Merge pull request #2996 from benma/mobile_pairing
digitalbitbox: import mobile pairing config
This commit is contained in:
commit
f1792d1b13
|
@ -5,7 +5,8 @@
|
||||||
|
|
||||||
try:
|
try:
|
||||||
import electrum
|
import electrum
|
||||||
from electrum.bitcoin import TYPE_ADDRESS, var_int, msg_magic, Hash, verify_message, pubkey_from_signature, point_to_ser, public_key_to_p2pkh, EncodeAES, DecodeAES, MyVerifyingKey
|
from electrum.bitcoin import TYPE_ADDRESS, push_script, var_int, msg_magic, Hash, verify_message, pubkey_from_signature, point_to_ser, public_key_to_p2pkh, EncodeAES, DecodeAES, MyVerifyingKey
|
||||||
|
from electrum.transaction import Transaction
|
||||||
from electrum.i18n import _
|
from electrum.i18n import _
|
||||||
from electrum.keystore import Hardware_KeyStore
|
from electrum.keystore import Hardware_KeyStore
|
||||||
from ..hw_wallet import HW_PluginBase
|
from ..hw_wallet import HW_PluginBase
|
||||||
|
@ -18,6 +19,10 @@ try:
|
||||||
import binascii
|
import binascii
|
||||||
import struct
|
import struct
|
||||||
import hashlib
|
import hashlib
|
||||||
|
import requests
|
||||||
|
import base64
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
from ecdsa.ecdsa import generator_secp256k1
|
from ecdsa.ecdsa import generator_secp256k1
|
||||||
from ecdsa.util import sigencode_der
|
from ecdsa.util import sigencode_der
|
||||||
from ecdsa.curves import SECP256k1
|
from ecdsa.curves import SECP256k1
|
||||||
|
@ -36,7 +41,8 @@ def to_hexstr(s):
|
||||||
|
|
||||||
class DigitalBitbox_Client():
|
class DigitalBitbox_Client():
|
||||||
|
|
||||||
def __init__(self, hidDevice):
|
def __init__(self, plugin, hidDevice):
|
||||||
|
self.plugin = plugin
|
||||||
self.dbb_hid = hidDevice
|
self.dbb_hid = hidDevice
|
||||||
self.opened = True
|
self.opened = True
|
||||||
self.password = None
|
self.password = None
|
||||||
|
@ -73,13 +79,15 @@ class DigitalBitbox_Client():
|
||||||
def is_paired(self):
|
def is_paired(self):
|
||||||
return self.password is not None
|
return self.password is not None
|
||||||
|
|
||||||
|
def _get_xpub(self, bip32_path):
|
||||||
|
if self.check_device_dialog():
|
||||||
|
return self.hid_send_encrypt(b'{"xpub": "%s"}' % bip32_path.encode('utf8'))
|
||||||
|
|
||||||
|
|
||||||
def get_xpub(self, bip32_path):
|
def get_xpub(self, bip32_path):
|
||||||
if self.check_device_dialog():
|
reply = self._get_xpub(bip32_path)
|
||||||
msg = b'{"xpub": "%s"}' % bip32_path.encode('utf8')
|
if reply:
|
||||||
reply = self.hid_send_encrypt(msg)
|
|
||||||
return reply['xpub']
|
return reply['xpub']
|
||||||
return None
|
|
||||||
|
|
||||||
|
|
||||||
def dbb_has_password(self):
|
def dbb_has_password(self):
|
||||||
|
@ -165,7 +173,7 @@ class DigitalBitbox_Client():
|
||||||
self.recover_or_erase_dialog() # Already seeded
|
self.recover_or_erase_dialog() # Already seeded
|
||||||
else:
|
else:
|
||||||
self.seed_device_dialog() # Seed if not initialized
|
self.seed_device_dialog() # Seed if not initialized
|
||||||
|
self.mobile_pairing_dialog()
|
||||||
return self.isInitialized
|
return self.isInitialized
|
||||||
|
|
||||||
|
|
||||||
|
@ -186,7 +194,9 @@ class DigitalBitbox_Client():
|
||||||
if not self.dbb_load_backup():
|
if not self.dbb_load_backup():
|
||||||
return
|
return
|
||||||
else:
|
else:
|
||||||
pass # Use existing seed
|
if self.hid_send_encrypt(b'{"device":"info"}')['device']['lock']:
|
||||||
|
raise Exception("Full 2FA enabled. This is not supported yet.")
