z;dP#; z8;7^o|NA>TFaG%Mmnz6^vVrsw4<+JP?k6}6|3nwfdFC~Ob2@9U$Tcz339-6)=c2!dIJmG14 zsIx*pIY z!`XUt@+&tnrXTJIIg>qlLX$v{n#>*$EOk2mnR$ktVa&;@pJS~5t)Oc>UZd}kK z1M#gp%33DBHwUJ+On;bz_4@&mGiO0&BzJBJQP$swg5EOuUIK-Q&`dP%;%AUY^QI>I zbLSo+#b+f1|81Oq)hz@Tf1n$2z4PKtdS@a_cRZ~>_d#d|6#P^w$WHcG^Lmv0q4k$T zj)j+1=#ll`0~gbcS3{TS(e-bl5L=2S#cJ^J^yER59d{`?1qVM5Vg+Pc?>bAMojfVB zy3ridjc~sn)d01`&{fFw>n$@5gN1Rdqo<4VQ~+UXQa394(a!LTKqR8f&_<%#NJ^U# z9sozL-lZj|nxSinEwjQ1SU7d9)*I+WE*7mAF!H38Ff9So;zJ8SiCZ)zbVpB=!PC?9 zh!!Ue@u69Qhg%mX>weZwHmA(ujg)o~WoQ{BtakN7s~)WY>as_P0r{Bjcoq$Gq8f{# zU9Bkth3`nMQ4VSN5KReR+D<_>_ztvmX`@_Omlh{D_#8fjsiudi;wZ+4t&OOn&Qs__=O$#V+Ek2L-fsJtq%@T zUOaaQ!|WK`*akNqMHIKfk4MUk@?)A7{+x*a6tOSR05m$Cw%+D=|f*>NsMc<1r=k^@sbkP%HB1H)NoBA&TW_go*IU9J7$4`zr0?K9 z1tvwB`&ejSmv)XOx)0Uckx_46RO@i`V8o6~MJQuh8zy&0wR49%av%6DvXSOtmV5XG zLZ&wcp3`_^vaLD^%YC004WqJiXo3elNBSNTsv|Lnp`EkJnEmx}ti0#eKi`sHy+@XW zrot{|#RxhlwfItd(68NOU1cI#4l_?7NDv_5?ouOx#>An5LPWC*9@8C|8qOI`-cf5Z zkg*6vUUwL1B2-gcai#E9H+A!;{wUO@JDFT#Mogq`#1Uy8VY$Ym@6)s&L(~mjn_d^O ziw#6X8*$JYKrvXTjU0Tztec{~4XP2uU9ld-t&IZ9#CUid6h1K3>@~a5M&aMmwAV3o4Gm8*T8$ zvAMYqQoB*%F}*W38OEWr`D~FG+Rn{bt91tocy0-3DPxaQ@Yy#+?Q%oJcZt@9fsooI z+U$LdYL4{JMa3~*@z_eDG{?u#pne1pY>u(e9C#c7fgM;h+zv4`t1C7WbInw~+Z_D9 zYLd_zJ4y2py6SbK=Uq%I1MMziSb{3y>@IBtC1y^}mAtX`hDO8E7fp?;e@gX}Iuc=9FSn4gI}k{;9u3|v+SO|rEHUy>9_#_q+$v*d&$r6C zU+u_!ykovLG8LOL&SK68A1?P5Q!as>@ic6lwK(P^EEe<72V4_xK`&;8+`~S29&8BC z#XaW1CxHnejtL<)bTDAw|){KY}9ES^1~REa?@foX&vSh zvT0MV5k7BJ^kBH;KGA{M5}D3e9>NNX3&)_5JsdNPUdsIuX5ll`T3W5BIE;8gcX5J- z^<=<7<=9$nAUNhs1c!9?=NYt7hDO?RjCOisyr-g27jsC>q#wr`oJGXBMmTqpsAkxp zU4E|~>6pY%Y9c3&XZEJWaQwyj*eJ)6JOBf+9~%`p#48$_kj9LXCDetnC|iQLgRF=d zWEK!~co?xB9&!oKYZr@lsz@5)x=w|mqk=k~MpDZo0-)U}KM~bV9PVgxfw{vx(|7Q& z?Kbjwg@gC=)%S$zm=mI7AkiLW3zJD&lj5QzI*9VzGDW3XUSc>0_0L*#*25Ib@J6J0 zl!fL2NzJBpvmY**Mw47EtgvrEl<#XD?Ey2vWFIh z2R@*nr})86Y8FXGDY8zGe|w}7!~m87#1yZi?<6UHH;mfRHKXVxxF0*`#UPvJAjJCa zgQa+G8M;hx;V9Y{T*hm_JdnJe%L4Zl&u*;I;sYEnfHG9A>mUUS7Pz@7$+ zIM(HE`x|*_(L%51)q5YwDlvCun{-y*SS`z3KM~LnN1<@4y9EnA7$P6!)EO5plAaNvCt6NRwooOm53YnB9D9=CDeYv@(9PJjlP#@W z&r>dGB0ISqlP)vkr3gOghQe;qxRzCYxUe9@c5_jhK^?h= zpQU=hgdJ`irW7@_(Jb#+R9I50gW--qR&Y8hIjWLj1_mByCK`0n_OZu}xP7ds2S zyTHys`Y`QkZx1|x6AYaR$+h8QaN==uupD}wJVjv83`_$IcNiCR18NehH)sOwHFwEkG1eMbJF0BkGW#Wq}XKf$V}bBTGZft z6=&gDT$`473RUvZdh)+%-!`_6PT+;|Q>of;`MRgNOMBbNp4Q$)xMAXM(cTu}uLkKl zTufvN|EqBOA}8x1c~^-kIQQ|A$!!mGgf61>bbMaGXDp7TiTY_gLHRt+!@`m`Uc~^! z>t@WmkcVhAIwkG9QSTE74T)TcVk zp1I7u`}WiN$vt^1AOF+3U*jpv;Reiny76cef%b|uiRMdY%)D1WdE?h#TQ=vL^L~a< zK7=LXh>kv5{c`N3_b%$EznA~x-`BsiA;>34nkb*@cYL!W=U={dSU>&b{!f<=7X4_L z4;vajkUK1DJ)NqRE(hq6KkNklXsCPT2`H$#Cu~kP_dN*)REY+@g6DE z;`cnJmQB&q4`B`!xi4dz$8&d`t!^#8y{u*ZL-QCb{%oo7VsS;O@pkc!Vq>&IZ&`W> z=YyjL!G7LUWeCoI9758E=*u7fX!Sijy;bt4Gc{^ukxduhX;0&)rqL ztN5Gt1WzY5F`(nty@xe^pEJ z3ky~>xmd^>47sa()z!YraBb*7ekHe-e~Z|)#1+IhjQ!P%f`Ll+-UDD=>{`EGA*&!L zkW79xImLH_%cPPP`cCo6gz^}gpdBAUDuiOs!bHHA} z-vA~62LWee@mYrzZVjM@CmlNhzlF7{39tk3D4+}blzu=;^u2#dj(fK;M^m0-&Sg`w zTOCvK2v0xh=y)ZWTtW;oW#$+DCjLC|HxO@5-lm+{x8zQ{C;Je)>FTxD-?-p9LX&(6 z{&#{88+kL4>@NJTLZ3|`Y;jKBgU*f9FWCTtP$c?6f}r#7VJrHk6#X&Kr+~g0(3E$U zat4w=g@4k|zhbWBow`Zy1AQ;(w*aQ(HIqIH^p`-t-A3PL(&@qcSxhn++hvo#-IU)2dJ^(+m@ZtdTh>iY`NnZ#0OQ64OqrYg< zcY*#0#?F^*bi8DOr8Nuwf`qhVj%xM2K;w1#?IN~Pn+_mK-V$mmRsqyoXq9> zK)(a@KUwL{cTD+F&{xKj$w^lKIFly*8jRuDe@G^sHv0P}eI4lUfu3!pXJwiG-39su z%mwt@5VL*zQuZAL{UYdjR{E_e`eUH~2K4d9$0^XC0e!nw-nrSduMhN5(5Kq$n`GKI z3i_*?P7W`8+L%W<_#(sCAk zX>v(U!Go9RIcp+QZq6yXJ7-OCPC;?bq76B&4LP&Hzab}^|DNOl=vf0jWX43A@W6xz zCOk0Vfe8=%B|V^ipQwJ1sMa3(jU%PY1TcT_I9--c@Wq_5t7KXI?s1MRt3B}5vaEjp zNc$N|ivIQoNk1=R4W=Zw?`$j9LQ1&3>E4jiaRK;mb16Gpmg#!dnxq(h&@8an z>hRPmq1yNJy*Y67`&&v0X^6tFk!59f2j^mpo^nu9_2US_+XED5{XmvyOZlWMD?ek~ zCHN&BM;l%??dID5`XB0d<>@uA=9@IeHc9wd39BV+l<+|bmAv|0>&+WCe%iID#Jkt$ zsdp_ezz=qpFI~M@=3FZZRxB@AzPvz5WrkVIVZI;0%8`XT3-$YUJ3foWRL5HgS@?x` zb_PdhAqrKzS=jNr*GtT}wBr#avj6P(Y^M6%j-Sd@JlXM=nsH~xW9OUZPoigGbh0r7DlC>5q}linGvsMtCTJpr<2$p@I?W8qIuEDa#&BE z9iJodaFH#|lXx}HD&pTG{0W=MvforpSz`=LuvXOIsaHcKMH&%``gCB{{VPu z*IQR2gT&ADfKT9`@LS}B$Clv_Js%Iw0Zq zq~YlY0GagA4>dC3m7caVJ#;qZ`uQQ5ncZ`(#2=D))t%H2ne?yZ{8z9CsN>R7CjJei zh+R1*&bMRg=<~1j+j;cY@)}!FR0{wVguHRfOXmmG1 z_&ss~=XWWp=DmiQm0g;FY;f%-3Yk z;)Mdw?=Fzdk@&+h{?+HX{7O0nZyN`{ zU+VuaX+OVXfY`xt_#cw|Uy}ClI}PyvP~yY$`Uj{b4* zZ%I8{U@x@W7< zqduog{x%tCOC%vA@n4nw!tYu^`+~$T`a8ksgkDMy15f(X)iYiE3JPaxnq;P%#s0tZ-iz*FaSSB2~94nV|Ga)UEu zW91KRs_)qkoA&zlRr&V$LP6wjtMP<(`28Dv`&eB=IUYi75AS6`GlzHD(BmmEmKX1I zZz$Wc@m6<9>84Gk8!O6o+`-%{yen3%W`5F?_EZQMw|nb0ZO4u~+?y&kZ`@J3WwYCz zzdR$B8oX&+ak=K!HkY{Z?i;)PRm@#-$L8Yl(v5Zsf3yV@UXJ9}bg4lv*~Z*Amu=Zl zT;|@gY14LXhkHlyhBA$`@|W~f2E*KwXz=zLUv;R=TOCrb04n;pFY5_5l=vEbRbI5+ z-GJw0ezz~^uixwU1ggAM3_a4|hMVyMAyyNt3;OEZo~k-uy}Q1#&K>Yp`U6$&djh@? zUi#y$@`OBOiZ@h3og!a5WH-e6ULqT1%%eK-wjvvk&47L05G-}4Os#9!h`93v@Gc{= zLHmcWr&f6?^*SS)Lh&jj8%jisuc7t;so~Epp@fcaRty#YU~^uYDC{>uH92dk)aZ!oA#q1Q9X z7dP1&A>(12Z(j{5lzwqnQbG21WsNsoG2Y>%qLyCnl<|#CK@4(?Q}aPDMU5Q)4QOk? z8w&U^FVr;@S5+}jWo5X|%4~n6YN;H~wLfXp@2 zhFCuDm3(CL_xVu_d7JP_6BwBMJm&MgHFCuL;k!Bc2 zV<#V7%knXM)?re#P0)X4fwq}6^<(+tX}tIRNiyeEd4lutPkTQlug?7nE+8gL!ZKn@ zt5LGbtNQ^3T{dny3)oW$ig;}8SM{rV1O-+7>RLeE8!0Wczo4~J$*cPY1=V^<_g~~E zC9m$8J_{U{YExd_mnnE0G;5N}tclu<9Nk5!`px?bX|SqC*{}E%+z)xW+frq9&!M18 z)|76)M6-L5A)hLFbswT&hh$Xsr?>wBDZfGTB_yMQtrmHlj>hb$MqKbg+2$_mmwMlSx9yt>DVuP1G(coU^mS;_wn1d2T+ukO3l z`#t-m|5SV`In|FxAxkVuUfqlJ-UKAlA_2@#C9j~kCrQbh_h&^yL^mZxM#(Ao7SPuE z)j3fw68y?eQA)L6mH&tg=~DKqbI8sj!J+CAB~h2k6Z`=GRDS^#EJ?}BiCKqFeibTP6sem+$3h}S(QS%~=4`sXH6rXLk2-uhwf2w}POUKMi^0T%GjwxvZ HX+`$GUBBoX diff --git a/firmware/src/powhsm/test/sha256/Makefile b/firmware/src/powhsm/test/sha256/Makefile index e116ece6..220e9e67 100644 --- a/firmware/src/powhsm/test/sha256/Makefile +++ b/firmware/src/powhsm/test/sha256/Makefile @@ -20,11 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -TESTCOMMONDIR = ../common -SRCDIR = ../../src -CFLAGS = -I $(SRCDIR) -I $(TESTCOMMONDIR) - -include ../../../../coverage/coverage.mk +include ../common/common.mk PROG = test.out OBJS = test_fwk.o sha256.o test_sha256.o @@ -34,16 +30,6 @@ all: $(PROG) $(PROG): $(OBJS) $(CC) $(COVFLAGS) -o $@ $^ -test_fwk.o: $(TESTCOMMONDIR)/test_fwk.c - $(CC) $(CFLAGS) -c -o $@ $^ - -sha256.o: $(SRCDIR)/sha256.c - $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ - -test_sha256.o: test_sha256.c test_fwk.o sha256.o - -$(SRCDIR)/sha256.c: $(SRCDIR)/sha256.h - .PHONY: clean test clean: rm -f $(PROG) *.o $(COVFILES) diff --git a/firmware/src/powhsm/test/srlp/Makefile b/firmware/src/powhsm/test/srlp/Makefile index faaa9cd8..81f30a92 100644 --- a/firmware/src/powhsm/test/srlp/Makefile +++ b/firmware/src/powhsm/test/srlp/Makefile @@ -20,30 +20,21 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -TESTCOMMONDIR = ../common -SRCDIR = ../../src -CFLAGS = -I $(SRCDIR) -I $(TESTCOMMONDIR) -Imocks/ -DMAX_RLP_CTX_DEPTH=10 +include ../common/common.mk -include ../../../../coverage/coverage.mk +# For debugging purposes +ifneq ($(DEBUG),) + CFLAGS += -DDEBUG_SRLP +endif PROG = test.out -OBJS = test_fwk.o srlp.o test_srlp.o +OBJS = test_fwk.o srlp.o test_srlp.o log.o all: $(PROG) $(PROG): $(OBJS) $(CC) $(COVFLAGS) -o $@ $^ -test_fwk.o: $(TESTCOMMONDIR)/test_fwk.c - $(CC) $(CFLAGS) -c -o $@ $^ - -srlp.o: $(SRCDIR)/srlp.c - $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ - -test_srlp.o: test_srlp.c test_fwk.o srlp.o - -$(SRCDIR)/srlp.c: $(SRCDIR)/srlp.h - .PHONY: clean test clean: rm -f $(PROG) *.o $(COVFILES) diff --git a/firmware/src/powhsm/test/srlp/srlp.o b/firmware/src/powhsm/test/srlp/srlp.o deleted file mode 100644 index 24a802bd737a876fcf2c9392cf4458eb56934c4b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 11080 zcmdU!4{TLe9mmh>>qaTiS2i|AVDn``HiXueEo@-HcI?4}b)#`rfFtl=Z!