2014-08-24 10:44:26 -07:00
from binascii import hexlify
2016-01-30 01:00:51 -08:00
from struct import unpack
import hashlib
2016-01-30 01:33:54 -08:00
import time
2014-08-24 10:44:26 -07:00
2014-08-31 06:33:20 -07:00
import electrum
2016-01-30 01:00:51 -08:00
from electrum . bitcoin import EncodeBase58Check , DecodeBase58Check , TYPE_ADDRESS
2014-08-24 10:44:26 -07:00
from electrum . i18n import _
2014-08-31 02:42:40 -07:00
from electrum . plugins import BasePlugin , hook
2016-01-29 22:46:19 -08:00
from . . hw_wallet import BIP44_HW_Wallet
2016-01-30 01:33:54 -08:00
from . . hw_wallet import HW_PluginBase
2016-01-30 01:00:51 -08:00
from electrum . util import format_satoshis_plain , print_error
2016-01-29 22:46:19 -08:00
2014-08-24 10:44:26 -07:00
try :
from btchip . btchipComm import getDongle , DongleWait
from btchip . btchip import btchip
from btchip . btchipUtils import compress_public_key , format_transaction , get_regular_input_script
from btchip . bitcoinTransaction import bitcoinTransaction
2014-08-27 14:19:14 -07:00
from btchip . btchipPersoWizard import StartBTChipPersoDialog
2014-09-19 07:02:09 -07:00
from btchip . btchipFirmwareWizard import checkFirmware , updateFirmware
2014-08-27 14:19:14 -07:00
from btchip . btchipException import BTChipException
2014-08-24 10:44:26 -07:00
BTCHIP = True
2015-07-04 00:45:08 -07:00
BTCHIP_DEBUG = False
2014-08-24 10:44:26 -07:00
except ImportError :
BTCHIP = False
2016-01-29 22:46:19 -08:00
class BTChipWallet ( BIP44_HW_Wallet ) :
2014-08-24 10:44:26 -07:00
wallet_type = ' btchip '
2016-01-01 01:38:43 -08:00
device = ' Ledger '
2014-08-24 10:44:26 -07:00
def __init__ ( self , storage ) :
2016-01-29 22:46:19 -08:00
BIP44_HW_Wallet . __init__ ( self , storage )
2016-01-10 21:38:45 -08:00
# Errors and other user interaction is done through the wallet's
# handler. The handler is per-window and preserved across
# device reconnects
self . handler = None
self . force_watching_only = False
2014-08-24 10:44:26 -07:00
self . device_checked = False
2014-09-20 05:27:13 -07:00
self . signing = False
2014-08-24 10:44:26 -07:00
2014-09-19 04:39:12 -07:00
def give_error ( self , message , clear_client = False ) :
2015-07-05 13:14:53 -07:00
print_error ( message )
2014-09-19 04:39:12 -07:00
if not self . signing :
2016-01-29 22:46:19 -08:00
self . handler . show_error ( message )
2014-09-19 04:39:12 -07:00
else :
self . signing = False
2016-01-10 22:08:12 -08:00
if clear_client :
self . plugin . client = None
2014-09-20 15:49:36 -07:00
self . device_checked = False
2015-07-04 00:45:08 -07:00
raise Exception ( message )
2014-09-19 04:39:12 -07:00
2016-01-10 02:53:28 -08:00
def address_id ( self , address ) :
# Strip the leading "m/"
2016-01-29 22:46:19 -08:00
return BIP44_HW_Wallet . address_id ( self , address ) [ 2 : ]
2014-08-24 10:44:26 -07:00
def get_public_key ( self , bip32_path ) :
2016-01-10 21:23:35 -08:00
# bip32_path is of the form 44'/0'/1'
# S-L-O-W - we don't handle the fingerprint directly, so compute
# it manually from the previous node
2014-08-24 10:44:26 -07:00
# This only happens once so it's bearable
2015-07-04 00:45:08 -07:00
self . get_client ( ) # prompt for the PIN before displaying the dialog if necessary
2016-01-10 21:38:45 -08:00
