Add zemu tests

.clang-format

@@ -1,5 +1,5 @@
 BasedOnStyle: Google
 IndentWidth: 4
-ColumnLimit: 125
+ColumnLimit: 120
 DerivePointerAlignment: false
 PointerAlignment: Right

.github/workflows/check_version.yml

@@ -6,7 +6,8 @@ on:
     branches:
       - main
       - develop
-      - master # for safety reasons
+      - master
+      - dev
 
 jobs:
   configure:
@@ -25,6 +26,7 @@ jobs:
       options: --user ${{ needs.configure.outputs.uid_gid }}
     env:
       SDK_VARNAME: NANOSP_SDK
+      BOLOS_SDK: /opt/nanosplus-secure-sdk
     outputs:
       version: ${{ steps.store-version.outputs.version }}
     steps:

.github/workflows/codeql.yml

@@ -8,7 +8,7 @@ on:
       - main
       - develop
       - master # for safety reasons
-      - dev  # for safety reasons
+      - dev # for safety reasons
 
 jobs:
   analyse:
@@ -28,7 +28,7 @@ jobs:
           submodules: recursive
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: cpp
           queries: security-and-quality
@@ -37,4 +37,4 @@ jobs:
         run: |
           make -j BOLOS_SDK=${{ matrix.sdk }}
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3

.github/workflows/guidelines_enforcer.yml

@@ -14,12 +14,12 @@ on:
     branches:
       - main
       - develop
-      - master # for safety reasons
-      - dev  # for safety reasons
+      - master
+      - dev
   pull_request:
 
 jobs:
   guidelines_enforcer:
     if: github.event.repository.private == false
-    name: Call Ledger guidelines_enforcer
+    name: Call Ledger guidelines enforcer
     uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_guidelines_enforcer.yml@v1

.github/workflows/main.yml

@@ -6,12 +6,12 @@ on:
     branches:
       - main
       - develop
-      - master # for safety reasons
-      - dev  # for safety reasons
+      - master
+      - dev
 
 jobs:
   configure:
-    runs-on: ${{ github.repository_owner == 'zondax' && 'zondax-runners' || 'ubuntu-latest' }}
+    runs-on: ubuntu-latest
     outputs:
       uid_gid: ${{ steps.get-user.outputs.uid_gid }}
     steps:
@@ -23,6 +23,7 @@ jobs:
     uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_build.yml@v1
     with:
       upload_app_binaries_artifact: "compiled_app_binaries"
+      builder: ledger-app-builder
 
   cpp_tests:
     runs-on: ubuntu-latest
@@ -37,56 +38,30 @@ jobs:
           make deps
       - run: make cpp_test
 
-  build:
-    runs-on: ${{ github.repository_owner == 'zondax' && 'zondax-runners' || 'ubuntu-latest' }}
-    steps:
-      - name: Install dependencies
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y curl protobuf-compiler build-essential git wget unzip python3 python3-pip \
-            libssl-dev libffi-dev libreadline-dev zlib1g-dev libbz2-dev libsqlite3-dev libncurses5-dev \
-            libgdbm-dev libnss3-dev liblzma-dev libxml2-dev libxmlsec1-dev libffi-dev libyaml-dev
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          submodules: true
-      - name: Install CMake 3.28
-        run: |
-          wget https://github.com/Kitware/CMake/releases/download/v3.28.0/cmake-3.28.0-linux-x86_64.sh
-          sudo mkdir /opt/cmake
-          sudo sh cmake-3.28.0-linux-x86_64.sh --skip-license --prefix=/opt/cmake
-          sudo ln -sf /opt/cmake/bin/cmake /usr/local/bin/cmake
-          sudo ln -sf /opt/cmake/bin/ctest /usr/local/bin/ctest
-      - name: Verify CMake version
-        run: cmake --version
-      - name: Install deps
-        run: |
-          sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 10
-          make deps
-      - name: Run CMake
-        run: mkdir -p build && cd build && cmake -DCMAKE_BUILD_TYPE=Debug .. && make
 
   build_ledger:
-    needs: configure
-    runs-on: ${{ github.repository_owner == 'zondax' && 'zondax-runners' || 'ubuntu-latest' }}
+    needs: [
+      configure
+    ]
+    runs-on: ubuntu-latest
     container:
       image: zondax/ledger-app-builder:latest
-      options: --user ${{ needs.configure.outputs.uid_gid }}
-      env:
-        BOLOS_SDK: /opt/nanos-secure-sdk
+      options: --user root
+    env:
+      BOLOS_SDK: /opt/nanosplus-secure-sdk
     outputs:
       size: ${{steps.build.outputs.size}}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          submodules: true
+          submodules: recursive
       - name: Build Standard app
         id: build
         shell: bash -l {0}
         run: |
-          make
-          echo "size=$(python3 deps/ledger-zxlib/scripts/getSize.py s)" >> $GITHUB_OUTPUT
+          make PRODUCTION_BUILD=0
+          echo "size=$(python3 deps/ledger-zxlib/scripts/getSize.py s2)" >> $GITHUB_OUTPUT
 
