Merge pull request #858 from LedgerHQ/feat/apa/multisig

Nested GCS & GCS in EIP-712

Author: apaillier-ledger

client/src/ledger_app_clients/ethereum/client.py

@@ -36,6 +36,12 @@ class TrustedNameSource(IntEnum):
     DNS = 0x05
 
 
+class EIP712CalldataParamPresence(IntEnum):
+    NONE = 0x00
+    PRESENT_FILTERED = 0x01
+    PRESENT_VERIFYING_CONTRACT = 0x02
+
+
 class SignMode(IntEnum):
     BASIC = 0x00
     STORE = 0x01
@@ -52,7 +58,7 @@ def __init__(self, backend: BackendInterface):
     def _exchange_async(self, payload: bytes):
         return self._backend.exchange_async_raw(payload)
 
-    def _exchange(self, payload: bytes):
+    def _exchange(self, payload: bytes) -> RAPDU:
         return self._backend.exchange_raw(payload)
 
     def response(self) -> Optional[RAPDU]:
@@ -155,6 +161,60 @@ def eip712_filtering_trusted_name(self,
                                                                                     sig,
                                                                                     discarded))
 
+    def eip712_filtering_calldata_info(self,
+                                       index: int,
+                                       value_filter_flag: bool,
+                                       callee_filter_flag: int,
+                                       chain_id_filter_flag: bool,
+                                       selector_filter_flag: bool,
+                                       amount_filter_flag: bool,
+                                       spender_filter_flag: int,
+                                       sig: bytes):
+        return self._exchange(self._cmd_builder.eip712_filtering_calldata_info(index,
+                                                                               value_filter_flag,
+                                                                               callee_filter_flag,
+                                                                               chain_id_filter_flag,
+                                                                               selector_filter_flag,
+                                                                               amount_filter_flag,
+                                                                               spender_filter_flag,
+                                                                               sig))
+
+    def eip712_filtering_calldata_value(self,
+                                        index: int,
+                                        sig: bytes,
+                                        discarded: bool):
+        return self._exchange(self._cmd_builder.eip712_filtering_calldata_value(index, sig, discarded))
+
+    def eip712_filtering_calldata_callee(self,
+                                         index: int,
+                                         sig: bytes,
+                                         discarded: bool):
+        return self._exchange(self._cmd_builder.eip712_filtering_calldata_callee(index, sig, discarded))
+
+    def eip712_filtering_calldata_chain_id(self,
+                                           index: int,
+                                           sig: bytes,
+                                           discarded: bool):
+        return self._exchange(self._cmd_builder.eip712_filtering_calldata_chain_id(index, sig, discarded))
+
+    def eip712_filtering_calldata_selector(self,
+                                           index: int,
+                                           sig: bytes,
+                                           discarded: bool):
+        return self._exchange(self._cmd_builder.eip712_filtering_calldata_selector(index, sig, discarded))
+
+    def eip712_filtering_calldata_amount(self,
+                                         index: int,
+                                         sig: bytes,
+                                         discarded: bool):
+        return self._exchange(self._cmd_builder.eip712_filtering_calldata_amount(index, sig, discarded))
+
+    def eip712_filtering_calldata_spender(self,
+                                          index: int,
+                                          sig: bytes,
+                                          discarded: bool):
+        return self._exchange(self._cmd_builder.eip712_filtering_calldata_spender(index, sig, discarded))
+
     def eip712_filtering_raw(self, name: str, sig: bytes, discarded: bool):
         return self._exchange_async(self._cmd_builder.eip712_filtering_raw(name, sig, discarded))
 
@@ -176,16 +236,19 @@ def serialize_tx(self, tx_params: dict) -> tuple[bytes, bytes]:
         return encoded_tx, tx_hash
 
     def sign(self,
-             bip32_path: str,
-             tx_params: dict,
+             bip32_path: Optional[str] = None,
+             tx_params: Optional[dict] = None,
              mode: SignMode = SignMode.BASIC):
-        tx, _ = self.serialize_tx(tx_params)
-        chunks = self._cmd_builder.sign(bip32_path, tx, mode)
+        if tx_params is None:
+            tx = None
+        else:
+            tx, _ = self.serialize_tx(tx_params)
+        chunks = self._cmd_builder.sign(mode, bip32_path, tx)
         for chunk in chunks[:-1]:
             self._exchange(chunk)
         return self._exchange_async(chunks[-1])
 
