[SQUASH] rework again to move most code to signTx*

src/securityPolicy.c

@@ -2,9 +2,7 @@
 #include "addressUtilsByron.h"
 #include "bip44.h"
 #include "cardano.h"
-#include "singleAccount.h"
 #include "signTxUtils.h"
-#include "state.h"
 
 #include "securityPolicy.h"
 
@@ -377,7 +375,7 @@ security_policy_t policyForSignTxOutputAddressParams(
 	case SIGN_TX_SIGNINGMODE_POOL_REGISTRATION_OPERATOR:
 	case SIGN_TX_SIGNINGMODE_ORDINARY_TX: {
 		DENY_UNLESS(determineSpendingChoice(params->type) == SPENDING_PATH);
-		validateOrStoreSingleAccount(&(instructionState.signTxContext.commonTxData.singleAccountData), &params->spendingKeyPath);
+		DENY_IF(violatesAndStoreSingleAccount(&params->spendingKeyPath));
 		SHOW_UNLESS(is_standard_base_address(params));
 		ALLOW();
 		break;
@@ -517,7 +515,7 @@ security_policy_t policyForSignTxCertificateStaking(
 	case SIGN_TX_SIGNINGMODE_ORDINARY_TX:
 		DENY_UNLESS(stakeCredential->type == STAKE_CREDENTIAL_KEY_PATH);
 		DENY_UNLESS(bip44_isOrdinaryStakingKeyPath(&stakeCredential->keyPath));
-		validateOrStoreSingleAccount(&(instructionState.signTxContext.commonTxData.singleAccountData), &stakeCredential->keyPath);
+		DENY_IF(violatesAndStoreSingleAccount(&stakeCredential->keyPath));
 		break;
 	case SIGN_TX_SIGNINGMODE_MULTISIG_TX:
 		DENY_UNLESS(stakeCredential->type == STAKE_CREDENTIAL_SCRIPT_HASH);
@@ -620,7 +618,7 @@ security_policy_t policyForSignTxStakePoolRegistrationOwner(
 {
 	if (owner->keyReferenceType == KEY_REFERENCE_PATH) {
 		DENY_UNLESS(bip44_isOrdinaryStakingKeyPath(&owner->path));
-		validateOrStoreSingleAccount(&(instructionState.signTxContext.commonTxData.singleAccountData), &owner->path);
+		DENY_IF(violatesAndStoreSingleAccount(&owner->path));
 	}
 
 	switch (txSigningMode) {
@@ -690,7 +688,7 @@ security_policy_t policyForSignTxWithdrawal(
 	case SIGN_TX_SIGNINGMODE_ORDINARY_TX:
 		DENY_UNLESS(stakeCredential->type == STAKE_CREDENTIAL_KEY_PATH);
 		DENY_UNLESS(bip44_isOrdinaryStakingKeyPath(&stakeCredential->keyPath));
-		validateOrStoreSingleAccount(&(instructionState.signTxContext.commonTxData.singleAccountData), &stakeCredential->keyPath);
+		DENY_IF(violatesAndStoreSingleAccount(&stakeCredential->keyPath));
 		SHOW();
 		break;
 
@@ -710,8 +708,8 @@ static inline security_policy_t _ordinaryWitnessPolicy(const bip44_path_t* path,
 {
 	switch (bip44_classifyPath(path)) {
 	case PATH_ORDINARY_SPENDING_KEY:
-		validateOrStoreSingleAccount(&(instructionState.signTxContext.commonTxData.singleAccountData), path);
-		// intentional fallthrough
+		DENY_IF(violatesAndStoreSingleAccount(path));
+	// intentional fallthrough
 	case PATH_ORDINARY_STAKING_KEY:
 	case PATH_POOL_COLD_KEY:
 		WARN_UNLESS(bip44_isPathReasonable(path));
@@ -916,23 +914,3 @@ security_policy_t policyForSignOpCert(const bip44_path_t* poolColdKeyPathSpec)
 
