Skip to content

Commit

Permalink
[add] Fetch app name/version from env at startup then stick with it
Browse files Browse the repository at this point in the history
  • Loading branch information
lpascal-ledger committed Dec 20, 2023
1 parent 24bad06 commit 8b666bd
Show file tree
Hide file tree
Showing 4 changed files with 109 additions and 81 deletions.
2 changes: 1 addition & 1 deletion src/bolos/endorsement.c
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ unsigned int
sys_os_endorsement_get_public_key_certificate(unsigned char index,
unsigned char *buffer)
{
env_user_certificate_t* certificate;
env_user_certificate_t *certificate;

switch (index) {
case 1:
Expand Down
55 changes: 2 additions & 53 deletions src/bolos/os.c
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,13 @@
#include <unistd.h>

#include "emulate.h"
#include "environment.h"
#include "svc.h"

#define OS_SETTING_PLANEMODE_OLD 5
#define OS_SETTING_PLANEMODE_NEW 6
#define OS_SETTING_SOUND 9

#define BOLOS_TAG_APPNAME 0x01
#define BOLOS_TAG_APPVERSION 0x02

#undef PATH_MAX
#define PATH_MAX 1024

Expand Down Expand Up @@ -69,56 +67,7 @@ unsigned long sys_os_registry_get_current_app_tag(unsigned int tag,
uint8_t *buffer,
size_t length)
{
const char *name;
const char *version;
const char *str;
char *str_dup = NULL;

if (length < 1) {
return 0;
}

name = "app";
version = "1.33.7";

str = getenv("SPECULOS_APPNAME");
if (str == NULL) {
str = getenv("SPECULOS_DETECTED_APPNAME");
}

if (str != NULL) {
str_dup = strdup(str);
if (str_dup != NULL) {
char *p = strstr(str_dup, ":");
if (p != NULL) {
*p = '\x00';
name = str_dup;
version = p + 1;
}
}
}

switch (tag) {
case BOLOS_TAG_APPNAME:
strncpy((char *)buffer, name, length);
length = MIN(length, strlen(name));
break;
case BOLOS_TAG_APPVERSION:
strncpy((char *)buffer, version, length);
length = MIN(length, strlen(version));
break;
default:
length = 0;
break;
}

buffer[length] = '\x00';

if (str_dup != NULL) {
free(str_dup);
}

return length;
return env_get_app_tag((char *)buffer, length, tag);
}

unsigned long sys_os_lib_call(unsigned long *call_parameters)
Expand Down
113 changes: 90 additions & 23 deletions src/environment.c
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <time.h>
#include <unistd.h>

#include "bolos/cx.h"
#include "bolos/endorsement.h"
Expand All @@ -30,6 +30,13 @@ static struct {
uint8_t seed[MAX_SEED_SIZE];
} actual_seed = { 0 };

/* APP NAME and VERSION */
static const char *APP_NAME_VERSION_ENV_NAME = "SPECULOS_APPNAME";
static const char *APP_NAME_VERSION_ENV_NAME_BKP = "SPECULOS_DETECTED_APPNAME";

static env_sized_name_t app_name = { 4, "app\0" };
static env_sized_name_t app_version = { 7, "1.33.7\0" };

/* RNG VARIABLES */

static const char *RNG_ENV_NAME = "RNG_SEED";
Expand All @@ -41,11 +48,11 @@ static const char *USER_KEY_ENV_NAME = "USER_PRIVATE_KEY";
static const char *ATTESTATION_ENV_NAME = "ATTESTATION_PRIVATE_KEY";

static cx_ecfp_private_key_t attestation_key = {
CX_CURVE_256K1,
32,
{ 0x13, 0x8f, 0xb9, 0xb9, 0x1d, 0xa7, 0x45, 0xf1, 0x29, 0x77, 0xa2,
0xb4, 0x6f, 0x0b, 0xce, 0x2f, 0x04, 0x18, 0xb5, 0x0f, 0xcb, 0x76,
0x63, 0x1b, 0xaf, 0x0f, 0x08, 0xce, 0xef, 0xdb, 0x5d, 0x57},
CX_CURVE_256K1,
32,
{ 0x13, 0x8f, 0xb9, 0xb9, 0x1d, 0xa7, 0x45, 0xf1, 0x29, 0x77, 0xa2,
0xb4, 0x6f, 0x0b, 0xce, 0x2f, 0x04, 0x18, 0xb5, 0x0f, 0xcb, 0x76,
0x63, 0x1b, 0xaf, 0x0f, 0x08, 0xce, 0xef, 0xdb, 0x5d, 0x57},
};

