feat/ Support ethereum derivation path and remove warnings

Makefile

@@ -29,6 +29,9 @@ APPVERSION=$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)
 
 # Celo
 APP_LOAD_PARAMS += --path "44'/52752'"
+# Ethereum path
+APP_LOAD_PARAMS += --path "44'/60'/0'/0/0" --path "44'/60'/0'" --path "44'/60'/0'/0"
+
 APPNAME = "Celo"
 APP_LOAD_FLAGS=--appFlags 0
 ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOX TARGET_STAX))
@@ -133,7 +136,7 @@ endif
 
 CC       := $(CLANGPATH)clang
 
-#CFLAGS   += -O0
+# CFLAGS   += -O0
 CFLAGS   += -O3 -Os
 
 AS     := $(GCCPATH)arm-none-eabi-gcc

src/celo.c

@@ -232,15 +232,16 @@ customStatus_e customProcessor(txContext_t *context) {
                     copyTxData(context,
                         dataContext.withdrawContext.data + context->currentFieldPos,
                         copySize);
+                    break;
                   case PROVISION_RELOCK:
                     copyTxData(context,
                         dataContext.relockContext.data + context->currentFieldPos,
                         copySize);
+                    break;
                   case PROVISION_CREATE_ACCOUNT:
                     copyTxData(context,
                         dataContext.createAccountContext.data + context->currentFieldPos,
                         copySize);
-
                     break;
                   default:
                     break;
@@ -331,8 +332,8 @@ void finalizeParsing(bool direct) {
   uint32_t i;
   uint8_t decimals = WEI_TO_ETHER;
   uint8_t feeDecimals = WEI_TO_ETHER;
-  char *ticker = CHAINID_COINNAME " ";
-  char *feeTicker = CHAINID_COINNAME " ";
+  const char *ticker = CHAINID_COINNAME " ";
+  const char *feeTicker = CHAINID_COINNAME " ";
   uint8_t tickerOffset = 0;
 
   // Display correct currency if fee currency field sent
@@ -356,7 +357,12 @@ void finalizeParsing(bool direct) {
   }
 
   // Store the hash
-  cx_hash((cx_hash_t *)&sha3, CX_LAST, tmpCtx.transactionContext.hash, 0, tmpCtx.transactionContext.hash, 32);
+  CX_THROW(cx_hash_no_throw((cx_hash_t *) &sha3,
+                        CX_LAST,
+                        tmpCtx.transactionContext.hash,
+                        0,
+                        tmpCtx.transactionContext.hash,
+                        32));
     // If there is a token to process, check if it is well known
     if (provisionType == PROVISION_TOKEN) {
         tokenDefinition_t *currentToken = getKnownToken(tmpContent.txContent.destination);

src/main.c

@@ -168,10 +168,10 @@ void handleGetWalletId(volatile unsigned int *tx) {
   cx_ecfp_256_private_key_t priv;
   cx_ecfp_256_public_key_t pub;
   // seed => priv key
-  os_perso_derive_node_bip32(CX_CURVE_256K1, U_os_perso_seed_cookie, 2, t, NULL);
+  CX_THROW(os_derive_bip32_no_throw(CX_CURVE_256K1, U_os_perso_seed_cookie, 2, t, NULL));
   // priv key => pubkey
-  cx_ecdsa_init_private_key(CX_CURVE_256K1, t, 32, &priv);
-  cx_ecfp_generate_pair(CX_CURVE_256K1, &pub, &priv, 1);
+  CX_THROW(cx_ecdsa_init_private_key(CX_CURVE_256K1, t, 32, &priv));
+  CX_THROW(cx_ecfp_generate_pair_no_throw(CX_CURVE_256K1, &pub, &priv, 1));
   // pubkey -> sha512
   cx_hash_sha512(pub.W, sizeof(pub.W), t, sizeof(t));
   // ! cookie !
@@ -184,7 +184,7 @@ void handleGetWalletId(volatile unsigned int *tx) {
 
 void handleGetPublicKey(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, volatile unsigned int *flags, volatile unsigned int *tx) {
   UNUSED(dataLength);
-  uint8_t privateKeyData[32];
+  uint8_t privateKeyData[64];
   bip32Path_t derivationPath;
   cx_ecfp_private_key_t privateKey;
 
