zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
317 Commits
183 Branches
291 MiB
Tree: e552d344e3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e552d344e3'
${ noResults }
tendermint/ledger_secp256k1.go

146 lines
4.3 KiB
Raw Normal View History

Ledger integration, WIP
7 years ago
Update to latest upstream, debugging information
7 years ago
Ledger integration, WIP
7 years ago
Fix testcases, all looks OK
7 years ago
Ledger integration, WIP
7 years ago
Clarify function names
7 years ago
Update to new Ledger API in progress
7 years ago
Ledger integration, WIP
7 years ago
Move TODOs to #114
7 years ago
Ledger integration, WIP
7 years ago
Fix testcases, all looks OK
7 years ago
Move TODOs to #114
7 years ago
Prevent unnecessary signatures, improve error messages
7 years ago
Clarify function names
7 years ago
Update to new Ledger API in progress
7 years ago
Prevent unnecessary signatures, improve error messages
7 years ago
Move TODOs to #114
7 years ago
Ledger integration, WIP
7 years ago
Update to new Ledger API in progress
7 years ago
Ledger integration, WIP
7 years ago
Update to new Ledger API in progress
7 years ago
Ledger integration, WIP
7 years ago
Update to latest upstream, debugging information
7 years ago
Ledger integration, WIP
7 years ago
Move TODOs to #114
7 years ago
Ledger integration, WIP
7 years ago
Unify local and external keys in keybase interface (#117) * Return errors on priv.Sign(), priv.PubKey() * Add CreateLedger, CreateOffline * Add switch on .Sign() for Ledger wallets * Add offline signing switch on .Sign() * Use MustUnmarshalBinaryBare() * Add confirmation to delete offline/Ledger keys * Lowercase error message * Add human-readable .GetType() function to Info interface * Rename CryptoAlgo => SignAlgo * assert.Nil(t, err) => assert.NoError(t, err)
7 years ago
Ledger integration, WIP
7 years ago
Unify local and external keys in keybase interface (#117) * Return errors on priv.Sign(), priv.PubKey() * Add CreateLedger, CreateOffline * Add switch on .Sign() for Ledger wallets * Add offline signing switch on .Sign() * Use MustUnmarshalBinaryBare() * Add confirmation to delete offline/Ledger keys * Lowercase error message * Add human-readable .GetType() function to Info interface * Rename CryptoAlgo => SignAlgo * assert.Nil(t, err) => assert.NoError(t, err)
7 years ago
Ledger integration, WIP
7 years ago
Unify local and external keys in keybase interface (#117) * Return errors on priv.Sign(), priv.PubKey() * Add CreateLedger, CreateOffline * Add switch on .Sign() for Ledger wallets * Add offline signing switch on .Sign() * Use MustUnmarshalBinaryBare() * Add confirmation to delete offline/Ledger keys * Lowercase error message * Add human-readable .GetType() function to Info interface * Rename CryptoAlgo => SignAlgo * assert.Nil(t, err) => assert.NoError(t, err)
7 years ago
Ledger integration, WIP
7 years ago
Clarify function names
7 years ago
Prevent unnecessary signatures, improve error messages
7 years ago
Unify local and external keys in keybase interface (#117) * Return errors on priv.Sign(), priv.PubKey() * Add CreateLedger, CreateOffline * Add switch on .Sign() for Ledger wallets * Add offline signing switch on .Sign() * Use MustUnmarshalBinaryBare() * Add confirmation to delete offline/Ledger keys * Lowercase error message * Add human-readable .GetType() function to Info interface * Rename CryptoAlgo => SignAlgo * assert.Nil(t, err) => assert.NoError(t, err)
7 years ago
Prevent unnecessary signatures, improve error messages
7 years ago
Clarify function names
7 years ago
Ledger integration, WIP
7 years ago
Unify local and external keys in keybase interface (#117) * Return errors on priv.Sign(), priv.PubKey() * Add CreateLedger, CreateOffline * Add switch on .Sign() for Ledger wallets * Add offline signing switch on .Sign() * Use MustUnmarshalBinaryBare() * Add confirmation to delete offline/Ledger keys * Lowercase error message * Add human-readable .GetType() function to Info interface * Rename CryptoAlgo => SignAlgo * assert.Nil(t, err) => assert.NoError(t, err)
7 years ago
Ledger integration, WIP
7 years ago
Unify local and external keys in keybase interface (#117) * Return errors on priv.Sign(), priv.PubKey() * Add CreateLedger, CreateOffline * Add switch on .Sign() for Ledger wallets * Add offline signing switch on .Sign() * Use MustUnmarshalBinaryBare() * Add confirmation to delete offline/Ledger keys * Lowercase error message * Add human-readable .GetType() function to Info interface * Rename CryptoAlgo => SignAlgo * assert.Nil(t, err) => assert.NoError(t, err)
7 years ago
Ledger integration, WIP
7 years ago
Unify local and external keys in keybase interface (#117) * Return errors on priv.Sign(), priv.PubKey() * Add CreateLedger, CreateOffline * Add switch on .Sign() for Ledger wallets * Add offline signing switch on .Sign() * Use MustUnmarshalBinaryBare() * Add confirmation to delete offline/Ledger keys * Lowercase error message * Add human-readable .GetType() function to Info interface * Rename CryptoAlgo => SignAlgo * assert.Nil(t, err) => assert.NoError(t, err)
7 years ago
Ledger integration, WIP
7 years ago
Unify local and external keys in keybase interface (#117) * Return errors on priv.Sign(), priv.PubKey() * Add CreateLedger, CreateOffline * Add switch on .Sign() for Ledger wallets * Add offline signing switch on .Sign() * Use MustUnmarshalBinaryBare() * Add confirmation to delete offline/Ledger keys * Lowercase error message * Add human-readable .GetType() function to Info interface * Rename CryptoAlgo => SignAlgo * assert.Nil(t, err) => assert.NoError(t, err)
7 years ago
Ledger integration, WIP
7 years ago
Move TODOs to #114
7 years ago
Ledger integration, WIP
7 years ago
Clarify function names
7 years ago
Ledger integration, WIP
7 years ago
Move TODOs to #114
7 years ago
Ledger integration, WIP
7 years ago
 
