/** Change the encryption key of a wallet.
* \param new_key A byte array of #WALLET_ENCRYPTION_KEY_LENGTH bytes
* specifying the new encryption key.
* An encryption key consisting of all zeroes is interpreted
* as meaning "no encryption".
* \return #WALLET_NO_ERROR on success, or one of #WalletErrorsEnum if an
* error occurred.
*/
WalletErrors changeEncryptionKey(uint8_t *new_key)
{
uint8_t old_key[WALLET_ENCRYPTION_KEY_LENGTH];
uint8_t buffer[16];
NonVolatileReturn r;
uint32_t address;
uint32_t end;
if (!wallet_loaded)
{
last_error = WALLET_NOT_THERE;
return last_error;
}
getEncryptionKey(old_key);
r = NV_NO_ERROR;
address = ENCRYPT_START;
end = WALLET_RECORD_LENGTH;
while ((r == NV_NO_ERROR) && (address < end))
{
setEncryptionKey(old_key);
r = encryptedNonVolatileRead(buffer, address, 16);
if (r == NV_NO_ERROR)
{
setEncryptionKey(new_key);
r = encryptedNonVolatileWrite(buffer, address, 16);
nonVolatileFlush();
}
address += 16;
}
setEncryptionKey(new_key);
if (r == NV_NO_ERROR)
{
// Update version and checksum.
if (writeWalletVersion() == NV_NO_ERROR)
{
last_error = writeWalletChecksum();;
}
else
{
last_error = WALLET_WRITE_ERROR;
}
}
else
{
last_error = WALLET_WRITE_ERROR;
}
return last_error;
}
void SessionTreeControl::setEncryptionEvent( wxCommandEvent& evt )
{
std::string selectedAddress = std::string(
GetItemText( GetSelection() ).char_str() );
std::string desc = "Set encryption key for " + selectedAddress;
wxTextEntryDialog dialog( this, _("Enter encryption key"),
wxString( desc.c_str(), wxConvUTF8 ) );
if ( dialog.ShowModal() == wxID_OK )
{
std::string key( dialog.GetValue().char_str() );
setEncryptionKey( selectedAddress, key );
}
}
void N3GetType0Command::processPacket(const QByteArray &packet)
{
inBuffer.append(packet);
if (inBuffer.size() >= type0Size) {
//Verify the packet received
inBuffer = QByteArray::fromHex(inBuffer);
if (verifyType0Record()) {
setEncryptionKey();
emit userDataAvailable(QSharedPointer<N3GetType0CommandResult>(new N3GetType0CommandResult(inBuffer)));
emit commandFinished();
}
}
}
bool RH_RF69::init()
{
if (!RHSPIDriver::init())
return false;
// Determine the interrupt number that corresponds to the interruptPin
int interruptNumber = digitalPinToInterrupt(_interruptPin);
if (interruptNumber == NOT_AN_INTERRUPT)
return false;
// Get the device type and check it
// This also tests whether we are really connected to a device
// My test devices return 0x24
_deviceType = spiRead(RH_RF69_REG_10_VERSION);
if (_deviceType == 00 ||
_deviceType == 0xff)
return false;
// Add by Adrien van den Bossche <*****@*****.**> for Teensy
// ARM M4 requires the below. else pin interrupt doesn't work properly.
// On all other platforms, its innocuous, belt and braces
pinMode(_interruptPin, INPUT);
// Set up interrupt handler
// Since there are a limited number of interrupt glue functions isr*() available,
// we can only support a limited number of devices simultaneously
// ON some devices, notably most Arduinos, the interrupt pin passed in is actuallt the
// interrupt number. You have to figure out the interruptnumber-to-interruptpin mapping
// yourself based on knwledge of what Arduino board you are running on.
