LedgerHQ · vldmkr · Feb 4, 2023 · Feb 14, 2023 · Feb 15, 2023 · Feb 19, 2023
diff --git a/.github/workflows/ci-workflow.yml b/.github/workflows/ci-workflow.yml
@@ -25,7 +25,7 @@ jobs:
             artifact: aptos-app-nanosp
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest
+      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:bd1db4121a88260b9b6866d3c05b7d20f928743b
 
     steps:
       - name: Clone
@@ -46,7 +46,7 @@ jobs:
     name: Clang Static Analyzer
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest
+      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:bd1db4121a88260b9b6866d3c05b7d20f928743b
 
     steps:
       - name: Clone
@@ -68,7 +68,7 @@ jobs:
     name: Unit test
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest
+      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:bd1db4121a88260b9b6866d3c05b7d20f928743b
 
     steps:
       - name: Install curl
@@ -108,7 +108,7 @@ jobs:
     runs-on: ubuntu-latest
 
     container:
-      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest
+      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:bd1db4121a88260b9b6866d3c05b7d20f928743b
 
     steps:
       - name: Clone

diff --git a/Makefile b/Makefile
@@ -1,5 +1,5 @@
 # ****************************************************************************
-#    Ledger App Boilerplate
+#    Ledger App Aptos
 #    (c) 2020 Ledger SAS.
 #
 #   Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,8 +32,8 @@ APP_LOAD_PARAMS += $(COMMON_LOAD_PARAMS)
 
 APPNAME      = "Aptos"
 APPVERSION_M = 0
-APPVERSION_N = 1
-APPVERSION_P = 0
+APPVERSION_N = 3
+APPVERSION_P = 4
 APPVERSION   = "$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)"
 
 ifeq ($(TARGET_NAME),TARGET_NANOS)
@@ -56,6 +56,16 @@ DEFINES += BLE_SEGMENT_SIZE=32
 DEFINES += HAVE_WEBUSB WEBUSB_URL_SIZE_B=0 WEBUSB_URL=""
 DEFINES += UNUSED\(x\)=\(void\)x
 
+ifeq ($(TARGET_NAME),TARGET_NANOS)
+    DEFINES += MAX_TRANSACTION_PACKETS=6
+endif
+ifeq ($(TARGET_NAME),TARGET_NANOS2)
+    DEFINES += MAX_TRANSACTION_PACKETS=106
+endif
+ifeq ($(TARGET_NAME),TARGET_NANOX)
+    DEFINES += MAX_TRANSACTION_PACKETS=104
+endif
+
 ifeq ($(TARGET_NAME),TARGET_NANOX)
     DEFINES += HAVE_BLE BLE_COMMAND_TIMEOUT_MS=2000 HAVE_BLE_APDU
 endif

diff --git a/fuzzing/fuzz_tx_parser.cc b/fuzzing/fuzz_tx_parser.cc
@@ -21,7 +21,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     transaction_init(&tx);
     status = transaction_deserialize(&buf, &tx);
 
-    if (status == PARSING_OK && tx.tx_variant == TX_RAW) {
+    if (status == PARSING_OK && tx.tx_variant == TX_RAW &&
+        tx.payload_variant == PAYLOAD_ENTRY_FUNCTION) {
         printf("\nTransaction size: %lu\n", size);
         printf("chain_id: %d\n", tx.chain_id);
         printf("sequence: %lu\n", tx.sequence);
@@ -31,6 +32,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         format_hex(tx.sender, ADDRESS_LEN, sender, sizeof(sender));
         printf("sender: %s\n", sender);
         printf("payload_variant: %d\n", tx.payload_variant);
+        printf("entry_function.known_type: %d\n", tx.payload.entry_function.known_type);
     }
 
     return 0;

diff --git a/src/address.c b/src/address.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/apdu/dispatcher.c b/src/apdu/dispatcher.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/apdu/dispatcher.h b/src/apdu/dispatcher.h
@@ -17,7 +17,7 @@
 /**
  * Parameter 1 for maximum APDU number.
  */
-#define P1_MAX 0x03
+#define P1_MAX (MAX_TRANSACTION_PACKETS + 1)
 
 /**
  * Dispatch APDU command received to the right handler.

diff --git a/src/apdu/parser.c b/src/apdu/parser.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/constants.h b/src/constants.h
@@ -20,10 +20,17 @@
  */
 #define MAX_APPNAME_LEN 64
 
