Check decrypted backup

Author: giahuy98

src/hwi_tapsigner.cpp

@@ -503,6 +503,11 @@ std::string HWITapsignerImpl::DecryptBackup(const Bytes &encrypted_data,
   }
   Bytes decrypted = AES128CTRDecrypt(encrypted_data, backup_key_bytes);
 
+  if (decrypted.size() < std::size(xprv)) {
+    throw TapProtoException(TapProtoException::INVALID_BACKUP_KEY,
+                            "Invalid backup key");
+  }
+
   if (std::equal(std::begin(xprv), std::end(xprv), std::begin(decrypted)) ||
       std::equal(std::begin(tprv), std::end(tprv), std::begin(decrypted))) {
     return {std::begin(decrypted), std::end(decrypted)};

tests/hwi_tapsigner_test.cpp

@@ -129,6 +129,22 @@ TEST_CASE("decrypt backup") {
   CHECK(decrypted == expected);
 }
 
+TEST_CASE("decrypt backup invalid data") {
+  std::unique_ptr<tap_protocol::Transport> tp =
+      std::make_unique<CardEmulator>();
+
+  std::unique_ptr<tap_protocol::Tapsigner> tapsigner =
+      std::make_unique<tap_protocol::Tapsigner>(std::move(tp));
+
+  auto hwi = tap_protocol::MakeHWITapsigner(tapsigner.get(), default_cvc);
+  hwi->SetChain(tap_protocol::HWITapsigner::Chain::TESTNET);
+
+  std::string backup_key = "41414141414141414141414141414141";
+  auto encrypted = tap_protocol::Hex2Bytes("");
+  CHECK_THROWS_AS({ hwi->DecryptBackup(encrypted, backup_key); },
+                  tap_protocol::TapProtoException);
+}
+
 TEST_CASE("get xpub at path") {
   std::unique_ptr<tap_protocol::Transport> tp =
       std::make_unique<CardEmulator>();