+++ /dev/null
-package nano
-
-import (
- "bytes"
- "encoding/hex"
-
- "github.com/pkg/errors"
-
- ledger "github.com/ethanfrey/ledger"
-
- crypto "github.com/tendermint/go-crypto"
- wire "github.com/tendermint/go-wire"
-)
-
-//nolint
-const (
- NameLedgerEd25519 = "ledger-ed25519"
- TypeLedgerEd25519 = 0x10
-
- // Timeout is the number of seconds to wait for a response from the ledger
- // if eg. waiting for user confirmation on button push
- Timeout = 20
-)
-
-var device *ledger.Ledger
-
-// getLedger gets a copy of the device, and caches it
-func getLedger() (*ledger.Ledger, error) {
- var err error
- if device == nil {
- device, err = ledger.FindLedger()
- }
- return device, err
-}
-
-func signLedger(device *ledger.Ledger, msg []byte) (pk crypto.PubKey, sig crypto.Signature, err error) {
- var resp []byte
-
- packets := generateSignRequests(msg)
- for _, pack := range packets {
- resp, err = device.Exchange(pack, Timeout)
- if err != nil {
- return pk, sig, err
- }
- }
-
- // the last call is the result we want and needs to be parsed
- key, bsig, err := parseDigest(resp)
- if err != nil {
- return pk, sig, err
- }
-
- var b [32]byte
- copy(b[:], key)
- return PubKeyLedgerEd25519FromBytes(b), crypto.SignatureEd25519FromBytes(bsig), nil
-}
-
-// PrivKeyLedgerEd25519 implements PrivKey, calling the ledger nano
-// we cache the PubKey from the first call to use it later
-type PrivKeyLedgerEd25519 struct {
- // PubKey should be private, but we want to encode it via go-wire
- // so we can view the address later, even without having the ledger
- // attached
- CachedPubKey crypto.PubKey
-}
-
-// NewPrivKeyLedgerEd25519Ed25519 will generate a new key and store the
-// public key for later use.
-func NewPrivKeyLedgerEd25519Ed25519() (crypto.PrivKey, error) {
- var pk PrivKeyLedgerEd25519
- // getPubKey will cache the pubkey for later use,
- // this allows us to return an error early if the ledger
- // is not plugged in
- _, err := pk.getPubKey()
- return pk.Wrap(), err
-}
-
-// ValidateKey allows us to verify the sanity of a key
-// after loading it from disk
-func (pk *PrivKeyLedgerEd25519) ValidateKey() error {
- // getPubKey will return an error if the ledger is not
- // properly set up...
- pub, err := pk.forceGetPubKey()
- if err != nil {
- return err
- }
- // verify this matches cached address
- if !pub.Equals(pk.CachedPubKey) {
- return errors.New("ledger doesn't match cached key")
- }
- return nil
-}
-
-// AssertIsPrivKeyInner fulfils PrivKey Interface
-func (pk *PrivKeyLedgerEd25519) AssertIsPrivKeyInner() {}
-
-// Bytes fulfils pk Interface - stores the cached pubkey so we can verify
-// the same key when we reconnect to a ledger
-func (pk *PrivKeyLedgerEd25519) Bytes() []byte {
- return wire.BinaryBytes(pk.Wrap())
-}
-
-// Sign calls the ledger and stores the pk for future use
-//
-// XXX/TODO: panics if there is an error communicating with the ledger.
-//
-// Communication is checked on NewPrivKeyLedger and PrivKeyFromBytes,
-// returning an error, so this should only trigger if the privkey is held
-// in memory for a while before use.
-func (pk *PrivKeyLedgerEd25519) Sign(msg []byte) crypto.Signature {
- // oh, I wish there was better error handling
- dev, err := getLedger()
- if err != nil {
- panic(err)
- }
-
- pub, sig, err := signLedger(dev, msg)
- if err != nil {
- panic(err)
- }
-
- // if we have no pubkey yet, store it for future queries
- if pk.CachedPubKey.Empty() {
- pk.CachedPubKey = pub
- } else if !pk.CachedPubKey.Equals(pub) {
- panic("signed with a different key than stored")
- }
- return sig
-}
-
-// PubKey returns the stored PubKey
-// TODO: query the ledger if not there, once it is not volatile
-func (pk *PrivKeyLedgerEd25519) PubKey() crypto.PubKey {
- key, err := pk.getPubKey()
- if err != nil {
- panic(err)
- }
- return key
-}
-
-// getPubKey reads the pubkey from cache or from the ledger itself
-// since this involves IO, it may return an error, which is not exposed
-// in the PubKey interface, so this function allows better error handling
-func (pk *PrivKeyLedgerEd25519) getPubKey() (key crypto.PubKey, err error) {
- // if we have no pubkey, set it
- if pk.CachedPubKey.Empty() {
- pk.CachedPubKey, err = pk.forceGetPubKey()
- }
- return pk.CachedPubKey, err
-}
-
-// forceGetPubKey is like getPubKey but ignores any cached key
-// and ensures we get it from the ledger itself.
