add policyForSignTxStakePoolRegistrationInit

vacuumlabs · Oct 14, 2021 · 11ba093 · 11ba093
1 parent 65dd6ae
commit 11ba093
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 11 deletions.
diff --git a/src/securityPolicy.c b/src/securityPolicy.c
@@ -547,6 +547,25 @@ security_policy_t policyForSignTxCertificateStakePoolRetirement(
 	DENY(); // should not be reached
 }
 
+security_policy_t policyForSignTxStakePoolRegistrationInit(
+        sign_tx_signingmode_t txSigningMode,
+        size_t numOwners,
+        size_t numRelays MARK_UNUSED
+)
+{
+	switch (txSigningMode) {
+	case SIGN_TX_SIGNINGMODE_POOL_REGISTRATION_OWNER:
+		// there should be exactly one owner given by path for which we provide a witness
+		DENY_IF(numOwners == 0);
+		break;
+
+	default:
+		break;
+	}
+
+	ALLOW();
+}
+
 security_policy_t policyForSignTxStakePoolRegistrationPoolId(
         sign_tx_signingmode_t txSigningMode,
         const pool_id_t* poolId

diff --git a/src/securityPolicy.h b/src/securityPolicy.h
@@ -71,6 +71,11 @@ security_policy_t policyForSignTxCertificateStakePoolRetirement(
         const bip44_path_t* stakeCredential,
         uint64_t epoch
 );
+security_policy_t policyForSignTxStakePoolRegistrationInit(
+        sign_tx_signingmode_t txSigningMode,
+        size_t numOwners,
+        size_t numRelays MARK_UNUSED
+);
 security_policy_t policyForSignTxStakePoolRegistrationPoolId(
         sign_tx_signingmode_t txSigningMode,
         const pool_id_t* poolId

diff --git a/src/signTxPoolRegistration.c b/src/signTxPoolRegistration.c
@@ -203,17 +203,15 @@ static void signTxPoolRegistration_handleInitAPDU(uint8_t* wireDataBuffer, size_
 		ASSERT_TYPE(subctx->numRelays, uint16_t);
 		subctx->numOwners = (uint16_t) numOwners;
 		subctx->numRelays = (uint16_t) numRelays;
-
-		switch (commonTxData->txSigningMode) {
-		case SIGN_TX_SIGNINGMODE_POOL_REGISTRATION_OWNER:
-			// there should be exactly one owner given by path for which we provide a witness
-			VALIDATE(subctx->numOwners >= 1, ERR_INVALID_DATA);
-			break;
-
-		default:
-			// nothing to validate in other cases
-			break;
-		}
+	}
+	{
+		security_policy_t policy = policyForSignTxStakePoolRegistrationInit(
+		                                   commonTxData->txSigningMode,
+		                                   subctx->numOwners,
+		                                   subctx->numRelays
+		                           );
+		TRACE("Policy: %d", (int) policy);
+		ENSURE_NOT_DENIED(policy);
 	}
 	{
 		txHashBuilder_poolRegistrationCertificate_enter(