  1. package crypto
  2. 

  3. import (
  4. 	"fmt"
  5. 

  6. 	secp256k1 "github.com/btcsuite/btcd/btcec"
  7. 	ledger "github.com/zondax/ledger-goclient"
  8. )
  9. 

  10. func pubkeyLedgerSecp256k1(device *ledger.Ledger, path DerivationPath) (pub PubKey, err error) {
  11. 	key, err := device.GetPublicKeySECP256K1(path)
  12. 	if err != nil {
  13. 		return nil, fmt.Errorf("error fetching public key: %v", err)
  14. 	}
  15. 	var p PubKeySecp256k1
  16. 	// Reserialize in the 33-byte compressed format

  17. 	cmp, err := secp256k1.ParsePubKey(key[:], secp256k1.S256())
  18. 	copy(p[:], cmp.SerializeCompressed())
  19. 	pub = p
  20. 	return
  21. }
  22. 

  23. func signLedgerSecp256k1(device *ledger.Ledger, path DerivationPath, msg []byte) (sig Signature, err error) {
  24. 	bsig, err := device.SignSECP256K1(path, msg)
  25. 	if err != nil {
  26. 		return sig, err
  27. 	}
  28. 	sig = SignatureSecp256k1FromBytes(bsig)
  29. 	return
  30. }
  31. 

  32. // PrivKeyLedgerSecp256k1 implements PrivKey, calling the ledger nano

  33. // we cache the PubKey from the first call to use it later

  34. type PrivKeyLedgerSecp256k1 struct {
  35. 	// PubKey should be private, but we want to encode it via go-amino

  36. 	// so we can view the address later, even without having the ledger

  37. 	// attached

  38. 	CachedPubKey PubKey
  39. 	Path         DerivationPath
  40. }
  41. 

  42. // NewPrivKeyLedgerSecp256k1 will generate a new key and store the

  43. // public key for later use.

  44. func NewPrivKeyLedgerSecp256k1(path DerivationPath) (PrivKey, error) {
  45. 	var pk PrivKeyLedgerSecp256k1
  46. 	pk.Path = path
  47. 	// getPubKey will cache the pubkey for later use,

  48. 	// this allows us to return an error early if the ledger

  49. 	// is not plugged in

  50. 	_, err := pk.getPubKey()
  51. 	return &pk, err
  52. }
  53. 

