This repository has been archived by the owner on Jul 5, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathapp_main.c
699 lines (585 loc) · 21.8 KB
/
app_main.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
/*******************************************************************************
* (c) 2016 Ledger
* (c) 2018 ZondaX GmbH
* (c) 2019 All BNB Chain Developers
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
********************************************************************************/
#include "app_main.h"
#include "view.h"
#include "lib/transaction.h"
#include "signature.h"
#include "zxmacros.h"
#include "bech32.h"
#include <os_io_seproxyhal.h>
#include <os.h>
#include <string.h>
#ifdef TESTING_ENABLED
// Generate using always the same private data
// to allow for reproducible results
const uint8_t privateKeyDataTest[] = {
0x75, 0x56, 0x0e, 0x4d, 0xde, 0xa0, 0x63, 0x05,
0xc3, 0x6e, 0x2e, 0xb5, 0xf7, 0x2a, 0xca, 0x71,
0x2d, 0x13, 0x4c, 0xc2, 0xa0, 0x59, 0xbf, 0xe8,
0x7e, 0x9b, 0x5d, 0x55, 0xbf, 0x81, 0x3b, 0xd4
};
#endif
uint8_t bip32_depth;
uint32_t bip32_path[5];
// the last "viewed" bip32 path is an extra check for security,
// to ensure that the user has "seen" the address they are using before signing.
// the app must have validated it (validate_bnc_bip32).
uint8_t viewed_bip32_depth;
uint32_t viewed_bip32_path[5];
sigtype_t current_sigtype;
char bech32_hrp[MAX_BECH32_HRP_LEN + 1];
uint8_t bech32_hrp_len;
unsigned char G_io_seproxyhal_spi_buffer[IO_SEPROXYHAL_BUFFER_SIZE_B];
unsigned char io_event(unsigned char channel) {
switch (G_io_seproxyhal_spi_buffer[0]) {
case SEPROXYHAL_TAG_FINGER_EVENT: //
UX_FINGER_EVENT(G_io_seproxyhal_spi_buffer);
break;
case SEPROXYHAL_TAG_BUTTON_PUSH_EVENT: // for Nano S
UX_BUTTON_PUSH_EVENT(G_io_seproxyhal_spi_buffer);
break;
case SEPROXYHAL_TAG_DISPLAY_PROCESSED_EVENT:
if (!UX_DISPLAYED())
UX_DISPLAYED_EVENT();
break;
case SEPROXYHAL_TAG_TICKER_EVENT: { //
UX_TICKER_EVENT(G_io_seproxyhal_spi_buffer, {
if (UX_ALLOWED) {
UX_REDISPLAY();
}
});
break;
}
// unknown events are acknowledged
default:
UX_DEFAULT_EVENT();
break;
}
if (!io_seproxyhal_spi_is_status_sent()) {
io_seproxyhal_general_status();
}
return 1; // DO NOT reset the current APDU transport
}
unsigned short io_exchange_al(unsigned char channel, unsigned short tx_len) {
switch (channel & ~(IO_FLAGS)) {
case CHANNEL_KEYBOARD:
break;
// multiplexed io exchange over a SPI channel and TLV encapsulated protocol
case CHANNEL_SPI:
if (tx_len) {
io_seproxyhal_spi_send(G_io_apdu_buffer, tx_len);
if (channel & IO_RESET_AFTER_REPLIED) {
reset();
}
return 0; // nothing received from the master so far (it's a tx
// transaction)
} else {
return io_seproxyhal_spi_recv(G_io_apdu_buffer,
sizeof(G_io_apdu_buffer), 0);
}
default:
THROW(INVALID_PARAMETER);
}
return 0;
}
void app_init() {
io_seproxyhal_init();
#ifdef TARGET_NANOX
// grab the current plane mode setting
G_io_app.plane_mode = os_setting_get(OS_SETTING_PLANEMODE, NULL, 0);
#endif // TARGET_NANOX
USB_power(0);
USB_power(1);
view_idle(0);
#ifdef HAVE_BLE
