/
signTx.h
215 lines (180 loc) · 5.49 KB
/
signTx.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
#ifndef H_CARDANO_APP_SIGN_TX
#define H_CARDANO_APP_SIGN_TX
#include "common.h"
#include "hash.h"
#include "handlers.h"
#include "txHashBuilder.h"
#include "bip44.h"
#include "addressUtilsShelley.h"
#include "signTxMint.h"
#include "signTxOutput.h"
#include "signTxPoolRegistration.h"
#include "signTxCatalystRegistration.h"
#include "signTxAuxData.h"
// the signing mode significantly affects restrictions on tx being signed
typedef enum {
SIGN_TX_SIGNINGMODE_ORDINARY_TX = 3, // enum value 3 is needed for backwards compatibility
SIGN_TX_SIGNINGMODE_POOL_REGISTRATION_OWNER = 4,
SIGN_TX_SIGNINGMODE_POOL_REGISTRATION_OPERATOR = 5,
SIGN_TX_SIGNINGMODE_MULTISIG_TX = 6,
} sign_tx_signingmode_t;
typedef enum {
SIGN_STAGE_NONE = 0,
SIGN_STAGE_INIT = 23,
SIGN_STAGE_AUX_DATA = 24,
SIGN_STAGE_AUX_DATA_CATALYST_REGISTRATION_SUBMACHINE = 25,
SIGN_STAGE_BODY_INPUTS = 26,
SIGN_STAGE_BODY_OUTPUTS = 27,
SIGN_STAGE_BODY_OUTPUTS_SUBMACHINE = 28,
SIGN_STAGE_BODY_FEE = 29,
SIGN_STAGE_BODY_TTL = 30,
SIGN_STAGE_BODY_CERTIFICATES = 31,
SIGN_STAGE_BODY_CERTIFICATES_POOL_SUBMACHINE = 32, // pool registration certificate sub-machine
SIGN_STAGE_BODY_WITHDRAWALS = 33,
SIGN_STAGE_BODY_VALIDITY_INTERVAL = 34,
SIGN_STAGE_BODY_MINT = 35,
SIGN_STAGE_BODY_MINT_SUBMACHINE = 36,
SIGN_STAGE_BODY_SCRIPT_DATA_HASH = 37,
SIGN_STAGE_BODY_COLLATERALS = 38,
SIGN_STAGE_BODY_REQUIRED_SIGNERS = 39,
SIGN_STAGE_CONFIRM = 40,
SIGN_STAGE_WITNESSES = 41,
} sign_tx_stage_t;
enum {
SIGN_MAX_INPUTS = UINT16_MAX,
SIGN_MAX_OUTPUTS = UINT16_MAX,
SIGN_MAX_CERTIFICATES = UINT16_MAX,
SIGN_MAX_REWARD_WITHDRAWALS = UINT16_MAX,
SIGN_MAX_COLLATERALS = UINT16_MAX,
SIGN_MAX_REQUIRED_SIGNERS = UINT16_MAX,
SIGN_MAX_WITNESSES = SIGN_MAX_INPUTS + SIGN_MAX_OUTPUTS + SIGN_MAX_CERTIFICATES + SIGN_MAX_REWARD_WITHDRAWALS,
};
typedef struct {
// significantly affects restrictions on the tx
sign_tx_signingmode_t txSigningMode;
uint8_t networkId; // part of Shelley address
uint32_t protocolMagic; // part of Byron address
} common_tx_data_t;
typedef struct {
stake_credential_type_t type;
union {
bip44_path_t keyPath;
uint8_t scriptHash[SCRIPT_HASH_LENGTH];
};
} stake_credential_t;
typedef struct {
certificate_type_t type;
union {
stake_credential_t stakeCredential;
bip44_path_t poolIdPath;
};
uint64_t epoch;
uint8_t poolKeyHash[POOL_KEY_HASH_LENGTH];
} sign_tx_certificate_data_t;
typedef struct {
uint8_t txHashBuffer[TX_HASH_LENGTH];
uint32_t parsedIndex;
} sign_tx_transaction_input_t;
typedef struct {
bip44_path_t path;
uint8_t signature[64];
} sign_tx_witness_data_t;
typedef struct {
stake_credential_t stakeCredential;
uint64_t amount;
uint8_t previousRewardAccount[REWARD_ACCOUNT_SIZE];
} sign_tx_withdrawal_data_t;
typedef struct {
bool auxDataReceived;
aux_data_type_t auxDataType;
aux_data_hash_builder_t auxDataHashBuilder;
struct {
catalyst_registration_context_t catalyst_registration_subctx;
} stageContext;
} ins_sign_tx_aux_data_context_t;
typedef struct {
uint16_t currentInput;
uint16_t currentOutput;
uint16_t currentCertificate;
uint16_t currentWithdrawal;
uint16_t currentCollateral;
uint16_t currentRequiredSigners;
bool feeReceived;
bool ttlReceived;
bool validityIntervalStartReceived;
bool mintReceived;
bool scriptDataHashReceived;
// TODO move these to commonTxData?