_deviceForInterrupt[_interruptCount] = this;
if (_interruptCount == 0)
attachInterrupt(interruptNumber, isr0, RISING);
else if (_interruptCount == 1)
attachInterrupt(interruptNumber, isr1, RISING);
else if (_interruptCount == 2)
attachInterrupt(interruptNumber, isr2, RISING);
else
return false; // Too many devices, not enough interrupt vectors
_interruptCount++;
setModeIdle();
// Configure important RH_RF69 registers
// Here we set up the standard packet format for use by the RH_RF69 library:
// 4 bytes preamble
// 2 SYNC words 2d, d4
// 2 CRC CCITT octets computed on the header, length and data (this in the modem config data)
// 0 to 60 bytes data
// RSSI Threshold -114dBm
// We dont use the RH_RF69s address filtering: instead we prepend our own headers to the beginning
// of the RH_RF69 payload
spiWrite(RH_RF69_REG_3C_FIFOTHRESH, RH_RF69_FIFOTHRESH_TXSTARTCONDITION_NOTEMPTY | 0x0f); // thresh 15 is default
// RSSITHRESH is default
// spiWrite(RH_RF69_REG_29_RSSITHRESH, 220); // -110 dbM
// SYNCCONFIG is default. SyncSize is set later by setSyncWords()
// spiWrite(RH_RF69_REG_2E_SYNCCONFIG, RH_RF69_SYNCCONFIG_SYNCON); // auto, tolerance 0
// PAYLOADLENGTH is default
// spiWrite(RH_RF69_REG_38_PAYLOADLENGTH, RH_RF69_FIFO_SIZE); // max size only for RX
// PACKETCONFIG 2 is default
spiWrite(RH_RF69_REG_6F_TESTDAGC, RH_RF69_TESTDAGC_CONTINUOUSDAGC_IMPROVED_LOWBETAOFF);
// If high power boost set previously, disable it
spiWrite(RH_RF69_REG_5A_TESTPA1, RH_RF69_TESTPA1_NORMAL);
spiWrite(RH_RF69_REG_5C_TESTPA2, RH_RF69_TESTPA2_NORMAL);
// The following can be changed later by the user if necessary.
// Set up default configuration
uint8_t syncwords[] = { 0x2d, 0xd4 };
setSyncWords(syncwords, sizeof(syncwords)); // Same as RF22's
// Reasonably fast and reliable default speed and modulation
setModemConfig(GFSK_Rb250Fd250);
// 3 would be sufficient, but this is the same as RF22's
setPreambleLength(4);
// An innocuous ISM frequency, same as RF22's
setFrequency(434.0);
// No encryption
setEncryptionKey(NULL);
// +13dBm, same as power-on default
setTxPower(13);
return true;
}
int main(void)
{
uint8_t temp[128];
uint8_t address1[20];
uint8_t address2[20];
uint8_t name[NAME_LENGTH];
uint8_t encryption_key[WALLET_ENCRYPTION_KEY_LENGTH];
uint8_t new_encryption_key[WALLET_ENCRYPTION_KEY_LENGTH];
uint8_t version[4];
uint8_t *address_buffer;
uint8_t one_byte;
AddressHandle *handles_buffer;
AddressHandle ah;
PointAffine public_key;
PointAffine *public_key_buffer;
int abort;
int is_zero;
int abort_duplicate;
int abort_error;
int i;
int j;
initTests(__FILE__);
initWalletTest();
memset(encryption_key, 0, WALLET_ENCRYPTION_KEY_LENGTH);
setEncryptionKey(encryption_key);
// Blank out non-volatile storage area (set to all nulls).
temp[0] = 0;
for (i = 0; i < TEST_FILE_SIZE; i++)
{
fwrite(temp, 1, 1, wallet_test_file);
}
// sanitiseNonVolatileStorage() should nuke everything.
if (sanitiseNonVolatileStorage(0, 0xffffffff) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("Cannot nuke NV storage using sanitiseNonVolatileStorage()\n");
reportFailure();
}
// Check that the version field is "wallet not there".
if (getWalletInfo(version, temp) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("getWalletInfo() failed after sanitiseNonVolatileStorage() was called\n");
reportFailure();
}
if (readU32LittleEndian(version) == VERSION_NOTHING_THERE)
{
reportSuccess();
}
else
{
printf("sanitiseNonVolatileStorage() does not set version to nothing there\n");
reportFailure();
}
// initWallet() hasn't been called yet, so nearly every function should
// return WALLET_NOT_THERE somehow.
checkFunctionsReturnWalletNotThere();
// The non-volatile storage area was blanked out, so there shouldn't be a
// (valid) wallet there.
if (initWallet() == WALLET_NOT_THERE)
{
reportSuccess();
}
else
{
printf("initWallet() doesn't recognise when wallet isn't there\n");
reportFailure();
}
// Try creating a wallet and testing initWallet() on it.
