clean up + improved zemu tests

.circleci/config.yml

@@ -13,7 +13,7 @@ jobs:
 
   build_ledger:
     docker:
-      - image: zondax/ledger-docker-bolos:v1.0
+      - image: zondax/builder-bolos:latest
     environment:
       - BOLOS_SDK=/home/zondax/project/deps/nanos-secure-sdk
       - BOLOS_ENV=/opt/bolos
@@ -28,36 +28,78 @@ jobs:
             cd /home/zondax/project
             make
 
-#  build_package:
-#    docker:
-#      - image: zondax/ledger-docker-bolos:v1.0
-#    environment:
-#      - BOLOS_SDK=/home/zondax/project/deps/nanos-secure-sdk
-#      - BOLOS_ENV=/opt/bolos
-#    steps:
-#      - checkout
-#      - run: git submodule update --init --recursive
-#      - run:
-#          name: Build
-#          command: |
-#            source /home/zondax/.cargo/env
-#            cd /home/zondax/project
-#            make
-#      - store_artifacts:
-#          path: /home/zondax/project/app/pkg/zxtool.sh
-#      - run: /home/zondax/go/bin/ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete $(/home/zondax/project/app/pkg/zxtool.sh version) /home/zondax/project/app/pkg/zxtool.sh
+  test_zemu:
+    machine:
+      image: ubuntu-1604:201903-01
+    working_directory: ~/repo
+    environment:
+      BASH_ENV: "/opt/circleci/.nvm/nvm.sh"
+    steps:
+      - checkout
+      - run: git submodule update --init --recursive
+      - run:
+          name: Build Ledger app
+          command: |
+            make
+      - run:
+          name: Install node + yarn
+          command: |
+            nvm install 13.12.0
+            nvm use 13.12.0
+            npm install -g yarn
+      - run:
+          name: Build js app
+          command: |
+            nvm use 13.12.0
+            cd js && yarn install && yarn build
+      - run:
+          name: Build/Install build js deps
+          command: |
+            nvm use 13.12.0
+            make zemu_install
+      - run:
+          name: Workaround/Pull docker
+          command: |
+            docker pull zondax/builder-zemu
+      - run:
+          name: Run zemu tests
+          command: |
+            nvm use 13.12.0
+            make zemu_test
+
+  build_package:
+    docker:
+      - image: zondax/builder-bolos:latest
+    environment:
+      - BOLOS_SDK=/home/zondax/project/deps/nanos-secure-sdk
+      - BOLOS_ENV=/opt/bolos
+    steps:
+      - checkout
+      - run: git submodule update --init --recursive
+      - run:
+          name: Build
+          command: |
+            source /home/zondax/.cargo/env
+            cd /home/zondax/project
+            make
+      - store_artifacts:
+          path: /home/zondax/project/app/pkg/zxtool.sh
+      - run: /home/zondax/go/bin/ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete $(/home/zondax/project/app/pkg/zxtool.sh version) /home/zondax/project/app/pkg/zxtool.sh
 
 workflows:
   version: 2
-  build_all:
+
+  default:
     jobs:
       - build
       - build_ledger
-#      - build_package:
-#          requires:
-#            - build
-#            - build_ledger
-#          filters:
-#            branches:
-#              only:
-#                - master
+      - test_zemu
+      - build_package:
+          requires:
+            - build
+            - build_ledger
+            - test_zemu
+          filters:
+            branches:
+              only:
+                - master

.gitignore

@@ -79,6 +79,7 @@ cmake-build-fuzz/
 
 \deps/*
 !\deps/nanos-secure-sdk
+\deps/nano2-sdk
 !\deps/ledger-zxlib
 !\deps/tinycbor
 !\deps/BLAKE

CMakeLists.txt

@@ -51,6 +51,7 @@ target_include_directories(app_lib PUBLIC
         deps/ledger-zxlib/include
         deps/jsmn/src
         app/src
+        app/src/common
         )
 
 ##############################################################

app/Makefile

@@ -82,7 +82,7 @@ WEBUSB_URL     = www.ledgerwallet.com
 DEFINES       += HAVE_WEBUSB WEBUSB_URL_SIZE_B=$(shell echo -n $(WEBUSB_URL) | wc -c) WEBUSB_URL=$(shell echo -n $(WEBUSB_URL) | sed -e "s/./\\\'\0\\\',/g")
 
 ifeq ($(TARGET_NAME),TARGET_NANOX)
-DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=300
+DEFINES       += IO_SEPROXYHAL_BUFFER_SIZE_B=300
 