@@ -203,10 +203,16 @@ void handleGetPublicKey(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t da
 
   tmpCtx.publicKeyContext.getChaincode = (p2 == P2_CHAINCODE);
   io_seproxyhal_io_heartbeat();
-  os_perso_derive_node_bip32(CX_CURVE_256K1, derivationPath.path, derivationPath.len, privateKeyData, (tmpCtx.publicKeyContext.getChaincode ? tmpCtx.publicKeyContext.chainCode : NULL));
-  cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey);
+  CX_THROW(os_derive_bip32_no_throw(
+                                CX_CURVE_256K1,
+                                derivationPath.path,
+                                derivationPath.len,
+                                privateKeyData,
+                                (tmpCtx.publicKeyContext.getChaincode ? tmpCtx.publicKeyContext.chainCode : NULL)));
+
+  CX_THROW(cx_ecfp_init_private_key_no_throw(CX_CURVE_256K1, privateKeyData, 32, &privateKey));
   io_seproxyhal_io_heartbeat();
-  cx_ecfp_generate_pair(CX_CURVE_256K1, &tmpCtx.publicKeyContext.publicKey, &privateKey, 1);
+  CX_THROW(cx_ecfp_generate_pair_no_throw(CX_CURVE_256K1, &tmpCtx.publicKeyContext.publicKey, &privateKey, 1));
   explicit_bzero(&privateKey, sizeof(privateKey));
   explicit_bzero(privateKeyData, sizeof(privateKeyData));
   io_seproxyhal_io_heartbeat();
@@ -272,8 +278,8 @@ void handleProvideErc20TokenInformation(uint8_t p1, uint8_t p2, uint8_t *workBuf
   // Skip chainId
   offset += 4;
   dataLength -= 4;
-  cx_ecfp_init_public_key(CX_CURVE_256K1, TOKEN_SIGNATURE_PUBLIC_KEY, sizeof(TOKEN_SIGNATURE_PUBLIC_KEY), &tokenKey);
-  if (!cx_ecdsa_verify(&tokenKey, CX_LAST, CX_SHA256, hash, 32, workBuffer + offset, dataLength)) {
+  CX_THROW(cx_ecfp_init_public_key_no_throw(CX_CURVE_256K1, TOKEN_SIGNATURE_PUBLIC_KEY, sizeof(TOKEN_SIGNATURE_PUBLIC_KEY), &tokenKey));
+  if (!cx_ecdsa_verify_no_throw(&tokenKey, hash, 32, workBuffer + offset, dataLength)) {
     PRINTF("Invalid token signature\n");
     THROW(0x6A80);
   }
@@ -398,16 +404,24 @@ void handleSignPersonalMessage(uint8_t p1, uint8_t p2, uint8_t *workBuffer, uint
     workBuffer += 4;
     dataLength -= 4;
     // Initialize message header + length
-    cx_keccak_init(&sha3, 256);
-    cx_hash((cx_hash_t *)&sha3, 0, (uint8_t*)SIGN_MAGIC, sizeof(SIGN_MAGIC) - 1, NULL, 0);
+    CX_THROW(cx_keccak_init_no_throw(&sha3, 256));
+    CX_THROW(cx_hash_no_throw((cx_hash_t *)&sha3,
+                         0,
+                         (uint8_t*)SIGN_MAGIC,
+                         sizeof(SIGN_MAGIC) - 1,
+                         NULL,
+                         0));
+
     for (i = 1; (((i * base) <= tmpCtx.messageSigningContext.remainingLength) &&
                          (((i * base) / base) == i));
              i *= base);
     for (; i; i /= base) {
       tmp[pos++] = '0' + ((tmpCtx.messageSigningContext.remainingLength / i) % base);
     }
     tmp[pos] = '\0';
-    cx_hash((cx_hash_t *)&sha3, 0, (uint8_t*)tmp, pos, NULL, 0);
+
+    CX_THROW(cx_hash_no_throw((cx_hash_t *) &sha3, 0, (uint8_t*)tmp, pos, NULL, 0));
+
     cx_sha256_init(&tmpContent.sha2);
   }
   else if (p1 != P1_MORE) {
@@ -423,14 +437,14 @@ void handleSignPersonalMessage(uint8_t p1, uint8_t p2, uint8_t *workBuffer, uint
   if (dataLength > tmpCtx.messageSigningContext.remainingLength) {
       THROW(0x6A80);
   }
-  cx_hash((cx_hash_t *)&sha3, 0, workBuffer, dataLength, NULL, 0);
-  cx_hash((cx_hash_t *)&tmpContent.sha2, 0, workBuffer, dataLength, NULL, 0);
+  CX_THROW(cx_hash_no_throw((cx_hash_t *)&sha3, 0, workBuffer, dataLength, NULL, 0));
+  CX_THROW(cx_hash_no_throw((cx_hash_t *)&tmpContent.sha2, 0, workBuffer, dataLength, NULL, 0));
   tmpCtx.messageSigningContext.remainingLength -= dataLength;
   if (tmpCtx.messageSigningContext.remainingLength == 0) {
     uint8_t hashMessage[32];
 