self . handler . show_message ( " Computing master public key " )
2015-07-04 00:45:08 -07:00
try :
2014-08-24 10:44:26 -07:00
splitPath = bip32_path . split ( ' / ' )
2016-01-29 22:46:19 -08:00
if splitPath [ 0 ] == ' m ' :
splitPath = splitPath [ 1 : ]
2016-01-30 00:44:19 -08:00
bip32_path = bip32_path [ 2 : ]
2015-07-04 00:45:08 -07:00
fingerprint = 0
2014-08-24 10:44:26 -07:00
if len ( splitPath ) > 1 :
prevPath = " / " . join ( splitPath [ 0 : len ( splitPath ) - 1 ] )
nodeData = self . get_client ( ) . getWalletPublicKey ( prevPath )
publicKey = compress_public_key ( nodeData [ ' publicKey ' ] )
h = hashlib . new ( ' ripemd160 ' )
h . update ( hashlib . sha256 ( publicKey ) . digest ( ) )
2015-07-04 00:45:08 -07:00
fingerprint = unpack ( " >I " , h . digest ( ) [ 0 : 4 ] ) [ 0 ]
2014-08-24 10:44:26 -07:00
nodeData = self . get_client ( ) . getWalletPublicKey ( bip32_path )
publicKey = compress_public_key ( nodeData [ ' publicKey ' ] )
depth = len ( splitPath )
lastChild = splitPath [ len ( splitPath ) - 1 ] . split ( ' \' ' )
if len ( lastChild ) == 1 :
childnum = int ( lastChild [ 0 ] )
else :
2015-07-04 00:45:08 -07:00
childnum = 0x80000000 | int ( lastChild [ 0 ] )
2014-08-24 10:44:26 -07:00
xpub = " 0488B21E " . decode ( ' hex ' ) + chr ( depth ) + self . i4b ( fingerprint ) + self . i4b ( childnum ) + str ( nodeData [ ' chainCode ' ] ) + str ( publicKey )
except Exception , e :
2014-09-19 04:39:12 -07:00
self . give_error ( e , True )
2014-08-24 10:44:26 -07:00
finally :
2016-01-29 22:46:19 -08:00
self . handler . clear_dialog ( )
2014-08-24 10:44:26 -07:00
return EncodeBase58Check ( xpub )
def decrypt_message ( self , pubkey , message , password ) :
2014-09-19 04:39:12 -07:00
self . give_error ( " Not supported " )
2014-08-24 10:44:26 -07:00
def sign_message ( self , address , message , password ) :
2014-08-28 15:38:16 -07:00
use2FA = False
2015-01-31 17:29:21 -08:00
self . signing = True
2016-01-10 22:08:12 -08:00
# prompt for the PIN before displaying the dialog if necessary
client = self . get_client ( )
2014-08-26 04:04:38 -07:00
if not self . check_proper_device ( ) :
2015-07-04 00:45:08 -07:00
self . give_error ( ' Wrong device or password ' )
2014-08-24 10:44:26 -07:00
address_path = self . address_id ( address )
2016-01-10 21:38:45 -08:00
self . handler . show_message ( " Signing message ... " )
2014-08-24 10:44:26 -07:00
try :
info = self . get_client ( ) . signMessagePrepare ( address_path , message )
pin = " "
2015-07-04 00:45:08 -07:00
if info [ ' confirmationNeeded ' ] :
2014-08-24 10:44:26 -07:00
# TODO : handle different confirmation types. For the time being only supports keyboard 2FA
2014-08-28 15:38:16 -07:00
use2FA = True
2014-08-24 10:44:26 -07:00
confirmed , p , pin = self . password_dialog ( )
if not confirmed :
2014-08-28 15:38:16 -07:00
raise Exception ( ' Aborted by user ' )
2014-08-24 10:44:26 -07:00
pin = pin . encode ( )
2016-01-10 22:08:12 -08:00
client . bad = True
2014-09-20 15:49:36 -07:00
self . device_checked = False
2016-01-29 22:46:19 -08:00
self . plugin . get_client ( self , True , True )
2014-08-24 10:44:26 -07:00
signature = self . get_client ( ) . signMessageSign ( pin )
2015-02-23 07:30:33 -08:00
except BTChipException , e :
2015-01-31 17:29:21 -08:00
if e . sw == 0x6a80 :
2015-08-14 04:34:22 -07:00
