Merge pull request #53 from LedgerHQ/jca/update_sdk_version

Use last Rust SDK, not needed anymore to use sys crate and unsafe calls
LedgerHQ · Mar 4, 2024 · 9f37efc · 9f37efc
2 parents b83d26c + 5514b7d
commit 9f37efc
Show file tree

Hide file tree

Showing 8 changed files with 20 additions and 60 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,12 +1,11 @@
 [package]
 name = "app-boilerplate-rust"
-version = "1.2.2"
+version = "1.2.3"
 authors = ["yhql", "agrojean-ledger"]
 edition = "2021"
 
 [dependencies]
-ledger_device_sdk = "1.5.0"
-ledger_secure_sdk_sys = "1.2.0"
+ledger_device_sdk = "1.7.1"
 include_gif = "1.0.1"
 serde = {version="1.0.192", default_features = false, features = ["derive"]}
 serde-json-core = { git = "https://github.com/rust-embedded-community/serde-json-core"}
@@ -34,4 +33,4 @@ icon = "crab.gif"
 icon = "crab_14x14.gif"
 
 [package.metadata.ledger.nanosplus]
-icon = "crab_14x14.gif"
+icon = "crab_14x14.gif"
diff --git a/src/handlers/get_public_key.rs b/src/handlers/get_public_key.rs
@@ -19,43 +19,22 @@ use crate::app_ui::address::ui_display_pk;
 use crate::utils::Bip32Path;
 use crate::AppSW;
 use ledger_device_sdk::ecc::{Secp256k1, SeedDerive};
+use ledger_device_sdk::hash::{sha3::Keccak256, HashInit};
 use ledger_device_sdk::io::Comm;
-use ledger_secure_sdk_sys::{
-    cx_hash_no_throw, cx_hash_t, cx_keccak_init_no_throw, cx_sha3_t, CX_LAST, CX_OK,
-};
 
 pub fn handler_get_public_key(comm: &mut Comm, display: bool) -> Result<(), AppSW> {
     let data = comm.get_data().map_err(|_| AppSW::WrongApduLength)?;
     let path: Bip32Path = data.try_into()?;
 
-    let pk = Secp256k1::derive_from_path(path.as_ref())
-        .public_key()
-        .map_err(|_| AppSW::KeyDeriveFail)?;
+    let (k, cc) = Secp256k1::derive_from(path.as_ref());
+    let pk = k.public_key().map_err(|_| AppSW::KeyDeriveFail)?;
 
     // Display address on device if requested
     if display {
-        let mut keccak256: cx_sha3_t = Default::default();
+        let keccak256 = Keccak256::new();
         let mut address: [u8; 32] = [0u8; 32];
 
-        unsafe {
-            if cx_keccak_init_no_throw(&mut keccak256, 256) != CX_OK {
-                return Err(AppSW::AddrDisplayFail);
-            }
-
-            let mut pk_mut = pk.pubkey;
-            let pk_ptr = pk_mut.as_mut_ptr().offset(1);
-            if cx_hash_no_throw(
-                &mut keccak256.header as *mut cx_hash_t,
-                CX_LAST,
-                pk_ptr,
-                64_usize,
-                address.as_mut_ptr(),
-                address.len(),
-            ) != CX_OK
-            {
-                return Err(AppSW::AddrDisplayFail);
-            }
-        }
+        let _ = keccak256.hash(&pk.pubkey[1..], &mut address);
 
         if !ui_display_pk(&address)? {
             return Err(AppSW::Deny);
@@ -64,11 +43,11 @@ pub fn handler_get_public_key(comm: &mut Comm, display: bool) -> Result<(), AppS
 
     comm.append(&[pk.pubkey.len() as u8]);
     comm.append(&pk.pubkey);
-    // Rust SDK key derivation API does not return chaincode yet
-    // so we just append a dummy chaincode.
-    const CHAINCODE_LEN: usize = 32;
-    comm.append(&[CHAINCODE_LEN as u8]); // Dummy chaincode length
-    comm.append(&[0u8; CHAINCODE_LEN]); // Dummy chaincode
+
+    const CHAINCODE_LEN: u8 = 32;
+    let code = cc.unwrap();
+    comm.append(&[CHAINCODE_LEN]);
+    comm.append(&code.value);
 
     Ok(())
 }
diff --git a/src/handlers/sign_tx.rs b/src/handlers/sign_tx.rs
@@ -18,10 +18,8 @@ use crate::app_ui::sign::ui_display_tx;
 use crate::utils::Bip32Path;
 use crate::AppSW;
 use ledger_device_sdk::ecc::{Secp256k1, SeedDerive};
+use ledger_device_sdk::hash::{sha3::Keccak256, HashInit};
 use ledger_device_sdk::io::Comm;
-use ledger_secure_sdk_sys::{
-    cx_hash_no_throw, cx_hash_t, cx_keccak_init_no_throw, cx_sha3_t, CX_LAST, CX_OK,
-};
 
 use serde::Deserialize;
 use serde_json_core::from_slice;
@@ -109,25 +107,10 @@ pub fn handler_sign_tx(
 }
 
 fn compute_signature_and_append(comm: &mut Comm, ctx: &mut TxContext) -> Result<(), AppSW> {
-    let mut keccak256: cx_sha3_t = Default::default();
+    let keccak256 = Keccak256::new();
     let mut message_hash: [u8; 32] = [0u8; 32];
 
-    unsafe {
-        if cx_keccak_init_no_throw(&mut keccak256, 256) != CX_OK {
-            return Err(AppSW::TxHashFail);
-        }
-        if cx_hash_no_throw(
-            &mut keccak256.header as *mut cx_hash_t,
-            CX_LAST,
-            ctx.raw_tx.as_ptr(),
-            ctx.raw_tx_len,
-            message_hash.as_mut_ptr(),
-            message_hash.len(),
-        ) != CX_OK
-        {
-            return Err(AppSW::TxHashFail);
-        }
-    }
+    let _ = keccak256.hash(&ctx.raw_tx[..ctx.raw_tx_len], &mut message_hash);
 
     let (sig, siglen, parity) = Secp256k1::derive_from_path(ctx.path.as_ref())
         .deterministic_sign(&message_hash)

diff --git a/tests/snapshots/nanos/test_app_mainmenu/00001.png b/tests/snapshots/nanos/test_app_mainmenu/00001.png
diff --git a/tests/snapshots/nanosp/test_app_mainmenu/00001.png b/tests/snapshots/nanosp/test_app_mainmenu/00001.png
diff --git a/tests/snapshots/nanox/test_app_mainmenu/00001.png b/tests/snapshots/nanox/test_app_mainmenu/00001.png
diff --git a/tests/test_version_cmd.py b/tests/test_version_cmd.py
@@ -4,7 +4,7 @@
 # Taken from the Cargo.toml, to update every time the version is bumped
 MAJOR = 1
 MINOR = 2
-PATCH = 2 
+PATCH = 3 
 
 # In this test we check the behavior of the device when asked to provide the app version
 def test_version(backend):