Use SDK TLV library

fbeutin-ledger · fbeutin-ledger · commit f4d8c812994b · 2025-04-28T17:28:07.000+02:00
diff --git a/src/hash_bytes.c b/src/hash_bytes.c
@@ -8,7 +8,7 @@
  * @param[in] hash_ctx pointer to the hashing context
  */
 void hash_nbytes(const uint8_t *bytes_ptr, size_t n, cx_hash_t *hash_ctx) {
-    CX_ASSERT(cx_hash_no_throw(hash_ctx, 0, bytes_ptr, n, NULL, 0));
+    CX_ASSERT(cx_hash_update(hash_ctx, bytes_ptr, n));
 }
 
 /**
diff --git a/src/ledger_pki.c b/src/ledger_pki.c
@@ -24,7 +24,7 @@ int check_signature_with_pubkey(const char *tag,
 #ifdef HAVE_LEDGER_PKI
                                 const uint8_t keyUsageExp,
 #endif
-                                uint8_t *signature,
+                                const uint8_t *signature,
                                 const uint8_t sigLen) {
     UNUSED(tag);
     cx_ecfp_public_key_t verif_key = {0};
@@ -50,7 +50,7 @@ int check_signature_with_pubkey(const char *tag,
                KEY_USAGE_STR(key_usage));
 
         // Checking the signature with PKI
-        if (!os_pki_verify(buffer, bufLen, signature, sigLen)) {
+        if (!os_pki_verify(buffer, bufLen, (uint8_t *)signature, sigLen)) {
             PRINTF("%s: Invalid signature\n", tag);
 #ifndef HAVE_BYPASS_SIGNATURES
             error = APDU_RESPONSE_INVALID_DATA;
diff --git a/src/public_keys.h b/src/public_keys.h
@@ -117,5 +117,5 @@ int check_signature_with_pubkey(const char *tag,
 #ifdef HAVE_LEDGER_PKI
                                 const uint8_t keyUsageExp,
 #endif
-                                uint8_t *signature,
+                                const uint8_t *signature,
                                 const uint8_t sigLen);
diff --git a/src_features/provide_trusted_name/cmd_trusted_name.c b/src_features/provide_trusted_name/cmd_trusted_name.c
@@ -8,22 +8,6 @@
 #include "tlv_apdu.h"
 #include "apdu_constants.h"
 
-static bool handle_tlv_payload(const uint8_t *payload, uint16_t size, bool to_free) {
-    s_trusted_name_ctx ctx = {0};
-    bool parsing_ret;
-
-    ctx.trusted_name.name = g_trusted_name;
-    cx_sha256_init(&ctx.hash_ctx);
-    parsing_ret = tlv_parse(payload, size, (f_tlv_data_handler) &handle_trusted_name_struct, &ctx);
-    if (to_free) mem_dealloc(size);
-    if (!parsing_ret || !verify_trusted_name_struct(&ctx)) {
-        roll_challenge();  // prevent brute-force guesses
-        return false;
-    }
-    roll_challenge();  // prevent replays
-    return true;
-}
-
 /**
  * Handle trusted name APDU
  *
@@ -32,7 +16,7 @@ static bool handle_tlv_payload(const uint8_t *payload, uint16_t size, bool to_fr
  * @param[in] length payload size
  */
 uint16_t handle_trusted_name(uint8_t p1, const uint8_t *data, uint8_t length) {
-    if (!tlv_from_apdu(p1 == P1_FIRST_CHUNK, length, data, &handle_tlv_payload)) {
+    if (!tlv_from_apdu(p1 == P1_FIRST_CHUNK, length, data, &handle_tlv_trusted_name_payload)) {
         return APDU_RESPONSE_INVALID_DATA;
     }
     return APDU_RESPONSE_OK;
diff --git a/src_features/provide_trusted_name/trusted_name.c b/src_features/provide_trusted_name/trusted_name.c
diff --git a/src_features/provide_trusted_name/trusted_name.h b/src_features/provide_trusted_name/trusted_name.h

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`* @param[in] hash_ctx pointer to the hashing context`
`9`	`9`	`*/`
`10`	`10`	`void hash_nbytes(const uint8_t bytes_ptr, size_t n, cx_hash_t hash_ctx) {`
`11`		`- CX_ASSERT(cx_hash_no_throw(hash_ctx, 0, bytes_ptr, n, NULL, 0));`
	`11`	`+ CX_ASSERT(cx_hash_update(hash_ctx, bytes_ptr, n));`
`12`	`12`	`}`
`13`	`13`
`14`	`14`	`/**`