memcpy(name, "123456789012345678901234567890abcdefghij", NAME_LENGTH);
if (newWallet(name) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("Could not create new wallet\n");
reportFailure();
}
if (initWallet() == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("initWallet() does not recognise new wallet\n");
reportFailure();
}
if ((getNumAddresses() == 0) && (walletGetLastError() == WALLET_EMPTY))
{
reportSuccess();
}
else
{
printf("New wallet isn't empty\n");
reportFailure();
}
// Check that the version field is "unencrypted wallet".
if (getWalletInfo(version, temp) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("getWalletInfo() failed after newWallet() was called\n");
reportFailure();
}
if (readU32LittleEndian(version) == VERSION_UNENCRYPTED)
{
reportSuccess();
}
else
{
printf("newWallet() does not set version to unencrypted wallet\n");
reportFailure();
}
// Check that sanitise_nv_wallet() deletes wallet.
if (sanitiseNonVolatileStorage(0, 0xffffffff) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("Cannot nuke NV storage using sanitiseNonVolatileStorage()\n");
reportFailure();
}
if (initWallet() == WALLET_NOT_THERE)
{
reportSuccess();
}
else
{
printf("sanitiseNonVolatileStorage() isn't deleting wallet\n");
reportFailure();
}
// Make some new addresses, then create a new wallet and make sure the
// new wallet is empty (i.e. check that newWallet() deletes existing
// wallet).
newWallet(name);
if (makeNewAddress(temp, &public_key) != BAD_ADDRESS_HANDLE)
{
reportSuccess();
}
else
{
printf("Couldn't create new address in new wallet\n");
reportFailure();
}
newWallet(name);
if ((getNumAddresses() == 0) && (walletGetLastError() == WALLET_EMPTY))
{
reportSuccess();
}
else
{
printf("newWallet() doesn't delete existing wallet\n");
reportFailure();
}
// Unload wallet and make sure everything realises that the wallet is
// not loaded.
if (uninitWallet() == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("uninitWallet() failed to do its basic job\n");
reportFailure();
}
checkFunctionsReturnWalletNotThere();
// Load wallet again. Since there is actually a wallet there, this
// should succeed.
if (initWallet() == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("uninitWallet() appears to be permanent\n");
reportFailure();
}
// Change bytes in non-volatile memory and make sure initWallet() fails
// because of the checksum check.
if (uninitWallet() != WALLET_NO_ERROR)
{
printf("uninitWallet() failed to do its basic job 2\n");
reportFailure();
}
abort = 0;
for (i = 0; i < WALLET_RECORD_LENGTH; i++)
{
if (nonVolatileRead(&one_byte, (uint32_t)i, 1) != NV_NO_ERROR)
{
printf("NV read fail\n");
abort = 1;
break;
}
one_byte++;
if (nonVolatileWrite(&one_byte, (uint32_t)i, 1) != NV_NO_ERROR)
{
printf("NV write fail\n");
abort = 1;
break;
}
if (initWallet() == WALLET_NO_ERROR)
{
printf("Wallet still loads when wallet checksum is wrong, offset = %d\n", i);
abort = 1;
break;
}
one_byte--;
if (nonVolatileWrite(&one_byte, (uint32_t)i, 1) != NV_NO_ERROR)
{
printf("NV write fail\n");
abort = 1;
break;
}
}
if (!abort)
{
reportSuccess();
}
else
{
reportFailure();
}
// Create 2 new wallets and check that their addresses aren't the same
newWallet(name);
if (makeNewAddress(address1, &public_key) != BAD_ADDRESS_HANDLE)
{
reportSuccess();
}
else
{
printf("Couldn't create new address in new wallet\n");
reportFailure();
}
newWallet(name);
memset(address2, 0, 20);
memset(&public_key, 0, sizeof(PointAffine));
if (makeNewAddress(address2, &public_key) != BAD_ADDRESS_HANDLE)
{
reportSuccess();
}
else
{
printf("Couldn't create new address in new wallet\n");
reportFailure();
}
if (memcmp(address1, address2, 20))
{
reportSuccess();
}
else
{
printf("New wallets are creating identical addresses\n");
reportFailure();
}
// Check that makeNewAddress() wrote to its outputs.
is_zero = 1;
for (i = 0; i < 20; i++)
{
if (address2[i] != 0)
{
is_zero = 0;
break;
}
}
if (is_zero)
{
printf("makeNewAddress() doesn't write the address\n");
reportFailure();
}
else
{
reportSuccess();
}
if (bigIsZero(public_key.x))
{
printf("makeNewAddress() doesn't write the public key\n");
reportFailure();
}
else
{
reportSuccess();
}
// Make some new addresses, up to a limit.