   test_zemu:
     runs-on: ${{ github.repository_owner == 'zondax' && 'zondax-runners' || 'ubuntu-latest' }}
@@ -114,7 +89,7 @@ jobs:
       - name: Install node
         uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 20
       - name: Install yarn
         run: |
           npm install -g yarn
@@ -129,32 +104,37 @@ jobs:
           path: tests_zemu/snapshots-tmp/
 
   build_package_nanosp:
-    needs: [configure, build, build_ledger, test_zemu]
-    if: ${{ github.ref == 'refs/heads/main' }}
-    runs-on: ${{ github.repository_owner == 'zondax' && 'zondax-runners' || 'ubuntu-latest' }}
+    needs:
+      [
+        configure,
+        cpp_tests,
+        build_ledger,
+        test_zemu,
+      ]
+    runs-on: ubuntu-latest
     container:
       image: zondax/ledger-app-builder:latest
-      options: --user ${{ needs.configure.outputs.uid_gid }}
+      options: --user root
       env:
         BOLOS_SDK: /opt/nanosplus-secure-sdk
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          submodules: true
+          submodules: recursive
       - name: Install deps
         run: pip install --break-system-packages ledgerblue
-
       - name: Build NanoSP
         shell: bash -l {0}
         run: |
-          PRODUCTION_BUILD=0 make
+          make PRODUCTION_BUILD=0
           mv ./app/pkg/installer_s2.sh ./app/pkg/installer_nanos_plus.sh
       - name: Set tag
         id: nanosp
         run: echo "tag_name=$(./app/pkg/installer_nanos_plus.sh version)" >> $GITHUB_OUTPUT
       - name: Update Release
-        id: update_release_2
+        if: ${{ github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' }}
+        id: update_release_nanosp
         uses: softprops/action-gh-release@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
@@ -165,30 +145,36 @@ jobs:
           prerelease: false
 
   build_package_stax:
-    needs: [configure, build, build_ledger, test_zemu]
-    if: ${{ github.ref == 'refs/heads/main' }}
-    runs-on: ${{ github.repository_owner == 'zondax' && 'zondax-runners' || 'ubuntu-latest' }}
+    needs:
+      [
+        configure,
+        cpp_tests,
+        build_ledger,
+        test_zemu,
+      ]
+    runs-on: ubuntu-latest
     container:
       image: zondax/ledger-app-builder:latest
-      options: --user ${{ needs.configure.outputs.uid_gid }}
+      options: --user root
       env:
         BOLOS_SDK: /opt/stax-secure-sdk
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          submodules: true
+          submodules: recursive
       - name: Install deps
         run: pip install --break-system-packages ledgerblue
-
       - name: Build Stax
         shell: bash -l {0}
-        run: PRODUCTION_BUILD=0 make
+        run: |
+          make PRODUCTION_BUILD=0
       - name: Set tag
         id: stax
         run: echo "tag_name=$(./app/pkg/installer_stax.sh version)" >> $GITHUB_OUTPUT
       - name: Update Release
-        id: update_release_2
+        if: ${{ github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' }}
+        id: update_release_stax
         uses: softprops/action-gh-release@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
@@ -200,35 +186,42 @@ jobs:
           prerelease: false
 
   build_package_flex:
-    needs: [configure, build, build_ledger, test_zemu]
-    if: ${{ github.ref == 'refs/heads/main' }}
-    runs-on: ${{ github.repository_owner == 'zondax' && 'zondax-runners' || 'ubuntu-latest' }}
+    needs:
+      [
+        configure,
+        cpp_tests,
+        build_ledger,
+        test_zemu,
+      ]
+    runs-on: ubuntu-latest
     container:
       image: zondax/ledger-app-builder:latest
-      options: --user ${{ needs.configure.outputs.uid_gid }}
+      options: --user root
       env:
         BOLOS_SDK: /opt/flex-secure-sdk
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          submodules: true
+          submodules: recursive
       - name: Install deps
         run: pip install --break-system-packages ledgerblue
-
       - name: Build Flex
         shell: bash -l {0}
-        run: PRODUCTION_BUILD=0 make
+        run: |
+          make PRODUCTION_BUILD=0
       - name: Set tag
         id: flex
         run: echo "tag_name=$(./app/pkg/installer_flex.sh version)" >> $GITHUB_OUTPUT
       - name: Update Release
-        id: update_release_2
+        if: ${{ github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' }}
+        id: update_release_flex
         uses: softprops/action-gh-release@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
         with:
-          files: ./app/pkg/installer_flex.sh
+          files: |
+            ./app/pkg/installer_flex.sh
           tag_name: ${{ steps.flex.outputs.tag_name }}
           draft: false
           prerelease: false