 DEFINES       += HAVE_GLO096
 DEFINES       += HAVE_BAGL BAGL_WIDTH=128 BAGL_HEIGHT=64

app/script.ld

@@ -1,7 +1,7 @@
 /*******************************************************************************
 *   Ledger Blue - Secure firmware
+*   (c) 2019 Zondax GmbH
 *   (c) 2016, 2017 Ledger
-*   (c) 2018 Zonda GmbH
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.

app/src/coin.h

@@ -22,30 +22,26 @@ extern "C" {
 #include <stdint.h>
 #include <stddef.h>
 
+#define HDPATH_LEN_DEFAULT   5
+
 #define HDPATH_0_DEFAULT     (0x80000000u | 0x2cu)
 #define HDPATH_1_DEFAULT     (0x80000000u | 0x76u)
 #define HDPATH_2_DEFAULT     (0x80000000u | 0u)
 #define HDPATH_3_DEFAULT     (0u)
 #define HDPATH_4_DEFAULT     (0u)
 
-#define HDPATH_LEN_DEFAULT          5u
+#define PK_LEN_SECP256K1     33u
 
 typedef enum {
     addr_secp256k1 = 0,
 } address_kind_e;
 
-#define SECP256K1_PK_LEN                    33u
-
-#define VIEW_ADDRESS_OFFSET_SECP256K1       SECP256K1_PK_LEN
-#define VIEW_ADDRESS_ITEM_COUNT 2
+#define VIEW_ADDRESS_OFFSET_SECP256K1       PK_LEN_SECP256K1
+#define VIEW_ADDRESS_ITEM_COUNT             2
 #define VIEW_ADDRESS_LAST_PAGE_DEFAULT      0
 
 #define MENU_MAIN_APP_LINE1 "Cosmos"
-#ifdef TESTING_ENABLED
-#define MENU_MAIN_APP_LINE2 "Cosmos TEST!"
-#else
 #define MENU_MAIN_APP_LINE2 "App"
-#endif
 #define APPVERSION_LINE2 ""
 
 #ifdef __cplusplus

app/src/common/actions.c

@@ -16,13 +16,15 @@
 ********************************************************************************/
 
 #include "actions.h"
-#include "../crypto.h"
+#include "crypto.h"
 #include "tx.h"
 #include "apdu_codes.h"
 #include <os_io_seproxyhal.h>
+#include "coin.h"
 
 uint8_t app_sign() {
     uint8_t *signature = G_io_apdu_buffer;
+
     const uint8_t *message = tx_get_buffer();
     const uint16_t messageLength = tx_get_buffer_length();
 

app/src/common/app_main.c

@@ -24,7 +24,7 @@
 #include "view.h"
 #include "actions.h"
 #include "tx.h"
-#include "../crypto.h"
+#include "crypto.h"
 #include "coin.h"
 #include "zxmacros.h"
 

app/src/crypto.c

@@ -34,7 +34,7 @@ void crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t *p
     cx_ecfp_private_key_t cx_privateKey;
     uint8_t privateKeyData[32];
 
-    if (pubKeyLen < PK_LEN) {
+    if (pubKeyLen < PK_LEN_SECP256K1) {
         return;
     }
 
@@ -68,7 +68,7 @@ void crypto_extractPublicKey(const uint32_t path[HDPATH_LEN_DEFAULT], uint8_t *p
         pubKey[31] |= 0x80;
     }
     //////////////////////
-    MEMCPY(pubKey, cx_publicKey.W, PK_LEN);
+    MEMCPY(pubKey, cx_publicKey.W, PK_LEN_SECP256K1);
 }
 
 uint16_t crypto_sign(uint8_t *signature,
@@ -170,7 +170,7 @@ void crypto_set_hrp(char *p) {
 }
 
 uint16_t crypto_fillAddress(uint8_t *buffer, uint16_t buffer_len) {
-    if (buffer_len < PK_LEN + 50) {
+    if (buffer_len < PK_LEN_SECP256K1 + 50) {
         return 0;
     }
 
@@ -179,13 +179,13 @@ uint16_t crypto_fillAddress(uint8_t *buffer, uint16_t buffer_len) {
 
     // Hash it
     uint8_t hashed1_pk[CX_SHA256_SIZE];
-    cx_hash_sha256(buffer, PK_LEN, hashed1_pk, CX_SHA256_SIZE);
+    cx_hash_sha256(buffer, PK_LEN_SECP256K1, hashed1_pk, CX_SHA256_SIZE);
 
     uint8_t hashed2_pk[CX_RIPEMD160_SIZE];
     ripemd160_32(hashed2_pk, hashed1_pk);
 
-    char *addr = (char *) (buffer + PK_LEN);
-    bech32EncodeFromBytes(addr, buffer_len - PK_LEN, bech32_hrp, hashed2_pk, CX_RIPEMD160_SIZE);
+    char *addr = (char *) (buffer + PK_LEN_SECP256K1);
+    bech32EncodeFromBytes(addr, buffer_len - PK_LEN_SECP256K1, bech32_hrp, hashed2_pk, CX_RIPEMD160_SIZE);
 