self . give_error ( " Unfortunately, this message cannot be signed by the Ledger wallet. Only alphanumerical messages shorter than 140 characters are supported. Please remove any extra characters (tab, carriage return) and retry. " )
2015-07-04 00:45:08 -07:00
else :
self . give_error ( e , True )
2015-02-23 07:30:33 -08:00
except Exception , e :
self . give_error ( e , True )
2014-08-24 10:44:26 -07:00
finally :
2016-01-29 22:46:19 -08:00
self . handler . clear_dialog ( )
2016-01-10 22:08:12 -08:00
client . bad = use2FA
2015-01-31 17:29:21 -08:00
self . signing = False
2014-08-24 10:44:26 -07:00
# Parse the ASN.1 signature
rLength = signature [ 3 ]
r = signature [ 4 : 4 + rLength ]
sLength = signature [ 4 + rLength + 1 ]
s = signature [ 4 + rLength + 2 : ]
if rLength == 33 :
r = r [ 1 : ]
if sLength == 33 :
s = s [ 1 : ]
r = str ( r )
s = str ( s )
# And convert it
2015-07-14 07:37:04 -07:00
return chr ( 27 + 4 + ( signature [ 0 ] & 0x01 ) ) + r + s
2014-08-24 10:44:26 -07:00
2014-10-30 13:10:12 -07:00
def sign_transaction ( self , tx , password ) :
2014-10-24 01:53:09 -07:00
if tx . is_complete ( ) :
2014-09-19 04:39:12 -07:00
return
2016-01-27 11:47:49 -08:00
client = self . get_client ( )
2015-07-04 00:45:08 -07:00
self . signing = True
2014-08-24 10:44:26 -07:00
inputs = [ ]
inputsPaths = [ ]
pubKeys = [ ]
trustedInputs = [ ]
2015-07-04 00:45:08 -07:00
redeemScripts = [ ]
2014-08-24 10:44:26 -07:00
signatures = [ ]
preparedTrustedInputs = [ ]
2015-07-04 00:45:08 -07:00
changePath = " "
2014-08-24 10:44:26 -07:00
changeAmount = None
output = None
outputAmount = None
use2FA = False
2014-08-27 14:19:14 -07:00
pin = " "
2015-06-14 02:25:26 -07:00
rawTx = tx . serialize ( )
2014-08-24 10:44:26 -07:00
# Fetch inputs of the transaction to sign
2016-01-27 07:54:28 -08:00
for txinput in tx . inputs ( ) :
2014-08-24 10:44:26 -07:00
if ( ' is_coinbase ' in txinput and txinput [ ' is_coinbase ' ] ) :
2014-09-19 04:39:12 -07:00
self . give_error ( " Coinbase not supported " ) # should never happen
2015-07-04 00:45:08 -07:00
inputs . append ( [ self . transactions [ txinput [ ' prevout_hash ' ] ] . raw ,
txinput [ ' prevout_n ' ] ] )
2014-08-24 10:44:26 -07:00
address = txinput [ ' address ' ]
inputsPaths . append ( self . address_id ( address ) )
pubKeys . append ( self . get_public_keys ( address ) )
# Recognize outputs - only one output and one change is authorized
2016-01-17 05:12:57 -08:00
if len ( tx . outputs ( ) ) > 2 : # should never happen
2014-09-19 04:39:12 -07:00
self . give_error ( " Transaction with more than 2 outputs not supported " )
2016-01-17 05:12:57 -08:00
for type , address , amount in tx . outputs ( ) :
2016-01-14 08:15:50 -08:00
assert type == TYPE_ADDRESS
2014-08-24 10:44:26 -07:00
if self . is_change ( address ) :
changePath = self . address_id ( address )
changeAmount = amount
else :
if output < > None : # should never happen
2014-09-19 04:39:12 -07:00
self . give_error ( " Multiple outputs with no change not supported " )
2014-08-24 10:44:26 -07:00
output = address
outputAmount = amount
self . get_client ( ) # prompt for the PIN before displaying the dialog if necessary
if not self . check_proper_device ( ) :
2014-09-19 04:39:12 -07:00
self . give_error ( ' Wrong device or password ' )