CMakeLists.txt

@@ -14,10 +14,11 @@
 #*  limitations under the License.
 #********************************************************************************
 cmake_minimum_required(VERSION 3.28)
+
 include("cmake/HunterGate.cmake")
 HunterGate(
-    URL "https://github.com/cpp-pm/hunter/archive/v0.25.5.tar.gz"
-    SHA1 "a20151e4c0740ee7d0f9994476856d813cdead29"
+    URL "https://github.com/cpp-pm/hunter/archive/v0.26.1.tar.gz"
+    SHA1 "e41ac7a18c49b35ebac99ff2b5244317b2638a65"
     LOCAL
 )
 
@@ -48,12 +49,18 @@ string(APPEND CMAKE_C_FLAGS " -fno-omit-frame-pointer -g")
 string(APPEND CMAKE_CXX_FLAGS " -fno-omit-frame-pointer -g")
 string(APPEND CMAKE_LINKER_FLAGS " -fno-omit-frame-pointer -g")
 
+# Use FetchContent to get nlohmann_json 3.12.0 since Hunter doesn't support this version
+include(FetchContent)
+FetchContent_Declare(
+    nlohmann_json
+    URL https://github.com/nlohmann/json/releases/download/v3.12.0/json.tar.xz
+    URL_HASH SHA256=42f6e95cad6ec532fd372391373363b62a14af6d771056dbfc86160e6dfff7aa
+)
+FetchContent_MakeAvailable(nlohmann_json)
+
 hunter_add_package(fmt)
 find_package(fmt CONFIG REQUIRED)
 
-hunter_add_package(jsoncpp)
-find_package(jsoncpp CONFIG REQUIRED)
-
 hunter_add_package(GTest)
 find_package(GTest CONFIG REQUIRED)
 
@@ -208,7 +215,7 @@ else()
             app_lib
             GTest::gtest_main
             fmt::fmt
-            JsonCpp::JsonCpp)
+            nlohmann_json::nlohmann_json)
 
     add_compile_definitions(TESTVECTORS_DIR="${CMAKE_CURRENT_SOURCE_DIR}/tests/")
     add_test(NAME unittests COMMAND unittests)

README.md

@@ -72,7 +72,7 @@ then run:
 - This project requires Ledger firmware 2.0
     - The current repository keeps track of Ledger's SDK but it is possible to override it by changing the git submodule.
 
-*Warning*: Some IDEs may not use the same python interpreter or virtual enviroment as the one you used when running `pip`.
+*Warning*: Some IDEs may not use the same python interpreter or virtual environment as the one you used when running `pip`.
 If you see conan is not found, check that you installed the package in the same interpreter as the one that launches `cmake`.
 
 ## How to build ?
@@ -179,7 +179,7 @@ Many of our integration tests expect the device to be configured with a known te
 
 - Enter your pin if necessary
 
-- Run `make dev_ca`. The device will receive a development certificate to avoid constant manual confirmations.
+- Run `make dev_caS2`. The device will receive a development certificate to avoid constant manual confirmations.
 
 
 ### Loading into your development device

app/Makefile

@@ -38,7 +38,6 @@ APP_SOURCE_PATH += src
 
 # Application icons following guidelines:
 # https://developers.ledger.com/docs/embedded-app/design-requirements/#device-icon
-ICON_NANOS = nanos_icon.gif
 ICON_NANOX = nanox_icon.gif
 ICON_NANOSP = nanox_icon.gif
 ICON_STAX = stax_icon.gif

app/src/addr.c

@@ -34,8 +34,8 @@ zxerr_t addr_getNumItems(uint8_t *num_items) {
     return zxerr_ok;
 }
 
-zxerr_t addr_getItem(int8_t displayIdx, char *outKey, uint16_t outKeyLen, char *outVal, uint16_t outValLen, uint8_t pageIdx,
-                     uint8_t *pageCount) {
+zxerr_t addr_getItem(int8_t displayIdx, char *outKey, uint16_t outKeyLen, char *outVal, uint16_t outValLen,
+                     uint8_t pageIdx, uint8_t *pageCount) {
     ZEMU_LOGF(50, "[addr_getItem] %d/%d\n", displayIdx, pageIdx)
 
     switch (displayIdx) {