// Also check that addresses are unique.
newWallet(name);
abort = 0;
address_buffer = malloc(MAX_TESTING_ADDRESSES * 20);
for (i = 0; i < MAX_TESTING_ADDRESSES; i++)
{
if (makeNewAddress(&(address_buffer[i * 20]), &public_key) == BAD_ADDRESS_HANDLE)
{
printf("Couldn't create new address in new wallet\n");
abort = 1;
break;
}
for (j = 0; j < i; j++)
{
if (!memcmp(&(address_buffer[i * 20]), &(address_buffer[j * 20]), 20))
{
printf("Wallet addresses aren't unique\n");
abort = 1;
break;
}
}
if (abort)
{
break;
}
}
free(address_buffer);
if (!abort)
{
reportSuccess();
}
else
{
reportFailure();
}
// The wallet should be full now.
// Check that making a new address now causes an appropriate error.
if (makeNewAddress(temp, &public_key) == BAD_ADDRESS_HANDLE)
{
if (walletGetLastError() == WALLET_FULL)
{
reportSuccess();
}
else
{
printf("Creating a new address on a full wallet gives incorrect error\n");
reportFailure();
}
}
else
{
printf("Creating a new address on a full wallet succeeds (it's not supposed to)\n");
reportFailure();
}
// Check that getNumAddresses() fails when the wallet is empty.
newWallet(name);
if (getNumAddresses() == 0)
{
if (walletGetLastError() == WALLET_EMPTY)
{
reportSuccess();
}
else
{
printf("getNumAddresses() doesn't recognise wallet is empty\n");
reportFailure();
}
}
else
{
printf("getNumAddresses() succeeds when used on empty wallet\n");
reportFailure();
}
// Create a bunch of addresses in the (now empty) wallet and check that
// getNumAddresses() returns the right number.
address_buffer = malloc(MAX_TESTING_ADDRESSES * 20);
public_key_buffer = malloc(MAX_TESTING_ADDRESSES * sizeof(PointAffine));
handles_buffer = malloc(MAX_TESTING_ADDRESSES * sizeof(AddressHandle));
abort = 0;
for (i = 0; i < MAX_TESTING_ADDRESSES; i++)
{
ah = makeNewAddress(&(address_buffer[i * 20]), &(public_key_buffer[i]));
handles_buffer[i] = ah;
if (ah == BAD_ADDRESS_HANDLE)
{
printf("Couldn't create new address in new wallet\n");
abort = 1;
reportFailure();
break;
}
}
if (!abort)
{
reportSuccess();
}
if (getNumAddresses() == MAX_TESTING_ADDRESSES)
{
reportSuccess();
}
else
{
printf("getNumAddresses() returns wrong number of addresses\n");
reportFailure();
}
// The wallet should contain unique addresses.
abort_duplicate = 0;
for (i = 0; i < MAX_TESTING_ADDRESSES; i++)
{
for (j = 0; j < i; j++)
{
if (!memcmp(&(address_buffer[i * 20]), &(address_buffer[j * 20]), 20))
{
printf("Wallet has duplicate addresses\n");
abort_duplicate = 1;
reportFailure();
break;
}
}
}
if (!abort_duplicate)
{
reportSuccess();
}
// The wallet should contain unique public keys.
abort_duplicate = 0;
for (i = 0; i < MAX_TESTING_ADDRESSES; i++)
{
for (j = 0; j < i; j++)
{
if (bigCompare(public_key_buffer[i].x, public_key_buffer[j].x) == BIGCMP_EQUAL)
{
printf("Wallet has duplicate public keys\n");
abort_duplicate = 1;
reportFailure();
break;
}
}
}
if (!abort_duplicate)
{
reportSuccess();
}
// The address handles should start at 1 and be sequential.
abort = 0;
for (i = 0; i < MAX_TESTING_ADDRESSES; i++)
{
if (handles_buffer[i] != (AddressHandle)(i + 1))
{
printf("Address handle %d should be %d, but got %d\n", i, i + 1, (int)handles_buffer[i]);
abort = 1;
reportFailure();
break;
}
}
if (!abort)
{
reportSuccess();
}
// While there's a bunch of addresses in the wallet, check that
// getAddressAndPublicKey() obtains the same address and public key as
// makeNewAddress().