* z9kE({W9?gM)|gBe(WuKb)1h0YwpEcmAY+&qQ;^M?n8^|lnsxzZWG@bV{(kqK@4L6Z z-c!q#;5^N{_uS9)T^y(wJK3F)W&f7 zbT~Cy8cw%o!`-25IDHkj9=4=5C#h6)bM6vfxeA7i~9z{>CpKJ z2I?*>NM#EHo#&@3mCleAyIodLBU^Tzg?xj#lcbZBsV6dRpAL6hhK9S?*J z>FNP)2&Z4q9nZH_m*xhCANE^Tv!<$!q+1gY;f6u6 znvrQUd)E0pJG=VHecf1(JXg-xvO|I0n`wAw0i+ETZDQ=FV0htCdwD;I_VgdDosk~( zi41Lg{>>Yo-%K1_+T5i>XH)HG{mB4Sbyo*-gCo}x^d)CFkTz{vd+My-L2)$QkC}aR z&rayKe$2c>>(>NwdiUi>T)D?gsWYf&Ui4GOC3U4I#XZ*cN^iS)m;C`I#g8V=lQk(u zQ|+T(lVbF8C&jmE&bs0?@y&20Z|@O*?})G0F)ba+4$r3O@;jTf(t1Pk2X?B? zckc;WIflZ%qnN$4oTcSbHbAZ^`_(s{jip1QF`AJoIc0!1KO@Wd%7?2(e09f{blZ(b z=oNTmYV2V1Xc60LcRbG~(_?S5^)~IOoOCy~$5hs=TD3fQ>)p|&3^#UYI-;$bZzRro(BH~2v83kf15}}6 z<(AG*(~sq!)7;7_3&dNSc9u6NIz}22ZIPXcR@AL?thK&58i^^My zUD-Ucrgr^ZHMNoTt5-h|+7Q`Lb60IBqM~g(n;IJ$6OpaEqOC1<=awDuWOGzKnvBNd z5gsz0XpQV_jm8?=BJsvuQA?_+F`gI$+01MCK!x}DoPEsAISi?QzfVgLmjyP?bDjrW z7TG6D2Zw@}EG|nlhaT|Nf>ZU!Its7NpSeJP;l6}LU8!CPH^P0M{wwQ&cI(Z@K+4{h~V(|Ex|EvR&e<1*RK#V zKK!+x3po5;EI97pI|awMwSosNtx7#8IOKN-4*ACghkTFVuydc_kUu0iMMJ(DSn3h(o{Ni2p&sq5loRVb2-CA%975*fWd%H_ip|2mhGh&~uyML94e?D+P!A z{enY(OmO)7nBa)dlLr2b;28HO27W+r%#&k+!=Aqx_}>M`xR(rkn)Tt_i8K6~EjaWn z5*%?}Dmdit6&&&p2@d%t!I2mH1HWS@SsLmwFqL=Tr3hqNjhJzoYfw+a&AY-wRrCP`88YOI0oS z27SFnaD1oi5FFnrReAjJ=0yEgIwxA~^ET94qfPbYiD+9wm4CiIQLoCk#^b8oqOC19 zX=rI~j_x3V9W9Ay`I`GSmeD86hV5D^x-DXT-_&D&m{X8C^Cu(yI+0gZt!sbQc|(K# zyo5_Nmuei+>O8S4+w_Oepgwb&xG(Z|gO*>Qx&BO{sZw*0xID2da{R@FS*PqD)cw0e z|Dd>DO4qED=YhMR|13A8I_4#CrDoLt`rO5iQNj0n_Mcx}rT;65@%R<=bC=t-{kOUy z)!{$RYh27Nx@nT}+obzT|F`J=&$^XT9rgo1NENUAt6OY|En1NM=UW*4k$tnyRu2!wJkWEnrWdYY}14T=%Ez!@%%z`#m)L5glzyEpMx%Xz$?)Ka7 z>-X*EqnSn{oOs+3byc}SG>hD)tu1V>R;D$1m1r>rbn z>E}~~oT7@a*Hu1mTJT$znduA)08*c%N{_-pdTFVbmU@cz$v`No z;z==~&t4f%D_sa4B}GY=Qr+8eALXB};>98Kgn*f%O79xzk)QwFq{4o!tZ%rubV>ge zmCa=rhk^~WXI>ogm4$-MiPo~#IkU@V&n%Bc%By(0C&Cd5BJ4*&`WBBrmJu^c0kdFWPkra*Pp1>7f7Ru*l{AKLId(tf>cp z(+Z+I4xfDTTZX}J9tK}93_fER{NiD78vgnGNeqM2u+Jy|DsU%0)-(@5KKUiX;IoIp zsekg>q2(zb{x)zYKGqZfaE=wEav;*;Z)SnGKNMmuiFl0ud7C^@=5~8xF@H4f4tRoK zMT5=p0E_z92b+B?5cB)jvamnwZP~yA-cTgwXJJn$6!9{DYfC8T4aVIK8~xD;3q<`M zA8dJBJ?=oT*%JzG^rMK;?RCfE9+(e%f~emgjYgu3U>f7I*;Pvy&tKrKDzBQQXDesw z*{bqc%)PjNncL@&`Wu6>xIbFIY(Xf}?63DUgs6hXaHLsQ;1;5J1rY$65d}m3XtoHH zW>Nv>Ng>;YoSN6Sf9oDhn<93f#J#z$o6XOdq+R7JCmLDCRo|&Z{fdVS`BhkZX$lBFN-w&H7e7VAk)jshp0?j zlT3=2|AWf3HOM^4%g<4nwgj06c)5qlv=zv7@$yqtrY%6GjhFwG%5>?^wD9snRHjRQ z=4M|09+l}*pQ+>JZ&R7JK$#j|zLUyy$+tx(3v%Nwaom;OvCFCV%BHvwHJ z^HllX;^e`bwB(yw`&<2W^-DYLJ*Oj7o#R$=QoVLEqBH3Z=$vp&TS%PhS{T$i?Uxam zI}o3Q@ZJPIg?CK0&oQly3_mX^u2fv6}XH1jnu zS3#$1&GSUMsV7AiL!(qnZXVD&TmxFtJ^}vivv*Jx&t6aUbXNa>s_6M5n|184$B=jI zNNM+JofH2ZYzo2Gf$cBi+tjWXxOv#DfXySx{;jUVZJQ6*tt;;S93EtjV3UQ4j-a9k zp|#JIWtla=96MHJId1FKlCFMKRGgfjXKR6OetD7+P|F_7H$EoL5tt?akbP zaV;&)YfF%&<2bh=OH?&wA8Vq7qTx2+0G?xrjB|Ia3DFh01}Vp zvGxqHc}Jp!#W1aPl*(qK;`UUVV`qwjlUahibIQK;}T z7|*q_SAf$2@-|N8?${@BVjf**1A|jEy!1+_jhV}NJUZ`OjG&pC`5`#6nR|thiTx_E zc{4L@h@5K3Cyp(0y$Tw3s*M+DAA!Ix6thKtT zfg@c#J&(Z)iLH916$P!MZnADV6(~zF)h9nUR+=jN1Vuw9+>DhGG5h&t#+F?zzy|>G zmfedCgt|B}w`@Bw_(AKrUOjb!Psn!OImX(uW^iQ7uFPZb8e+?qx%xHKuO;o<0A^0Z zA`i>Od6cFQwzH@paC^#edjift?#;PG%-+5aO!fmLQbNM9W6}-q{|s7v;l zjHFzgzRPtDi_=zNj25Q^vZlo;#CgLkPAjA(Y71YSuE<%skSy^=%4P1HoTdDW(=Bt1 zV@CE)2p}IbUS!bP)ts1np$QmbG-PqA5VF?AsT!~xFeQ1cIf*SpZV#jIzp^-K*kQo^ z?_X+c<0S&z3Xr$)>&QT;l@oItZvzIWhAd7?g>0V1={j&^GtbLoa4xZVGlyB6KERP_ zZgJX*9TQypJwWd2VPsH#i4(J{zXb-vLl&n8g>0V1=}~Z`tDEu|+(vBGBfmr8Z(W?8 z$2Jg7PlkzH%N`eCAwb@;KhNSqA97-DSr!=l7_vC+7qWR4r-R_gmOYfm;M2sGEz=jL zKLN~a6pKzckJ4tsc21;=>vF;FTw=a1-3VCLdQlz&S8xMG1y~*S^o>qFr!TarG0(y1 zr!y%4spLV^N;F2=%=DpSA@yq^rFnY|tJzxw?wmNjbBWEQ{7c}{q5GwtabNeSP@@)Y z%CYs;Y#V16*#dK)bKJg$Z*1&`fngY6%^J6dXA!>h4~XS`4;He=2u!}rcSbNf9mU&H z*!W;`na%t{1h*8Rbw!^F3_HK1E8V_1U6^pdRFF({)Ht)f$4&ugON;|pFFkr9~6%uV;B?@ zAe8x@=*n$*D*I=`#Pp5`wsm@M0xSc!ERO*uEC=E~X}J6zezT!$UE-t#AZ5Bmhq`eOzTF#QRl)XU(IcmGnG$w9+lLLXI>v#Yo zk|jp*+w5a=sbo{73#oMJddWMJZh?=D3G4|UA5Fdr#eQ-bmpyTZo-_GBQllGtt~%)0 z=^9M#!=3y%+-h@Q(`(<)W^*^|PTZ`gwPd1iH*R`a`iu9n+5N6TYSgg{I$VQvHR*7r zaYv1NX+)0OdIz_u!qzm{YIhA{L=B=>=eqjVzqp%DX3{%gCr>4?)rTuU`cmj=7|B}4 zsy?k_SsFM_An4+d9!so_RdguPhidoHSRf%1poT>B${#Y+(OKOBJiUUT+~J0ZL5IDj zoNpzP_Dhk`L-G~f()Bq@9rja5IBiSXi;+QvE6MQ3$Bl;T=!647!->TzjEQBbg-O>g zxCo3~tk4Z-p|;=tOc}+K8sbV(6Wh>48Dv0ojU1!(y!1S6ix|V9*DQ$7BJnjse320Mk@%Sq?{MwnaR~wtHslTd$_-Zp6gT zjk`LnySuv9*%*vBX+4Psr#BJ~2VwY0^jo*q9e0NPv6!b(>+w6|O`fY7sTF(aOdJn!luvIy$b!$PG!ZUgx{qXil z-P;rA!COuD_WQU4PyYlbV>xe~TK6ldt=s@Siu&&iZ*T^bWrQIb^fyx&d@)lP?kB^! zFx*In>rI9$wC=taw=9TwT7z1TC-ht`)naH4clb`;oB&ngQ^;2EFdLu5Ty3W=c zF@V9APGj}WH3A_YnBQIFZ}uW|zF>2s)5H5xh8*8qKseXI4{*YfsNadYWXRD4&CWnD zfRLl%!F8M`Lr!1N@Oa~XttT3D2AiEB3UD8~gT_a5Bl_1E>#bjgn+tU}qvU4o5I2_{ z;4#s9f}Ri$J4{M9sRt?iT8{`w?1`M4Xio&rW2naQ6%k~bz>{wBLF0=+4?f15f-!0y zcT?+b!FNA`-UJQoe#~o6)agZU4tiqyTwnN2?!Pb{?yu0@e+I`Q>03WDM!6K%judpV zde7WVIl#Qf8DJGo?b#>qapDqNQv(`Y2){(o?Y7KV{^w4dv zI$THxiNhD{{pm6;MRzn<9O+CE%lQ8EC-3GY9z`CD$S8gUdd$luJ9rJ_bzOvzbdP8q z6(CsCu$JNykvu4yyg!{VSlnR9FEd%U^R>frQk^)gVGyAK3^dJY=PI;xSwF8*T$YYu zVUeq5{8E9_Qoj-h24YE@NR?t8M09%oK(;z(T``JC^;M8bPvSnoY)7KML+mVSlLw$M z^;{9o2S3$2SQtF|=WJHw%F!nxcSz5jjo~b?c0K3BtQXiTdM=Bc=$Ovx6#Plsuvb#R ziv;weWeRwe0NOk$;0*#^HURGt@QeW%B;YXu;0Gd5T};ir9{_h{&GUhB$F$ohs(8GF zIa&J;OFOH7a}F}sEl$2#yJ~UrquTn~w7rYH~dp<9WpHcZc z$27Jy`N7iU`wNrr)@COj)!Lu8X>)&{_)mJ4b>o`a)wOGCZ>n|UnFo8GVo%S!Oi#IZ z{UiTIA}|txkqG?1ihvE@B0TYCHv1;F+!Ju0L-|MF$!1s5cTs8o(y$@!_e7%}>}9b} z#?FeiQ_gDV^h7apPOqqHW!L(>er(5lmpP}$E+PTqZUlRg_W?KtaeRjsLOy>B zd0p+q?K@9(o@k7$<2$&h$L|v^D1Gego6A;Q?Gz@^FkdkX2U{T)Tc-|c5wr~e7v@-Vs1r6Wz{9+h|v%p@R=1A75RD4n>lNC zUS3sIRb}O+m7F)kXiFp(FI(@4c^ZOwm0P0zzr+rB*7`Amgl&qWFXEFU@6ZCb^r*NA)2x|Xh zHaivD(|MrtKz*RAL0{`G4w${16>XJ`X|r_oi~up?ggDl!9cQY zyq4KoOKoS29W}bkHma2HsrX!vI9x~qGUb|F3ke#YzBEZ@|YlrAcnyu@+x`q6Fd z$|;v$aLKvnkO|UXh)+M{uw&B`>8{4-CDezl9U5LzdPl*6aVO1(Lnsn|6FyIak6X z6SEvYnyY^*`h5WW8AiT0$Dap2!&>M!@(XU(?XL#k1-{S3ckBF3;3vU9#mE=#asRi2 zzX|-|{M!ZoUEuSMQ1M-p^Y3-=?*@MbsNVjB2dV<3}d`Lppyu`1gX(za*pDSJ0#LcY!|} z^J=D1Kf>9f|G{7K7x;tV-vs_qqkh3_y8Wq`cV}Xr(xJW{zk<7U{ygyS1^ODgU-Nh_JtKI*EHny;43sV%9f zEtxUD#5uoYGUVr%jOM?a_!rn|fgS3`ku(y4kqC@LU?c+n$0IO7v`_u6P5qv1^Em=n zzZX-#4^zJf8!jqJU;X}UIDK`E*(MF)X^2Rrg5a4HPbV%A^mJKPztcNImepQxiY%+& z>(Rc0lHz~#MK;3AxW-Yk3&Kie24CXgsY3GUxfG?WAozW`NRuUx z#Y~N3Gmcp!