void fsm_msgLoadDevice(LoadDevice *msg)
{
if (storage_isInitialized()) {
fsm_sendFailure(FailureType_Failure_UnexpectedMessage, "Device is already initialized. Use Wipe first.");
return;
}
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "I take the risk", NULL, "Loading private seed", "is not recommended.", "Continue only if you", "know what you are", "doing!", NULL);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Load cancelled");
layoutHome();
return;
}
if (msg->has_mnemonic && !(msg->has_skip_checksum && msg->skip_checksum) ) {
if (!mnemonic_check(msg->mnemonic)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Mnemonic with wrong checksum provided");
layoutHome();
return;
}
}
storage_loadDevice(msg);
storage_commit();
fsm_sendSuccess("Device loaded");
layoutHome();
}
void fsm_msgApplySettings(ApplySettings *msg)
{
if (msg->has_label && msg->has_language) {
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL, "Do you really want to", "change label to", msg->label, "and language to", msg->language, "?");
} else
if (msg->has_label) {
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL, "Do you really want to", "change label to", msg->label, "?", NULL, NULL);
} else
if (msg->has_language) {
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL, "Do you really want to", "change language to", msg->language, "?", NULL, NULL);
} else {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No setting provided");
return;
}
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Apply settings cancelled");
layoutHome();
return;
}
if (!protectPin(true)) {
layoutHome();
return;
}
if (msg->has_label) {
storage_setLabel(msg->label);
}
if (msg->has_language) {
storage_setLanguage(msg->language);
}
storage_commit();
fsm_sendSuccess("Settings applied");
layoutHome();
}
void fsm_msgSignMessage(SignMessage *msg)
{
RESP_INIT(MessageSignature);
layoutSignMessage(msg->message.bytes, msg->message.size);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Sign message cancelled");
layoutHome();
return;
}
if (!protectPin(true)) {
layoutHome();
return;
}
const CoinType *coin = fsm_getCoin(msg->coin_name);
if (!coin) return;
const HDNode *node = fsm_getDerivedNode(msg->address_n, msg->address_n_count);
if (!node) return;
layoutProgressSwipe("Signing", 0);
if (cryptoMessageSign(msg->message.bytes, msg->message.size, node->private_key, resp->signature.bytes) == 0) {
resp->has_address = true;
uint8_t addr_raw[21];
ecdsa_get_address_raw(node->public_key, coin->address_type, addr_raw);
base58_encode_check(addr_raw, 21, resp->address, sizeof(resp->address));
resp->has_signature = true;
resp->signature.size = 65;
msg_write(MessageType_MessageType_MessageSignature, resp);
} else {
fsm_sendFailure(FailureType_Failure_Other, "Error signing message");
}
layoutHome();
}
void fsm_msgLoadDevice(LoadDevice *msg)
{
if(storage_is_initialized())
{
fsm_sendFailure(FailureType_Failure_UnexpectedMessage,
"Device is already initialized. Use Wipe first.");
return;
}
if(!confirm_load_device(msg->has_node))
{
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Load cancelled");
go_home();
return;
}
if(msg->has_mnemonic && !(msg->has_skip_checksum && msg->skip_checksum))
{
if(!mnemonic_check(msg->mnemonic))
{
fsm_sendFailure(FailureType_Failure_ActionCancelled,
"Mnemonic with wrong checksum provided");
go_home();
return;
}
}
storage_load_device(msg);
storage_commit();
fsm_sendSuccess("Device loaded");
go_home();
}
void fsm_msgGetAddress(GetAddress *msg)
{
RESP_INIT(Address);
HDNode *node = fsm_getRootNode();
if (!node) return;
const CoinType *coin = coinByName(msg->coin_name);
if (!coin) {
fsm_sendFailure(FailureType_Failure_Other, "Invalid coin name");
layoutHome();
return;
}
fsm_deriveKey(node, msg->address_n, msg->address_n_count);
ecdsa_get_address(node->public_key, coin->address_type, resp->address);
if (msg->has_show_display && msg->show_display) {
layoutAddress(resp->address);
if (!protectButton(ButtonRequestType_ButtonRequest_Address, true)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Show address cancelled");
layoutHome();
return;
}
}
msg_write(MessageType_MessageType_Address, resp);
layoutHome();
}
void recovery_init(uint32_t _word_count, bool passphrase_protection, bool pin_protection, const char *language, const char *label, bool _enforce_wordlist)
{
if (_word_count != 12 && _word_count != 18 && _word_count != 24) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "Invalid word count (has to be 12, 18 or 24 bits)");
layoutHome();
return;
}
word_count = _word_count;
enforce_wordlist = _enforce_wordlist;
if (pin_protection && !protectChangePin()) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "PIN change failed");
