ledgerwallet: Validate signing bytes

filecoin-project · Oct 10, 2020 · de59d08 · de59d08
1 parent 4c520c1
commit de59d08
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 5 deletions.
diff --git a/chain/wallet/ledger/ledger.go b/chain/wallet/ledger/ledger.go
@@ -1,9 +1,12 @@
 package ledgerwallet
 
 import (
+	"bytes"
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/ipfs/go-cid"
+	"golang.org/x/xerrors"
 
 	"github.com/filecoin-project/go-address"
 	"github.com/filecoin-project/go-state-types/crypto"
@@ -27,7 +30,7 @@ type LedgerKeyInfo struct {
 	Path    []uint32
 }
 
-var _ (api.WalletAPI) = (*LedgerWallet)(nil)
+var _ api.WalletAPI = (*LedgerWallet)(nil)
 
 func (lw LedgerWallet) WalletSign(ctx context.Context, signer address.Address, toSign []byte, meta api.MsgMeta) (*crypto.Signature, error) {
 	ki, err := lw.getKeyInfo(signer)
@@ -44,7 +47,21 @@ func (lw LedgerWallet) WalletSign(ctx context.Context, signer address.Address, t
 		return nil, fmt.Errorf("ledger can only sign chain messages")
 	}
 
-	// TODO: assert meta matches the 'toSign' bits
+	{
+		var cmsg types.Message
+		if err := cmsg.UnmarshalCBOR(bytes.NewReader(meta.Extra)); err != nil {
+			return nil, xerrors.Errorf("unmarshalling message: %w", err)
+		}
+
+		_, bc, err := cid.CidFromBytes(toSign)
+		if err != nil {
+			return nil, xerrors.Errorf("getting cid from signing bytes: %w", err)
+		}
+
+		if !cmsg.Cid().Equals(bc) {
+			return nil, xerrors.Errorf("cid(meta.Extra).bytes() != toSign")
+		}
+	}
 
 	sig, err := fl.SignSECP256K1(ki.Path, meta.Extra)
 	if err != nil {

diff --git a/cmd/lotus-wallet/main.go b/cmd/lotus-wallet/main.go
@@ -2,7 +2,6 @@ package main
 
 import (
 	"context"
-	"github.com/filecoin-project/lotus/api"
 	"net"
 	"net/http"
 	"os"
@@ -12,6 +11,8 @@ import (
 	"github.com/urfave/cli/v2"
 
 	"github.com/filecoin-project/go-jsonrpc"
+
+	"github.com/filecoin-project/lotus/api"
 	"github.com/filecoin-project/lotus/build"
 	"github.com/filecoin-project/lotus/chain/wallet"
 	ledgerwallet "github.com/filecoin-project/lotus/chain/wallet/ledger"
@@ -63,7 +64,7 @@ var runCmd = &cli.Command{
 			Value: "0.0.0.0:1777",
 		},
 		&cli.BoolFlag{
-			Name: "ledger",
+			Name:  "ledger",
 			Usage: "use a ledger device instead of an on-disk wallet",
 		},
 	},
@@ -115,7 +116,6 @@ var runCmd = &cli.Command{
 			w = ledgerwallet.NewWallet(ds)
 		}
 
-
 		address := cctx.String("listen")
 		mux := mux.NewRouter()