BLE_power(0, NULL);
BLE_power(1, "Nano X");
#endif // HAVE_BLE
// set the default bip32 path
bip32_depth = 5;
uint32_t new_bip32_path[] = {
44 | 0x80000000, // purpose
714 | 0x80000000, // coin type (chain ID)
0 | 0x80000000, // account
0, // change (no change addresses for now)
0, // address index
};
memcpy(bip32_path, new_bip32_path, sizeof(bip32_path));
}
// extract_bip32 extracts the bip32 path from the apdu buffer
bool extract_bip32(uint8_t *depth, uint32_t path[5], uint32_t rx, uint32_t offset) {
if (rx < offset + 1) {
return 0;
}
*depth = G_io_apdu_buffer[offset];
const uint16_t req_offset = 4 * *depth + 1 + offset;
if (rx < req_offset || *depth != 5) {
return 0;
}
memcpy(path, G_io_apdu_buffer + offset + 1, *depth * 4);
return 1;
}
// validate_bnc_bip32 checks the given bip32 path against an expected one
bool validate_bnc_bip32(uint8_t depth, uint32_t path[5]) { // path is 10 bytes for compatibility
// Only paths in the form 44'/714'/{account}'/0/{index} are supported
// Mutable nodes: account at 2, index at 4
bool mutable_nodes[] = {false, false, true, false, true};
uint32_t expected[] = {
44 | 0x80000000, // purpose
714 | 0x80000000, // coin type (chain ID)
0 | 0x80000000, // MUTABLE - account
0, // change (no change addresses for now)
0, // MUTABLE - address index
};
if (depth != 5) {
return 0;
}
if (sizeof(expected) / 4 != depth) {
return 0;
}
for (uint8_t i = 0; i < depth; i++) {
if (mutable_nodes[i]) continue;
if (path[i] != expected[i]) return 0;
}
return 1;
}
void set_hrp(char *hrp) {
strcpy(bech32_hrp, hrp);
bech32_hrp_len = strlen(bech32_hrp);
}
bool extract_hrp(uint8_t *len, char *hrp, uint32_t rx, uint32_t offset) {
if (rx < offset + 1) {
THROW(APDU_CODE_DATA_INVALID);
}
*len = G_io_apdu_buffer[offset];
if (*len == 0 || *len > MAX_BECH32_HRP_LEN) {
THROW(APDU_CODE_DATA_INVALID);
}
memcpy(hrp, G_io_apdu_buffer + offset + 1, *len);
hrp[*len] = 0; // zero terminate
return 1;
}
bool validate_bnc_hrp(char *hrp) {
// only accept known bnc hrps
if (strcmp("bnb", hrp) != 0 && strcmp("tbnb", hrp) != 0) {
THROW(APDU_CODE_DATA_INVALID);
}
return 1;
}
void get_pubkey(cx_ecfp_public_key_t *publicKey) {
cx_ecfp_private_key_t privateKey;
uint8_t privateKeyData[32];
// Generate keys
os_perso_derive_node_bip32(
CX_CURVE_256K1,
bip32_path, bip32_depth,
privateKeyData, NULL);
keys_secp256k1(publicKey, &privateKey, privateKeyData);
memset(privateKeyData, 0, sizeof(privateKeyData));
memset(&privateKey, 0, sizeof(privateKey));
}
bool process_chunk(volatile uint32_t *tx, uint32_t rx, bool getBip32) {
int packageIndex = G_io_apdu_buffer[OFFSET_PCK_INDEX];
int packageCount = G_io_apdu_buffer[OFFSET_PCK_COUNT];
uint16_t offset = OFFSET_DATA;
if (rx < offset) {
THROW(APDU_CODE_DATA_INVALID);
}
if (packageIndex == 1) {
transaction_initialize();
transaction_reset();
if (getBip32) {
if (!extract_bip32(&bip32_depth, bip32_path, rx, OFFSET_DATA)) {
THROW(APDU_CODE_DATA_INVALID);
}
if (!validate_bnc_bip32(bip32_depth, bip32_path)) {
THROW(APDU_CODE_DATA_INVALID);
}
// must be the last bip32 the user "saw" for signing to work.