<7&poGG|_V94ocNpY#e@iT?fvvmFOh>w_7G@jQJ|$j0mM6EMq9U_Zt; zm8_`{zqVKFjgeP~yHT~ynDI$W{Vv#ypUU!$>q4vo>i4r|dCc-UBO>yJ>~yv@FFu7m zkQZ00WX=|?2Sw~pYFX16wEh+#&UKdf(=9LIZ5I4&iL2{|GDP=~HkR{8tv?GmJ~VD$ zm3Gwct(Bd1Tz+W$?*^XF|KALQKfvuwVJR6O<pXRcjpfGA3@JYf4im0^_pR{p94}=*mUh(j ziQ1RXpYyo<1ojPnlP`@+l23jX8N&Ftj`Ky_&d~A9@BQ=4mj-TU=)6mCJ446$Z?Ucw z(ABoo>|+PyCtw`*%l!a13z7RdZkDCe6TqEAVRjSjJM+w=7rC7hw*6e8#LpU#eTCyg z4ZSlA{;9O1_CNg02I{9_9hX}zld0>#4L&1C9d`dD}k57|NAWS{VP(w z>C3`AKkGm?$Z=DZys$~izkHtH@v{wN?ldxo+9$S^parBFY< zagH#+&!mt&C~=4MXScNf?l5+2=tr{iZ)XcZHLOpS_*m(unin%UE{z(k;! zPG>3A_^lBY>gAtcp$@+&T1 z!n)+V;AcP(IXaA;EEG$zzSYTfN!8mR?KsB^G|^utV_=$oTWKPw1Q_@nv5U z2E@9+*q0@)?kjxK{z8eX`wP{N*8wL#t>e5w%0F?wFmOoPX_R<@><~4c*GYVml;>w` z(78q8v!(n|Y3ExKAC%*PpDBX(5XYsEfjlkcKRQ={{0tM>mxqy01E+qsw(EqnqwcTd z^k7A}KXDrBQ`xhCD;b4x>W#)@@kAhiM^L$!uejr3H{Jq+M>%-)3LarJh9V7~klPoJ zL}PAGqLtyRW-TEY}rkA!vx*@!5bcC#iMwwOw<$hyM2jpcmq@nB{wAFCQ<%e zEUB-B<83t!9`D+i>7g1ueG<>kP-We2H% zUr@hz#d5d1ypqM@KDW0a#`u#Np35gkZCrG1?J}3!wS1u)@1HTd>|^eQH!QDRws?V= zBfN9F@xCUvOOqC~h1W9oRZCaQuU+b1v1rjsSG~KwcK%WqS>n>o#M8uhl)v&PW>OQc<1s<_HkvQwck7Qw-QK1|^IE(k$lc^`6|ea*$@7kgG{+KQ zKWmDGW5KZ7;|m9y-OcO5cvR_)M1Ah{(O?`e>+$_8mgrSk$9BKYd5|8$Yg{n<--I|_5#6HcZ^z#nh$rgvqqm`8dfk!9Aa9kdlma1}G{jlaQvRYQlfLy`M{Zv%;uhNS4Nbau zG^fN1`FCJr&H(gi$#sb}e+VH_Pjwf~gp{P2ilWZ=l@}Nug*ynm6u%-(iq?LJ3N0t)K1#DgLS&bxx;fnkI)KS?hlRJUYWtV(L6kz3VA5w)K`8gGrFDxPJ%LF zs{QJm^FFEnq*9dBX(^v9>#wljN?#r~=v?xZl98&hCphANsz%VZVnNRYnTwC|U#(v> lzm)GnQv9#ETF|*_;gd{Nuac$P@qGFl>V(8Zi-M)d{tEy-7gGQL diff --git a/firmware/src/powhsm/test/svarint/Makefile b/firmware/src/powhsm/test/svarint/Makefile index de931bda..b40a4e8f 100644 --- a/firmware/src/powhsm/test/svarint/Makefile +++ b/firmware/src/powhsm/test/svarint/Makefile @@ -20,11 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -TESTCOMMONDIR = ../common -SRCDIR = ../../src -CFLAGS = -I $(SRCDIR) -I $(TESTCOMMONDIR) - -include ../../../../coverage/coverage.mk +include ../common/common.mk PROG = test.out OBJS = test_fwk.o svarint.o test_svarint.o @@ -34,16 +30,6 @@ all: $(PROG) $(PROG): $(OBJS) $(CC) $(COVFLAGS) -o $@ $^ -test_fwk.o: $(TESTCOMMONDIR)/test_fwk.c - $(CC) $(CFLAGS) -c -o $@ $^ - -svarint.o: $(SRCDIR)/svarint.c - $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ - -test_svarint.o: test_svarint.c test_fwk.o svarint.o - -$(SRCDIR)/svarint.c: $(SRCDIR)/svarint.h - .PHONY: clean test clean: rm -f $(PROG) *.o $(COVFILES) diff --git a/firmware/src/powhsm/test/trie/Makefile b/firmware/src/powhsm/test/trie/Makefile index 4f1a30d1..2b4af0ce 100644 --- a/firmware/src/powhsm/test/trie/Makefile +++ b/firmware/src/powhsm/test/trie/Makefile @@ -20,43 +20,16 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -TESTCOMMONDIR = ../common -SRCDIR = ../../src -TCPSIGNERSRCDIR = ../../../tcpsigner -COMMONPATH = ../../../common/src -CFLAGS = -I $(SRCDIR) -I $(TCPSIGNERSRCDIR) -I $(COMMONPATH) -I $(TESTCOMMONDIR) - -include ../../../../coverage/coverage.mk +include ../common/common.mk PROG = test.out -OBJS = test_fwk.o trie.o svarint.o hex_reader.o os.o test_trie.o +OBJS = test_fwk.o trie.o svarint.o hex_reader.o test_trie.o platform.o log.o all: $(PROG) $(PROG): $(OBJS) $(CC) $(COVFLAGS) -o $@ $^ -test_fwk.o: $(TESTCOMMONDIR)/test_fwk.c - $(CC) $(CFLAGS) -c -o $@ $^ - -trie.o: $(SRCDIR)/trie.c - $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ - -svarint.o: $(SRCDIR)/svarint.c - $(CC) $(CFLAGS) $(COVFLAGS) -c -o $@ $^ - -hex_reader.o: $(TCPSIGNERSRCDIR)/hex_reader.c - $(CC) $(CFLAGS) -c -o $@ $^ - -os.o: $(TCPSIGNERSRCDIR)/os.c - $(CC) $(CFLAGS) -c -o $@ $^ - -test_trie.o: test_trie.c test_fwk.o trie.o svarint.o hex_reader.o os.o - -$(SRCDIR)/trie.c: $(SRCDIR)/trie.h -$(SRCDIR)/svarint.c: $(SRCDIR)/svarint.h -$(TCPSIGNERSRCDIR)/hex_reader.c: $(TCPSIGNERSRCDIR)/hex_reader.h - .PHONY: clean test clean: rm -f $(PROG) *.o $(COVFILES) diff --git a/firmware/src/powhsm/test/trie/os.o b/firmware/src/powhsm/test/trie/os.o deleted file mode 100644 index 4c16a55e5570617ea568633d122f67422c48870a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2064 zcmbu9&ubGw6vtl@ZL6&sMMS8FT+|A7NqQ(!MAFtIi^f)Lb5NA+CK;1pH(PhNwHAv? zK?uDRyoeY56FhqI;z7K47Vm;!5B1iAP~UfVrdhY!i+*9|&3xXE32!p{v`{W46A4mE z&=uVG=$+MVy|cL0scf!SHud!zTl#u|$rruz=?CIB zK7T~)d#rtMFW9GeA1otf^tIJ3T0G@fD{Oy2o~rdTpnJ~f7U$EbG&wnz8M-Q}Ewi1; zWwjA4H#~Ylt}-Lpkz6*H%c3spWMC+BQhbZ{G$t;tX>P=pv@^qv;pP$s;`t z4&W_(m%&+SOv-<~>%R-m>c^z~#jgJeIBN!z@+YT)0I(S0jt^Kjt6cP6tyK-!J3J7t z?#AyuvjxdZY$3nrY*%>1)p@=TC)?F(JQ_`MTo6p#fzz(etefGqH1JQVK$vZ8ff2H5B5 zn~Kj!o@9%ml$Q&|)jiHdxVo=r5w7lwH21OPnN_x)6WFF&Ibz<_JhAMNRyRG9w5scp zRA=uAw&2m1{!RL$CVD>Z1vURQKgYSKndK3dI)5k(d9BV@ zb}Yogp-B}GhB2|zl7;_!Na>ULudoS8^-rN|yol@nO+eP1KNF$<_zJ3g)qfllJsT-+ q)%numO(Hj%kGj#`GonipzQHCWS#Fo$yBe4OPX7MeyOF^nn*RsUhVM}T diff --git a/firmware/src/powhsm/test/trie/test.out b/firmware/src/powhsm/test/trie/test.out deleted file mode 100755 index 07d6a8d52af393822e00641114b582fd383ba062..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 40664 zcmeHwd3;k<+W$>Uq#!g^K7)SEZ4Ud=p+I@ZpyDa+&fAIf4#p7lDbdTk>^FK2>%|N2pTylYBzIEmCe` zISDvAR7tdSlztraP<_`NZXQxjlKNDs_$~k++4;{N%Iz0QeLeXlQ`)aesa_jhRast; zH@eC*s;aW4e!-{(g$1Ju^0EW9*}2^B!7zkeIb}wf_WKiVov>g@*W|~(I_`r}qkbql zW5qW$WH;GB@`#2GqL=Epw4hCR(XSg((=>w7vBUd%wWuZkOYS>535tf#ngmXIlF^^g z1DyJojGk;w1|QY~oO+&&es~Y?CjhtNmw4C!NG4}&5Af+dz}Eq8#V_$V7Xa$RAxB+( zFrYb|u0X)+4?2CW$||kSUs)6MX@Q`>%3GsVd#eN9AQkTFIxgxKYSpf)s#-Vr+zVVz zUuBJ}s`6SdA**ZWc>zXrxt)Qa3nHssl{K2r@AYZ~qzEg}rc9eUVWKlPJ10-C=4R(> z&Z)DeJ3U^%cTQy>==INnNC5Plu*QA3L-G}k7AQrvG_Eh zRfV>iN6YWH2ScB#&6BYD<170S^^MYDD&MI5(0Y_Wbjf_8;0+R9w@ly_T(x)KF5nbr zYOWBZ!vI%21P>eF{RtqCE(1JW0a11v;1&ZsQ`$r6oaTx;tOmGBorKFWz*UYSxXl3P z{7*m}g$B5o?*d+8fXh<}BOC@e9IYRv2KbRWRMRdszy}!MR~z614e;J-uLpWP(CdL- z5A=GV*8{yC_`mXiqj7(lquKoaVoh@_Z4IVG+Z~Nt(l+brqxl~J6+L|){#u5XphoQq z!bduyI8J|$+O$NAv~znWwP~psY325IYSU6JvYOkQs7*_>$b;NoPiT+!S{1=Xm-Kh@KR>zKm!NCx)R0>FocKBG2;%_Ma0Vu70 zbeW^E*hf`I=;Po3M|1H`G{U3MrEmrQY&Gvd+jOPkQ)T2jAj`nB?8?nltfP?-RSd1w z5n9yk2-SCm%Jw^&?WmgXf*2Td8;bQd&~CsFI@`kjgV87u0U)+ANhMR3bvZ(%6e5?S z*<7|iRGP8u6;=hnCh?K#*laYh!nR%PqeJG}P*78N8IOYcXF|4CQ@N94j0xL#CtdFtuYS)|SCy z`wE9?6ZEZT5l1(bTG4n0jjbgkOsGDLYIA8uBS#uI&IND~ zag+=p>NF!hMN0hodXi|4lnROaxY;K%UNqlA6MhO%Iq;(j8;{bFtwq{Z!WnyCh zpy2>*)zTt23(3bbn>H?OaXF9!2q~;IF+%pjDy`gq9WnQh{2te*Ab%gt<`Q_l{us30 zU}V&?)*fwaHANm1G%ql;U*vkxd@`QsMnEGj{D}{NC7`mbl~FUFSVYuRp{hp>R9?Z- zQe({RGz>%M&x(g2I9f_6>PCV-RGNv}Fw{7%Xl8O;WsvNW%*L>3V>mTLv3u}ZO>5kQ z0L_eS$S|5Hw9KoF*D@{|yd)k%dY3f_M?VW;LiOXQ#jCy>ka*RNG1U{H8piw*kgZw@ zYIBHR4k{rdr?7GMB}9>`KLgN zW$nBXC6=|{A+H_HLfa@cb+y^|(0-_=|eZnp0-wHMiU z&7a;}wp(wM0E1cI#j_qo(I)>W-~s9opbi2ZALHNe9~k4`6X?tNs549PwB)5Ii7f+C zpavrndLz6KDTtFPVr~$8F?%6-g<|etBp*8!0674%taXe)wV11A2Tj|XN=KmYuGs@CYY(_Q$b9(%5}4=xpqc2J0d# z&~!8pd3OP8-HD?4!V|>^zsxWsEj_rNCv;qJJp_mdE~s9P##SwLS!5y$H80^dn@dw^ zwt&_!RG(mW0lk!