-    cx_hash((cx_hash_t *)&sha3, CX_LAST, workBuffer, 0, tmpCtx.messageSigningContext.hash, 32);
-    cx_hash((cx_hash_t *)&tmpContent.sha2, CX_LAST, workBuffer, 0, hashMessage, 32);
+  CX_THROW(cx_hash_no_throw((cx_hash_t *)&sha3, CX_LAST, workBuffer, 0, tmpCtx.messageSigningContext.hash, 32));
+  CX_THROW(cx_hash_no_throw((cx_hash_t *)&tmpContent.sha2, CX_LAST, workBuffer, 0, hashMessage, 32));
 
 #ifdef HAVE_BAGL
 #define HASH_LENGTH 4
@@ -648,6 +662,8 @@ unsigned char io_event(unsigned char channel) {
          THROW(EXCEPTION_IO_RESET);
         }
         // no break is intentional
+        __attribute__((fallthrough)); // ignore fall-through warning
+
     default:
         UX_DEFAULT_EVENT();
         break;

src/ui_common.c

@@ -86,23 +86,24 @@ unsigned int io_seproxyhal_touch_address_cancel(void) {
 }
 
 unsigned int io_seproxyhal_touch_tx_ok(void) {
-    uint8_t privateKeyData[32];
+    uint8_t privateKeyData[64];
     uint8_t signature[100];
     cx_ecfp_private_key_t privateKey;
     uint32_t tx = 0;
     uint32_t v = getV(&tmpContent.txContent);
     io_seproxyhal_io_heartbeat();
-    os_perso_derive_node_bip32(CX_CURVE_256K1, tmpCtx.transactionContext.derivationPath.path,
+    CX_THROW(os_derive_bip32_no_throw(CX_CURVE_256K1, tmpCtx.transactionContext.derivationPath.path,
                                tmpCtx.transactionContext.derivationPath.len,
-                               privateKeyData, NULL);
-    cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32,
-                                 &privateKey);
+                               privateKeyData, NULL));
+    CX_THROW(cx_ecfp_init_private_key_no_throw(CX_CURVE_256K1, privateKeyData, 32,
+                                 &privateKey));
     explicit_bzero(privateKeyData, sizeof(privateKeyData));
     unsigned int info = 0;
+    size_t sig_len = sizeof(signature);
     io_seproxyhal_io_heartbeat();
-    cx_ecdsa_sign(&privateKey, CX_RND_RFC6979 | CX_LAST, CX_SHA256,
+    CX_THROW(cx_ecdsa_sign_no_throw(&privateKey, CX_RND_RFC6979 | CX_LAST, CX_SHA256,
                   tmpCtx.transactionContext.hash,
-                  sizeof(tmpCtx.transactionContext.hash), signature, sizeof(signature), &info);
+                  sizeof(tmpCtx.transactionContext.hash), signature, &sig_len, &info));
     explicit_bzero(&privateKey, sizeof(privateKey));
     // Parity is present in the sequence tag in the legacy API
     if (tmpContent.txContent.vLength == 0) {
@@ -148,22 +149,24 @@ unsigned int io_seproxyhal_touch_tx_cancel(void) {
 }
 