if (memcmp(bip32_path, viewed_bip32_path, sizeof(viewed_bip32_path)) != 0) {
THROW(APDU_CODE_DATA_INVALID);
}
return packageIndex == packageCount;
}
}
if (transaction_append(&(G_io_apdu_buffer[offset]), rx - offset) != rx - offset) {
THROW(APDU_CODE_OUTPUT_BUFFER_TOO_SMALL);
}
return packageIndex == packageCount;
}
//region View Transaction Handlers
int tx_getData(
char *title, int max_title_length,
char *key, int max_key_length,
char *value, int max_value_length,
int page_index,
int chunk_index,
int *page_count_out,
int *chunk_count_out) {
*page_count_out = transaction_get_display_pages();
switch (current_sigtype) {
case SECP256K1:
snprintf(title, max_title_length, "PREVIEW - %02d/%02d", page_index + 1, *page_count_out);
break;
default:
snprintf(title, max_title_length, "INVALID!");
break;
}
*chunk_count_out = transaction_get_display_key_value(
key, max_key_length,
value, max_value_length,
page_index, chunk_index);
return 0;
}
void tx_accept_sign() {
// Generate keys
cx_ecfp_public_key_t publicKey;
cx_ecfp_private_key_t privateKey;
uint8_t privateKeyData[32];
unsigned int length = 0;
int result = 0;
switch (current_sigtype) {
case SECP256K1:
os_perso_derive_node_bip32(
CX_CURVE_256K1,
bip32_path, bip32_depth,
privateKeyData, NULL);
keys_secp256k1(&publicKey, &privateKey, privateKeyData);
memset(privateKeyData, 0, 32);
result = sign_secp256k1(
transaction_get_buffer(),
transaction_get_buffer_length(),
G_io_apdu_buffer,
IO_APDU_BUFFER_SIZE,
&length,
&privateKey);
break;
default:
THROW(APDU_CODE_INS_NOT_SUPPORTED);
break;
}
if (result == 1) {
set_code(G_io_apdu_buffer, length, APDU_CODE_OK);
io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, length + 2);
view_display_signing_success();
} else {
set_code(G_io_apdu_buffer, length, APDU_CODE_SIGN_VERIFY_ERROR);
io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, length + 2);
view_display_signing_error();
}
}
void tx_reject() {
set_code(G_io_apdu_buffer, 0, APDU_CODE_COMMAND_NOT_ALLOWED);
io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
view_idle(0);
}
//endregion
//region View Address Handlers
void ripemd160_32(uint8_t *out, uint8_t *in) {
cx_ripemd160_t rip160;
cx_ripemd160_init(&rip160);
cx_hash(&rip160.header, CX_LAST, in, CX_SHA256_SIZE, out, CX_RIPEMD160_SIZE);
}
#define PK_COMPRESSED_LEN 33
void get_pk_compressed(uint8_t *pkc) {
cx_ecfp_public_key_t publicKey;
// Modify the last part of the path
get_pubkey(&publicKey);
// "Compress" public key in place
publicKey.W[0] = publicKey.W[64] & 1 ? 0x03 : 0x02;
memcpy(pkc, publicKey.W, PK_COMPRESSED_LEN);
}
int addr_getData(char *title, int max_title_length,
char *key, int max_key_length,
char *value, int max_value_length,
int page_index,
int chunk_index,
int *page_count_out,
int *chunk_count_out) {
*page_count_out = 0x7FFFFFFF;
*chunk_count_out = 1;
snprintf(title, max_title_length, "Account %d", bip32_path[2] & 0x7FFFFFF);
snprintf(key, max_key_length, "Address %d", page_index);
bip32_path[bip32_depth - 1] = page_index;
uint8_t tmp[PK_COMPRESSED_LEN];
get_pk_compressed(tmp);
// Convert pubkey to address
uint8_t hashed_pk[CX_RIPEMD160_SIZE];
cx_hash_sha256(tmp, PK_COMPRESSED_LEN, tmp, CX_SHA256_SIZE);
ripemd160_32(hashed_pk, tmp);
// Convert address to bech32
bech32EncodeFromBytes(value, bech32_hrp, hashed_pk, CX_RIPEMD160_SIZE);
return 0;
}
int addr_getData_onePage(char *title, int max_title_length,
char *key, int max_key_length,
char *value, int max_value_length,
int page_index,
int chunk_index,
int *page_count_out,
int *chunk_count_out) {
