diff options
author | Péter Szilágyi <peterke@gmail.com> | 2017-02-11 23:02:00 +0800 |
---|---|---|
committer | Péter Szilágyi <peterke@gmail.com> | 2017-02-13 20:00:12 +0800 |
commit | e99c788155ddd754c73d2c81b6051dcbd42e6575 (patch) | |
tree | 1b219c22d8e288c8b12c9125adb709686664aa9e /accounts/usbwallet | |
parent | c7022c1a0c2aa4c0326129ef483b27bcd6c1262d (diff) | |
download | dexon-e99c788155ddd754c73d2c81b6051dcbd42e6575.tar dexon-e99c788155ddd754c73d2c81b6051dcbd42e6575.tar.gz dexon-e99c788155ddd754c73d2c81b6051dcbd42e6575.tar.bz2 dexon-e99c788155ddd754c73d2c81b6051dcbd42e6575.tar.lz dexon-e99c788155ddd754c73d2c81b6051dcbd42e6575.tar.xz dexon-e99c788155ddd754c73d2c81b6051dcbd42e6575.tar.zst dexon-e99c788155ddd754c73d2c81b6051dcbd42e6575.zip |
accounts: ledger and HD review fixes
- Handle a data race where a Ledger drops between list and open
- Prolong Ledger tx confirmation window to 30 days from 1 minute
- Simplify Ledger chainid-signature calculation and validation
- Simplify Ledger USB APDU request chunking algorithm
- Silence keystore account cache notifications for manual actions
- Only enable self derivations if wallet open succeeds
Diffstat (limited to 'accounts/usbwallet')
-rw-r--r-- | accounts/usbwallet/ledger_wallet.go | 68 |
1 files changed, 35 insertions, 33 deletions
diff --git a/accounts/usbwallet/ledger_wallet.go b/accounts/usbwallet/ledger_wallet.go index 6044b9caf..a667f580a 100644 --- a/accounts/usbwallet/ledger_wallet.go +++ b/accounts/usbwallet/ledger_wallet.go @@ -192,6 +192,9 @@ func (w *ledgerWallet) Open(passphrase string) error { if err != nil { return err } + if len(devices) == 0 { + return accounts.ErrUnknownWallet + } // Device opened, attach to the input and output endpoints device := devices[0] @@ -767,7 +770,7 @@ func (w *ledgerWallet) ledgerDerive(derivationPath []uint32) (common.Address, er func (w *ledgerWallet) ledgerSign(derivationPath []uint32, address common.Address, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error) { // We need to modify the timeouts to account for user feedback defer func(old time.Duration) { w.device.ReadTimeout = old }(w.device.ReadTimeout) - w.device.ReadTimeout = time.Minute + w.device.ReadTimeout = time.Hour * 24 * 30 // Timeout requires a Ledger power cycle, only if you must // Flatten the derivation path into the Ledger request path := make([]byte, 1+4*len(derivationPath)) @@ -823,7 +826,7 @@ func (w *ledgerWallet) ledgerSign(derivationPath []uint32, address common.Addres signer = new(types.HomesteadSigner) } else { signer = types.NewEIP155Signer(chainID) - signature[64] = (signature[64]-34)/2 - byte(chainID.Uint64()) + signature[64] = signature[64] - byte(chainID.Uint64()*2+35) } // Inject the final signature into the transaction and sanity check the sender signed, err := tx.WithSignature(signer, signature) @@ -875,45 +878,42 @@ func (w *ledgerWallet) ledgerSign(derivationPath []uint32, address common.Addres // Optional APDU data | arbitrary func (w *ledgerWallet) ledgerExchange(opcode ledgerOpcode, p1 ledgerParam1, p2 ledgerParam2, data []byte) ([]byte, error) { // Construct the message payload, possibly split into multiple chunks - var chunks [][]byte - for left := data; len(left) > 0 || len(chunks) == 0; { - // Create the chunk header - var chunk []byte - - if len(chunks) == 0 { - // The first chunk encodes the length and all the opcodes - chunk = []byte{0x00, 0x00, 0xe0, byte(opcode), byte(p1), byte(p2), byte(len(data))} - binary.BigEndian.PutUint16(chunk, uint16(5+len(data))) - } - // Append the data blob to the end of the chunk - space := 64 - len(chunk) - 5 // 5 == header size - if len(left) > space { - chunks, left = append(chunks, append(chunk, left[:space]...)), left[space:] - continue - } - chunks, left = append(chunks, append(chunk, left...)), nil - } + apdu := make([]byte, 2, 7+len(data)) + + binary.BigEndian.PutUint16(apdu, uint16(5+len(data))) + apdu = append(apdu, []byte{0xe0, byte(opcode), byte(p1), byte(p2), byte(len(data))}...) + apdu = append(apdu, data...) + // Stream all the chunks to the device - for i, chunk := range chunks { - // Construct the new message to stream - header := []byte{0x01, 0x01, 0x05, 0x00, 0x00} // Channel ID and command tag appended - binary.BigEndian.PutUint16(header[3:], uint16(i)) + header := []byte{0x01, 0x01, 0x05, 0x00, 0x00} // Channel ID and command tag appended + chunk := make([]byte, 64) + space := len(chunk) - len(header) - msg := append(header, chunk...) + for i := 0; len(apdu) > 0; i++ { + // Construct the new message to stream + chunk = append(chunk[:0], header...) + binary.BigEndian.PutUint16(chunk[3:], uint16(i)) + if len(apdu) > space { + chunk = append(chunk, apdu[:space]...) + apdu = apdu[space:] + } else { + chunk = append(chunk, apdu...) + apdu = nil + } // Send over to the device if glog.V(logger.Detail) { - glog.Infof("-> %03d.%03d: %x", w.device.Bus, w.device.Address, msg) + glog.Infof("-> %03d.%03d: %x", w.device.Bus, w.device.Address, chunk) } - if _, err := w.input.Write(msg); err != nil { + if _, err := w.input.Write(chunk); err != nil { return nil, err } } // Stream the reply back from the wallet in 64 byte chunks var reply []byte + chunk = chunk[:64] // Yeah, we surely have enough space for { // Read the next chunk from the Ledger wallet - chunk := make([]byte, 64) if _, err := io.ReadFull(w.output, chunk); err != nil { return nil, err } @@ -925,17 +925,19 @@ func (w *ledgerWallet) ledgerExchange(opcode ledgerOpcode, p1 ledgerParam1, p2 l return nil, errReplyInvalidHeader } // If it's the first chunk, retrieve the total message length + var payload []byte + if chunk[3] == 0x00 && chunk[4] == 0x00 { reply = make([]byte, 0, int(binary.BigEndian.Uint16(chunk[5:7]))) - chunk = chunk[7:] + payload = chunk[7:] } else { - chunk = chunk[5:] + payload = chunk[5:] } // Append to the reply and stop when filled up - if left := cap(reply) - len(reply); left > len(chunk) { - reply = append(reply, chunk...) + if left := cap(reply) - len(reply); left > len(payload) { + reply = append(reply, payload...) } else { - reply = append(reply, chunk[:left]...) + reply = append(reply, payload[:left]...) break } } |