static cx_ecfp_private_key_t user_private_key_1 = {
Expand All @@ -68,12 +75,12 @@ static env_user_certificate_t user_certificate_1 = {
71,
// user_private_key_1 signed by test owner private key
// "138fb9b91da745f12977a2b46f0bce2f0418b50fcb76631baf0f08ceefdb5d57"
{ 0x30, 0x45, 0x02, 0x21, 0x00, 0xbf, 0x23, 0x7e, 0x5b, 0x40, 0x06, 0x14,
0x17, 0xf6, 0x62, 0xa6, 0xd0, 0x8a, 0x4b, 0xde, 0x1f, 0xe3, 0x34, 0x3b,
0xd8, 0x70, 0x8c, 0xed, 0x04, 0x6c, 0x84, 0x17, 0x49, 0x5a, 0xd3, 0x6c,
0xcf, 0x02, 0x20, 0x3d, 0x39, 0xa5, 0x32, 0xee, 0xca, 0xdf, 0xf6, 0xdf,
0x20, 0x53, 0xe4, 0xab, 0x98, 0x96, 0xaa, 0x00, 0xf3, 0xbe, 0xf1, 0x5c,
0x4b, 0xd1, 0x1c, 0x53, 0x66, 0x1e, 0x54, 0xfe, 0x5e, 0x2f, 0xf4 },
{ 0x30, 0x45, 0x02, 0x21, 0x00, 0xbf, 0x23, 0x7e, 0x5b, 0x40, 0x06, 0x14,
0x17, 0xf6, 0x62, 0xa6, 0xd0, 0x8a, 0x4b, 0xde, 0x1f, 0xe3, 0x34, 0x3b,
0xd8, 0x70, 0x8c, 0xed, 0x04, 0x6c, 0x84, 0x17, 0x49, 0x5a, 0xd3, 0x6c,
0xcf, 0x02, 0x20, 0x3d, 0x39, 0xa5, 0x32, 0xee, 0xca, 0xdf, 0xf6, 0xdf,
0x20, 0x53, 0xe4, 0xab, 0x98, 0x96, 0xaa, 0x00, 0xf3, 0xbe, 0xf1, 0x5c,
0x4b, 0xd1, 0x1c, 0x53, 0x66, 0x1e, 0x54, 0xfe, 0x5e, 0x2f, 0xf4 },
};

static env_user_certificate_t user_certificate_2 = {
Expand All @@ -85,8 +92,7 @@ static env_user_certificate_t user_certificate_2 = {
0xd8, 0x70, 0x8c, 0xed, 0x04, 0x6c, 0x84, 0x17, 0x49, 0x5a, 0xd3, 0x6c,
0xcf, 0x02, 0x20, 0x3d, 0x39, 0xa5, 0x32, 0xee, 0xca, 0xdf, 0xf6, 0xdf,
0x20, 0x53, 0xe4, 0xab, 0x98, 0x96, 0xaa, 0x00, 0xf3, 0xbe, 0xf1, 0x5c,
0x4b, 0xd1, 0x1c, 0x53, 0x66, 0x1e, 0x54, 0xfe, 0x5e, 0x2f, 0xf4
},
0x4b, 0xd1, 0x1c, 0x53, 0x66, 0x1e, 0x54, 0xfe, 0x5e, 0x2f, 0xf4 },
};

/* UTILS */
Expand Down Expand Up @@ -180,7 +186,8 @@ unsigned int env_get_rng()
return actual_rng;
}

static bool env_init_user_hex_private_key(const char *ENV_NAME, cx_ecfp_private_key_t *dst)
static bool env_init_user_hex_private_key(const char *ENV_NAME,
cx_ecfp_private_key_t *dst)
{
ssize_t size;
char *p;
Expand All @@ -191,19 +198,22 @@ static bool env_init_user_hex_private_key(const char *ENV_NAME, cx_ecfp_private_
size = unhex(tmp, dst->d_len, p, strlen(p));
if (size < 0) {
warnx(
"invalid user key passed through %s environment variable: not an hex string",
"invalid user key passed through %s environment variable: not an "
"hex string",
USER_KEY_ENV_NAME);
p = NULL;
} else if ((unsigned int)size != dst->d_len) {
warnx(
"invalid size for user key passed through %s environment variable: expecting '%u', got '%i'",
"invalid size for user key passed through %s environment variable: "
"expecting '%u', got '%i'",
USER_KEY_ENV_NAME, dst->d_len, size);
p = NULL;
}
}