#jvqu8AQs6K=8(J)S%)6wP#qy+&7{~)HwzE_Cq63<=a;QR8w;m zHkjbP7XUKk+b5Y#<=d5n6jt8Bh=hE5Ju~-@j25!0(TwF=CnNQ6C=fJL8QL#$0Q+80 ze|9|4Q6P$ZC{ROzLbrx2X|2x(Wd>1}j36d6suUjx?;quFgR zdMAo3Xgt%m3rcaO-;9RL+3Qd>2Hz^QrSSU&ix5tWPYCDC1K}{^21b_-!8BfuL|VQ=B5eSYxsW)L(JGct=2k*1_XE%n%RdG=`eiKd=T*qSYE|VJ(lld78T3QMgc08=Mjg9lDS5_isg$5AB*KF+|*;a zkXckLk1z^Qu{^{GRI#i9sA72!h8*tuEI^9%wZjK!()m`b9oh*gtbCaf39-DInfph4 zLe@iQ#$x#{M(VMAji6b?(0-9IqFED9WCt{oi9hji=m3?T`OYC0v39VbYK%iG({cDG zoX8ROsX)Gvg}@n?WtpQ0gE-$6qL^s5X%y5UDNW(!>{A^b4o zIQ$}YxI6;ysu=nGMsm8C0y%9z%V@oU(TM*~Rs1hOS{^RMxPVmgACq{#Q6gQAK_X5Q zO5#XH>+#R6#P|o$82`T%V=UIr`?-}E{{X7^H{$j9C%hs4xfzRpX3^u{C_s;Y;*jxg z#Ov`-ctiYiGZz2MqQ}2cfFA!wpdSAK>hX`Ur1-BRMX~rt(-8lJl=07q#Q10C{*g){ z>mf7^@z2Ou{0o{z4DA;w5Y3u+B0Hdw6Yysp23QN%qqd|qcqHt!6CqMLmODKy3U3GX zp^L%+U^FZWf2t)H@S<>An|+H|6t>Dm;kwZDHKDTAA^X$KWv$Kjr)g36G%X5O>kTXl zL2chAR)E{&qHr}p>jY?>Tofw)Ewm_9{A&!0Lczm}LLreCg-?q`;Ty;S#zo;|n5`Ct zR-6Rjkudhd8+?wDO|x0i3q5D6}jo###ysL(7u$ zP>I|EFw)42;D+`;pwJhGs~CpGp#`JHXQg`x&6iPUfw&1ReYJrLuf=q26##In=BD*4 zEeOwJ@#ZU;R88lZMn-ihd^R(hA}hs}>REzAp3Y7(a;T+Q8gYm?{;Aqviki-00BJg( zCnUbh%|4NHL~}c{sOkKoQGlAxj}wPbu+oTE)A<&{V>(CRA9Q^IH;;(CCz_SaqNej~ zqX0FXCmVrkI_ChWrt?57WFYxufM_~52+0;^qtn?HK$-|Cto*LZ;0C%Brj3*j0mP+n zXAt$bP>;>!Hpb|4`2oZOXr5(gzs^ah|5rT4^`Ph+33v;`^<}?DaL$jXobtT8q=v&7o>haS4thsQUUoG5bm#K z=|f`J-&8b16wO9J3=z9R&^<+*YTE~reuK8`z)5J{MoeN2dLydbmkcGbR?_17-V=Yy zFJp}CnnTE-%l%>{<0vKLET%Mc?sx#&N-}|`K^h=vx9($0PDNn4Is|yw5tl*%YkV^vf{kZna`(!&g^BK8Ou5cF6->S zth4X3&OXaJP0J(+E_|tWwtczfrsMZVsj*yc95(LH;EhSKBiWCQFsGncPYa0+`0`ia%Hd&V33u7WhKugDmvGqu&;sf(X$3ZgSqF*pO7HfUb$VCI&D15qz zoPLM^?4OMK39{E?erchNZ+--pXa!u%+ehD`wzVXMhW1lb+e+w~g<5+EfeptOMDsN? z5!ETXi9%ujhKA+N%9T1v0a#x$Hnw2G}=-(}V;7Qy_(}I%f)E?9=>RVrI|K*;A#!OdZk( z0_nO?_NcqbexPB|fzdZu@V97jKXmp$W7yU?8qKR2=u^N;I*$jign^S4a4e#i5|j{k z5#P7L4jNfWNn%55s4aXKX6nX{KB3LZb{(@27!&r$uIv_5Fr=Gv1etR~CR;&u-wgv; z`9S=gytprWR!*G84%~mBn+&8q3p2O_gS6WbDno*@?*`U^S<`B5{(L9aL|Zqf*42RqAsoe7?x)5*0WlF$m$f(I32lw3*n<6TxGkK;#*I{ zlKbv`(dhbZNFp1scT6{__IUt3285Qi=G~}cx(~%&t&h(}Mj62*`2jG3@>=3w3VzJP zwV-q~c3;P|FA(inf_93ats&aWK-+A-3#7%Qk!f3qcBG&^LC{`9w4*>P?>wRRHpE1j zcX2Us_h9(D!J$Q#;180{9(Jgy9iz}OABzZk2hWx6(8f^v@NJ!aFeCOf*}q5eJ=~8y z-m-3eXZa;Kr^)`E@Xum2aLWk^&;H%n_V3xiK4f5?F!0(_x#M9J;oJVkd1a5ogu$c% zJ;&Z*xv2&ruuQoaXCs~t@Z>t2@{pKuUR{G4meqft!nDHyOIz}nQ3G4U6)e--%)|(1 z^X*L4?g*Keq85`&{-BL%%#p1aiMmtO71SpmaR>t57T!+v9dH}c4W%4_j)elWX`7o# z9w(B}MtDSmI4J$dbR5%N?15oL@PI>jV8Jloa z+stj{U?py8!(FV?{4~G>Vh6lNw+LH`D*y}snw>z~ava65pN;zJCl$r-f?%ARO}nKK zrd>$FTk_vOg-z>ArhV}t6p^?sRKEqudL2e=U31wMcyODD%TkykX4VV{6!5liF4g1XaxsBKT!OVNY~i+w zOMo~8-unSmlxxL+ZZAOJZxem*7|MNr2`&hKwU>3RBSBlK&bm6F9;X%fU+ALg!z7Oo z3C{ruVqG;#R|os~D$=z~=n4v5&!0l$59Vh3mXP@;C)Or38Gd0R2g}LefjzBAjLZ-3C!amf93*?h z?0E|`a`wpFN~;|cX3G4d5Z>286bHN?m1VIxm5?x_Ry8hvfIMMzTlhYz#|P#o1TrMd zdE8cksk%D;dr-v!^8%bM*7G{LC4b6EJOXE&jP70rW{#03;0irPN`MkEGMw<{KVC_W zQc*A{3ehdaGXM-Xz+FkAV0X8Qf|o!bqu{kMuwj#M`Q{VZhRhf_5EV$`BwikM;fp(!5V-{_=S4{qHHN zQiZUKSy(Gp7!Q-M<{{Tnp%QyGHK6$jK|Gv^Npl%fk>>MJi`<&RUYmnDF1pC+kLEya zr%-#XPZpgQsH2yo z7NJcas9lV@RQo3z)P672-f^Xvc3AjW@+fhSDpP)i@^a^UAqj`e(5+6q>#=^i@;YnkM^d2cO3&ee8gsb?B}Z-un*cC_cY$raEVJ zc*hREw1qRE%n`yWMJ@pzBobZ%ND!aE=6(q%W%YJG13sS(%TExN|MFONTPZpaZY1W$ zMXR*ne8^ix@=JA<-2inH=zdngD{m$lrK_ZsH$beiyGyFHSn;4!T7Byv^; zF^fH}`!4~wanXZ9`-7xv=i9)>pT>p??HyoZlHU^vcUXd0`?X5DSYK@#1??k*_6DK- zofDw_PGaW8y!lLM$BArBlR011RyUbPqSkC*88V-N%2xYcQ{;G_;`Y6q<1aW?4bs_= zv(@~{#WVrh%&k<4>Yr6r`p(7Hnl}L~^tOd(2+$t|s69kiQS*L)T`k3@0v0YqhjFUh zizO+Ix>`X#gCP|WvK$2RRQVn*Ki3zFey$h-9WBM1j)9CP-{Sc&9P%&?8yBtAEO%q~ zbEg>WzAvCx*u{K-j5ci-V~_wW5|Oiz6r3v*j1>xAKOPFELV*xgiFv!Z462LlV&o?i z%Xq=kN3eWNEXNQ_^T0n6EnUXOE>=ziMlQGd5%UDW+%}jy^Z_xyyNmT9R!HA$p-+tU z+qhg`Zx<}f1w>-x8LCeMBlX=!%##K4C4!mzSINxg{=|&9JYFOf|@M{F(fo%(KL_PT`B%`t0 zY`LXBMk;O_NS8Tc0NLn*ttFSRnrrlD{pZ$vguUw4Kz}^*uq%b%J@O zU>-!wF2TI!LgfxC*x-(%s8H^>4OnuAM-bn_#N>`nLa;kNM6I&~YQw0+)aH`f`9ke( z+$KRcS5jjBbO+n~2oZ0yHkp4->?XrWrIfE-yKq{;jo{WMyWz@pI|Rr?0Vyib7EnDt zv%X9q!it^Op%-`jsm^ z7k}uL>zYrcE^*;Dl5~ZHuJsx0oqpt!$cfk<4#RvrLHOYyQ&DBJ|=lU%*f9ULLvgprpidH$I& z`d(qQSr|PUW`vJr3(UJAProufpJ-PI+IKD7!3vyX!kurBwFB1>ZTyw#m%zx>l}^m} z3Fei8`Fvvj9Y_#pbHI$-WDSe9XxJa_i>`GJLdNc(Rw1>-Gw3qUZ#)CSel3K}6vDDe zn2Rkjk048sx{gLO*@e}u;xczP(R}_oyE;tuk5D&W^2V-etq5RRK7fqYKga2(*1ZPy z%~anJ4%xfq>6G*%WGR`m{D+Bv7XuQ+i-GEJG^)-<-KV2tPl}GsOJ^6qMQ6w+a8kf@ z&eNmCkA92coDC#2hUnB>BCcYaW`JouyS6OaJe^Kon0>5n5TaJ_{RliZVd>hVf%HBn z^d20@dY6&j42ae}IFNM1QcL4}ab*gTZQ*BL)14;7_N9A%EyZ5qUrSS@rT7V|KPl>V z8mI?EeFxR=6!j}JQNLN#zoh!LqFzjitp;@=JsVMsHwfAR-9TXi>HjkX6mJXoO9X#T z!2d>^8w9)*XNwJ(phSNcNq8feNDctemzmhe-5^%Zz+W@≤w-Kc>=zj;E+r3 zzYzQ?h8Len>$M*~=idH_?D-7!@h`k%)-=4Zav2~mKnb{pOb6u#Q7?9pC5_(@B|Jow zqYaeT5hcK+>yIS=GNyd;Pp`fY%3`cfUl7YW;Lx_M;j>z87RL%UCBI)E`iKU zIlt*XZ9F?ziTuEz{9z*8^EH`CgiziJEK{y03zWc}M7M_N2y74-M|Ob7TK*v!UyAxb z_ChL_74Y1txU^Nh>^m4T9>6;Eg)zg9BIFDM@>bNtHxiP}0CE!{MZK7I>cSoaa+d+= zpdE%O2IO-9D9)z{Il_Rv+kkwVkOK|K1qS3nLUwh>44Q2~enrSPfy6L>PxYq%;raop zUoYysuUIGQDOSKeqMk|hOGW((s!v0m$B|w$qPsR2hD)Zk6u&eDm5Zl_-X32zHT3QH zS>ru<6LS7)8LCYSeKjrg`J~W)kB<)C>uB6; zaumH^|0%s&Hv7u)SB$@M{8i(fP@-*y4&sl0>x@3o})Yz~%fYyQ0yZ_|5VLf|WIMtnS*H zpm#ygT3J&Wtfa4Lxq_9oHQCwOS`ZY@puf_a?S{RQE*sz03VN-@#nxFDPPIEPn&q54 zZTu8$EGfJjALuG~x#to|7I8b><<8*noZK;@(~8dTrSEgW0%!R`Xd?2w`~ngasIT^V zs2!}R3^?5t^)++Bs_gZ<=3AAHfYn#)x1M==;7n_vqPD)uV=ebu>7!lNV6D~fC0Rj# zy*mg=UTdwtat?hj%vw|H@uGkIg*|?+%j2x@F32J#Dp# zud~+Yqwk%`;}r4Tvn-){q?Jb_jvfuz3UR}A=lH5zbF3Z+bE`oVqZp`g`Mn-zo!{%L zT;TLBr~?7o<&{AvzO*(6T|v*($OwqCL-}2ZunG~${C;}974iaBSB-~E zVRUs89K4H~;Wta>#c5|;$eAKA64P8r z6*FC>oW%I9qW&9$S^*HrRORqx7#pY03(-#_qYeQl*O~S2`a^_!Rut7Q? z%-x{#^jI9De!oF zu3S%!&z+xBl$TpR##i9=_{Qdqb>$bj#}v78UEXp}PGNp|Q9(|jFUMxH<=S|qlIP1U zV41l^Hrv>--dvl{TVCYzmFIaq`L1%0yF4$~+{9q$!}wF<6-}Z=P-FTrj(|m zcKD)76WwL0A})O1oP1;x90GNidZ66Ons|Qra**_lhax#l8lkD+Fl9pN9+CeKQ?91i zR&sN4{>`+&Y%w``o}Vk}@XofJ0@1^wqJ-1MztkK%R{06}{;=nlpKF`XtKt^%h7vjCPN9Ys>0y<}*PpcctO7=s*wUem zU}t5G*a8kD;F-_3ADVzyd&EvAjN46P${xVF6vij+!|7P;cguZlAzy8MBW7s^|4ui_h&&!ZfS=cO`V1wYCF?pe%2`2g-&1W|6oljzG)E_xUIC_^ZB zp?nT6pnQXJ+6Umrmx`W7c?C*5A;gF2+6y()f(+9M1Nx>dGxg0NIG%#iRy`h#;(2QQ zNKUV5r-6d#*F6@Et|sdAjLGSl=UI-NpVpxL;`nn$j5%!>fr)<-ekG8bMgVyb?-lr+ zgz=*%*0k~I88@d)9C*Y87=$L_ug9+s@JFK5@snftl>mPMxmO$UDYKb?_+P|tH28V3 zqU6`a`1b%m0r(@xNQF-|4JHcWKY(A>i_vH?N*%u-#(yH>%MLuAPK)77WB75vpACFZ z`YB$g1AjkCU4H5clhS`Z;M@O<`%^~wDX*~tvTr5u*CTFc#^KM?@h<}Z6!0ZRyuC4X z9w>-^5Ac5h{#+w|A+z)N9soW9e7g}3{*|ZeNFIN8<77Kg8iz>-b5)(@PQqjQyVyv)=>! zGr$jzv;Q>R{w2V#MZUWecE;>)NhJxB0D2U78{Vn9lH^ZF&$vBhYI^3cQtj#1mOl3M ztlP|!(rq^%;YcrR>^mjBw#Vm^m?Gz1HB&T^+2x&dOgtVfnE>vdf@*b52*kDSN(s#>e{_Zn#g+&ROihn zO~Y%vd@PwP%Hw2P{lCI^g_94pSBZB>`B4AAFzv_Cq43`xjMj3S_9k#(%axDS*h`=T zTdsWABwjvdt?`~7Fudo5GEa3VlD9_fP@D+q!(Lkct(2 zw=_)I-74w&$x`XZo08lgfSL55Y_F31QQ200?vm}BBp&a2GQV!Ol>dKSsQ*_!QE!2a zgUPbISe8Cn&XeWMvb;x@kI8baEVs&1$yfic^puGc@nqm6Z+Ru2>&vlazdRu#AL z@V=TF-*|YMrs5(V-cM8U77y>Qskn@XV-_U%lkln90L_{dK2U2<3QyNMlEN*Tn(y&? zL0oEthdBccJ#Vk)2pQ+k0+V0zpl%k$WvwB%F zc&1j76n>o6kQA=6Sxgqq<38G#(HKP3C~u}{=~@Q9dtp5A`2~iTB*0IRaFvG@4?PfL z(qi_gyfKmChx+FlDW^3-{ye5X)X#SVp3MHwdVoL3a*orQq<>UCeDojCFH4~RT@Uns z0-XHjkx%~4M4OIR@gw;25?