[ubsan][wallet] Spanifying wallet key signing

[cdesouza-chromium]

This is a general rework away from const std::vector<uint8_t>& when passing bytes around to using span instances, which are more generic. It is also much preferred that with span we can pass the data around by value, rather than by reference.

Resolves brave/brave-browser#41433

Submitter Checklist:

• I confirm that no security/privacy review is needed and no other type of reviews are needed, or that I have requested them
• There is a ticket for my issue
• Used Github auto-closing keywords in the PR description above
• Wrote a good PR/commit description
• Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
• Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
• Checked the PR locally:
  • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
  • npm run presubmit wiki, npm run gn_check, npm run tslint
• Ran git rebase master (if needed)

Reviewer Checklist:

• A security review is not needed, or a link to one is included in the PR description
• New files have MPL-2.0 license header
• Adequate test coverage exists to prevent regressions
• Major classes, functions and non-trivial code blocks are well-commented
• Changes in component dependencies are properly reflected in gn
• Code follows the style guide
• Test plan is specified in PR before merging

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on
• All relevant documentation has been updated, for instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Web-Compatibility-Exceptions-in-Brave
  • https://github.com/brave/brave-browser/wiki/QA-Guide
  • https://github.com/brave/brave-browser/wiki/P3A

Test Plan:

[github-actions]

[puLL-Merge] - brave/brave-core@25837

Description

This PR makes several changes to the Brave Wallet codebase, primarily focusing on improving the handling of byte arrays and enhancing the security of cryptographic operations. The main changes involve replacing std::vector<uint8_t> with base::span<const uint8_t> for function parameters, which allows for more efficient and safer handling of byte arrays.

Changes

Changes

1. components/brave_wallet/browser/bitcoin/bitcoin_hd_keyring.cc and .h:

   • Changed ImportAccount method to use base::span<const uint8_t> instead of std::vector<uint8_t>.

2. components/brave_wallet/browser/ethereum_keyring.cc and .h:

   • Modified RecoverAddress to return std::optional<std::string> instead of using an out parameter.
   • Updated several methods to use base::span<const uint8_t> for input parameters.

3. components/brave_wallet/browser/ethereum_provider_impl.cc and .h:

   • Updated SignTypedMessage method to use base::span<const uint8_t> for domain_hash and primary_hash.
   • Modified RecoverAddress to use the new return type from EthereumKeyring::RecoverAddress.

4. components/brave_wallet/browser/hd_keyring.h:

   • Changed ImportAccount method in the interface to use base::span<const uint8_t>.

5. components/brave_wallet/browser/internal/hd_key.cc and .h:

   • Updated several functions to use base::span<const uint8_t> instead of std::vector<uint8_t>.

6. components/brave_wallet/browser/keyring_service.cc and .h:

   • Modified several methods to use base::span<const uint8_t> for input parameters.
   • Updated RecoverAddressByDefaultKeyring to return std::optional<std::string>.

7. components/brave_wallet/browser/secp256k1_hd_keyring.cc and .h:

   • Updated ImportAccount method to use base::span<const uint8_t>.

8. components/brave_wallet/browser/solana_keyring.cc and .h:

   • Modified ImportAccount and SignMessage methods to use base::span<const uint8_t>.

9. components/brave_wallet/common/eth_sign_typed_data_helper.cc and .h:

   • Updated GetTypedDataMessageToSign to use base::span<const uint8_t> for input parameters.

Possible Issues

No major issues are apparent in this change. The modifications seem to be focused on improving the API and making it more efficient and safer to use.

Security Hotspots

There are no obvious security vulnerabilities introduced by this change. In fact, the use of base::span<const uint8_t> instead of std::vector<uint8_t> for input parameters can be seen as a security improvement, as it prevents accidental modifications to the input data and allows for more efficient handling of byte arrays.

[supermassive]

wallet core lgtm

[brave-builds]

Released in v1.72.66