 unsigned int io_seproxyhal_touch_signMessage_ok(void) {
-    uint8_t privateKeyData[32];
+    uint8_t privateKeyData[64];
     uint8_t signature[100];
     cx_ecfp_private_key_t privateKey;
     uint32_t tx = 0;
     io_seproxyhal_io_heartbeat();
-    os_perso_derive_node_bip32(
-        CX_CURVE_256K1, tmpCtx.messageSigningContext.derivationPath.path,
-        tmpCtx.messageSigningContext.derivationPath.len, privateKeyData, NULL);
+    CX_THROW(os_derive_bip32_no_throw(
+                                CX_CURVE_256K1, tmpCtx.messageSigningContext.derivationPath.path,
+                                tmpCtx.messageSigningContext.derivationPath.len, privateKeyData, NULL));
+
     io_seproxyhal_io_heartbeat();
-    cx_ecfp_init_private_key(CX_CURVE_256K1, privateKeyData, 32, &privateKey);
+    CX_THROW(cx_ecfp_init_private_key_no_throw(CX_CURVE_256K1, privateKeyData, 32, &privateKey));
     explicit_bzero(privateKeyData, sizeof(privateKeyData));
     unsigned int info = 0;
+    size_t sig_len = sizeof(signature);
     io_seproxyhal_io_heartbeat();
-    cx_ecdsa_sign(&privateKey, CX_RND_RFC6979 | CX_LAST, CX_SHA256,
+    CX_THROW(cx_ecdsa_sign_no_throw(&privateKey, CX_RND_RFC6979 | CX_LAST, CX_SHA256,
                   tmpCtx.messageSigningContext.hash,
-                  sizeof(tmpCtx.messageSigningContext.hash), signature, sizeof(signature), &info);
+                  sizeof(tmpCtx.messageSigningContext.hash), signature, &sig_len, &info));
     explicit_bzero(&privateKey, sizeof(privateKey));
     G_io_apdu_buffer[0] = 27;
     if (info & CX_ECCINFO_PARITY_ODD) {

src_common/ethUstream.c

@@ -40,7 +40,7 @@ static int readTxByte(txContext_t *context, uint8_t *byte) {
     }
 #ifndef TESTING
     if (!(context->processingField && context->fieldSingleByte)) {
-        cx_hash((cx_hash_t*)context->sha3, 0, &data, 1, NULL, 0);
+        CX_THROW(cx_hash_no_throw((cx_hash_t*)context->sha3, 0, &data, 1, NULL, 0));
     }
 #endif
     if (byte) {
@@ -59,7 +59,7 @@ int copyTxData(txContext_t *context, uint8_t *out, size_t length)  {
     }
 #ifndef TESTING
     if (!(context->processingField && context->fieldSingleByte)) {
-        cx_hash((cx_hash_t*)context->sha3, 0, context->workBuffer, length, NULL, 0);
+        CX_THROW(cx_hash_no_throw((cx_hash_t*)context->sha3, 0, context->workBuffer, length, NULL, 0));
     }
 #endif
     context->workBuffer += length;
@@ -550,6 +550,6 @@ void initTx(txContext_t *context, cx_sha3_t *sha3, txContent_t *content,
     context->extra = extra;
     context->currentField = TX_RLP_CONTENT;
 #ifndef TESTING
-    cx_keccak_init(context->sha3, 256);
+    CX_THROW(cx_keccak_init_no_throw(context->sha3, 256));
 #endif
 }