if (p == NULL) {
fprintf(stderr, "[*] Private key ('%s') initialized with default value: '%p'\n",
fprintf(stderr,
"[*] Private key ('%s') initialized with default value: '%p'\n",
ENV_NAME, dst->d);
return false;
} else {
Expand Down Expand Up @@ -263,7 +273,7 @@ static void env_init_endorsement()
}
}

cx_ecfp_private_key_t* env_get_user_private_key(unsigned int index)
cx_ecfp_private_key_t *env_get_user_private_key(unsigned int index)
{
switch (index) {
case 1:
Expand All @@ -279,7 +289,7 @@ cx_ecfp_private_key_t* env_get_user_private_key(unsigned int index)
}


env_user_certificate_t* env_get_user_certificate(unsigned int index)
env_user_certificate_t *env_get_user_certificate(unsigned int index)
{
switch (index) {
case 1:
Expand All @@ -294,9 +304,66 @@ env_user_certificate_t* env_get_user_certificate(unsigned int index)
}
}

static void env_init_app_name_version() {
char *str;

str = getenv(APP_NAME_VERSION_ENV_NAME);
if (str == NULL) {
str = getenv(APP_NAME_VERSION_ENV_NAME_BKP);
}

if (str == NULL) {
warnx("using default app name & version");
fprintf(stderr, "[*] Default app name: '%s'\n", app_name.name);
fprintf(stderr, "[*] Default app version: '%s'\n", app_version.name);
return;
}

char *char_ptr = strchr(str, ':');
if (char_ptr == NULL) {
warnx("Invalid '<name>:<version>' format in env variable '%s', falling back to default.", str);
fprintf(stderr, "[*] Default app name: '%s'\n", app_name.name);
fprintf(stderr, "[*] Default app version: '%s'\n", app_version.name);
return;
}

// + 1 to include trailing '\0'
app_name.length = (char_ptr - str) + 1;
app_version.length = (strlen(str) - (size_t)(app_name.length + 1)) + 1 + 1;
str[app_name.length - 1] = '\0';
strncpy(app_name.name, str, app_name.length);
strncpy(app_version.name, str + app_name.length, app_version.length);

fprintf(stderr, "[*] Env app name: '%s'\n", app_name.name);
fprintf(stderr, "[*] Env app version: '%s'\n", app_version.name);
}

size_t env_get_app_tag(char *dst, size_t length, BOLOS_TAG tag) {
env_sized_name_t *field;
switch (tag) {
case BOLOS_TAG_APPNAME:
field = &app_name;
break;
case BOLOS_TAG_APPVERSION:
field = &app_version;
break;
default:
return 0;
}
if (length < field->length) {
warnx("Providing length to copy env variable too small: asked for %u, needs %u",
length, field->length);
return 0;
}

strncpy(dst, field->name, length);
return field->length < length ? field->length : length;
}

void init_environment()
{
env_init_seed();
env_init_rng();
env_init_endorsement();
env_init_seed();
env_init_rng();
env_init_endorsement();
env_init_app_name_version();
}
20 changes: 16 additions & 4 deletions src/environment.h
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,27 @@
#include <stdint.h>

#define MAX_SEED_SIZE 64
#define MAX_STRING_SIZE 128

typedef enum {
BOLOS_TAG_APPNAME = 0x01,
BOLOS_TAG_APPVERSION = 0x02
} BOLOS_TAG;

typedef struct {
size_t length;
char name[MAX_STRING_SIZE];
} env_sized_name_t;

typedef struct {
uint8_t length;
uint8_t buffer[];
uint8_t length;
uint8_t buffer[];
} env_user_certificate_t;

size_t env_get_seed(uint8_t *seed, size_t max_size);
unsigned int env_get_rng();
cx_ecfp_private_key_t* env_get_user_private_key(unsigned int index);
env_user_certificate_t* env_get_user_certificate(unsigned int index);
cx_ecfp_private_key_t *env_get_user_private_key(unsigned int index);
env_user_certificate_t *env_get_user_certificate(unsigned int index);
size_t env_get_app_tag(char *dst, size_t length, BOLOS_TAG tag);

void init_environment();

0 comments on commit 8b666bd

Please sign in to comment.