Merge pull request #44 from dj8yfo/bump_sdk_safe_crypto_wrappers_again

chore: bump `ledger_device_sdk` to 1.7.1;

Cargo.toml

@@ -5,8 +5,7 @@ authors = ["yhql", "agrojean-ledger", "dj8yf0μl"]
 edition = "2021"
 
 [dependencies]
-ledger_device_sdk = "1.6.0"
-ledger_secure_sdk_sys = "1.2.0"
+ledger_device_sdk = "1.7.1"
 include_gif = "1.0.1"
 hex = { version = "0.4.3", default-features = false, features = ["serde"] }
 bs58 = { version = "0.5.0", default-features = false }

src/handlers/common/action/delegate.rs

@@ -1,5 +1,5 @@
+use ledger_device_sdk::buttons::ButtonEvent;
 use ledger_device_sdk::io::Event;
-use ledger_secure_sdk_sys::buttons::ButtonEvent;
 
 use crate::{
     parsing::{HashingStream, SingleTxStream},

src/handlers/common/finalize_sign.rs

@@ -1,14 +1,15 @@
 use crate::{
     parsing::{HashingStream, SingleTxStream},
-    utils::crypto::{self, PathBip32},
+    utils::crypto::PathBip32,
     AppSW,
 };
 use borsh::io::{ErrorKind, Read};
+use ledger_device_sdk::ecc::Ed25519;
 
 pub struct Signature(pub [u8; 64]);
 
 pub fn end(
-    stream: &mut HashingStream<SingleTxStream<'_>>,
+    mut stream: HashingStream<SingleTxStream<'_>>,
     path: &PathBip32,
 ) -> Result<Signature, AppSW> {
     // test no redundant bytes left in stream
@@ -21,7 +22,7 @@ pub fn end(
 
     let digest = stream.finalize()?;
 
-    let private_key = crypto::bip32_derive(&path.0);
+    let private_key = Ed25519::derive_from_path_slip10(&path.0);
     let (sig, _len) = private_key.sign(&digest.0).map_err(|_| AppSW::TxSignFail)?;
 
     Ok(Signature(sig))

src/handlers/common/validate_public_key.rs

@@ -1,10 +1,11 @@
+use ledger_device_sdk::ecc::Ed25519;
 use ledger_device_sdk::ui::{
     bitmaps::{CROSSMARK, EYE},
     gadgets::{Field, MultiFieldReview},
 };
 
 use crate::{
-    utils::crypto::{self, public_key::NoSecpAllowed, PathBip32, PublicKeyBe},
+    utils::crypto::{public_key::NoSecpAllowed, PathBip32, PublicKeyBe},
     AppSW,
 };
 use fmt_buffer::Buffer;
@@ -14,7 +15,7 @@ pub fn validate(
     path: &PathBip32,
 ) -> Result<(), AppSW> {
     let matching_private_key = {
-        let pk = crypto::bip32_derive(&path.0)
+        let pk = Ed25519::derive_from_path_slip10(&path.0)
             .public_key()
             .map_err(|_| AppSW::KeyDeriveFail)?;
         PublicKeyBe::from_little_endian(pk)

src/handlers/get_public_key.rs

@@ -18,13 +18,14 @@
 use crate::app_ui::address;
 use crate::utils::crypto;
 use crate::AppSW;
+use ledger_device_sdk::ecc::Ed25519;
 use ledger_device_sdk::io::Comm;
 
 pub fn handler(comm: &mut Comm, display: bool) -> Result<(), AppSW> {
     let data = comm.get_data().map_err(|_| AppSW::WrongApduLength)?;
     let path = crypto::PathBip32::parse(data).map_err(|_| AppSW::Bip32PathParsingFail)?;
 