abort_error = 0;
abort = 0;
for (i = 0; i < MAX_TESTING_ADDRESSES; i++)
{
ah = handles_buffer[i];
if (getAddressAndPublicKey(address1, &public_key, ah) != WALLET_NO_ERROR)
{
printf("Couldn't obtain address in wallet\n");
abort_error = 1;
reportFailure();
break;
}
if ((memcmp(address1, &(address_buffer[i * 20]), 20))
|| (bigCompare(public_key.x, public_key_buffer[i].x) != BIGCMP_EQUAL)
|| (bigCompare(public_key.y, public_key_buffer[i].y) != BIGCMP_EQUAL))
{
printf("getAddressAndPublicKey() returned mismatching address or public key, ah = %d\n", i);
abort = 1;
reportFailure();
break;
}
}
if (!abort)
{
reportSuccess();
}
if (!abort_error)
{
reportSuccess();
}
// Test getAddressAndPublicKey() and getPrivateKey() functions using
// invalid and then valid address handles.
if (getAddressAndPublicKey(temp, &public_key, 0) == WALLET_INVALID_HANDLE)
{
reportSuccess();
}
else
{
printf("getAddressAndPublicKey() doesn't recognise 0 as invalid address handle\n");
reportFailure();
}
if (getPrivateKey(temp, 0) == WALLET_INVALID_HANDLE)
{
reportSuccess();
}
else
{
printf("getPrivateKey() doesn't recognise 0 as invalid address handle\n");
reportFailure();
}
if (getAddressAndPublicKey(temp, &public_key, BAD_ADDRESS_HANDLE) == WALLET_INVALID_HANDLE)
{
reportSuccess();
}
else
{
printf("getAddressAndPublicKey() doesn't recognise BAD_ADDRESS_HANDLE as invalid address handle\n");
reportFailure();
}
if (getPrivateKey(temp, BAD_ADDRESS_HANDLE) == WALLET_INVALID_HANDLE)
{
reportSuccess();
}
else
{
printf("getPrivateKey() doesn't recognise BAD_ADDRESS_HANDLE as invalid address handle\n");
reportFailure();
}
if (getAddressAndPublicKey(temp, &public_key, handles_buffer[0]) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("getAddressAndPublicKey() doesn't recognise valid address handle\n");
reportFailure();
}
if (getPrivateKey(temp, handles_buffer[0]) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("getPrivateKey() doesn't recognise valid address handle\n");
reportFailure();
}
free(address_buffer);
free(public_key_buffer);
free(handles_buffer);
// Check that changeEncryptionKey() works.
memset(new_encryption_key, 0, WALLET_ENCRYPTION_KEY_LENGTH);
new_encryption_key[0] = 1;
if (changeEncryptionKey(new_encryption_key) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("Couldn't change encryption key\n");
reportFailure();
}
// Check that the version field is "encrypted wallet".
if (getWalletInfo(version, temp) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("getWalletInfo() failed after changeEncryptionKey() was called\n");
reportFailure();
}
if (readU32LittleEndian(version) == VERSION_IS_ENCRYPTED)
{
reportSuccess();
}
else
{
printf("changeEncryptionKey() does not set version to encrypted wallet\n");
reportFailure();
}
// Check name matches what was given in newWallet().
if (!memcmp(temp, name, NAME_LENGTH))
{
reportSuccess();
}
else
{
printf("getWalletInfo() doesn't return correct name when wallet is loaded\n");
reportFailure();
}
// Check that getWalletInfo() still works after unloading wallet.
uninitWallet();
if (getWalletInfo(version, temp) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("getWalletInfo() failed after uninitWallet() was called\n");
reportFailure();
}
if (readU32LittleEndian(version) == VERSION_IS_ENCRYPTED)
{
reportSuccess();
}
else
{
printf("uninitWallet() caused wallet version to change\n");
reportFailure();
}
// Check name matches what was given in newWallet().
if (!memcmp(temp, name, NAME_LENGTH))
{
reportSuccess();
}
else
{
printf("getWalletInfo() doesn't return correct name when wallet is not loaded\n");
reportFailure();
}
// Change wallet's name and check that getWalletInfo() reflects the
// name change.
initWallet();
memcpy(name, "HHHHH HHHHHHHHHHHHHHHHH HHHHHHHHHHHHHH ", NAME_LENGTH);
if (changeWalletName(name) == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("changeWalletName() couldn't change name\n");
reportFailure();
}
getWalletInfo(version, temp);
if (!memcmp(temp, name, NAME_LENGTH))
{
reportSuccess();
}
else
{
printf("getWalletInfo() doesn't reflect name change\n");
reportFailure();
}
// Check that name change is preserved when unloading and loading a
// wallet.
uninitWallet();
getWalletInfo(version, temp);
if (!memcmp(temp, name, NAME_LENGTH))
{
reportSuccess();
}
else
{
printf("getWalletInfo() doesn't reflect name change after unloading wallet\n");
reportFailure();
}
// Check that initWallet() succeeds (changing the name changes the
// checksum, so this tests whether the checksum was updated).
if (initWallet() == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("initWallet() failed after name change\n");
reportFailure();
}
getWalletInfo(version, temp);
if (!memcmp(temp, name, NAME_LENGTH))
{
reportSuccess();
}
else
{
printf("getWalletInfo() doesn't reflect name change after reloading wallet\n");
reportFailure();
}
// Check that loading the wallet with the old key fails.
uninitWallet();
setEncryptionKey(encryption_key);
if (initWallet() == WALLET_NOT_THERE)
{
reportSuccess();
}
else
{
printf("Loading wallet with old encryption key succeeds\n");
reportFailure();
}
// Check that loading the wallet with the new key succeeds.
uninitWallet();
setEncryptionKey(new_encryption_key);
if (initWallet() == WALLET_NO_ERROR)
{
reportSuccess();
}
else
{
printf("Loading wallet with new encryption key fails\n");
reportFailure();
}
// Test the getAddressAndPublicKey() and getPrivateKey() functions on an
// empty wallet.
newWallet(name);
if (getAddressAndPublicKey(temp, &public_key, 0) == WALLET_EMPTY)
{
reportSuccess();
}
else
{
printf("getAddressAndPublicKey() doesn't deal with empty wallets correctly\n");
reportFailure();
}
if (getPrivateKey(temp, 0) == WALLET_EMPTY)
{
reportSuccess();
}
else
{
printf("getPrivateKey() doesn't deal with empty wallets correctly\n");
reportFailure();
}
fclose(wallet_test_file);
finishTests();
exit(0);
}
/** Get packet from stream and deal with it. This basically implements the
* protocol described in the file PROTOCOL.
*
* This function will always completely
* read a packet before sending a response packet. As long as the host
* does the same thing, deadlocks cannot occur. Thus a productive
* communication session between the hardware Bitcoin wallet and a host
* should consist of the wallet and host alternating between sending a
* packet and receiving a packet.
*/
void processPacket(void)
{
uint8_t command;
// Technically, the length of buffer should also be >= 4, since it is used
// in a couple of places to obtain 32 bit values. This is guaranteed by
// the reference to WALLET_ENCRYPTION_KEY_LENGTH, since no-one in their
// right mind would use encryption with smaller than 32 bit keys.
uint8_t buffer[MAX(NAME_LENGTH, WALLET_ENCRYPTION_KEY_LENGTH)];
uint32_t num_addresses;
AddressHandle ah;
WalletErrors wallet_return;
command = streamGetOneByte();
getBytesFromStream(buffer, 4);
payload_length = readU32LittleEndian(buffer);
// Checklist for each case:
// 1. Have you checked or dealt with length?
// 2. Have you fully read the input stream before writing (to avoid
// deadlocks)?
// 3. Have you asked permission from the user (for potentially dangerous
// operations)?
// 4. Have you checked for errors from wallet functions?
// 5. Have you used the right check for the wallet functions?
switch (command)
{
case PACKET_TYPE_PING:
// Ping request.
// Just throw away the data and then send response.
readAndIgnoreInput();
writeString(STRINGSET_MISC, MISCSTR_VERSION, PACKET_TYPE_PING_REPLY);
break;
// Commands PACKET_TYPE_PING_REPLY, PACKET_TYPE_SUCCESS and
// PACKET_TYPE_FAILURE should never be received; they are only sent.
case PACKET_TYPE_NEW_WALLET:
// Create new wallet.