(?;9Pi*q@UJDD@5KQ2H~f&Hf!65j4g~K?fYXfoPQ6E&tVKdG@sxLBX_zeFY#yq! z0Y3`!tK<#=SMglM^zkyNwFq$Qp@EAw6orH z?Kfu$B~M9R=kyi!uap7K_lkgfPtuQ)^s3umNWC_xSM~QNra!a;={V1kf9T6)bnv}C zlvcpW&hMn1N=}ZX&l$nwTDvH;vnBjxnSWq5AD0520skzJawJ%DO8T*KV)4CRAm>W> zomqlXt@o}4oa}KV^eYYHPWDeJ6!d&A4%IU1Z_1(PuX|a(pf&z|QtEx?3;|W^$v;cI zUDAFvj&$!&X*A^$FDRahaqaDd`nF!1B{I zhnz=zuN)kUB>XBlUh*`ft(0)9%qM*B6!cFsT<9|XeF<=~vm?Pj?@D-Kg8e4MZ3gH| zC0xnslzJ~1FCgmrY=iV?2f9p$?1mPV^!w$+;(OS@AA|Wq_H-xMV*{M@CeG7wfYW&0 zJb}e)d@mW*@e*ElhJf?49;nU$oaBEi<*U3w|Myt3IA0{`ze%9Ki|Ny~ca9SBuNH-N zzogGh@Y`w$w$`Rl>6*y|ObR;b{qS`pZ0gQ0B=?rJU0x{2JLgekKOE zTnYD&6NLN>0IHKEeA5{MuJT?P;N-XA3HJC2j(L$dE;j&f6(ZvPey8F=&M$s80u(Ex z-eMUbDnI;A!mW~ikd!t^!Y>{r0Q?LGs+#~GCTWZXJu^jda;1z(=*3-DgI zc+1(7ZA(t!^x+{ur_1kmEp+1DR{uiH=Xc@xKTmyi^+K>1T6iW9FD@HN`C&cZ{JF5n z9bBLV=DGZpH9@rSdYzNrF!TD^T(^A3+v&l(;6d2002f*X_JAAl0plULdPbB79@q{CxzxEg^o!I%}ol;NeZRD zO}=pabi30&W0KQ}R-DT{nsd@+GsaJ!Ix!xDZv*&)08N=u=CnJc1jnQcHRqIRGbfCn z=A1cs@*V=(;cYi!8g9bDISRQ`MutfDbuD-nCQ&K#sYjWb=Gue zEb3-WpGYw`i(dIRa_jGWix(E<3++6j#wSMU^?Sj_&!5%?oOND*pw?L#sI4ilb@@GB zk5MZAGqJk*U?9$*L!VM*E$VSlCwSBgj#@>aI#5~dba|@rOl!@&Y6Pac*6(r7_g4nJ zn$zoX1zpB(2&gc|bf7Rbnxc15y{oB-Zx+PaCT9WO3&(`Tz^LBDJqsIqSvK}D0IiN@ zk1tM`)9DHXy#An*-b9bX;5!BQY(X4IX_np*mg_!=d)qh8DRaC*INurbzKjqy-$~z# zh*KlJkPruA@5gsgz88zM1phikh#ndWI@O%&TD(3^{zBZxKja%H7t!lMtW@B02M9hg zrEZ~aN={xvpY;KYy|Rp8o(V-B1Vep5jg9UkoxvT@C{{#}#M^Vo)5(Sj#SvYNXOwH* zx>YoTk~m0wyucV<(i!pE#52k9FlBB+Z;daCJDuf$fOI>JpdQt1A)Axf4~{W%X?5+q z`1zm2ddx6>A2=pX8HG<<_<{+RvHR7xN)m9o%f*)ySeGsKUdU6o2dmXUm@>rUC!W}rfAR>iOO;Z@ln7w}lVbKe!e zx<7L<;J7r``PF{CDt7{BJft`sbQNlJ4@c=&`}(T1N=jwFqEqEu;OU-_YODQ!RjTWf zMEj*!?OIgGr;1bGs_dr-Wl3XYJf1*<`me@MzkgCHsNPI)V50tK6ZqAA7FAA42-rmZFD3A+`!TAt zslXBD=;JS&+AFBgo-@rMI@Eoe@FLMxeip4*{3!TaKv?io{ObNr*FVYsA$TeF6u-I; z)GhftWdBusD!s~&E5J)6ieKF?+PxS+99g2!|0;e}ehQ3{U%#)^AXqANPEk>Os{9&Y zBfr{5t7s7P%1+UW`A@ZfK!s!}`_+A_1r36tT@?CXt6me8gD6P9Edj3h&rE<5Egi;E zk6nS{zYjKu#iV5jHfI8BM zn`pM%l%0WgQmu4orLVy;9qfwyfg7{|96P2RM$u{~Oh=n_(su(y+~}VlbX~YKiliwJLH|vGOu1{)I~*I zN7J$KNv?-~K{THB^;PtUR`rSICJGCD{l30RfgHmVBd%0nf_l~Oa~w13o7U@h%fyhU z#v!8#e|hX}2Q?iOsgQEMgs1db);}?9Xr$hCU2CK~6|Ph|Hd5Y`{((!vAy^=sHw!c!F+bqtO=7W3()#|AwJ}bzaqAfUhjFD7y1QA zWc6NOVm`Hs27OzN$CY~Dm$;dezSwczn$8~gj!mLuJUZ%2MEhx@8i}udJsvn6_nt}w zMibssj^TygQ`=W30;i3HhjM7upB1Z~ZVQivuBUuLBRU#kG~Fye7Mg69e?43x_M>dI zD${pkfzsGlRzTIzjKp6OeL2iiMmBeuF)D0M=QHzN#z47Jz8aZJT|V!4q1Ru-5w=ao zFimlLaAujkS3bTOX&_PHP(*TLTOVqO;6dbD`nYtjm=h8CpOgr z8cEam{Z(Q+uA)`YlXmqSnQR%)FZWyXiShs6Z*M3wrULG_3rrc_Z_iz76d5u%<*6i; zIb&wIQl850bacM5K~Ig^YuG-dd6OMI@Ihg;6k7_P2BWfx4KEnQ4BMGwo(_564$O z6%P!=y$2J4bi#X(ox+3c6b={(atcY>dqVdBPe`Y5fY4zb9hOd^D*rq?g{u5h7N<}z zBb-8Aqi_lje!NrYriXyB@n2M@&@G(8ee~EOr_j}XGx<{F7`nP|p-ARo!g4=QbA5qx zNbah|`4Y#duNzI37D@-NF7s^F%Kj@mgtrLw!cC+D&nGzw|2+4kdJ&Gox0o9FDEv(` zd6AC785$pD%yblf%}ie8qwoW{noGOxRMmo`uzHa)q)p03)cm4z@IJB!rBAygyTXVY z3;BMM$j&ji;r4H|mNcYqW&66$%#zQrX|lZV>*+-enbzldE-J6fs;Kf*aaeI^6Yj zwR3ChuU{}*#@uu3=GNEM*VhTHY&aYo_pQ+!JIWn1%1TO;WDr*o;~$6hd|5iB{Go#7 zlZy-PAPGIMfjI^7N>$}|h-^{zPCZ*I=1Nq)(@~*I$V}Ufs@4j%cP4CDB%OKR=xUmi z{_+JUX|e})yc`zJX%(EB*tS*DxH~ngl!2*M@^JG6r^XIrZeUk)nx*~gW%lKC=VfFM za|q<)Jl3pdy(}Qcp5jX+-y^vgbBZ_8FQ1<80Nw_81n?N(S|rpKtZmg=BRfR2xviru zqBXB-ylvUi#^&2ru3YO~*Sv1&vPN&S)*fsR2P3*zC>W03E90$OJHpZSpcdZN5^C#+ z=qgk~Wo`{OQ~CC-+e|sBLrHdQjf5jDp-6BewRJlEIM607tl%6kRthr(y^yQ%WlQ2Y zRPu{}{0hL=0)7wRQNVe;IoR7jpyLbpu!WO9YPA1#!2e_6+-KEaWxDoyFXaVG!Omv^ zJ`Zp&;A;Wj4ET1ydjNj~@B@G!0sJK3rvZNp@c#l{%mbWfoM!-D1NcI~R{?$};NJs$ zr{ruq>_sd4=?3z90N)SzLBIzA9|rvIfWHg4Q$Aui+qy1h1HJ(8rGVcK_%6T`fIkNK zlYpNCyqG&l!QS60z-s_+0DL9jYb58J)qb{FI6u#nUHu5?c@*$v@)6J3?0PCaYb3Y# zHwbtq;7P#u0se&K+#dERReMeW`M&`^3itjC!wekDOO z$3D*GfZqUkBj8PdZvcE3;JX2T9PmSc4+8!&;Aa4TAMhf6b4$TKo)v&!1NcpVF9W;@ z@J)b60gnOR5BL*+KO?z)y{CcvOMt%t_$c5X0$#?SCiBe8binHXUjld#@DSiT0q+C+ z_kbS-{3PHn1I{0+^NmjtACf89?YSIq{(PQKz7g;yz&8NC3-H~5KMwdIzy|?;8SpcJ zzYlnkcwu?rcvb*@4d6Ecz6|gtz&8ON1w00LKj2RQ{*2@o><>WxCBWYRd=&5x0WafE zw-oGlJ{|Bnz?T4im*m{v%jl=h1)G6T6X2%+ z{|Dgj0A9>SlV_Z#0zM1y`GBtgd=23D0M7sOny;O`lH2#0-9UaH;0FPJ8t@kZKMnX> zfS&`rlot;LyZyTXUjX>+fUgI9C*VH>{3n1P06Ycw3BX?id<^gc-hA_n+cdyu0zL=u z#ejbs@F3uwfIkTM9>Dhl{s+MS0(b`Svw%;LA0qAcc^%*j0bdKaK8w2ja~*F=!0Vg? zGyYvI--pWMufbcTpmfs=ez$xdB)3C@KPnZ-<`{g7^qa+JZA-nslJe@Ct7=bJ%DYLH zgW}ue^ZQyI8$2ZKxZ1|AljH8TahcRSHojh_)m_!QM{=z;{QdSw%LckfLi&BPiiLvr zw$w&~J0e=`#+FEnR=Xh_)@lU}ZPiKZ*7o*b2MN%}xnS+8TLahAC%V=xQYyH)c~hu` zzWjau;3gIPNkvYRq0l2^KT{JV)AI9+Avc3!JoO%f=#gqUf#X-|X`Uu7tL#S2?<~os zS?R)bebrX4%COfzhcZ~Fz5IwQuj*6f?db)S!8&>VtU;A${nnt?gJSg*$=84PTwS76 zHkkX*ubNf;s{f0Lu}B^Ltf5T&cfO`oTOq|&|J8k!g;_;!l;y3A Date: Wed, 19 Jun 2024 00:32:03 +1200 Subject: [PATCH 5/5] Updating documentation to reflect the possibility of multiple platform implementations (#182) --- QUICKSTART.md | 16 +++++++++++----- README.md | 4 ++-- dist/README.md | 4 ++-- docs/blockchain-bookkeeping.md | 2 +- docs/heartbeat.md | 10 +++++----- docs/signer-authorization.md | 22 +++++++++++----------- firmware/README.md | 28 ++++++++++++++++++++++------ firmware/build/README.md | 17 ++++++++++++----- firmware/deploy/README.md | 2 +- firmware/fuzz/README.md | 14 ++++++++------ firmware/test/README.md | 4 ++-- middleware/README.md | 4 ++-- 12 files changed, 79 insertions(+), 48 deletions(-) diff --git a/QUICKSTART.md b/QUICKSTART.md index 65b7ec93..41c5a3cd 100644 --- a/QUICKSTART.md +++ b/QUICKSTART.md @@ -17,18 +17,19 @@ Whether new to the project or just wanting to quickly get an environment up and Unless otherwise stated, only x86 platforms are supported for building this project and running the tools provided. The only exception is the [TCPSigner bundle](./utils/tcpsigner-bundle/README.md), which can be built and ran in x86 and arm64 platforms. - ## Common tasks - Run tests: ``` ~/repo> middleware/test-all # Middleware unit tests -~/repo> firmware/test/test-all # Ledger signer application tests -~/repo/firmware/src/ledger/signer/test/*> make test # Run ledger signer application unit tests -~/repo/firmware/src/common/test/*> make test # Run ledger common libraries unit tests +~/repo> firmware/test/test-all # Firmware tests +~/repo> firmware/src/ledger/ui/test/run-all.sh # Ledger UI application unit tests +~/repo> firmware/src/common/test/run-all.sh # Common code unit tests +~/repo> firmware/src/powhsm/test/run-all.sh # powHSM logic unit tests +~/repo> firmware/src/hal/test/run-all.sh # HAL unit tests ``` -- Build firmware binaries: +- Build Ledger Nano S application binaries: ``` ~/repo> firmware/build/build-signer # Build signer ~/repo> firmware/build/build-ui # Build UI @@ -43,3 +44,8 @@ Unless otherwise stated, only x86 platforms are supported for building this proj ``` ~/repo> ./build-dist ``` + +- Build the TCPSigner: +``` +~/repo> firmware/build/build-tcpsigner +``` diff --git a/README.md b/README.md index 8e986994..1870a016 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Unless otherwise stated, only x86 platforms are supported for building this proj ## Concepts