|
||||||
|
# Use existing seed
|
||||||
self.isInitialized = True
|
self.isInitialized = True
|
||||||
|
|
||||||
|
|
||||||
|
@ -207,6 +217,45 @@ class DigitalBitbox_Client():
|
||||||
return
|
return
|
||||||
self.isInitialized = True
|
self.isInitialized = True
|
||||||
|
|
||||||
|
def mobile_pairing_dialog(self):
|
||||||
|
dbb_user_dir = None
|
||||||
|
if sys.platform == 'darwin':
|
||||||
|
dbb_user_dir = os.path.join(os.environ.get("HOME", ""), "Library", "Application Support", "DBB")
|
||||||
|
elif sys.platform == 'win32':
|
||||||
|
dbb_user_dir = os.path.join(os.environ["APPDATA"], "DBB")
|
||||||
|
else:
|
||||||
|
dbb_user_dir = os.path.join(os.environ["HOME"], ".dbb")
|
||||||
|
|
||||||
|
if not dbb_user_dir:
|
||||||
|
return
|
||||||
|
|
||||||
|
try:
|
||||||
|
with open(os.path.join(dbb_user_dir, "config.dat")) as f:
|
||||||
|
dbb_config = json.load(f)
|
||||||
|
except (FileNotFoundError, json.JSONDecodeError):
|
||||||
|
return
|
||||||
|
|
||||||
|
if 'encryptionprivkey' not in dbb_config or 'comserverchannelid' not in dbb_config:
|
||||||
|
return
|
||||||
|
|
||||||
|
choices = [
|
||||||
|
_('Do not pair'),
|
||||||
|
_('Import pairing from the digital bitbox desktop app'),
|
||||||
|
]
|
||||||
|
try:
|
||||||
|
reply = self.handler.win.query_choice(_('Mobile pairing options'), choices)
|
||||||
|
except Exception:
|
||||||
|
return # Back button pushed
|
||||||
|
|
||||||
|
if reply == 0:
|
||||||
|
if self.plugin.is_mobile_paired():
|
||||||
|
del self.plugin.digitalbitbox_config['encryptionprivkey']
|
||||||
|
del self.plugin.digitalbitbox_config['comserverchannelid']
|
||||||
|
elif reply == 1:
|
||||||
|
# import pairing from dbb app
|
||||||
|
self.plugin.digitalbitbox_config['encryptionprivkey'] = dbb_config['encryptionprivkey']
|
||||||
|
self.plugin.digitalbitbox_config['comserverchannelid'] = dbb_config['comserverchannelid']
|
||||||
|
self.plugin.config.set_key('digitalbitbox', self.plugin.digitalbitbox_config)
|
||||||
|
|
||||||
def dbb_generate_wallet(self):
|
def dbb_generate_wallet(self):
|
||||||
key = self.stretch_key(self.password)
|
key = self.stretch_key(self.password)
|
||||||
|
@ -452,8 +501,7 @@ class DigitalBitbox_KeyStore(Hardware_KeyStore):
|
||||||
if txinput['type'] != 'p2sh':
|
if txinput['type'] != 'p2sh':
|
||||||
self.give_error("P2SH / regular input mixed in same transaction not supported") # should never happen
|
self.give_error("P2SH / regular input mixed in same transaction not supported") # should never happen
|
||||||
|
|
||||||
# Build pubkeyarray from outputs (unused because echo for smart verification not implemented)
|
# Build pubkeyarray from outputs
|
||||||
if not p2shTransaction:
|
|
||||||
for _type, address, amount in tx.outputs():
|
for _type, address, amount in tx.outputs():
|
||||||
assert _type == TYPE_ADDRESS
|
assert _type == TYPE_ADDRESS
|
||||||
info = tx.output_info.get(address)
|
info = tx.output_info.get(address)
|
||||||
|
@ -464,6 +512,18 @@ class DigitalBitbox_KeyStore(Hardware_KeyStore):
|
||||||
pubkeyarray_i = {'pubkey': changePubkey, 'keypath': changePath}
|
pubkeyarray_i = {'pubkey': changePubkey, 'keypath': changePath}
|
||||||
pubkeyarray.append(pubkeyarray_i)
|
pubkeyarray.append(pubkeyarray_i)
