* tapsigner/xprv NFC import stop immediatly after no data received

* more verbose error message for malformed sig files * skip digest check for NFC imported sig files
2023-02-25 00:36:10 +01:00 · 2023-02-25 00:36:10 +01:00 · 1d68536ba1
commit 1d68536ba1
parent 3a0ac0f14c
4 changed files with 44 additions and 23 deletions
--- a/shared/actions.py
+++ b/shared/actions.py
@ -1324,6 +1324,10 @@ async def import_xprv(_1, _2, item):
        if ch == "3":
            force_vdisk = None
            extended_key = await NFC.read_extended_private_key()
+            if not extended_key:
+                # failed to get any data - exit
+                # error already displayed in nfc.py
+                return
        elif ch == "2":
            force_vdisk = True
        elif ch == "1":
@ -1473,6 +1477,10 @@ async def import_tapsigner_backup_file(_1, _2, item):
        if ch == "3":
            force_vdisk = None
            data = await NFC.read_tapsigner_b64_backup()
+            if not data:
+                # failed to get any data - exit
+                # error already displayed in nfc.py
+                return
        elif ch == "2":
            force_vdisk = True
        elif ch == "1":
--- a/shared/auth.py
+++ b/shared/auth.py
@ -141,7 +141,9 @@ def rfc_signature_template_gen(msg, addr, sig):
        yield part

 def parse_armored_signature_file(contents):
-    temp = contents.split("-----")
+    sep = "-----"
+    assert contents.count(sep) == 6, "Armor text MUST be surrounded by exactly five (5) dashes."
+    temp = contents.split(sep)
    msg = temp[2].strip()
    addr_sig = temp[4].strip()
    addr, sig_str = addr_sig.split()
@ -515,15 +517,17 @@ def verify_signature(msg, addr, sig_str):

    return warnings

-async def verify_armored_signed_msg(contents):
+async def verify_armored_signed_msg(contents, digest_check=True):
+    # digest_check=False for NFC cases, where we do not have filesystem
    from glob import dis

    dis.fullscreen("Verifying...")

    try:
        msg, addr, sig_str = parse_armored_signature_file(contents)
-    except:
-        await ux_show_story("Malformed signature file.", title="FAILURE")
+    except Exception as e:
+        e_line = problem_file_line(e)
+        await ux_show_story("Malformed signature file. %s %s" % (str(e), e_line), title="FAILURE")
        return

    try:
@ -537,24 +541,25 @@ async def verify_armored_signed_msg(contents):
    err_msg = ""
    story = "Good signature by address:\n %s" % addr

-    digest_prob = verify_signed_file_digest(msg)
-    if digest_prob:
-        err, digest_warn = digest_prob
-        if digest_warn:
-            title = "WARNING"
-            wmsg_base = "not present. Contents verification not possible."
-            if len(digest_warn) == 1:
-                fname = digest_warn[0][0]
-                warn_msg += "'%s' is %s" % (fname, wmsg_base)
-            else:
-                warn_msg += "Files:\n" + "\n".join("> %s" % fname for fname, _ in digest_warn)
-                warn_msg += "\nare %s" % wmsg_base
+    if digest_check:
+        digest_prob = verify_signed_file_digest(msg)
+        if digest_prob:
+            err, digest_warn = digest_prob
+            if digest_warn:
+                title = "WARNING"
+                wmsg_base = "not present. Contents verification not possible."
+                if len(digest_warn) == 1:
+                    fname = digest_warn[0][0]
+                    warn_msg += "'%s' is %s" % (fname, wmsg_base)
+                else:
+                    warn_msg += "Files:\n" + "\n".join("> %s" % fname for fname, _ in digest_warn)
+                    warn_msg += "\nare %s" % wmsg_base

-        if err:
-            title = "ERROR"
-            for fname, calc, got in err:
-                err_msg += ("Referenced file '%s' has wrong contents.\n"
-                            "Got:\n%s\n\nExpected:\n%s" % (fname, got, calc))
+            if err:
+                title = "ERROR"
+                for fname, calc, got in err:
+                    err_msg += ("Referenced file '%s' has wrong contents.\n"
+                                "Got:\n%s\n\nExpected:\n%s" % (fname, got, calc))

    if sig_warn:
        # we know not ours only because wrong recid header used & not BIP-137 compliant
--- a/shared/nfc.py
+++ b/shared/nfc.py
@ -696,7 +696,7 @@ class NFCHandler:
                winner = msg.strip()
                break

-        await verify_armored_signed_msg(winner)
+        await verify_armored_signed_msg(winner, digest_check=False)

    async def read_extended_private_key(self):
        data = await self.start_nfc_rx()
--- a/testing/test_msg.py
+++ b/testing/test_msg.py
@ -659,6 +659,14 @@ def test_verify_signature_truncated(way, microsd_path, cap_story, verify_armored
            f.write(prob_file)

    title, story = verify_armored_signature(way, fname, prob_file)
-    assert title == ("CORRECT" if way == 'nfc' else 'WARNING')
+    if not truncation_len:
+        # warning for SD as file is not present on filesystem
+        # correct for NFC as it does not care (digest_check=False)
+        assert title == ("CORRECT" if way == 'nfc' else 'WARNING')
+    else:
+        assert title == "FAILURE"
+        assert "Armor text MUST be surrounded by exactly five (5) dashes" in story
+        assert "auth.py" in story
+

 # EOF