overview -powHSM is a solution designed specifically for the [RSK network](https://www.rsk.co/) powPeg. Its main role is to safekeep and prevent the unauthorized usage of each of the powPeg's members' private keys. powHSM is implemented as a pair of applications for the [Ledger Nano S](https://shop.ledger.com/products/ledger-nano-s), namely a UI and a Signer, and it strongly depends on the device's security features to implement the aforementioned safekeeping. +powHSM is a solution designed specifically for the [RSK network](https://www.rsk.co/) powPeg. Its main role is to safekeep and prevent the unauthorized usage of each of the powPeg's members' private keys. powHSM is currently implemented as a pair of applications for the [Ledger Nano S](https://shop.ledger.com/products/ledger-nano-s), namely a UI and a Signer, and it strongly depends on the device's security features to implement the aforementioned safekeeping. Each powPeg member runs an individual physical device on which a transparent installation and onboarding process is carried. Amongst other things, this process safely generates the root key, that never leaves the device. There is an [attestation process](./docs/attestation.md) that serves the purpose of testifying and guaranteeing this key generation process, and ultimately the fact that the key is only ever known to the device. @@ -48,7 +48,7 @@ Refer to the following documents for details on specifics: - [Blockchain bookkeeping documentation](./docs/blockchain-bookkeeping.md) - [Attestation documentation](./docs/attestation.md) - [Heartbeat documentation](./docs/heartbeat.md) -- [Ledger apps](./firmware/README.md) +- [Firmware](./firmware/README.md) - [Middleware](./middleware/README.md) - [Distribution](./dist/README.md) diff --git a/dist/README.md b/dist/README.md index c52dfb52..f970ceea 100644 --- a/dist/README.md +++ b/dist/README.md @@ -1,6 +1,6 @@ # powHSM distribution -This document describes the artifacts provided to build a distributable version of the powHSM software. This distributable version includes both ledger apps and middleware binaries, as well as scripts for both setting up and onboarding a brand new Ledger Nano S; and also for upgrading an existing Ledger Nano S with powHSM to a newer Signer version. +This document describes the artifacts provided to build a distributable version of the powHSM software for Ledger Nano S. This distributable version includes both Ledger apps and middleware binaries, as well as scripts for both setting up and onboarding a brand new Ledger Nano S; and also for upgrading an existing Ledger Nano S with powHSM to a newer Signer version. ## Prerequisites @@ -14,7 +14,7 @@ To generate a full distribution into a fresh directory, issue: ~/repo> ./build-dist ``` -where `` is the target directory (which must not exist); ``, `` and `` are the build parameters for the signer app; `` is the signer version iteration with which the UI must be built; and `` is the basename of the authorizers header file. The script will build the ledger apps (signer and UI) as well as the required middleware. Then it will output all of the necessary distribution artifacts, including the aforementioned builds, to the destination path given. +where `` is the target directory (which must not exist); ``, `` and `` are the build parameters for the signer app; `` is the signer version iteration with which the UI must be built; and `` is the basename of the authorizers header file. The script will build the Ledger apps (signer and UI) as well as the required middleware. Then it will output all of the necessary distribution artifacts, including the aforementioned builds, to the destination path given. For example, to build a distribution with checkpoint `0x00f06dcff26ec8b4d373fbd53ee770e9348d9bd6a247ad4c86e82ceb3c2130ac`, minimum cumulative difficulty of `0x7c50933098`, `testnet` network, signer iteration `43` and authorizers header file `testing`, issue: diff --git a/docs/blockchain-bookkeeping.md b/docs/blockchain-bookkeeping.md index 0c41588e..22147087 100644 --- a/docs/blockchain-bookkeeping.md +++ b/docs/blockchain-bookkeeping.md @@ -63,7 +63,7 @@ In order to update the `blockchain_state` of an *initialized* powHSM device, we #### Context and preliminaries -The following constants are assumed to be predefined (and hardcoded into the physical device's firmware): +The following constants are assumed to be predefined (and hardcoded into the device's firmware): - `MINIMUM_CUMULATIVE_DIFFICULTY`: The minimum cumulative block difficulty to consider a block sufficiently confirmed. - `MAXIMUM_BLOCK_DIFFICULTY`: The maximum allowed difficulty for any given block. diff --git a/docs/heartbeat.md b/docs/heartbeat.md index 43755c6c..8688a1d2 100644 --- a/docs/heartbeat.md +++ b/docs/heartbeat.md @@ -7,11 +7,11 @@ acknowledge the state of a running powHSM installation. ## Heartbeat and attestation -Just like the attestation process, the heartbeat feature makes use of the Ledger Nano S -endorsement mechanism to prove to the end user a given state of the device and its running -applications. Nevertheless, and as opposed to the attestation process, the heartbeat -feature itself does not include the chain of certification all the way up to the -manufacturer (Ledger itself), but rather leverages the previously generated attestation +Just like the attestation process, the heartbeat feature makes use of the Hardware +Abstraction Layer's endorsement mechanism to prove to the end user a given state of the +device and its running applications. Nevertheless, and as opposed to the attestation +process, the heartbeat feature itself does not include the chain of certification all the +way up to the manufacturer, but rather leverages the previously generated attestation process artifacts for this purpose. For more details about this and the attestation process, see [the attestation documentation](./attestation.md). diff --git a/docs/signer-authorization.md b/docs/signer-authorization.md index dc695462..8ac1e796 100644 --- a/docs/signer-authorization.md +++ b/docs/signer-authorization.md @@ -2,23 +2,23 @@ ## Abstract -This document describes the mechanisms by which the UI component authorizes versions of -the Signer component to run on a device. It is an improvement to the authorization scheme -present up to version 2.3 in that it introduces an "N of M" signatures requirement for the -authorization of any given Signer version, enhancing security and decentralization of the -powHSM solution as a whole. It is also an improvement over the "downgrade prevention" -mechanism (also present up to version 2.3), in that it removes the limit present in the -feature up to then. +This document describes the mechanisms by which the Ledger Nano S UI application +authorizes versions of the Signer application to run on an onboarded