+/**
+ * Maximum transaction packets.
+ */
+#ifndef MAX_TRANSACTION_PACKETS
+#define MAX_TRANSACTION_PACKETS 2
+#endif
+
 /**
  * Maximum transaction length (bytes).
  */
-#define MAX_TRANSACTION_LEN 510
+#define MAX_TRANSACTION_LEN (MAX_TRANSACTION_PACKETS * 255)
 
 /**
  * Signature length (bytes).

diff --git a/src/crypto.c b/src/crypto.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/globals.h b/src/globals.h
@@ -27,3 +27,9 @@ extern bolos_ux_params_t G_ux_params;
  * Global context for user requests.
  */
 extern global_ctx_t G_context;
+
+/**
+ * Global NVM app storage.
+ */
+extern const app_storage_t N_app_storage;
+#define N_storage (*(volatile app_storage_t*) PIC(&N_app_storage))
diff --git a/src/handler/get_app_name.c b/src/handler/get_app_name.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/handler/get_public_key.c b/src/handler/get_public_key.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/handler/get_version.c b/src/handler/get_version.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/handler/sign_tx.c b/src/handler/sign_tx.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/helper/send_reponse.c b/src/helper/send_reponse.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/io.c b/src/io.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/src/main.c b/src/main.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
@@ -33,6 +33,7 @@ uint8_t G_io_seproxyhal_spi_buffer[IO_SEPROXYHAL_BUFFER_SIZE_B];
 ux_state_t G_ux;
 bolos_ux_params_t G_ux_params;
 global_ctx_t G_context;
+const app_storage_t N_app_storage;
 
 /**
  * Handle APDU command received and send back APDU response using handlers.
@@ -110,6 +111,15 @@ void app_exit() {
     END_TRY_L(exit);
 }
 
+void nvm_app_storage_init() {
+    if (N_storage.initialized != 0x01) {
+        app_storage_t storage;
+        storage.settings.show_full_message = 0x00;
+        storage.initialized = 0x01;
+        nvm_write((void *) &N_storage, (void *) &storage, sizeof(app_storage_t));
+    }
+}
+
 /**
  * Main loop to setup USB, Bluetooth, UI and launch app_main().
  */
@@ -125,6 +135,7 @@ __attribute__((section(".boot"))) int main() {
         BEGIN_TRY {
             TRY {
                 io_seproxyhal_init();
+                nvm_app_storage_init();
 
 #ifdef TARGET_NANOX
                 G_io_app.plane_mode = os_setting_get(OS_SETTING_PLANEMODE, NULL, 0);

diff --git a/src/transaction/deserialize.c b/src/transaction/deserialize.c
@@ -95,6 +95,7 @@ parser_status_e tx_raw_deserialize(buffer_t *buf, transaction_t *tx) {
 }
 
 parser_status_e tx_variant_deserialize(buffer_t *buf, transaction_t *tx) {
+    parser_status_e status = TX_VARIANT_UNDEFINED_ERROR;
     if (buf->offset != 0) {
         return TX_VARIANT_READ_ERROR;
     }
@@ -103,18 +104,18 @@ parser_status_e tx_variant_deserialize(buffer_t *buf, transaction_t *tx) {
 
     uint8_t *prefix;
     // read hashed prefix bytes
-    if (!bcs_read_ptr_to_fixed_bytes(buf, &prefix, TX_HASHED_PREFIX_LEN)) {
-        return HASHED_PREFIX_READ_ERROR;
-    }
-
-    if (memcmp(prefix, PREFIX_RAW_TX_WITH_DATA_HASHED, TX_HASHED_PREFIX_LEN) == 0) {
-        tx->tx_variant = TX_RAW_WITH_DATA;
-        return PARSING_OK;
-    }
+    if (bcs_read_ptr_to_fixed_bytes(buf, &prefix, TX_HASHED_PREFIX_LEN)) {
+        if (memcmp(prefix, PREFIX_RAW_TX_WITH_DATA_HASHED, TX_HASHED_PREFIX_LEN) == 0) {
+            tx->tx_variant = TX_RAW_WITH_DATA;
+            return PARSING_OK;
+        }
 