2014-08-24 10:44:26 -07:00
2016-01-10 21:38:45 -08:00
self . handler . show_message ( " Signing Transaction ... " )
2014-08-24 10:44:26 -07:00
try :
# Get trusted inputs from the original transactions
for utxo in inputs :
2015-07-04 00:45:08 -07:00
txtmp = bitcoinTransaction ( bytearray ( utxo [ 0 ] . decode ( ' hex ' ) ) )
2014-08-24 10:44:26 -07:00
trustedInputs . append ( self . get_client ( ) . getTrustedInput ( txtmp , utxo [ 1 ] ) )
# TODO : Support P2SH later
redeemScripts . append ( txtmp . outputs [ utxo [ 1 ] ] . script )
# Sign all inputs
firstTransaction = True
inputIndex = 0
while inputIndex < len ( inputs ) :
2015-07-04 00:45:08 -07:00
self . get_client ( ) . startUntrustedTransaction ( firstTransaction , inputIndex ,
2014-08-24 10:44:26 -07:00
trustedInputs , redeemScripts [ inputIndex ] )
2015-07-04 00:45:08 -07:00
outputData = self . get_client ( ) . finalizeInput ( output , format_satoshis_plain ( outputAmount ) ,
2015-06-23 15:39:39 -07:00
format_satoshis_plain ( self . get_tx_fee ( tx ) ) , changePath , bytearray ( rawTx . decode ( ' hex ' ) ) )
2014-08-24 10:44:26 -07:00
if firstTransaction :
transactionOutput = outputData [ ' outputData ' ]
2015-09-03 17:07:18 -07:00
if outputData [ ' confirmationNeeded ' ] :
2014-08-24 10:44:26 -07:00
# TODO : handle different confirmation types. For the time being only supports keyboard 2FA
2016-01-29 22:46:19 -08:00
self . handler . clear_dialog ( )
2015-06-14 02:25:26 -07:00
if ' keycardData ' in outputData :
pin2 = " "
for keycardIndex in range ( len ( outputData [ ' keycardData ' ] ) ) :
msg = " Do not enter your device PIN here ! \r \n \r \n " + \
2015-08-14 04:34:22 -07:00
" Your Ledger Wallet wants to talk to you and tell you a unique second factor code. \r \n " + \
2015-06-14 02:25:26 -07:00
" For this to work, please match the character between stars of the output address using your security card \r \n \r \n " + \
2015-07-04 00:45:08 -07:00
" Output address : "
2015-06-14 02:25:26 -07:00
for index in range ( len ( output ) ) :
if index == outputData [ ' keycardData ' ] [ keycardIndex ] :
msg = msg + " * " + output [ index ] + " * "
else :
msg = msg + output [ index ]
2015-07-04 00:45:08 -07:00
msg = msg + " \r \n "
2015-06-14 02:25:26 -07:00
confirmed , p , pin = self . password_dialog ( msg )
if not confirmed :
2015-07-04 00:45:08 -07:00
raise Exception ( ' Aborted by user ' )
2015-06-14 02:25:26 -07:00
try :
pin2 = pin2 + chr ( int ( pin [ 0 ] , 16 ) )
except :
raise Exception ( ' Invalid PIN character ' )
pin = pin2
else :
2015-07-05 13:14:53 -07:00
use2FA = True
2015-06-14 02:25:26 -07:00
confirmed , p , pin = self . password_dialog ( )
if not confirmed :
2015-07-04 00:45:08 -07:00
raise Exception ( ' Aborted by user ' )
2015-06-14 02:25:26 -07:00
pin = pin . encode ( )
2016-01-10 22:08:12 -08:00
client . bad = True
2015-06-24 23:17:45 -07:00
self . device_checked = False
2016-01-29 22:46:19 -08:00
self . plugin . get_client ( self , True , True )
2016-01-10 21:38:45 -08:00
self . handler . show_message ( " Signing ... " )
2014-08-24 10:44:26 -07:00
else :
# Sign input with the provided PIN
2014-08-27 14:19:14 -07:00
inputSignature = self . get_client ( ) . untrustedHashSign ( inputsPaths [ inputIndex ] ,
pin )
inputSignature [ 0 ] = 0x30 # force for 1.4.9+