 	DENY(); // should not be reached
 }
-
-single_account_return_t policyForSingleAccountPath(single_account_data_t* accountData, const bip44_path_t* path)
-{
-    if (!bip44_hasOrdinaryWalletKeyPrefix(path) || !bip44_containsAccount(path)) {
-        return SINGLE_ACCOUNT_IGNORE;
-    }
-    if (accountData->pathSet) {
-        const uint32_t storedAccount = accountData->accountNumber;
-        if (bip44_getAccount(path) != storedAccount) {
-            return SINGLE_ACCOUNT_VIOLATE;
-        }
-        if ((accountData->byron ^ bip44_hasByronPrefix(path))
-            && storedAccount != 0) {
-            return SINGLE_ACCOUNT_VIOLATE;
-        }
-    } else {
-		return SINGLE_ACCOUNT_VALID;
-    }
-    return false;
-}

src/securityPolicy.h

@@ -129,11 +129,4 @@ security_policy_t policyForCatalystRegistrationVotingKey();
 security_policy_t policyForCatalystRegistrationNonce();
 security_policy_t policyForCatalystRegistrationConfirm();
 
-typedef enum {
-        SINGLE_ACCOUNT_VIOLATE,
-        SINGLE_ACCOUNT_VALID,
-        SINGLE_ACCOUNT_IGNORE
-} single_account_return_t;
-single_account_return_t policyForSingleAccountPath(single_account_data_t* accountData, const bip44_path_t* path);
-
 #endif // H_CARDANO_APP_SECURITY_POLICY

src/signTxUtils.c

@@ -4,6 +4,9 @@
 #include "utils.h"
 #include "signTxUtils.h"
 #include "securityPolicy.h"
+#include "state.h"
+
+static single_account_data_t* singleAccountData = &(instructionState.signTxContext.commonTxData.singleAccountData);
 
 void respondSuccessEmptyMsg()
 {
@@ -12,25 +15,27 @@ void respondSuccessEmptyMsg()
 	ui_displayBusy(); // needs to happen after I/O
 }
 
-void validateOrStoreSingleAccount(single_account_data_t* accountData, const bip44_path_t* path)
+bool violatesAndStoreSingleAccount(const bip44_path_t* path)
 {
-	switch (policyForSingleAccountPath(accountData, path))
-	{
-	case SINGLE_ACCOUNT_VALID:
-		if (!accountData->pathSet) {
-			accountData->pathSet = true;
-			accountData->byron = bip44_hasByronPrefix(path);
-			accountData->accountNumber = bip44_getAccount(path);
-		}
-		break;
-	case SINGLE_ACCOUNT_VIOLATE:
-		THROW(ERR_REJECTED_BY_POLICY);
-		break;
-	case SINGLE_ACCOUNT_IGNORE:
-		break;
-
-	default:
+	if (!bip44_hasOrdinaryWalletKeyPrefix(path) || !bip44_containsAccount(path)) {
+		TRACE("Invalid path in single account check");
 		ASSERT(false);
-		break;
 	}
+	const bool byron = bip44_hasByronPrefix(path);
+	const uint32_t account = bip44_getAccount(path);
+	if (singleAccountData->pathSet) {
+		const uint32_t storedAccount = singleAccountData->accountNumber;
+		if (account != storedAccount) {
+			return true;
+		}
+		if ((singleAccountData->byron ^ byron)
+		    && storedAccount != 0) {
+			return true;
+		}
+	} else {
+		singleAccountData->pathSet = true;
+		singleAccountData->byron = byron;
+		singleAccountData->accountNumber = account;
+	}
+	return false;
 }

src/signTxUtils.h

@@ -6,6 +6,6 @@
 
 void respondSuccessEmptyMsg();
 
-void validateOrStoreSingleAccount(single_account_data_t* accountData, const bip44_path_t* path);
+bool violatesAndStoreSingleAccount(const bip44_path_t* path);
 
 #endif  // H_CARDANO_APP_SIGN_TX_UTILS