tx_hash_builder_t txHashBuilder;
// this holds data valid only through the processing of a single APDU
union {
uint64_t fee;
uint64_t ttl;
sign_tx_certificate_data_t certificate;
sign_tx_withdrawal_data_t withdrawal;
uint64_t validityIntervalStart;
uint8_t scriptDataHash[SCRIPT_DATA_HASH_LENGTH];
sign_tx_transaction_input_t collateral;
uint8_t requiredSigner[VKEY_LENGTH];
} stageData; // TODO rename to reflect single-APDU scope
union {
pool_registration_context_t pool_registration_subctx;
output_context_t output_subctx;
mint_context_t mint_subctx;
} stageContext;
} ins_sign_tx_body_context_t;
typedef struct {
uint16_t currentWitness;
struct {
sign_tx_witness_data_t witness;
} stageData;
} ins_sign_tx_witness_context_t;
typedef struct {
sign_tx_stage_t stage;
common_tx_data_t commonTxData;
bool includeAuxData;
uint16_t numInputs;
uint16_t numOutputs;
bool includeTtl;
uint16_t numCertificates;
uint16_t numWithdrawals; // reward withdrawals
bool includeValidityIntervalStart;
bool includeMint;
bool includeScriptDataHash;
uint16_t numCollaterals;
uint16_t numRequiredSigners;
uint16_t numWitnesses;
uint8_t auxDataHash[AUX_DATA_HASH_LENGTH];
uint8_t txHash[TX_HASH_LENGTH];
union {
ins_sign_tx_aux_data_context_t aux_data_ctx;
ins_sign_tx_body_context_t body_ctx;
ins_sign_tx_witness_context_t witnesses_ctx;
} txPartCtx;
int ui_step;
} ins_sign_tx_context_t;
ins_sign_tx_aux_data_context_t* accessAuxDataContext();
ins_sign_tx_body_context_t* accessBodyContext();
ins_sign_tx_witness_context_t* accessWitnessContext();
#ifdef DEVEL
#define AUX_DATA_CTX (ASSERT(accessAuxDataContext() != NULL), accessAuxDataContext())
#define BODY_CTX (ASSERT(accessBodyContext() != NULL), accessBodyContext())
#define WITNESS_CTX (ASSERT(accessWitnessContext() != NULL), accessWitnessContext())
#else
#define AUX_DATA_CTX (accessAuxDataContext())
#define BODY_CTX (accessBodyContext())
#define WITNESS_CTX (accessWitnessContext())
#endif
handler_fn_t signTx_handleAPDU;
static inline bool signTx_parseIncluded(uint8_t value)
{
switch (value) {
case ITEM_INCLUDED_YES:
return true;
case ITEM_INCLUDED_NO:
return false;
default:
THROW(ERR_INVALID_DATA);
}
}
#endif // H_CARDANO_APP_SIGN_TX