-    def get_challenge(self):
+    def get_challenge(self) -> RAPDU:
         return self._exchange(self._cmd_builder.get_challenge())
 
     def get_public_addr(self,
@@ -421,6 +484,12 @@ def provide_transaction_info(self, payload: bytes) -> RAPDU:
             self._exchange(chunk)
         return self._exchange(chunks[-1])
 
+    def provide_transaction_field_desc(self, payload: bytes) -> RAPDU:
+        chunks = self._cmd_builder.provide_transaction_field_desc(payload)
+        for chunk in chunks[:-1]:
+            self._exchange(chunk)
+        return self._exchange(chunks[-1])
+
     def opt_in_tx_simulation(self):
         return self._exchange_async(self._cmd_builder.opt_in_tx_simulation())
 

client/src/ledger_app_clients/ethereum/command_builder.py

@@ -29,6 +29,7 @@ class InsType(IntEnum):
     PROVIDE_TRUSTED_NAME = 0x22
     PROVIDE_ENUM_VALUE = 0x24
     PROVIDE_TRANSACTION_INFO = 0x26
+    PROVIDE_TRANSACTION_FIELD_DESC = 0x28
     PROVIDE_PROXY_INFO = 0x2a
     PROVIDE_NETWORK_INFORMATION = 0x30
     PROVIDE_TX_SIMULATION = 0x32
@@ -55,6 +56,13 @@ class P2Type(IntEnum):
     FILTERING_ACTIVATE = 0x00
     FILTERING_DISCARDED_PATH = 0x01
     FILTERING_MESSAGE_INFO = 0x0f
+    FILTERING_CALLDATA_SPENDER = 0xf4
+    FILTERING_CALLDATA_AMOUNT = 0xf5
+    FILTERING_CALLDATA_SELECTOR = 0xf6
+    FILTERING_CALLDATA_CHAIN_ID = 0xf7
+    FILTERING_CALLDATA_CALLEE = 0xf8
+    FILTERING_CALLDATA_VALUE = 0xf9
+    FILTERING_CALLDATA_INFO = 0xfa
     FILTERING_TRUSTED_NAME = 0xfb
     FILTERING_DATETIME = 0xfc
     FILTERING_TOKEN_ADDR_CHECK = 0xfd
@@ -145,8 +153,7 @@ def eip712_send_struct_impl_struct_field(self, data: bytearray) -> list[bytes]:
         chunks = []
         # Add a 16-bit integer with the data's byte length (network byte order)
         data_w_length = bytearray()
-        data_w_length.append((len(data) & 0xff00) >> 8)
-        data_w_length.append(len(data) & 0x00ff)
+        data_w_length += struct.pack(">H", len(data))
         data_w_length += data
         while len(data_w_length) > 0:
             p1 = P1Type.PARTIAL_SEND if len(data_w_length) > 0xff else P1Type.COMPLETE_SEND
@@ -261,6 +268,108 @@ def eip712_filtering_trusted_name(self,
                                P2Type.FILTERING_TRUSTED_NAME,
                                data)
 