signatures . append ( inputSignature )
2014-08-24 10:44:26 -07:00
inputIndex = inputIndex + 1
firstTransaction = False
except Exception , e :
2014-09-19 04:39:12 -07:00
self . give_error ( e , True )
2014-08-24 10:44:26 -07:00
finally :
2016-01-29 22:46:19 -08:00
self . handler . clear_dialog ( )
2014-08-24 10:44:26 -07:00
# Reformat transaction
inputIndex = 0
while inputIndex < len ( inputs ) :
# TODO : Support P2SH later
2015-07-04 00:45:08 -07:00
inputScript = get_regular_input_script ( signatures [ inputIndex ] , pubKeys [ inputIndex ] [ 0 ] . decode ( ' hex ' ) )
2014-08-24 10:44:26 -07:00
preparedTrustedInputs . append ( [ trustedInputs [ inputIndex ] [ ' value ' ] , inputScript ] )
inputIndex = inputIndex + 1
updatedTransaction = format_transaction ( transactionOutput , preparedTrustedInputs )
updatedTransaction = hexlify ( updatedTransaction )
tx . update ( updatedTransaction )
2016-01-10 22:08:12 -08:00
client . bad = use2FA
2014-09-19 04:39:12 -07:00
self . signing = False
2014-08-24 10:44:26 -07:00
def check_proper_device ( self ) :
pubKey = DecodeBase58Check ( self . master_public_keys [ " x/0 ' " ] ) [ 45 : ]
if not self . device_checked :
2016-01-10 21:38:45 -08:00
self . handler . show_message ( " Checking device " )
2014-08-24 10:44:26 -07:00
try :
nodeData = self . get_client ( ) . getWalletPublicKey ( " 44 ' /0 ' /0 ' " )
except Exception , e :
2014-09-19 04:39:12 -07:00
self . give_error ( e , True )
2014-08-24 10:44:26 -07:00
finally :
2016-01-29 22:46:19 -08:00
self . handler . clear_dialog ( )
2014-08-24 10:44:26 -07:00
pubKeyDevice = compress_public_key ( nodeData [ ' publicKey ' ] )
self . device_checked = True
if pubKey != pubKeyDevice :
self . proper_device = False
else :
self . proper_device = True
return self . proper_device
def password_dialog ( self , msg = None ) :
if not msg :
2014-09-19 04:39:12 -07:00
msg = _ ( " Do not enter your device PIN here ! \r \n \r \n " \
2015-08-14 04:34:22 -07:00
" Your Ledger Wallet wants to talk to you and tell you a unique second factor code. \r \n " \
2016-01-26 04:20:11 -08:00
" For this to work, please open a text editor " \
" (on a different computer / device if you believe this computer is compromised) " \
" and put your cursor into it, unplug your Ledger Wallet and plug it back in. \r \n " \
" It should show itself to your computer as a keyboard " \
" and output the second factor along with a summary of " \
" the transaction being signed into the text-editor. \r \n \r \n " \
2014-09-19 04:39:12 -07:00
" Check that summary and then enter the second factor code here. \r \n " \
" Before clicking OK, re-plug the device once more (unplug it and plug it again if you read the second factor code on the same computer) " )
2016-01-29 22:46:19 -08:00
response = self . handler . get_word ( msg )
2015-07-05 13:14:53 -07:00
if response is None :
return False , None , None
return True , response , response
2015-11-23 05:15:25 -08:00
2016-01-30 01:33:54 -08:00
class LedgerPlugin ( HW_PluginBase ) :
libraries_available = BTCHIP
2015-12-30 16:51:27 -08:00
wallet_class = BTChipWallet
2015-11-23 05:15:25 -08:00
def __init__ ( self , parent , config , name ) :
2016-01-30 01:33:54 -08:00
HW_PluginBase . __init__ ( self , parent , config , name )