device. It is an +improvement to the authorization scheme present up to version 2.3 in that it introduces an +"N of M" signatures requirement for the authorization of any given Signer version, +enhancing security and decentralization of the powHSM solution as a whole. It is also an +improvement over the "downgrade prevention" mechanism (also present up to version 2.3), in +that it removes the limit present in the feature up to then. ## Motivation Up to version 2.3 of the UI, each new version of the Signer component is authorized using the Ledger Nano S's custom certificate authority (CCA for short), represented by a unique ECDSA pair. If lost or stolen, there would be a need to generate a new pair, reset the -existing devices and update the RSK federation in order to issue new Signer versions. +existing devices and update the RSK PowPeg in order to issue new Signer versions. Moreover, the downgrade prevention mechanism, which is based on a finite blacklist of previous signer versions, rolls over after 100 versions, which also implies the need to -reset existing devices, the CCA and update the RSK federation in order to clear said list +reset existing devices, the CCA and update the RSK PowPeg in order to clear said list and move past the 100 signer version mark. Even though at the time of writing the 100 signer version mark is very far away, it would eventually become an issue. @@ -36,7 +36,7 @@ has no real use beyond the device setup, a scenario where the user tampers with process and uses a CCA of his choosing would have no real impact on the device's security. The UI and Signer are still protected from counterfeiting by the [attestation process](./attestation.md), which is the ultimate source of truth when it comes to -determining RSK's federation members. +determining RSK's PowPeg members. ## Implementation @@ -92,7 +92,7 @@ of: ### Considerations -It is important to mention that, when distributing UI and Signer for a new federation +It is important to mention that, when distributing UI and Signer for a new PowPeg member, the UI should be built with the `authorized_signer_iteration` corresponding to the current Signer version, preventing the installation of older Signers using old authorization witnesses. diff --git a/firmware/README.md b/firmware/README.md index c67bee79..fbb391dc 100644 --- a/firmware/README.md +++ b/firmware/README.md @@ -1,4 +1,18 @@ -# powHSM Ledger Nano S apps +# powHSM Firmware + +## Overview and source code + +By firmware, we collectively refer to the group of applications that comprise the main powHSM logic and its different implementations (currently and namely, powHSM for Ledger Nano S and powHSM for x86 -- codenamed TCPSigner). The source code under this document's directory is located within the `src` directory, and is organised as follows: + +- `hal`: contains header and source files for the Hardware Abstraction Layer, on top of which the powHSM logic is built. Currently implemented for Ledger Nano S and x86. +- `powhsm`: contains the powHSM logic. +- `ledger`: contains the Ledger Nano S apps. +- `tcpsigner`: contains the x86 implementation of powHSM. +- `common`: contains some common headers used both in powHSM and the Ledger Nano S apps (note that the Ledger UI app does not use the HAL layer). + +## powHSM for Ledger Nano S + +### Apps There are two ledger apps, both of them targeted for running on a Ledger Nano S with a 1.3.1 firmware. @@ -6,10 +20,7 @@ There are two ledger apps, both of them targeted for running on a Ledger Nano S - Signer: this is the main app that implements the signing and authorization logic for powHSM. It is intended to be used alongside the UI. Find the source code under `firmware/src/powhsm`. - -There exists also an x86 implementation of the _Signer_ component, which we call TCPSigner, that we use to smoke test, fuzz (see [the fuzzing documentation](./fuzz/README.md) for details) and debug & test new features on before we jump onto testing on a physical device. With the exception of fuzzing, this component creates a TCP/IP server that serves the purpose of enabling the otherwise USB-based interactions with a given client. - -## Prerequisites +### Prerequisites Before starting, you must have the following installed on your system: @@ -29,12 +40,17 @@ and that should build (or rebuild in case any of the `Dockerfile`s have changed) the corresponding docker images. -## Common tasks and documentation +### Common tasks and documentation Refer to [firmware/build/README.md](./build/README.md) for instructions on building and to [firmware/deploy/README.md](./deploy/README.md) for instructions on deploying. See [Ledger's documentation](http://ledger.readthedocs.io) to get a reference on developing for the platform. + +## powHSM for x86 + +Besides the Ledger implementation, there is also an x86 based implementation of the powHSM, which we call _TCPSigner_. This is used to smoke test, fuzz (see [the fuzzing documentation](./fuzz/README.md) for details) and debug & test new features on before we jump onto testing on a physical Ledger Nano S device. With the exception of fuzzing, this component creates a TCP/IP server that serves the purpose of enabling the otherwise USB-based interactions with a given client. + ## Tests There are some tests written in Python that serve the purpose of smoke testing the powHSM signer when either installed and running on a Ledger Nano S or via a fresh TCPSigner build. To run them against a TCPSigner, issue: diff --git a/firmware/build/README.md b/firmware/build/README.md index c6fb26bc..ed50833c 100644 --- a/firmware/build/README.md +++ b/firmware/build/README.md @@ -1,8 +1,11 @@ -# Ledger app building +# powHSM building -The Docker image for ledger builds (see [the ledger readme](../README.md)) provides a environment suitable to build Ledger Nano S applications on 1.3.1 firmware. This way new developers don't have to struggle setting up the build toolchain, and all of them will have exactly the same toolchain (no different compiler versions and related nuisances). Overall, we have an infrastructure enabling repeatable and bytewise reproducible builds. +## Building the Ledger Nano S apps -### Building signer and UI +The following instructions indicate how to build both the Signer and UI applications for +Ledger Nano S. The Docker image for ledger builds (see [the ledger readme](../README.md)) provides an environment suitable to build Ledger Nano S applications on 1.3.1 firmware. This way new developers don't have to struggle setting up the build toolchain, and all of them will have exactly the same toolchain (no different compiler versions and related nuisances). Overall, we have an infrastructure enabling repeatable and bytewise reproducible builds. This image must be built beforehand. + +### Building the UI To build the UI, just issue: @@ -18,6 +21,8 @@ There is also a *debug* version of the UI, which disables disallowing PINs with ~/repo> firmware/build/build-ledger-ui-debug ``` +### Building the Signer + To build the signer, just issue: ```bash @@ -34,11 +39,13 @@ For example, to build the signer with checkpoint `0x00f06dcff26ec8b4d373fbd53ee7 Once the build is complete, you will get the hash of the build as output, and the actual build output will be in `/firmware/src/ledger/signer/bin/app.hex` (for the signer) and `/firmware/src/ledger/ui/bin/token.hex` (for the UI). -#### Reproducible builds +### Reproducible builds It is *very important* to mention that both the Signer and the UI builds are bitwise reproducible. That is, two independent builds of the same code will yield the exact same hex files (and thus, the same app hashes). This is of remarkable importance for the [attestation process](../../docs/attestation.md). -### Building the TCPSigner +## Building the TCPSigner + +The Docker image for the middleware (see [the middleware readme](../../middleware/README.md)) provides a suitable environment to build, run and test the TCPSigner. This image must be built beforehand. To then build the TCPSigner, just issue: ```bash ~/repo> firmware/build/build-tcpsigner diff --git a/firmware/deploy/README.md b/firmware/deploy/README.md index 35e7eb27..72386763 100644 --- a/firmware/deploy/README.md +++ b/firmware/deploy/README.md @@ -1,4 +1,4 @@ -# Ledger app deployment +# powHSM Ledger Nano S app deployment The Docker image for middleware (see [the middleware readme](../../middleware/README.md)) provides an environment suitable to deploy Ledger Nano S applications on a Ledger Nano S device. This way new developers don't have to struggle setting up the deployment toolchain. diff --git a/firmware/fuzz/README.md b/firmware/fuzz/README.md index e6a1a071..788977fe 100644 --- a/firmware/fuzz/README.md +++ b/firmware/fuzz/README.md @@ -6,7 +6,7 @@ is geared towards (AFL++)[https://github.com/aflplusplus]. Most of the scripts here require a working `hsm:afl` Docker image which you can build using the `~/repo/docker/afl/build` script. -# Building a fuzzable TCPSinger +## Building a fuzzable TCPSigner You can build the TCPSigner with the AFL++ compilers with the `~/repo/firmware/build/build-tcpsigner-afl` script, which uses the @@ -22,16 +22,17 @@ The `fuzz` script takes three optional parameters: And runs a primary fuzzer, coverage and `cores - 1` secondary fuzzers. -The script uses the `env` file to read some `tcpsinger` arguments. See the +The script uses the `env` file to read some `tcpsigner` arguments. See the `Modifying run parameters` title on this doc. -# Coverage build +## Coverage build + The `coverage-build` parameter is an unfortunate technicality. Coverage needs a copy of the source files, and we must put it somewhere. The default is `./.coverage-build`. You can mostly ignore this folder. But whatever you specify as the coverage build folder **will get deleted** by the script, so be careful. -# Generating testcases +## Generating testcases You can run `./generate-testcases` to generate the testcases, make them unique and minimize them. This is recommended but takes @@ -45,7 +46,7 @@ If you want to run only some steps of the process, you can run the helper scripts `extract-inputs-from-tests`, `unique-testcases` and `min-testcases` one by one. -# Creating new entries in the dictionary +## Creating new entries in the dictionary The `./fuzz` script will read from the dictionary at `./dict/`. To easily add entries to the dictionary, you can use the helper python script `hex_to_dict.py` like this: @@ -54,6 +55,7 @@ entries to the dictionary, you can use the helper python script `hex_to_dict.py` python3 hex_to_dict.py ``` -# Modifying run parameters +## Modifying run parameters + The `~/repo/firmware/fuzz/env` file specifies the difficulty, network and checkpoint to be used both by the fuzzer and the coverage script. diff --git a/firmware/test/README.md b/firmware/test/README.md index fe59292f..0b85768d 100644 --- a/firmware/test/README.md +++ b/firmware/test/README.md @@ -1,6 +1,6 @@ -# Ledger signer firmware test suite +# powHSM firmware test suite -## Build parameters for a physical dongle +## Build parameters for a physical Ledger Nano S *Checkpoint:* 0xbdcb3c17c7aee714cec8ad900341bfd987b452280220dcbd6e7191f67ea4209b *Difficulty:* 0x32 (50) diff --git a/middleware/README.md b/middleware/README.md index e5a9ffae..fd6f2e93 100644 --- a/middleware/README.md +++ b/middleware/README.md @@ -66,8 +66,8 @@ Aside from the main `manager.py` and `manager-tcp.py` scripts, there are other t - `adm.py`: administrative utility for a powHSM dongle. It provides common utilities that can be performed on a powHSM dongle. - `lbutils.py`: common frontend to some of the `ledgerblue` modules. In particular, it ultimately serves the purpose of being able to build a binary for these utilities. -- `signapp.py`: signer authorization generator. Serves the purpose of generating authorization files for Signer versions (see [the signer authorization documentation](../docs/signer-authorization.md) for details). It can be used to sign with a powHSM Certificate Signer Ledger app (see [the ledger readme](../firmware/src/ledger/README.md) for details), to add manually fed signatures (externally generated), or to sign with a manually input key (for testing purposes). It can also be used to calculate the message to be signed to authorize a specific signer version (so that then the signature can be generated on a third-party application, e.g., MetaMask). Last, it has an option to calculate and output a ledger app's hash. -- `signonetime.py`: ledger app signer. Serves the purpose of signing firmware builds with a securely generated random one-time key. It is used in the distribution building process targeting the initial device setup process. +- `signapp.py`: signer authorization generator. Serves the purpose of generating authorization files for Signer versions (see [the signer authorization documentation](../docs/signer-authorization.md) for details). It can be used to add externally generated signatures, or to sign with a manually input key (intended for testing purposes only). It can also be used to calculate the message to be signed to authorize a specific signer version (so that then the signature can be generated on a third-party application, e.g., MetaMask). Last, it has an option to calculate and output a Ledger app's hash. +- `signonetime.py`: ledger app signer. Serves the purpose of signing Ledger Nano S firmware builds with a securely generated random one-time key. It is used in the distribution building process targeting the initial device setup process. The remaining `client.py` is a shorthand client utility for manually testing communication with a running manager or TCP manager.