+    def eip712_filtering_calldata_info(self,
+                                       index: int,
+                                       value_filter_flag: bool,
+                                       callee_filter_flag: int,
+                                       chain_id_filter_flag: bool,
+                                       selector_filter_flag: bool,
+                                       amount_filter_flag: bool,
+                                       spender_filter_flag: int,
+                                       sig: bytes) -> bytes:
+        data = bytearray()
+        data += struct.pack(">B", index)
+        data += struct.pack(">B", value_filter_flag)
+        data += struct.pack(">?", callee_filter_flag)
+        data += struct.pack(">B", chain_id_filter_flag)
+        data += struct.pack(">B", selector_filter_flag)
+        data += struct.pack(">B", amount_filter_flag)
+        data += struct.pack(">?", spender_filter_flag)
+        data.append(len(sig))
+        data += sig
+        return self._serialize(InsType.EIP712_SEND_FILTERING,
+                               int(False),
+                               P2Type.FILTERING_CALLDATA_INFO,
+                               data)
+
+    def eip712_filtering_calldata_value(self,
+                                        index: int,
+                                        sig: bytes,
+                                        discarded: bool):
+        data = bytearray()
+        data += struct.pack(">B", index)
+        data.append(len(sig))
+        data += sig
+        return self._serialize(InsType.EIP712_SEND_FILTERING,
+                               int(discarded),
+                               P2Type.FILTERING_CALLDATA_VALUE,
+                               data)
+
+    def eip712_filtering_calldata_callee(self,
+                                         index: int,
+                                         sig: bytes,
+                                         discarded: bool):
+        data = bytearray()
+        data += struct.pack(">B", index)
+        data.append(len(sig))
+        data += sig
+        return self._serialize(InsType.EIP712_SEND_FILTERING,
+                               int(discarded),
+                               P2Type.FILTERING_CALLDATA_CALLEE,
+                               data)
+
+    def eip712_filtering_calldata_chain_id(self,
+                                           index: int,
+                                           sig: bytes,
+                                           discarded: bool):
+        data = bytearray()
+        data += struct.pack(">B", index)
+        data.append(len(sig))
+        data += sig
+        return self._serialize(InsType.EIP712_SEND_FILTERING,
+                               int(discarded),
+                               P2Type.FILTERING_CALLDATA_CHAIN_ID,
+                               data)
+
+    def eip712_filtering_calldata_selector(self,
+                                           index: int,
+                                           sig: bytes,
+                                           discarded: bool):
+        data = bytearray()
+        data += struct.pack(">B", index)
+        data.append(len(sig))
+        data += sig
+        return self._serialize(InsType.EIP712_SEND_FILTERING,
+                               int(discarded),
+                               P2Type.FILTERING_CALLDATA_SELECTOR,
+                               data)
+
+    def eip712_filtering_calldata_amount(self,
+                                         index: int,
+                                         sig: bytes,
+                                         discarded: bool):
+        data = bytearray()
+        data += struct.pack(">B", index)
+        data.append(len(sig))
+        data += sig
+        return self._serialize(InsType.EIP712_SEND_FILTERING,
+                               int(discarded),
+                               P2Type.FILTERING_CALLDATA_AMOUNT,
+                               data)
+
+    def eip712_filtering_calldata_spender(self,
+                                          index: int,
+                                          sig: bytes,
+                                          discarded: bool):
+        data = bytearray()
+        data += struct.pack(">B", index)
+        data.append(len(sig))
+        data += sig
+        return self._serialize(InsType.EIP712_SEND_FILTERING,
+                               int(discarded),
+                               P2Type.FILTERING_CALLDATA_SPENDER,
+                               data)
+
     def eip712_filtering_raw(self, name: str, sig: bytes, discarded: bool) -> bytes:
         return self._serialize(InsType.EIP712_SEND_FILTERING,
                                int(discarded),
@@ -280,15 +389,21 @@ def set_external_plugin(self, plugin_name: str, contract_address: bytes, selecto
                                0x00,
                                data)
 
-    def sign(self, bip32_path: str, rlp_data: bytes, p2: int) -> list[bytes]:
-        apdus = []
-        payload = pack_derivation_path(bip32_path)
-        payload += rlp_data
+    def sign(self,
+             mode: int,
+             bip32_path: Optional[str] = None,
+             rlp_data: Optional[bytes] = None) -> list[bytes]:
+        apdus: list[bytes] = []
+        payload = bytearray()
+        if bip32_path is not None:
+            payload = pack_derivation_path(bip32_path)
+        if rlp_data is not None:
+            payload += rlp_data
         p1 = P1Type.SIGN_FIRST_CHUNK
-        while len(payload) > 0:
+        while (len(payload) > 0) or ((len(apdus) == 0) and (len(payload) == 0)):
             apdus.append(self._serialize(InsType.SIGN,
                                          p1,
-                                         p2,
+                                         mode,
                                          payload[:0xff]))
             payload = payload[0xff:]
             p1 = P1Type.SIGN_SUBSQT_CHUNK
@@ -476,6 +591,9 @@ def provide_enum_value(self, tlv_payload: bytes) -> list[bytes]:
     def provide_transaction_info(self, tlv_payload: bytes) -> list[bytes]:
         return self.common_tlv_serialize(InsType.PROVIDE_TRANSACTION_INFO, tlv_payload)
 
+    def provide_transaction_field_desc(self, tlv_payload: bytes) -> list[bytes]:
+        return self.common_tlv_serialize(InsType.PROVIDE_TRANSACTION_FIELD_DESC, tlv_payload)
+
     def opt_in_tx_simulation(self) -> bytes:
         # Serialize the payload
         return self._serialize(InsType.PROVIDE_TX_SIMULATION, P1Type.OPT_IN_TX_CHECK, 0x00)