int ret = addr_getData(title, max_title_length, key, max_key_length, value, max_value_length, page_index, chunk_index, page_count_out, chunk_count_out);
*page_count_out = 1;
*chunk_count_out = 1;
return ret;
}
void addr_accept() {
int pos = 0;
// Send pubkey
get_pk_compressed(G_io_apdu_buffer + pos);
pos += PK_COMPRESSED_LEN;
// Send bech32 addr
strcpy((char *) (G_io_apdu_buffer + pos), (char *) viewctl_DataValue);
pos += strlen((char *) viewctl_DataValue);
set_code(G_io_apdu_buffer, pos, APDU_CODE_OK);
io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, pos + 2);
view_idle(0);
}
void addr_reject() {
set_code(G_io_apdu_buffer, 0, APDU_CODE_COMMAND_NOT_ALLOWED);
io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
view_idle(0);
}
void show_addr_exit() {
set_code(G_io_apdu_buffer, 0, APDU_CODE_OK);
io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
view_idle(0);
}
//endregion
void handleApdu(volatile uint32_t *flags, volatile uint32_t *tx, uint32_t rx) {
uint16_t sw = 0;
BEGIN_TRY
{
TRY
{
if (G_io_apdu_buffer[OFFSET_CLA] != CLA) {
THROW(APDU_CODE_CLA_NOT_SUPPORTED);
}
if (rx < 5) {
THROW(APDU_CODE_WRONG_LENGTH);
}
switch (G_io_apdu_buffer[OFFSET_INS]) {
case INS_GET_VERSION: {
#ifdef TARGET_NANOX
unsigned int UX_ALLOWED = (G_ux_params.len != BOLOS_UX_IGNORE && G_ux_params.len != BOLOS_UX_CONTINUE);
#else
unsigned int UX_ALLOWED = (ux.params.len != BOLOS_UX_IGNORE && ux.params.len != BOLOS_UX_CONTINUE);
#endif
#ifdef TESTING_ENABLED
G_io_apdu_buffer[0] = 0xFF;
#else
G_io_apdu_buffer[0] = 0;
#endif
G_io_apdu_buffer[1] = LEDGER_MAJOR_VERSION;
G_io_apdu_buffer[2] = LEDGER_MINOR_VERSION;
G_io_apdu_buffer[3] = LEDGER_PATCH_VERSION;
G_io_apdu_buffer[4] = !UX_ALLOWED;
*tx += 5;
THROW(APDU_CODE_OK);
break;
}
// INS_PUBLIC_KEY_SECP256K1 will be deprecated in the near future
case INS_PUBLIC_KEY_SECP256K1: {
if (!extract_bip32(&bip32_depth, bip32_path, rx, OFFSET_DATA)) {
THROW(APDU_CODE_DATA_INVALID);
}
if (!validate_bnc_bip32(bip32_depth, bip32_path)) {
THROW(APDU_CODE_DATA_INVALID);
}
cx_ecfp_public_key_t publicKey;
get_pubkey(&publicKey);
os_memmove(G_io_apdu_buffer, publicKey.W, 65);
*tx += 65;
// NOTE: REMOVED FOR SECURITY - this does not show the address to user.
// memcpy(viewed_bip32_path, bip32_path, sizeof(viewed_bip32_path));
THROW(APDU_CODE_OK);
break;
}
case INS_SHOW_ADDR_SECP256K1: {
// Parse arguments
if (!extract_hrp(&bech32_hrp_len, bech32_hrp, rx, OFFSET_DATA)) {
THROW(APDU_CODE_DATA_INVALID);
}
if (!validate_bnc_hrp(bech32_hrp)) {
THROW(APDU_CODE_DATA_INVALID);
}
if (!extract_bip32(&bip32_depth, bip32_path, rx, OFFSET_DATA + bech32_hrp_len + 1)) {
THROW(APDU_CODE_DATA_INVALID);
}
if (!validate_bnc_bip32(bip32_depth, bip32_path)) {
THROW(APDU_CODE_DATA_INVALID);
}
view_set_handlers(addr_getData_onePage, NULL, NULL);
view_addr_show(bip32_path[4] & 0x7FFFFFF);
// must be the last bip32 the user "saw" for signing to work.
memcpy(viewed_bip32_path, bip32_path, sizeof(viewed_bip32_path));
*flags |= IO_ASYNCH_REPLY;
break;
}
case INS_GET_ADDR_SECP256K1: {
// Parse arguments
if (!extract_hrp(&bech32_hrp_len, bech32_hrp, rx, OFFSET_DATA)) {
THROW(APDU_CODE_DATA_INVALID);
}
if (!validate_bnc_hrp(bech32_hrp)) {
THROW(APDU_CODE_DATA_INVALID);
}
if (!extract_bip32(&bip32_depth, bip32_path, rx, OFFSET_DATA + bech32_hrp_len + 1)) {
THROW(APDU_CODE_DATA_INVALID);
}
if (!validate_bnc_bip32(bip32_depth, bip32_path)) {
THROW(APDU_CODE_DATA_INVALID);
}
view_set_handlers(addr_getData, addr_accept, addr_reject);
view_addr_confirm(bip32_path[4] & 0x7FFFFFF);
// must be the last bip32 the user "saw" for signing to work.
