ledgerwallet: Validate signing bytes

Signed-off-by: Jakub Sztandera <kubuxu@protocol.ai>
2020-10-10 13:06:02 +02:00 · 2020-10-10 13:06:02 +02:00 · 66d6113340
commit 66d6113340
parent 99791a6953
2 changed files with 22 additions and 5 deletions
--- a/chain/wallet/ledger/ledger.go
+++ b/chain/wallet/ledger/ledger.go
@ -1,9 +1,12 @@
 package ledgerwallet

 import (
+	"bytes"
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/ipfs/go-cid"
+	"golang.org/x/xerrors"

 	"github.com/filecoin-project/go-address"
 	"github.com/filecoin-project/go-state-types/crypto"
@ -27,7 +30,7 @@ type LedgerKeyInfo struct {
 	Path    []uint32
 }

-var _ (api.WalletAPI) = (*LedgerWallet)(nil)
+var _ api.WalletAPI = (*LedgerWallet)(nil)

 func (lw LedgerWallet) WalletSign(ctx context.Context, signer address.Address, toSign []byte, meta api.MsgMeta) (*crypto.Signature, error) {
 	ki, err := lw.getKeyInfo(signer)
@ -44,7 +47,21 @@ func (lw LedgerWallet) WalletSign(ctx context.Context, signer address.Address, t
 		return nil, fmt.Errorf("ledger can only sign chain messages")
 	}

-	// TODO: assert meta matches the 'toSign' bits
+	{
+		var cmsg types.Message
+		if err := cmsg.UnmarshalCBOR(bytes.NewReader(meta.Extra)); err != nil {
+			return nil, xerrors.Errorf("unmarshalling message: %w", err)
+		}
+
+		_, bc, err := cid.CidFromBytes(toSign)
+		if err != nil {
+			return nil, xerrors.Errorf("getting cid from signing bytes: %w", err)
+		}
+
+		if !cmsg.Cid().Equals(bc) {
+			return nil, xerrors.Errorf("cid(meta.Extra).bytes() != toSign")
+		}
+	}

 	sig, err := fl.SignSECP256K1(ki.Path, meta.Extra)
 	if err != nil {
--- a/cmd/lotus-wallet/main.go
+++ b/cmd/lotus-wallet/main.go
@ -2,7 +2,6 @@ package main

 import (
 	"context"
-	"github.com/filecoin-project/lotus/api"
 	"net"
 	"net/http"
 	"os"
@ -12,6 +11,8 @@ import (
 	"github.com/urfave/cli/v2"

 	"github.com/filecoin-project/go-jsonrpc"
+
+	"github.com/filecoin-project/lotus/api"
 	"github.com/filecoin-project/lotus/build"
 	"github.com/filecoin-project/lotus/chain/wallet"
 	ledgerwallet "github.com/filecoin-project/lotus/chain/wallet/ledger"
@ -63,7 +64,7 @@ var runCmd = &cli.Command{
 			Value: "0.0.0.0:1777",
 		},
 		&cli.BoolFlag{
-			Name: "ledger",
+			Name:  "ledger",
 			Usage: "use a ledger device instead of an on-disk wallet",
 		},
 	},
@ -115,7 +116,6 @@ var runCmd = &cli.Command{
 			w = ledgerwallet.NewWallet(ds)
 		}

-
 		address := cctx.String("listen")
 		mux := mux.NewRouter()