|
||||||
|
|
||||||
|
# Special serialization of the unsigned transaction for
|
||||||
|
# the mobile verification app.
|
||||||
|
class CustomTXSerialization(Transaction):
|
||||||
|
@classmethod
|
||||||
|
def input_script(self, txin, estimate_size=False):
|
||||||
|
if txin['type'] == 'p2pkh':
|
||||||
|
return Transaction.get_preimage_script(txin)
|
||||||
|
if txin['type'] == 'p2sh':
|
||||||
|
return '00' + push_script(Transaction.get_preimage_script(txin))
|
||||||
|
raise Exception("unsupported type %s" % txin['type'])
|
||||||
|
tx_dbb_serialized = CustomTXSerialization(tx.serialize()).serialize()
|
||||||
|
|
||||||
# Build sign command
|
# Build sign command
|
||||||
dbb_signatures = []
|
dbb_signatures = []
|
||||||
steps = math.ceil(1.0 * len(hasharray) / self.maxInputs)
|
steps = math.ceil(1.0 * len(hasharray) / self.maxInputs)
|
||||||
|
@ -471,8 +531,7 @@ class DigitalBitbox_KeyStore(Hardware_KeyStore):
|
||||||
hashes = hasharray[step * self.maxInputs : (step + 1) * self.maxInputs]
|
hashes = hasharray[step * self.maxInputs : (step + 1) * self.maxInputs]
|
||||||
|
|
||||||
msg = ('{"sign": {"meta":"%s", "data":%s, "checkpub":%s} }' % \
|
msg = ('{"sign": {"meta":"%s", "data":%s, "checkpub":%s} }' % \
|
||||||
(to_hexstr(Hash(tx.serialize())), json.dumps(hashes), json.dumps(pubkeyarray))).encode('utf8')
|
(to_hexstr(Hash(tx_dbb_serialized)), json.dumps(hashes), json.dumps(pubkeyarray))).encode('utf8')
|
||||||
|
|
||||||
dbb_client = self.plugin.get_client(self)
|
dbb_client = self.plugin.get_client(self)
|
||||||
|
|
||||||
if not dbb_client.is_paired():
|
if not dbb_client.is_paired():
|
||||||
|
@ -485,6 +544,11 @@ class DigitalBitbox_KeyStore(Hardware_KeyStore):
|
||||||
if 'echo' not in reply:
|
if 'echo' not in reply:
|
||||||
raise Exception("Could not sign transaction.")
|
raise Exception("Could not sign transaction.")
|
||||||
|
|
||||||
|
# multisig verification not working correctly yet
|
||||||
|
if self.plugin.is_mobile_paired() and not p2shTransaction:
|
||||||
|
reply['tx'] = tx_dbb_serialized
|
||||||
|
self.plugin.comserver_post_notification(reply)
|
||||||
|
|
||||||
if steps > 1:
|
if steps > 1:
|
||||||
self.handler.show_message(_("Signing large transaction. Please be patient ...\r\n\r\n" \
|
self.handler.show_message(_("Signing large transaction. Please be patient ...\r\n\r\n" \
|
||||||
"To continue, touch the Digital Bitbox's blinking light for 3 seconds. " \
|
"To continue, touch the Digital Bitbox's blinking light for 3 seconds. " \
|
||||||
|
@ -495,7 +559,8 @@ class DigitalBitbox_KeyStore(Hardware_KeyStore):
|
||||||
"To continue, touch the Digital Bitbox's blinking light for 3 seconds.\r\n\r\n" \
|
"To continue, touch the Digital Bitbox's blinking light for 3 seconds.\r\n\r\n" \
|
||||||
"To cancel, briefly touch the blinking light or wait for the timeout."))
|
"To cancel, briefly touch the blinking light or wait for the timeout."))
|
||||||
|
|
||||||
reply = dbb_client.hid_send_encrypt(msg) # Send twice, first returns an echo for smart verification (not implemented)
|
# Send twice, first returns an echo for smart verification
|
||||||
|
reply = dbb_client.hid_send_encrypt(msg)
|
||||||
self.handler.clear_dialog()
|
self.handler.clear_dialog()
|
||||||
|
|
||||||
if 'error' in reply:
|
if 'error' in reply:
|
||||||
|
@ -555,6 +620,8 @@ class DigitalBitboxPlugin(HW_PluginBase):
|
||||||
if self.libraries_available:
|
if self.libraries_available:
|
||||||
self.device_manager().register_devices(self.DEVICE_IDS)
|
self.device_manager().register_devices(self.DEVICE_IDS)
|
||||||
|
|
||||||
|
self.digitalbitbox_config = self.config.get('digitalbitbox', {})
|
||||||
|
|
||||||
|
|
||||||
def get_dbb_device(self, device):
|
def get_dbb_device(self, device):
|
||||||