-func (pk *PrivKeyLedgerEd25519) forceGetPubKey() (key crypto.PubKey, err error) {
- dev, err := getLedger()
- if err != nil {
- return key, errors.New("Can't connect to ledger device")
- }
- key, _, err = signLedger(dev, []byte{0})
- if err != nil {
- return key, errors.New("Please open cosmos app on the ledger")
- }
- return key, err
-}
-
-// Equals fulfils PrivKey Interface - makes sure both keys refer to the
-// same
-func (pk *PrivKeyLedgerEd25519) Equals(other crypto.PrivKey) bool {
- if ledger, ok := other.Unwrap().(*PrivKeyLedgerEd25519); ok {
- return pk.CachedPubKey.Equals(ledger.CachedPubKey)
- }
- return false
-}
-
-// MockPrivKeyLedgerEd25519 behaves as the ledger, but stores a pre-packaged call-response
-// for use in test cases
-type MockPrivKeyLedgerEd25519 struct {
- Msg []byte
- Pub [KeyLength]byte
- Sig [SigLength]byte
-}
-
-// NewMockKey returns
-func NewMockKey(msg, pubkey, sig string) (pk MockPrivKeyLedgerEd25519) {
- var err error
- pk.Msg, err = hex.DecodeString(msg)
- if err != nil {
- panic(err)
- }
-
- bpk, err := hex.DecodeString(pubkey)
- if err != nil {
- panic(err)
- }
- bsig, err := hex.DecodeString(sig)
- if err != nil {
- panic(err)
- }
-
- copy(pk.Pub[:], bpk)
- copy(pk.Sig[:], bsig)
- return pk
-}
-
-var _ crypto.PrivKeyInner = MockPrivKeyLedgerEd25519{}
-
-// AssertIsPrivKeyInner fulfils PrivKey Interface
-func (pk MockPrivKeyLedgerEd25519) AssertIsPrivKeyInner() {}
-
-// Bytes fulfils PrivKey Interface - not supported
-func (pk MockPrivKeyLedgerEd25519) Bytes() []byte {
- return nil
-}
-
-// Sign returns a real SignatureLedger, if the msg matches what we expect
-func (pk MockPrivKeyLedgerEd25519) Sign(msg []byte) crypto.Signature {
- if !bytes.Equal(pk.Msg, msg) {
- panic("Mock key is for different msg")
- }
- return crypto.SignatureEd25519(pk.Sig).Wrap()
-}
-
-// PubKey returns a real PubKeyLedgerEd25519, that will verify this signature
-func (pk MockPrivKeyLedgerEd25519) PubKey() crypto.PubKey {
- return PubKeyLedgerEd25519FromBytes(pk.Pub)
-}
-
-// Equals compares that two Mocks have the same data
-func (pk MockPrivKeyLedgerEd25519) Equals(other crypto.PrivKey) bool {
- if mock, ok := other.Unwrap().(MockPrivKeyLedgerEd25519); ok {
- return bytes.Equal(mock.Pub[:], pk.Pub[:]) &&
- bytes.Equal(mock.Sig[:], pk.Sig[:]) &&
- bytes.Equal(mock.Msg, pk.Msg)
- }
- return false
-}
-
-////////////////////////////////////////////
-// pubkey
-
-// PubKeyLedgerEd25519 works like a normal Ed25519 except a hash before the verify bytes
-type PubKeyLedgerEd25519 struct {
- crypto.PubKeyEd25519
-}
-
-// PubKeyLedgerEd25519FromBytes creates a PubKey from the raw bytes
-func PubKeyLedgerEd25519FromBytes(key [32]byte) crypto.PubKey {
- return PubKeyLedgerEd25519{crypto.PubKeyEd25519(key)}.Wrap()
-}
-
-// Bytes fulfils pk Interface - no data, just type info
-func (pk PubKeyLedgerEd25519) Bytes() []byte {
- return wire.BinaryBytes(pk.Wrap())
-}
-
-// VerifyBytes uses the normal Ed25519 algorithm but a sha512 hash beforehand
-func (pk PubKeyLedgerEd25519) VerifyBytes(msg []byte, sig crypto.Signature) bool {
- hmsg := hashMsg(msg)
- return pk.PubKeyEd25519.VerifyBytes(hmsg, sig)
-}
-
-// Equals implements PubKey interface
-func (pk PubKeyLedgerEd25519) Equals(other crypto.PubKey) bool {
- if ledger, ok := other.Unwrap().(PubKeyLedgerEd25519); ok {
- return pk.PubKeyEd25519.Equals(ledger.PubKeyEd25519.Wrap())
- }
- return false
-}
-
-/*** registration with go-data ***/
-
-func init() {
- crypto.PrivKeyMapper.
- RegisterImplementation(&PrivKeyLedgerEd25519{}, NameLedgerEd25519, TypeLedgerEd25519).
- RegisterImplementation(MockPrivKeyLedgerEd25519{}, "mock-ledger", 0x11)
-
- crypto.PubKeyMapper.
- RegisterImplementation(PubKeyLedgerEd25519{}, NameLedgerEd25519, TypeLedgerEd25519)
-}
-
-// Wrap fulfils interface for PrivKey struct
-func (pk *PrivKeyLedgerEd25519) Wrap() crypto.PrivKey {
- return crypto.PrivKey{PrivKeyInner: pk}
-}
-
-// Wrap fulfils interface for PrivKey struct
-func (pk MockPrivKeyLedgerEd25519) Wrap() crypto.PrivKey {
- return crypto.PrivKey{PrivKeyInner: pk}
-}
-
-// Wrap fulfils interface for PubKey struct
-func (pk PubKeyLedgerEd25519) Wrap() crypto.PubKey {
- return crypto.PubKey{PubKeyInner: pk}
-}