-    if (memcmp(prefix, PREFIX_RAW_TX_HASHED, TX_HASHED_PREFIX_LEN) == 0) {
-        tx->tx_variant = TX_RAW;
-        return PARSING_OK;
+        if (memcmp(prefix, PREFIX_RAW_TX_HASHED, TX_HASHED_PREFIX_LEN) == 0) {
+            tx->tx_variant = TX_RAW;
+            return PARSING_OK;
+        }
+    } else {
+        status = HASHED_PREFIX_READ_ERROR;
     }
 
     if (transaction_utils_check_encoding(buf->ptr, buf->size)) {
@@ -123,7 +124,7 @@ parser_status_e tx_variant_deserialize(buffer_t *buf, transaction_t *tx) {
         return PARSING_OK;
     }
 
-    return TX_VARIANT_UNDEFINED_ERROR;
+    return status;
 }
 
 parser_status_e entry_function_payload_deserialize(buffer_t *buf, transaction_t *tx) {
@@ -323,17 +324,15 @@ entry_function_known_type_t determine_function_type(transaction_t *tx) {
         return FUNC_UNKNOWN;
     }
 
-    // TODO: Add string length check before comparison
     if (tx->payload.entry_function.module_id.address[ADDRESS_LEN - 1] == 0x01 &&
-        memcmp(tx->payload.entry_function.module_id.name.bytes, "aptos_account", 13) == 0 &&
-        memcmp(tx->payload.entry_function.function_name.bytes, "transfer", 8) == 0) {
+        bcs_cmp_bytes(&tx->payload.entry_function.module_id.name, "aptos_account", 13) &&
+        bcs_cmp_bytes(&tx->payload.entry_function.function_name, "transfer", 8)) {
         return FUNC_APTOS_ACCOUNT_TRANSFER;
     }
 
-    // TODO: Add string length check before comparison
     if (tx->payload.entry_function.module_id.address[ADDRESS_LEN - 1] == 0x01 &&
-        memcmp(tx->payload.entry_function.module_id.name.bytes, "coin", 4) == 0 &&
-        memcmp(tx->payload.entry_function.function_name.bytes, "transfer", 8) == 0) {
+        bcs_cmp_bytes(&tx->payload.entry_function.module_id.name, "coin", 4) &&
+        bcs_cmp_bytes(&tx->payload.entry_function.function_name, "transfer", 8)) {
         return FUNC_COIN_TRANSFER;
     }
 

diff --git a/src/transaction/utils.c b/src/transaction/utils.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,7 @@
 
 #include <stdint.h>   // uint*_t
 #include <stdbool.h>  // bool
-#include <string.h>   // memmove
+#include <string.h>   // memcmp
 
 #include "types.h"
 
@@ -30,3 +30,7 @@ bool transaction_utils_check_encoding(const uint8_t *msg, uint64_t msg_len) {
 
     return true;
 }
+
+bool bcs_cmp_bytes(const fixed_bytes_t *bcs_bytes, const void *value, size_t len) {
+    return bcs_bytes->len == len && memcmp(bcs_bytes->bytes, value, len) == 0;
+}
diff --git a/src/transaction/utils.h b/src/transaction/utils.h
@@ -17,3 +17,18 @@
  *
  */
 bool transaction_utils_check_encoding(const uint8_t *msg, uint64_t msg_len);
+
+/**
+ * Compares the fixed_bytes_t bcs_bytes to the memory pointed by value.
+ *
+ * @param[in] bcs_bytes
+ *   Pointer to fixed_bytes_t struct.
+ * @param[in] value
+ *   Pointer to input block of memory.
+ * @param[in] len
+ *   Length of input bytes to compare.
+ *
+ * @return true if success, false otherwise.
+ *
+ */
+bool bcs_cmp_bytes(const fixed_bytes_t *bcs_bytes, const void *value, size_t len);
diff --git a/src/types.h b/src/types.h
@@ -88,3 +88,12 @@ typedef struct {
     uint32_t bip32_path[MAX_BIP32_PATH];  /// BIP32 path
     uint8_t bip32_path_len;               /// length of BIP32 path
 } global_ctx_t;
+
+typedef struct {
+    uint8_t show_full_message;
+} app_settings;
+
+typedef struct {
+    app_settings settings;
+    uint8_t initialized;
+} app_storage_t;
diff --git a/src/ui/action/validate.c b/src/ui/action/validate.c
@@ -1,5 +1,5 @@
 /*****************************************************************************
- *   Ledger App Boilerplate.
+ *   Ledger App Aptos.
  *   (c) 2020 Ledger SAS.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");