# FIXME shouldn't be a plugin member. Then this constructor can go.
2016-01-10 22:08:12 -08:00
self . client = None
2015-11-23 05:15:25 -08:00
2015-12-30 00:03:26 -08:00
def btchip_is_connected ( self , wallet ) :
2015-11-23 05:15:25 -08:00
try :
2015-12-30 00:03:26 -08:00
wallet . get_client ( ) . getFirmwareVersion ( )
2015-11-23 05:15:25 -08:00
except :
return False
return True
2016-01-29 22:46:19 -08:00
def get_client ( self , wallet , force_pair = True , noPin = False ) :
2016-01-10 22:08:12 -08:00
aborted = False
client = self . client
if not client or client . bad :
try :
d = getDongle ( BTCHIP_DEBUG )
client = btchip ( d )
firmware = client . getFirmwareVersion ( ) [ ' version ' ] . split ( " . " )
if not checkFirmware ( firmware ) :
d . close ( )
try :
updateFirmware ( )
except Exception , e :
aborted = True
raise e
d = getDongle ( BTCHIP_DEBUG )
client = btchip ( d )
try :
client . getOperationMode ( )
except BTChipException , e :
if ( e . sw == 0x6985 ) :
d . close ( )
dialog = StartBTChipPersoDialog ( )
dialog . exec_ ( )
# Then fetch the reference again as it was invalidated
d = getDongle ( BTCHIP_DEBUG )
client = btchip ( d )
else :
raise e
if not noPin :
# Immediately prompts for the PIN
remaining_attempts = client . getVerifyPinRemainingAttempts ( )
if remaining_attempts < > 1 :
msg = " Enter your Ledger PIN - remaining attempts : " + str ( remaining_attempts )
else :
msg = " Enter your Ledger PIN - WARNING : LAST ATTEMPT. If the PIN is not correct, the dongle will be wiped. "
confirmed , p , pin = wallet . password_dialog ( msg )
if not confirmed :
aborted = True
raise Exception ( ' Aborted by user - please unplug the dongle and plug it again before retrying ' )
pin = pin . encode ( )
client . verifyPin ( pin )
except BTChipException , e :
try :
client . dongle . close ( )
except :
pass
client = None
if ( e . sw == 0x6faa ) :
raise Exception ( " Dongle is temporarily locked - please unplug it and replug it again " )
if ( ( e . sw & 0xFFF0 ) == 0x63c0 ) :
raise Exception ( " Invalid PIN - please unplug the dongle and plug it again before retrying " )
raise e
except Exception , e :
try :
client . dongle . close ( )
except :
pass
client = None
if not aborted :
raise Exception ( " Could not connect to your Ledger wallet. Please verify access permissions, PIN, or unplug the dongle and plug it again " )
else :
raise e
client . bad = False
wallet . device_checked = False
wallet . proper_device = False
self . client = client
return self . client