-    let pk = crypto::bip32_derive(&path.0)
+    let pk = Ed25519::derive_from_path_slip10(&path.0)
         .public_key()
         .map_err(|_| AppSW::KeyDeriveFail)?;
 

src/handlers/get_wallet_id.rs

@@ -1,13 +1,14 @@
 use crate::app_ui::address;
 use crate::utils::crypto;
 use crate::AppSW;
+use ledger_device_sdk::ecc::Ed25519;
 use ledger_device_sdk::io::Comm;
 
 pub fn handler(comm: &mut Comm) -> Result<(), AppSW> {
     let data = comm.get_data().map_err(|_| AppSW::WrongApduLength)?;
     let path = crypto::PathBip32::parse(data).map_err(|_| AppSW::Bip32PathParsingFail)?;
 
-    let pk = crypto::bip32_derive(&path.0)
+    let pk = Ed25519::derive_from_path_slip10(&path.0)
         .public_key()
         .map_err(|_| AppSW::KeyDeriveFail)?;
 

src/handlers/sign_nep366_delegate.rs

@@ -35,7 +35,7 @@ pub fn handler(mut stream: SingleTxStream<'_>) -> Result<Signature, AppSW> {
     let delegate_ac_pub_key_prevalidation = handle_delegate_action(&mut stream)?;
     validate_public_key::validate(delegate_ac_pub_key_prevalidation, &path)?;
 
-    finalize_sign::end(&mut stream, &path)
+    finalize_sign::end(stream, &path)
 }
 
 pub fn handle_delegate_action(

src/handlers/sign_nep413_msg.rs

@@ -34,5 +34,5 @@ pub fn handler(mut stream: SingleTxStream<'_>) -> Result<Signature, AppSW> {
         return Err(AppSW::Deny);
     }
 
-    finalize_sign::end(&mut stream, &path)
+    finalize_sign::end(stream, &path)
 }

src/handlers/sign_tx.rs

@@ -75,5 +75,5 @@ pub fn handler(mut stream: SingleTxStream<'_>) -> Result<Signature, AppSW> {
         handle_action(&mut stream, params)?;
     }
 
-    finalize_sign::end(&mut stream, &path)
+    finalize_sign::end(stream, &path)
 }

src/main.rs

@@ -25,7 +25,7 @@ mod utils {
         pub mod public_key;
 
         pub use path::PathBip32;
-        pub use public_key::{bip32_derive, PublicKeyBe};
+        pub use public_key::PublicKeyBe;
     }
     pub mod types {
         pub mod base58_buf;

src/parsing/transaction_stream_reader/mod.rs

@@ -3,14 +3,11 @@ use ledger_device_sdk::{
     io::{Comm, Event},
 };
 
+use ledger_device_sdk::hash::sha2::Sha2_256;
+use ledger_device_sdk::hash::HashInit;
+
 use crate::{AppSW, Instruction, SignMode};
 use borsh::io::{self};
-use ledger_secure_sdk_sys::{
-    cx_hash_final, cx_hash_t, cx_hash_update, cx_sha256_init_no_throw, cx_sha256_t, CX_OK,
-};
-
-#[cfg(feature = "speculos")]
-use ledger_device_sdk::testing;
 
 pub struct SingleTxStream<'a> {
     pub comm: &'a mut Comm,
@@ -35,52 +32,30 @@ pub struct Sha256Digest(pub [u8; 32]);
 
 pub struct HashingStream<R> {
     pub reader: R,
-    sha256_ctx: cx_sha256_t,
+    sha256: Sha2_256,
 }
 
 impl<R> HashingStream<R> {
     pub fn new(reader: R) -> Result<Self, AppSW> {
-        let mut sha256_ctx = Default::default();
-        unsafe {
-            if cx_sha256_init_no_throw(&mut sha256_ctx) != CX_OK {
-                return Err(AppSW::TxHashFail);
-            }
-        }
-        let res = Self { reader, sha256_ctx };
+        let sha256 = Sha2_256::new();
+        let res = Self { reader, sha256 };
         Ok(res)
     }
 