memcpy(viewed_bip32_path, bip32_path, sizeof(viewed_bip32_path));
*flags |= IO_ASYNCH_REPLY;
break;
}
case INS_SIGN_SECP256K1: {
current_sigtype = SECP256K1;
if (!process_chunk(tx, rx, true))
THROW(APDU_CODE_OK);
const char *error_msg = transaction_parse();
if (error_msg != NULL) {
int error_msg_length = strlen(error_msg);
os_memmove(G_io_apdu_buffer, error_msg, error_msg_length);
*tx += (error_msg_length);
THROW(APDU_CODE_BAD_KEY_HANDLE);
}
view_set_handlers(tx_getData, tx_accept_sign, tx_reject);
view_tx_show(0);
*flags |= IO_ASYNCH_REPLY;
break;
}
#ifdef TESTING_ENABLED
case INS_HASH_TEST: {
if (process_chunk(tx, rx, false)) {
uint8_t message_digest[CX_SHA256_SIZE];
cx_hash_sha256(transaction_get_buffer(),
transaction_get_buffer_length(),
message_digest,
CX_SHA256_SIZE);
os_memmove(G_io_apdu_buffer, message_digest, CX_SHA256_SIZE);
*tx += 32;
}
THROW(APDU_CODE_OK);
}
break;
case INS_PUBLIC_KEY_SECP256K1_TEST: {
// Generate key
cx_ecfp_public_key_t publicKey;
cx_ecfp_private_key_t privateKey;
keys_secp256k1(&publicKey, &privateKey, privateKeyDataTest );
os_memmove(G_io_apdu_buffer, publicKey.W, 65);
*tx += 65;
THROW(APDU_CODE_OK);
}
break;
case INS_SIGN_SECP256K1_TEST: {
if (process_chunk(tx, rx, false)) {
unsigned int length = 0;
// Generate keys
cx_ecfp_public_key_t publicKey;
cx_ecfp_private_key_t privateKey;
keys_secp256k1(&publicKey, &privateKey, privateKeyDataTest );
// Skip UI and validation
sign_secp256k1(
transaction_get_buffer(),
transaction_get_buffer_length(),
G_io_apdu_buffer,
IO_APDU_BUFFER_SIZE,
&length,
&privateKey);
*tx += length;
}
THROW(APDU_CODE_OK);
}
break;
#endif
default:
THROW(APDU_CODE_INS_NOT_SUPPORTED);
}
}
CATCH(EXCEPTION_IO_RESET)
{
THROW(EXCEPTION_IO_RESET);
}
CATCH_OTHER(e)
{
switch (e & 0xF000) {
case 0x6000:
case APDU_CODE_OK:
sw = e;
break;
default:
sw = 0x6800 | (e & 0x7FF);
break;
}
G_io_apdu_buffer[*tx] = sw >> 8;
G_io_apdu_buffer[*tx + 1] = sw;
*tx += 2;
}
FINALLY
{
}
}
END_TRY;
}
#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wmissing-noreturn"
void app_main() {
volatile uint32_t rx = 0, tx = 0, flags = 0;
for (;;) {
volatile uint16_t sw = 0;
BEGIN_TRY;
{
TRY;
{
rx = tx;
tx = 0;
rx = io_exchange(CHANNEL_APDU | flags, rx);
flags = 0;
if (rx == 0)
THROW(APDU_CODE_EMPTY_BUFFER);
PRINTF("New APDU received:\n%.*H\n", rx, G_io_apdu_buffer);
handleApdu(&flags, &tx, rx);
}
CATCH_OTHER(e);
{
switch (e & 0xF000) {
case 0x6000:
case 0x9000:
sw = e;
break;
default:
sw = 0x6800 | (e & 0x7FF);
break;
}
G_io_apdu_buffer[tx] = sw >> 8;
G_io_apdu_buffer[tx + 1] = sw;
tx += 2;
}
FINALLY;
{}
}
END_TRY;
}
}
#pragma clang diagnostic pop