-    return PK_LEN + strlen(addr);
+    return PK_LEN_SECP256K1 + strlen(addr);
 }

app/src/crypto.h

@@ -23,9 +23,7 @@
 extern "C" {
 #endif
 
-#define HDPATH_LEN_DEFAULT      5u
 #define MAX_BECH32_HRP_LEN      83u
-#define PK_LEN                  33u
 
 extern uint32_t hdPath[HDPATH_LEN_DEFAULT];
 extern char *hrp;

app/src/parser_impl.h

@@ -15,7 +15,7 @@
 ********************************************************************************/
 #pragma once
 
-#include "common/parser_common.h"
+#include "parser_common.h"
 #include "json/json_parser.h"
 #include "parser_txdef.h"
 

docs/APDUSPEC.md

@@ -63,6 +63,36 @@ The general structure of commands and responses is as follows:
 
 --------------
 
+### INS_GET_ADDR_SECP256K1
+
+#### Command
+
+| Field      | Type           | Content                        | Expected       |
+| ---------- | -------------- | ------------------------------ | -------------- |
+| CLA        | byte (1)       | Application Identifier         | 0x55           |
+| INS        | byte (1)       | Instruction ID                 | 0x04           |
+| P1         | byte (1)       | Display address/path on device | 0x00 No        |
+|            |                |                                | 0x01 Yes       |
+| P2         | byte (1)       | Parameter 2                    | ignored        |
+| L          | byte (1)       | Bytes in payload               | (depends)      |
+| HRP_LEN    | byte(1)        | Bech32 HRP Length              | 1<=HRP_LEN<=83 |
+| HRP        | byte (HRP_LEN) | Bech32 HRP                     |                |
+| Path[0]    | byte (4)       | Derivation Path Data           | 44             |
+| Path[1]    | byte (4)       | Derivation Path Data           | 118            |
+| Path[2]    | byte (4)       | Derivation Path Data           | ?              |
+| Path[3]    | byte (4)       | Derivation Path Data           | ?              |
+| Path[4]    | byte (4)       | Derivation Path Data           | ?              |
+
+First three items in the derivation path will be hardened automatically hardened
+
+#### Response
+
+| Field   | Type      | Content               | Note                     |
+| ------- | --------- | --------------------- | ------------------------ |
+| PK      | byte (33) | Compressed Public Key |                          |
+| ADDR    | byte (65) | Bech 32 addr          |                          |
+| SW1-SW2 | byte (2)  | Return code           | see list of return codes |
+
 ### SIGN_SECP256K1
 
 #### Command
@@ -79,7 +109,7 @@ The general structure of commands and responses is as follows:
 
 The first packet/chunk includes only the derivation path
 
-All other packets/chunks should contain message to sign 
+All other packets/chunks should contain message to sign
 
 *First Packet*
 
@@ -105,33 +135,3 @@ All other packets/chunks should contain message to sign
 | SW1-SW2 | byte (2)  | Return code | see list of return codes |
 
 --------------
-
-### INS_GET_ADDR_SECP256K1
-
-#### Command
-
-| Field      | Type           | Content                        | Expected       |
-| ---------- | -------------- | ------------------------------ | -------------- |
-| CLA        | byte (1)       | Application Identifier         | 0x55           |
-| INS        | byte (1)       | Instruction ID                 | 0x04           |
-| P1         | byte (1)       | Display address/path on device | 0x00 No        |
-|            |                |                                | 0x01 Yes       |
-| P2         | byte (1)       | Parameter 2                    | ignored        |
-| L          | byte (1)       | Bytes in payload               | (depends)      |
-| HRP_LEN    | byte(1)        | Bech32 HRP Length              | 1<=HRP_LEN<=83 |
-| HRP        | byte (HRP_LEN) | Bech32 HRP                     |                |
-| Path[0]    | byte (4)       | Derivation Path Data           | 44             |
-| Path[1]    | byte (4)       | Derivation Path Data           | 118            |
-| Path[2]    | byte (4)       | Derivation Path Data           | ?              |
-| Path[3]    | byte (4)       | Derivation Path Data           | ?              |
-| Path[4]    | byte (4)       | Derivation Path Data           | ?              |
-
-First three items in the derivation path will be hardened automatically hardened
-
-#### Response
-
-| Field   | Type      | Content               | Note                     |
-| ------- | --------- | --------------------- | ------------------------ |
-| PK      | byte (33) | Compressed Public Key |                          |
-| ADDR    | byte (65) | Bech 32 addr          |                          |
-| SW1-SW2 | byte (2)  | Return code           | see list of return codes |