diff options
Diffstat (limited to 'accounts/usbwallet/trezor.go')
| -rw-r--r-- | accounts/usbwallet/trezor.go | 365 |
1 files changed, 0 insertions, 365 deletions
diff --git a/accounts/usbwallet/trezor.go b/accounts/usbwallet/trezor.go deleted file mode 100644 index 833c7a9..0000000 --- a/accounts/usbwallet/trezor.go +++ /dev/null @@ -1,365 +0,0 @@ -// Copyright 2017 The go-ethereum Authors -// This file is part of the go-ethereum library. -// -// The go-ethereum library is free software: you can redistribute it and/or modify -// it under the terms of the GNU Lesser General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// The go-ethereum library is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Lesser General Public License for more details. -// -// You should have received a copy of the GNU Lesser General Public License -// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>. - -// This file contains the implementation for interacting with the Trezor hardware -// wallets. The wire protocol spec can be found on the SatoshiLabs website: -// https://doc.satoshilabs.com/trezor-tech/api-protobuf.html - -package usbwallet - -import ( - "encoding/binary" - "errors" - "fmt" - "io" - "math/big" - - "github.com/ava-labs/coreth/accounts" - "github.com/ava-labs/coreth/accounts/usbwallet/trezor" - "github.com/ava-labs/coreth/core/types" - "github.com/ava-labs/go-ethereum/common" - "github.com/ava-labs/go-ethereum/common/hexutil" - "github.com/ava-labs/go-ethereum/log" - "github.com/golang/protobuf/proto" -) - -// ErrTrezorPINNeeded is returned if opening the trezor requires a PIN code. In -// this case, the calling application should display a pinpad and send back the -// encoded passphrase. -var ErrTrezorPINNeeded = errors.New("trezor: pin needed") - -// ErrTrezorPassphraseNeeded is returned if opening the trezor requires a passphrase -var ErrTrezorPassphraseNeeded = errors.New("trezor: passphrase needed") - -// errTrezorReplyInvalidHeader is the error message returned by a Trezor data exchange -// if the device replies with a mismatching header. This usually means the device -// is in browser mode. -var errTrezorReplyInvalidHeader = errors.New("trezor: invalid reply header") - -// trezorDriver implements the communication with a Trezor hardware wallet. -type trezorDriver struct { - device io.ReadWriter // USB device connection to communicate through - version [3]uint32 // Current version of the Trezor firmware - label string // Current textual label of the Trezor device - pinwait bool // Flags whether the device is waiting for PIN entry - passphrasewait bool // Flags whether the device is waiting for passphrase entry - failure error // Any failure that would make the device unusable - log log.Logger // Contextual logger to tag the trezor with its id -} - -// newTrezorDriver creates a new instance of a Trezor USB protocol driver. -func newTrezorDriver(logger log.Logger) driver { - return &trezorDriver{ - log: logger, - } -} - -// Status implements accounts.Wallet, always whether the Trezor is opened, closed -// or whether the Ethereum app was not started on it. -func (w *trezorDriver) Status() (string, error) { - if w.failure != nil { - return fmt.Sprintf("Failed: %v", w.failure), w.failure - } - if w.device == nil { - return "Closed", w.failure - } - if w.pinwait { - return fmt.Sprintf("Trezor v%d.%d.%d '%s' waiting for PIN", w.version[0], w.version[1], w.version[2], w.label), w.failure - } - return fmt.Sprintf("Trezor v%d.%d.%d '%s' online", w.version[0], w.version[1], w.version[2], w.label), w.failure -} - -// Open implements usbwallet.driver, attempting to initialize the connection to -// the Trezor hardware wallet. Initializing the Trezor is a two or three phase operation: -// * The first phase is to initialize the connection and read the wallet's -// features. This phase is invoked if the provided passphrase is empty. The -// device will display the pinpad as a result and will return an appropriate -// error to notify the user that a second open phase is needed. -// * The second phase is to unlock access to the Trezor, which is done by the -// user actually providing a passphrase mapping a keyboard keypad to the pin -// number of the user (shuffled according to the pinpad displayed). -// * If needed the device will ask for passphrase which will require calling -// open again with the actual passphrase (3rd phase) -func (w *trezorDriver) Open(device io.ReadWriter, passphrase string) error { - w.device, w.failure = device, nil - - // If phase 1 is requested, init the connection and wait for user callback - if passphrase == "" && !w.passphrasewait { - // If we're already waiting for a PIN entry, insta-return - if w.pinwait { - return ErrTrezorPINNeeded - } - // Initialize a connection to the device - features := new(trezor.Features) - if _, err := w.trezorExchange(&trezor.Initialize{}, features); err != nil { - return err - } - w.version = [3]uint32{features.GetMajorVersion(), features.GetMinorVersion(), features.GetPatchVersion()} - w.label = features.GetLabel() - - // Do a manual ping, forcing the device to ask for its PIN and Passphrase - askPin := true - askPassphrase := true - res, err := w.trezorExchange(&trezor.Ping{PinProtection: &askPin, PassphraseProtection: &askPassphrase}, new(trezor.PinMatrixRequest), new(trezor.PassphraseRequest), new(trezor.Success)) - if err != nil { - return err - } - // Only return the PIN request if the device wasn't unlocked until now - switch res { - case 0: - w.pinwait = true - return ErrTrezorPINNeeded - case 1: - w.pinwait = false - w.passphrasewait = true - return ErrTrezorPassphraseNeeded - case 2: - return nil // responded with trezor.Success - } - } - // Phase 2 requested with actual PIN entry - if w.pinwait { - w.pinwait = false - res, err := w.trezorExchange(&trezor.PinMatrixAck{Pin: &passphrase}, new(trezor.Success), new(trezor.PassphraseRequest)) - if err != nil { - w.failure = err - return err - } - if res == 1 { - w.passphrasewait = true - return ErrTrezorPassphraseNeeded - } - } else if w.passphrasewait { - w.passphrasewait = false - if _, err := w.trezorExchange(&trezor.PassphraseAck{Passphrase: &passphrase}, new(trezor.Success)); err != nil { - w.failure = err - return err - } - } - - return nil -} - -// Close implements usbwallet.driver, cleaning up and metadata maintained within -// the Trezor driver. -func (w *trezorDriver) Close() error { - w.version, w.label, w.pinwait = [3]uint32{}, "", false - return nil -} - -// Heartbeat implements usbwallet.driver, performing a sanity check against the -// Trezor to see if it's still online. -func (w *trezorDriver) Heartbeat() error { - if _, err := w.trezorExchange(&trezor.Ping{}, new(trezor.Success)); err != nil { - w.failure = err - return err - } - return nil -} - -// Derive implements usbwallet.driver, sending a derivation request to the Trezor -// and returning the Ethereum address located on that derivation path. -func (w *trezorDriver) Derive(path accounts.DerivationPath) (common.Address, error) { - return w.trezorDerive(path) -} - -// SignTx implements usbwallet.driver, sending the transaction to the Trezor and -// waiting for the user to confirm or deny the transaction. -func (w *trezorDriver) SignTx(path accounts.DerivationPath, tx *types.Transaction, chainID *big.Int) (common.Address, *types.Transaction, error) { - if w.device == nil { - return common.Address{}, nil, accounts.ErrWalletClosed - } - return w.trezorSign(path, tx, chainID) -} - -// trezorDerive sends a derivation request to the Trezor device and returns the -// Ethereum address located on that path. -func (w *trezorDriver) trezorDerive(derivationPath []uint32) (common.Address, error) { - address := new(trezor.EthereumAddress) - if _, err := w.trezorExchange(&trezor.EthereumGetAddress{AddressN: derivationPath}, address); err != nil { - return common.Address{}, err - } - if addr := address.GetAddressBin(); len(addr) > 0 { // Older firmwares use binary fomats - return common.BytesToAddress(addr), nil - } - if addr := address.GetAddressHex(); len(addr) > 0 { // Newer firmwares use hexadecimal fomats - return common.HexToAddress(addr), nil - } - return common.Address{}, errors.New("missing derived address") -} - -// trezorSign sends the transaction to the Trezor wallet, and waits for the user -// to confirm or deny the transaction. -func (w *trezorDriver) trezorSign(derivationPath []uint32, tx *types.Transaction, chainID *big.Int) (common.Address, *types.Transaction, error) { - // Create the transaction initiation message - data := tx.Data() - length := uint32(len(data)) - - request := &trezor.EthereumSignTx{ - AddressN: derivationPath, - Nonce: new(big.Int).SetUint64(tx.Nonce()).Bytes(), - GasPrice: tx.GasPrice().Bytes(), - GasLimit: new(big.Int).SetUint64(tx.Gas()).Bytes(), - Value: tx.Value().Bytes(), - DataLength: &length, - } - if to := tx.To(); to != nil { - // Non contract deploy, set recipient explicitly - hex := to.Hex() - request.ToHex = &hex // Newer firmwares (old will ignore) - request.ToBin = (*to)[:] // Older firmwares (new will ignore) - } - if length > 1024 { // Send the data chunked if that was requested - request.DataInitialChunk, data = data[:1024], data[1024:] - } else { - request.DataInitialChunk, data = data, nil - } - if chainID != nil { // EIP-155 transaction, set chain ID explicitly (only 32 bit is supported!?) - id := uint32(chainID.Int64()) - request.ChainId = &id - } - // Send the initiation message and stream content until a signature is returned - response := new(trezor.EthereumTxRequest) - if _, err := w.trezorExchange(request, response); err != nil { - return common.Address{}, nil, err - } - for response.DataLength != nil && int(*response.DataLength) <= len(data) { - chunk := data[:*response.DataLength] - data = data[*response.DataLength:] - - if _, err := w.trezorExchange(&trezor.EthereumTxAck{DataChunk: chunk}, response); err != nil { - return common.Address{}, nil, err - } - } - // Extract the Ethereum signature and do a sanity validation - if len(response.GetSignatureR()) == 0 || len(response.GetSignatureS()) == 0 || response.GetSignatureV() == 0 { - return common.Address{}, nil, errors.New("reply lacks signature") - } - signature := append(append(response.GetSignatureR(), response.GetSignatureS()...), byte(response.GetSignatureV())) - - // Create the correct signer and signature transform based on the chain ID - var signer types.Signer - if chainID == nil { - signer = new(types.HomesteadSigner) - } else { - signer = types.NewEIP155Signer(chainID) - signature[64] -= byte(chainID.Uint64()*2 + 35) - } - // Inject the final signature into the transaction and sanity check the sender - signed, err := tx.WithSignature(signer, signature) - if err != nil { - return common.Address{}, nil, err - } - sender, err := types.Sender(signer, signed) - if err != nil { - return common.Address{}, nil, err - } - return sender, signed, nil -} - -// trezorExchange performs a data exchange with the Trezor wallet, sending it a -// message and retrieving the response. If multiple responses are possible, the -// method will also return the index of the destination object used. -func (w *trezorDriver) trezorExchange(req proto.Message, results ...proto.Message) (int, error) { - // Construct the original message payload to chunk up - data, err := proto.Marshal(req) - if err != nil { - return 0, err - } - payload := make([]byte, 8+len(data)) - copy(payload, []byte{0x23, 0x23}) - binary.BigEndian.PutUint16(payload[2:], trezor.Type(req)) - binary.BigEndian.PutUint32(payload[4:], uint32(len(data))) - copy(payload[8:], data) - - // Stream all the chunks to the device - chunk := make([]byte, 64) - chunk[0] = 0x3f // Report ID magic number - - for len(payload) > 0 { - // Construct the new message to stream, padding with zeroes if needed - if len(payload) > 63 { - copy(chunk[1:], payload[:63]) - payload = payload[63:] - } else { - copy(chunk[1:], payload) - copy(chunk[1+len(payload):], make([]byte, 63-len(payload))) - payload = nil - } - // Send over to the device - w.log.Trace("Data chunk sent to the Trezor", "chunk", hexutil.Bytes(chunk)) - if _, err := w.device.Write(chunk); err != nil { - return 0, err - } - } - // Stream the reply back from the wallet in 64 byte chunks - var ( - kind uint16 - reply []byte - ) - for { - // Read the next chunk from the Trezor wallet - if _, err := io.ReadFull(w.device, chunk); err != nil { - return 0, err - } - w.log.Trace("Data chunk received from the Trezor", "chunk", hexutil.Bytes(chunk)) - - // Make sure the transport header matches - if chunk[0] != 0x3f || (len(reply) == 0 && (chunk[1] != 0x23 || chunk[2] != 0x23)) { - return 0, errTrezorReplyInvalidHeader - } - // If it's the first chunk, retrieve the reply message type and total message length - var payload []byte - - if len(reply) == 0 { - kind = binary.BigEndian.Uint16(chunk[3:5]) - reply = make([]byte, 0, int(binary.BigEndian.Uint32(chunk[5:9]))) - payload = chunk[9:] - } else { - payload = chunk[1:] - } - // Append to the reply and stop when filled up - if left := cap(reply) - len(reply); left > len(payload) { - reply = append(reply, payload...) - } else { - reply = append(reply, payload[:left]...) - break - } - } - // Try to parse the reply into the requested reply message - if kind == uint16(trezor.MessageType_MessageType_Failure) { - // Trezor returned a failure, extract and return the message - failure := new(trezor.Failure) - if err := proto.Unmarshal(reply, failure); err != nil { - return 0, err - } - return 0, errors.New("trezor: " + failure.GetMessage()) - } - if kind == uint16(trezor.MessageType_MessageType_ButtonRequest) { - // Trezor is waiting for user confirmation, ack and wait for the next message - return w.trezorExchange(&trezor.ButtonAck{}, results...) - } - for i, res := range results { - if trezor.Type(res) == kind { - return i, proto.Unmarshal(reply, res) - } - } - expected := make([]string, len(results)) - for i, res := range results { - expected[i] = trezor.Name(trezor.Type(res)) - } - return 0, fmt.Errorf("trezor: expected reply types %s, got %s", expected, trezor.Name(kind)) -} |