// Copyright 2018 The go-ethereum Authors
// This file is part of the go-ethereum library.
//
// The go-ethereum library is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// The go-ethereum library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
package scwallet
import (
"bytes"
"context"
"crypto/hmac"
"crypto/sha256"
"crypto/sha512"
"encoding/asn1"
"encoding/binary"
"errors"
"fmt"
"math/big"
"regexp"
"sort"
"strings"
"sync"
"time"
"github.com/ava-labs/coreth/accounts"
"github.com/ava-labs/coreth/core/types"
ethereum "github.com/ava-labs/go-ethereum"
"github.com/ava-labs/go-ethereum/common"
"github.com/ava-labs/go-ethereum/crypto"
"github.com/ava-labs/go-ethereum/log"
pcsc "github.com/gballet/go-libpcsclite"
"github.com/status-im/keycard-go/derivationpath"
)
// ErrPairingPasswordNeeded is returned if opening the smart card requires pairing with a pairing
// password. In this case, the calling application should request user input to enter
// the pairing password and send it back.
var ErrPairingPasswordNeeded = errors.New("smartcard: pairing password needed")
// ErrPINNeeded is returned if opening the smart card requires a PIN code. In
// this case, the calling application should request user input to enter the PIN
// and send it back.
var ErrPINNeeded = errors.New("smartcard: pin needed")
// ErrPINUnblockNeeded is returned if opening the smart card requires a PIN code,
// but all PIN attempts have already been exhausted. In this case the calling
// application should request user input for the PUK and a new PIN code to set
// fo the card.
var ErrPINUnblockNeeded = errors.New("smartcard: pin unblock needed")
// ErrAlreadyOpen is returned if the smart card is attempted to be opened, but
// there is already a paired and unlocked session.
var ErrAlreadyOpen = errors.New("smartcard: already open")
// ErrPubkeyMismatch is returned if the public key recovered from a signature
// does not match the one expected by the user.
var ErrPubkeyMismatch = errors.New("smartcard: recovered public key mismatch")
var (
appletAID = []byte{0xA0, 0x00, 0x00, 0x08, 0x04, 0x00, 0x01, 0x01, 0x01}
// DerivationSignatureHash is used to derive the public key from the signature of this hash
DerivationSignatureHash = sha256.Sum256(common.Hash{}.Bytes())
)
// List of APDU command-related constants
const (
claISO7816 = 0
claSCWallet = 0x80
insSelect = 0xA4
insGetResponse = 0xC0
sw1GetResponse = 0x61
sw1Ok = 0x90
insVerifyPin = 0x20
insUnblockPin = 0x22
insExportKey = 0xC2
insSign = 0xC0
insLoadKey = 0xD0
insDeriveKey = 0xD1
insStatus = 0xF2
)
// List of ADPU command parameters
const (
P1DeriveKeyFromMaster = uint8(0x00)
P1DeriveKeyFromParent = uint8(0x01)
P1DeriveKeyFromCurrent = uint8(0x10)
statusP1WalletStatus = uint8(0x00)
statusP1Path = uint8(0x01)
signP1PrecomputedHash = uint8(0x01)
signP2OnlyBlock = uint8(0x81)
exportP1Any = uint8(0x00)
exportP2Pubkey = uint8(0x01)
)
// Minimum time to wait between self derivation attempts, even it the user is
// requesting accounts like crazy.
const selfDeriveThrottling = time.Second
// Wallet represents a smartcard wallet instance.
type Wallet struct {
Hub *Hub // A handle to the Hub that instantiated this wallet.
PublicKey []byte // The wallet's public key (used for communication and identification, not signing!)
lock sync.Mutex // Lock that gates access to struct fields and communication with the card
card *pcsc.Card // A handle to the smartcard interface for the wallet.
session *Session // The secure communication session with the card
log log.Logger // Contextual logger to tag the base with its id
deriveNextPaths []accounts.DerivationPath // Next derivation paths for account auto-discovery (multiple bases supported)
deriveNextAddrs []common.Address // Next derived account addresses for auto-discovery (multiple bases supported)
deriveChain ethereum.ChainStateReader // Blockchain state reader to discover used account with
deriveReq chan chan struct{} // Channel to request a self-derivation on
deriveQuit chan chan error // Channel to terminate the self-deriver with
}
// NewWallet constructs and returns a new Wallet instance.
func NewWallet(hub *Hub, card *pcsc.Card) *Wallet {
wallet := &Wallet{
Hub: hub,
card: card,
}
return wallet
}
// transmit sends an APDU to the smartcard and receives and decodes the response.
// It automatically handles requests by the card to fetch the return data separately,
// and returns an error if the response status code is not success.
func transmit(card *pcsc.Card, command *commandAPDU) (*responseAPDU, error) {
data, err := command.serialize()
if err != nil {
return nil, err
}
responseData, _, err := card.Transmit(data)
if<