dev = hid.device()
|
dev = hid.device()
|
||||||
|
@ -567,7 +634,7 @@ class DigitalBitboxPlugin(HW_PluginBase):
|
||||||
self.handler = handler
|
self.handler = handler
|
||||||
client = self.get_dbb_device(device)
|
client = self.get_dbb_device(device)
|
||||||
if client is not None:
|
if client is not None:
|
||||||
client = DigitalBitbox_Client(client)
|
client = DigitalBitbox_Client(self, client)
|
||||||
return client
|
return client
|
||||||
else:
|
else:
|
||||||
return None
|
return None
|
||||||
|
@ -582,6 +649,24 @@ class DigitalBitboxPlugin(HW_PluginBase):
|
||||||
client.get_xpub("m/44'/0'")
|
client.get_xpub("m/44'/0'")
|
||||||
|
|
||||||
|
|
||||||
|
def is_mobile_paired(self):
|
||||||
|
return 'encryptionprivkey' in self.digitalbitbox_config
|
||||||
|
|
||||||
|
|
||||||
|
def comserver_post_notification(self, payload):
|
||||||
|
assert self.is_mobile_paired(), "unexpected mobile pairing error"
|
||||||
|
url = 'https://digitalbitbox.com/smartverification/index.php'
|
||||||
|
key_s = base64.b64decode(self.digitalbitbox_config['encryptionprivkey'])
|
||||||
|
args = 'c=data&s=0&dt=0&uuid=%s&pl=%s' % (
|
||||||
|
self.digitalbitbox_config['comserverchannelid'],
|
||||||
|
EncodeAES(key_s, json.dumps(payload).encode('ascii')).decode('ascii'),
|
||||||
|
)
|
||||||
|
try:
|
||||||
|
requests.post(url, args)
|
||||||
|
except Exception as e:
|
||||||
|
self.handler.show_error(str(e))
|
||||||
|
|
||||||
|
|
||||||
def get_xpub(self, device_id, derivation, wizard):
|
def get_xpub(self, device_id, derivation, wizard):
|
||||||
devmgr = self.device_manager()
|
devmgr = self.device_manager()
|
||||||
client = devmgr.client_by_id(device_id)
|
client = devmgr.client_by_id(device_id)
|
||||||
|
|
|
@ -2,6 +2,10 @@ from PyQt5.QtWidgets import (QInputDialog, QLineEdit)
|
||||||
from ..hw_wallet.qt import QtHandlerBase, QtPluginBase
|
from ..hw_wallet.qt import QtHandlerBase, QtPluginBase
|
||||||
from .digitalbitbox import DigitalBitboxPlugin
|
from .digitalbitbox import DigitalBitboxPlugin
|
||||||
|
|
||||||
|
from electrum.i18n import _
|
||||||
|
from electrum.plugins import hook
|
||||||
|
from electrum.wallet import Wallet, Standard_Wallet
|
||||||
|
from electrum.bitcoin import EncodeAES
|
||||||
|
|
||||||
class Plugin(DigitalBitboxPlugin, QtPluginBase):
|
class Plugin(DigitalBitboxPlugin, QtPluginBase):
|
||||||
icon_unpaired = ":icons/digitalbitbox_unpaired.png"
|
icon_unpaired = ":icons/digitalbitbox_unpaired.png"
|
||||||
|
@ -10,6 +14,31 @@ class Plugin(DigitalBitboxPlugin, QtPluginBase):
|
||||||
def create_handler(self, window):
|
def create_handler(self, window):
|
||||||
return DigitalBitbox_Handler(window)
|
return DigitalBitbox_Handler(window)
|
||||||
|
|
||||||
|
@hook
|
||||||
|
def receive_menu(self, menu, addrs, wallet):
|
||||||
|
if type(wallet) is not Standard_Wallet:
|
||||||
|
return
|
||||||
|
|
||||||
|
keystore = wallet.get_keystore()
|
||||||
|
if type(keystore) is not self.keystore_class:
|
||||||
|
return
|
||||||
|
|
||||||
|
if not self.is_mobile_paired():
|
||||||
|
return
|
||||||
|
|
||||||
|
if len(addrs) == 1:
|
||||||
|
def show_address():
|
||||||
|
change, index = wallet.get_address_index(addrs[0])
|
||||||
|
keypath = '%s/%d/%d' % (keystore.derivation, change, index)
|
||||||
|
xpub = self.get_client(keystore)._get_xpub(keypath)
|
||||||
|
verify_request_payload = {
|
||||||
|
"type": 'p2pkh',
|
||||||
|
"echo": xpub['echo'],
|
||||||
|
}
|
||||||
|
self.comserver_post_notification(verify_request_payload)
|
||||||
|
|
||||||
|
menu.addAction(_("Show on %s") % self.device, show_address)
|
||||||
|
|
||||||
|
|
||||||
class DigitalBitbox_Handler(QtHandlerBase):
|
class DigitalBitbox_Handler(QtHandlerBase):
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue