feat: allow for ecdsa signing

LedgerHQ · Jan 14, 2025 · d4ca069 · d4ca069
1 parent ee46ab3
commit d4ca069
Show file tree

Hide file tree

Showing 5 changed files with 48 additions and 20 deletions.
diff --git a/Makefile b/Makefile
@@ -29,7 +29,7 @@ APPNAME = Hedera
 
 # Application version
 APPVERSION_M = 1
-APPVERSION_N = 5
+APPVERSION_N = 6
 APPVERSION_P = 0
 APPVERSION = "$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)"
 
@@ -45,7 +45,7 @@ ICON_STAX = icons/stax_app_hedera.gif
 ICON_FLEX = icons/flex_app_hedera.gif
 
 # Application allowed derivation curves.
-CURVE_APP_LOAD_PARAMS = ed25519
+CURVE_APP_LOAD_PARAMS = ed25519 secp256k1
 
 # Application allowed derivation paths.
 PATH_APP_LOAD_PARAMS = "44'/3030'"   # purpose=coin(44) / coin_type=Hedera HBAR(3030)

diff --git a/src/get_public_key.c b/src/get_public_key.c
@@ -2,9 +2,9 @@
 
 get_public_key_context_t gpk_ctx;
 
-static bool get_pk() {
+static bool get_pk(uint8_t p2) {
     // Derive Key
-    if (!hedera_get_pubkey(gpk_ctx.key_index, gpk_ctx.raw_pubkey)) {
+    if (!hedera_get_pubkey(gpk_ctx.key_index, gpk_ctx.raw_pubkey, p2)) {
         return false;
     }
 
@@ -26,7 +26,6 @@ void handle_get_public_key(uint8_t p1, uint8_t p2, uint8_t* buffer,
                            uint16_t len,
                            /* out */ volatile unsigned int* flags,
                            /* out */ volatile unsigned int* tx) {
-    UNUSED(p2);
     UNUSED(len);
     UNUSED(tx);
 
@@ -51,7 +50,7 @@ void handle_get_public_key(uint8_t p1, uint8_t p2, uint8_t* buffer,
     }
 
     // Populate context with PK
-    if (!get_pk()) {
+    if (!get_pk(p2)) {
         io_exchange_with_code(EXCEPTION_INTERNAL, 0);
     }
 

diff --git a/src/hedera.c b/src/hedera.c
@@ -15,13 +15,21 @@ static void hedera_set_path(uint32_t index, uint32_t path[static 5]) {
     path[4] = PATH_FOUR;
 }
 
-bool hedera_get_pubkey(uint32_t index, uint8_t raw_pubkey[static RAW_PUBKEY_SIZE]) {
+bool hedera_get_pubkey(uint32_t index, uint8_t raw_pubkey[static RAW_PUBKEY_SIZE], uint8_t p2) {
     static uint32_t path[5];
 
     hedera_set_path(index, path);
 
+    int derivation_mode = HDW_ED25519_SLIP10;
+    int curve_type = CX_CURVE_Ed25519;
+
+    if (p2 == 1) {
+        derivation_mode = HDW_NORMAL;
+        curve_type = CX_CURVE_SECP256K1;
+    }
+
     if (CX_OK != bip32_derive_with_seed_get_pubkey_256(
-                     HDW_ED25519_SLIP10, CX_CURVE_Ed25519, path, 5, raw_pubkey,
+                     derivation_mode, curve_type, path, 5, raw_pubkey,
                      NULL, CX_SHA512, NULL, 0)) {
         return false;
     }
@@ -30,19 +38,41 @@ bool hedera_get_pubkey(uint32_t index, uint8_t raw_pubkey[static RAW_PUBKEY_SIZE
 }
 
 bool hedera_sign(uint32_t index, const uint8_t* tx, uint8_t tx_len,
-                 /* out */ uint8_t* result) {
+                 /* out */ uint8_t* result, uint8_t p2) {
     static uint32_t path[5];
     size_t sig_len = 64;
+    uint32_t info;
 
     hedera_set_path(index, path);
 
-    if (CX_OK != bip32_derive_with_seed_eddsa_sign_hash_256(
-                     HDW_ED25519_SLIP10, CX_CURVE_Ed25519, path, 5, CX_SHA512,
-                     tx,     // hash (really message)
-                     tx_len, // hash length (really message length)
-                     result, // signature
-                     &sig_len, NULL, 0)) {
-        return false;
+    if (p2 == 0) {
+        if (CX_OK != bip32_derive_with_seed_eddsa_sign_hash_256(
+                        HDW_ED25519_SLIP10, CX_CURVE_Ed25519, path, 5, CX_SHA512,
+                        tx,     // hash (really message)
+                        tx_len, // hash length (really message length)
+                        result, // signature
+                        &sig_len, NULL, 0)) {
+            return false;
+        }
+
+        return true;
+    } else if (p2 == 1) {
+        if (CX_OK != bip32_derive_ecdsa_sign_hash_256(CX_CURVE_SECP256K1, 
+                                                      path, 
+                                                      5, 
+                                                      CX_RND_RFC6979 | CX_LAST, CX_SHA256, 
+                                                      tx,        // hash (really message)
+                                                      tx_len,    // hash length (really message length)
+                                                      result,    // signature
+                                                      &sig_len,
+                                                      &info)) {
+            if (info & CX_ECCINFO_PARITY_ODD) {
+                result[0] |= 0x01;
+            }
+            return false;
+        }
+
+        return true;
     }
 
     return true;

diff --git a/src/hedera.h b/src/hedera.h
@@ -4,7 +4,7 @@
 #include <stdint.h>
 #include "app_globals.h"
 
-bool hedera_get_pubkey(uint32_t index, uint8_t raw_pubkey[static RAW_PUBKEY_SIZE]);
+bool hedera_get_pubkey(uint32_t index, uint8_t raw_pubkey[static RAW_PUBKEY_SIZE], uint8_t p2);
 
 bool hedera_sign(uint32_t index, const uint8_t* tx, uint8_t tx_len,
-                 /* out */ uint8_t* result);
+                 /* out */ uint8_t* result, uint8_t p2);
diff --git a/src/sign_transaction.c b/src/sign_transaction.c
@@ -239,7 +239,6 @@ void handle_sign_transaction(uint8_t p1, uint8_t p2, uint8_t* buffer,
                              /* out */ volatile unsigned int* flags,
                              /* out */ volatile unsigned int* tx) {
     UNUSED(p1);
-    UNUSED(p2);
     UNUSED(tx);
 
     // Raw Tx
@@ -260,7 +259,7 @@ void handle_sign_transaction(uint8_t p1, uint8_t p2, uint8_t* buffer,
 
     // Sign Transaction
     if (!hedera_sign(st_ctx.key_index, raw_transaction, raw_transaction_length,
-                     G_io_apdu_buffer)) {
+                     G_io_apdu_buffer, p2)) {
         THROW(EXCEPTION_MALFORMED_APDU);
     }