-    pub fn finalize(&mut self) -> Result<Sha256Digest, AppSW> {
+    pub fn finalize(self) -> Result<Sha256Digest, AppSW> {
         let mut array = [0u8; 32];
-        unsafe {
-            if cx_hash_final(
-                &mut self.sha256_ctx.header as *mut cx_hash_t,
-                array.as_mut_ptr(),
-            ) != CX_OK
-            {
-                #[cfg(feature = "speculos")]
-                testing::debug_print("`cx_hash_final` error encountered \n");
-                return Err(AppSW::TxHashFinalizeFail);
-            }
-        }
+
+        self.sha256
+            .finalize(&mut array)
+            .map_err(|_err| AppSW::TxHashFinalizeFail)?;
         Ok(Sha256Digest(array))
     }
 }
 impl<R> HashingStream<R> {
     pub fn feed_slice(&mut self, input: &[u8]) -> io::Result<()> {
-        unsafe {
-            if cx_hash_update(
-                &mut self.sha256_ctx.header as *mut cx_hash_t,
-                input.as_ptr(),
-                input.len(),
-            ) != CX_OK
-            {
-                #[cfg(feature = "speculos")]
-                testing::debug_print("`cx_hash_update` error encountered \n");
-                return Err(io::Error::from(io::ErrorKind::OutOfMemory));
-            }
-        }
-        Ok(())
+        self.sha256
+            .update(input)
+            .map_err(|_err| io::Error::from(io::ErrorKind::OutOfMemory))
     }
 }
 
@@ -92,18 +67,9 @@ impl<R: io::Read> io::Read for HashingStream<R> {
             // update hash on each chunk passing through
             if n > 0 {
                 let data = &buf[0..n];
-                unsafe {
-                    if cx_hash_update(
-                        &mut self.sha256_ctx.header as *mut cx_hash_t,
-                        data.as_ptr(),
-                        data.len(),
-                    ) != CX_OK
-                    {
-                        #[cfg(feature = "speculos")]
-                        testing::debug_print("`cx_hash_update` error encountered \n");
-                        return Err(io::Error::from(io::ErrorKind::OutOfMemory));
-                    }
-                }
+                self.sha256
+                    .update(data)
+                    .map_err(|_err| io::Error::from(io::ErrorKind::OutOfMemory))?;
             }
             return Ok(n);
         }

src/utils/crypto/public_key.rs

@@ -1,5 +1,4 @@
-use ledger_device_sdk::ecc::{CurvesId, ECPrivateKey, ECPublicKey, Ed25519, Secret};
-use ledger_secure_sdk_sys::os_perso_derive_node_with_seed_key;
+use ledger_device_sdk::ecc::ECPublicKey;
 
 use crate::AppSW;
 
@@ -10,31 +9,9 @@ use fmt_buffer::Buffer;
 const PUBLIC_KEY_BIG_ENDIAN_LEN: usize = 32;
 const PUBLIC_KEY_LITTLE_ENDIAN_LEN: usize = 65;
 
-const HDW_ED25519_SLIP10: u32 = 1;
-
 #[derive(PartialEq, Eq)]
 pub struct PublicKeyBe(pub [u8; PUBLIC_KEY_BIG_ENDIAN_LEN]);
 
-pub fn bip32_derive(path: &[u32]) -> ECPrivateKey<32, 'E'> {
-    let mut tmp = Secret::<32>::new();
-    let curve = CurvesId::Ed25519;
-
-    unsafe {
-        os_perso_derive_node_with_seed_key(
-            HDW_ED25519_SLIP10,
-            curve as u8,
-            path.as_ptr(),
-            path.len() as u32,
-            tmp.as_mut().as_mut_ptr(),
-            core::ptr::null_mut(), // chain
-            core::ptr::null_mut(), // seed_key
-            0u32,                  // seed_key_length
-        )
-    };
-
-    Ed25519::from(tmp.as_ref())
-}
-
 pub struct NoSecpAllowed;
 
 impl TryFrom<TxPublicKey> for PublicKeyBe {