src_common/ethUtils.c

@@ -61,17 +61,17 @@ char convertDigit(uint8_t *address, uint8_t index, uint8_t *hash) {
 void getEthAddressStringFromKey(const cx_ecfp_public_key_t *publicKey, char *out,
                                 cx_sha3_t *sha3Context) {
     uint8_t hashAddress[32];
-    cx_keccak_init(sha3Context, 256);
-    cx_hash((cx_hash_t*)sha3Context, CX_LAST, publicKey->W + 1, 64, hashAddress, 32);
+    CX_THROW(cx_keccak_init_no_throw(sha3Context, 256));
+    CX_THROW(cx_hash_no_throw((cx_hash_t*)sha3Context, CX_LAST, publicKey->W + 1, 64, hashAddress, 32));
     getEthAddressStringFromBinary(hashAddress + 12, out, sha3Context);
 }
 
 void getEthAddressStringFromBinary(const uint8_t *address, uint8_t *out,
                                    cx_sha3_t *sha3Context) {
     uint8_t hashChecksum[32];
     uint8_t i;
-    cx_keccak_init(sha3Context, 256);
-    cx_hash((cx_hash_t*)sha3Context, CX_LAST, address, 20, hashChecksum, 32);
+    CX_THROW(cx_keccak_init_no_throw(sha3Context, 256));
+    CX_THROW(cx_hash_no_throw((cx_hash_t*)sha3Context, CX_LAST, address, 20, hashChecksum, 32));
     for (i = 0; i < 40; i++) {
         out[i] = convertDigit(address, i, hashChecksum);
     }
@@ -84,8 +84,8 @@ static const uint8_t HEXDIGITS[] = "0123456789abcdef";
 
 void getEthAddressStringFromKey(const cx_ecfp_public_key_t *publicKey, char *out, int chainId, cx_sha3_t *sha3Context) {
     uint8_t hashAddress[32];
-    cx_keccak_init(sha3Context, 256);
-    cx_hash((cx_hash_t*)sha3Context, CX_LAST, publicKey->W + 1, 64, hashAddress, 32);
+    CX_THROW(cx_keccak_init_no_throw(sha3Context, 256));
+    CX_THROW(cx_hash_no_throw((cx_hash_t*)sha3Context, CX_LAST, publicKey->W + 1, 64, hashAddress, 32));
     getEthAddressStringFromBinary(hashAddress + 12, out, chainId, sha3Context);
 }
 
@@ -111,8 +111,8 @@ void getEthAddressStringFromBinary(const uint8_t *address, char *out, int chainI
         tmp[offset + 2 * i] = HEXDIGITS[(digit >> 4) & 0x0f];
         tmp[offset + 2 * i + 1] = HEXDIGITS[digit & 0x0f];
     }
-    cx_keccak_init(sha3Context, 256);
-    cx_hash((cx_hash_t*)sha3Context, CX_LAST, (uint8_t *) tmp, offset + 40, hashChecksum, 32);
+    CX_THROW(cx_keccak_init_no_throw(sha3Context, 256));
+    CX_THROW(cx_hash_no_throw((cx_hash_t*)sha3Context, CX_LAST, (uint8_t *) tmp, offset + 40, hashChecksum, 32));
     for (i = 0; i < 40; i++) {
         uint8_t digit = address[i / 2];
         if ((i % 2) == 0) {

tests/python/apps/celo_utils.py

@@ -1,3 +1,4 @@
 from ragger.bip import pack_derivation_path
 
 CELO_PACKED_DERIVATION_PATH = pack_derivation_path("m/44'/52752'/12345'")
+ETH_PACKED_DERIVATION_PATH = pack_derivation_path("m/44'/60'/0'")