  54. // ValidateKey allows us to verify the sanity of a key

  55. // after loading it from disk

  56. func (pk PrivKeyLedgerSecp256k1) ValidateKey() error {
  57. 	// getPubKey will return an error if the ledger is not

  58. 	// properly set up...

  59. 	pub, err := pk.forceGetPubKey()
  60. 	if err != nil {
  61. 		return err
  62. 	}
  63. 	// verify this matches cached address

  64. 	if !pub.Equals(pk.CachedPubKey) {
  65. 		return fmt.Errorf("cached key does not match retrieved key")
  66. 	}
  67. 	return nil
  68. }
  69. 

  70. // AssertIsPrivKeyInner fulfils PrivKey Interface

  71. func (pk *PrivKeyLedgerSecp256k1) AssertIsPrivKeyInner() {}
  72. 

  73. // Bytes fulfils PrivKey Interface - but it stores the cached pubkey so we can verify

  74. // the same key when we reconnect to a ledger

  75. func (pk PrivKeyLedgerSecp256k1) Bytes() []byte {
  76. 	return cdc.MustMarshalBinaryBare(pk)
  77. }
  78. 

  79. // Sign calls the ledger and stores the PubKey for future use

  80. //

  81. // Communication is checked on NewPrivKeyLedger and PrivKeyFromBytes,

  82. // returning an error, so this should only trigger if the privkey is held

  83. // in memory for a while before use.

  84. func (pk PrivKeyLedgerSecp256k1) Sign(msg []byte) (Signature, error) {
  85. 	dev, err := getLedger()
  86. 	if err != nil {
  87. 		return nil, err
  88. 	}
  89. 

  90. 	sig, err := signLedgerSecp256k1(dev, pk.Path, msg)
  91. 	if err != nil {
  92. 		return nil, err
  93. 	}
  94. 

  95. 	pub, err := pubkeyLedgerSecp256k1(dev, pk.Path)
  96. 	if err != nil {
  97. 		return nil, err
  98. 	}
  99. 

  100. 	// if we have no pubkey yet, store it for future queries

  101. 	if pk.CachedPubKey == nil {
  102. 		pk.CachedPubKey = pub
  103. 	} else if !pk.CachedPubKey.Equals(pub) {
  104. 		return nil, fmt.Errorf("stored key does not match signing key")
  105. 	}
  106. 	return sig, nil
  107. }
  108. 

  109. // PubKey returns the stored PubKey

  110. func (pk PrivKeyLedgerSecp256k1) PubKey() (PubKey, error) {
  111. 	return pk.getPubKey()
  112. }
  113. 

  114. // getPubKey reads the pubkey from cache or from the ledger itself

  115. // since this involves IO, it may return an error, which is not exposed

  116. // in the PubKey interface, so this function allows better error handling

  117. func (pk PrivKeyLedgerSecp256k1) getPubKey() (key PubKey, err error) {
  118. 	// if we have no pubkey, set it

  119. 	if pk.CachedPubKey == nil {
  120. 		pk.CachedPubKey, err = pk.forceGetPubKey()
  121. 	}
  122. 	return pk.CachedPubKey, err
  123. }
  124. 

  125. // forceGetPubKey is like getPubKey but ignores any cached key

  126. // and ensures we get it from the ledger itself.

  127. func (pk PrivKeyLedgerSecp256k1) forceGetPubKey() (key PubKey, err error) {
  128. 	dev, err := getLedger()
  129. 	if err != nil {
  130. 		return key, fmt.Errorf("cannot connect to Ledger device - error: %v", err)
  131. 	}
  132. 	key, err = pubkeyLedgerSecp256k1(dev, pk.Path)
  133. 	if err != nil {
  134. 		return key, fmt.Errorf("please open Cosmos app on the Ledger device - error: %v", err)
  135. 	}
  136. 	return key, err
  137. }
  138. 

  139. // Equals fulfils PrivKey Interface - makes sure both keys refer to the

  140. // same

  141. func (pk PrivKeyLedgerSecp256k1) Equals(other PrivKey) bool {
  142. 	if ledger, ok := other.(*PrivKeyLedgerSecp256k1); ok {
  143. 		return pk.CachedPubKey.Equals(ledger.CachedPubKey)
  144. 	}
  145. 	return false
  146. }