if (!expectLength(WALLET_ENCRYPTION_KEY_LENGTH + NAME_LENGTH))
{
getBytesFromStream(buffer, WALLET_ENCRYPTION_KEY_LENGTH);
setEncryptionKey(buffer);
getBytesFromStream(buffer, NAME_LENGTH);
if (askUser(ASKUSER_NUKE_WALLET))
{
writeString(STRINGSET_MISC, MISCSTR_PERMISSION_DENIED, PACKET_TYPE_FAILURE);
}
else
{
wallet_return = newWallet(buffer);
translateWalletError(wallet_return, 0, NULL);
}
}
break;
case PACKET_TYPE_NEW_ADDRESS:
// Create new address in wallet.
if (!expectLength(0))
{
if (askUser(ASKUSER_NEW_ADDRESS))
{
writeString(STRINGSET_MISC, MISCSTR_PERMISSION_DENIED, PACKET_TYPE_FAILURE);
}
else
{
getAndSendAddressAndPublicKey(1);
}
}
break;
case PACKET_TYPE_GET_NUM_ADDRESSES:
// Get number of addresses in wallet.
if (!expectLength(0))
{
num_addresses = getNumAddresses();
writeU32LittleEndian(buffer, num_addresses);
wallet_return = walletGetLastError();
translateWalletError(wallet_return, 4, buffer);
}
break;
case PACKET_TYPE_GET_ADDRESS_PUBKEY:
// Get address and public key corresponding to an address handle.
if (!expectLength(4))
{
getAndSendAddressAndPublicKey(0);
}
break;
case PACKET_TYPE_SIGN_TRANSACTION:
// Sign a transaction.
if (payload_length <= 4)
{
readAndIgnoreInput();
writeString(STRINGSET_MISC, MISCSTR_INVALID_PACKET, PACKET_TYPE_FAILURE);
}
else
{
getBytesFromStream(buffer, 4);
ah = readU32LittleEndian(buffer);
// Don't need to subtract 4 off payload_length because
// getBytesFromStream() has already done so.
validateAndSignTransaction(ah, payload_length);
payload_length = 0;
}
break;
case PACKET_TYPE_LOAD_WALLET:
// Load wallet.
if (!expectLength(WALLET_ENCRYPTION_KEY_LENGTH))
{
getBytesFromStream(buffer, WALLET_ENCRYPTION_KEY_LENGTH);
setEncryptionKey(buffer);
wallet_return = initWallet();
translateWalletError(wallet_return, 0, NULL);
}
break;
case PACKET_TYPE_UNLOAD_WALLET:
// Unload wallet.
if (!expectLength(0))
{
clearEncryptionKey();
sanitiseRam();
memset(buffer, 0xff, sizeof(buffer));
memset(buffer, 0, sizeof(buffer));
wallet_return = uninitWallet();
translateWalletError(wallet_return, 0, NULL);
}
break;
case PACKET_TYPE_FORMAT:
// Format storage.
if (!expectLength(0))
{
if (askUser(ASKUSER_FORMAT))
{
writeString(STRINGSET_MISC, MISCSTR_PERMISSION_DENIED, PACKET_TYPE_FAILURE);
}
else
{
wallet_return = sanitiseNonVolatileStorage(0, 0xffffffff);
translateWalletError(wallet_return, 0, NULL);
uninitWallet(); // force wallet to unload
}
}
break;
case PACKET_TYPE_CHANGE_KEY:
// Change wallet encryption key.
if (!expectLength(WALLET_ENCRYPTION_KEY_LENGTH))
{
getBytesFromStream(buffer, WALLET_ENCRYPTION_KEY_LENGTH);
wallet_return = changeEncryptionKey(buffer);
translateWalletError(wallet_return, 0, NULL);
}
break;
case PACKET_TYPE_CHANGE_NAME:
// Change wallet name.
if (!expectLength(NAME_LENGTH))
{
getBytesFromStream(buffer, NAME_LENGTH);
if (askUser(ASKUSER_CHANGE_NAME))
{
writeString(STRINGSET_MISC, MISCSTR_PERMISSION_DENIED, PACKET_TYPE_FAILURE);
}
else
{
wallet_return = changeWalletName(buffer);
translateWalletError(wallet_return, 0, NULL);
}
}
break;
case PACKET_TYPE_LIST_WALLETS:
// List wallets.
if (!expectLength(0))
{
listWallets();
}
break;
default:
// Unknown command.
readAndIgnoreInput();
writeString(STRINGSET_MISC, MISCSTR_INVALID_PACKET, PACKET_TYPE_FAILURE);
break;
}
#ifdef TEST_STREAM_COMM
assert(payload_length == 0);
#endif
}