layoutHome();
return;
}
storage.has_passphrase_protection = true;
storage.passphrase_protection = passphrase_protection;
storage_setLanguage(language);
storage_setLabel(label);
uint32_t i;
for (i = 0; i < word_count; i++) {
word_order[i] = i + 1;
}
for (i = word_count; i < 24; i++) {
word_order[i] = 0;
}
random_permute(word_order, 24);
awaiting_word = true;
word_index = 0;
next_word();
}
const HDNode *fsm_getDerivedNode(uint32_t *address_n, size_t address_n_count)
{
static HDNode node;
if(!storage_get_root_node(&node))
{
fsm_sendFailure(FailureType_Failure_NotInitialized,
"Device not initialized or passphrase request cancelled");
go_home();
return 0;
}
if(!address_n || address_n_count == 0)
{
return &node;
}
if(hdnode_private_ckd_cached(&node, address_n, address_n_count) == 0)
{
fsm_sendFailure(FailureType_Failure_Other, "Failed to derive private key");
go_home();
return 0;
}
return &node;
}
void fsm_msgSignTx(SignTx *msg)
{
if (msg->inputs_count < 1) {
fsm_sendFailure(FailureType_Failure_Other, "Transaction must have at least one input");
layoutHome();
return;
}
if (msg->outputs_count < 1) {
fsm_sendFailure(FailureType_Failure_Other, "Transaction must have at least one output");
layoutHome();
return;
}
if (!protectPin(true)) {
layoutHome();
return;
}
HDNode *node = fsm_getRootNode();
if (!node) return;
const CoinType *coin = coinByName(msg->coin_name);
if (!coin) {
fsm_sendFailure(FailureType_Failure_Other, "Invalid coin name");
layoutHome();
return;
}
signing_init(msg->inputs_count, msg->outputs_count, coin, node);
}
void fsm_msgPing(Ping *msg)
{
RESP_INIT(Success);
if (msg->has_button_protection && msg->button_protection) {
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL, "Do you really want to", "answer to ping?", NULL, NULL, NULL, NULL);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Ping cancelled");
layoutHome();
return;
}
}
if (msg->has_pin_protection && msg->pin_protection) {
if (!protectPin(true)) {
layoutHome();
return;
}
}
if (msg->has_passphrase_protection && msg->passphrase_protection) {
if (!protectPassphrase()) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Ping cancelled");
return;
}
}
if (msg->has_message) {
resp->has_message = true;
memcpy(&(resp->message), &(msg->message), sizeof(resp->message));
}
msg_write(MessageType_MessageType_Success, resp);
layoutHome();
}
void fsm_msgGetPublicKey(GetPublicKey *msg)
{
RESP_INIT(PublicKey);
if (!storage_is_initialized())
{
fsm_sendFailure(FailureType_Failure_NotInitialized, "Device not initialized");
return;
}
if(!pin_protect_cached())
{
go_home();
return;
}
const HDNode *node = fsm_getDerivedNode(msg->address_n, msg->address_n_count);
if(!node) { return; }
uint8_t public_key[33]; // copy public key to temporary buffer
memcpy(public_key, node->public_key, sizeof(public_key));
if(msg->has_ecdsa_curve_name)
{
const ecdsa_curve *curve = get_curve_by_name(msg->ecdsa_curve_name);
if(curve)
{
// correct public key (since fsm_getDerivedNode uses secp256k1 curve)
ecdsa_get_public_key33(curve, node->private_key, public_key);
}
}
resp->node.depth = node->depth;
resp->node.fingerprint = node->fingerprint;
resp->node.child_num = node->child_num;
resp->node.chain_code.size = 32;
memcpy(resp->node.chain_code.bytes, node->chain_code, 32);
resp->node.has_private_key = false;
resp->node.has_public_key = true;
resp->node.public_key.size = 33;
memcpy(resp->node.public_key.bytes, public_key, 33);
resp->has_xpub = true;
hdnode_serialize_public(node, resp->xpub, sizeof(resp->xpub));
if(msg->has_show_display && msg->show_display)
{
if(!confirm_xpub(resp->xpub))
{
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Show extended public key cancelled");
go_home();
return;
}
}
msg_write(MessageType_MessageType_PublicKey, resp);
go_home();
}
void fsm_msgGetAddress(GetAddress *msg)
{
RESP_INIT(Address);
if (!protectPin(true)) {
layoutHome();
return;
}
const CoinType *coin = fsm_getCoin(msg->coin_name);
if (!coin) return;
const HDNode *node = fsm_getDerivedNode(msg->address_n, msg->address_n_count);
if (!node) return;
if (msg->has_multisig) {
layoutProgressSwipe("Preparing", 0);
if (cryptoMultisigPubkeyIndex(&(msg->multisig), node->public_key) < 0) {
fsm_sendFailure(FailureType_Failure_Other, "Pubkey not found in multisig script");
layoutHome();
return;
}
uint8_t buf[32];
if (compile_script_multisig_hash(&(msg->multisig), buf) == 0) {
fsm_sendFailure(FailureType_Failure_Other, "Invalid multisig script");
layoutHome();
return;
}
ripemd160(buf, 32, buf + 1);
buf[0] = coin->address_type_p2sh; // multisig cointype
base58_encode_check(buf, 21, resp->address, sizeof(resp->address));
} else {
ecdsa_get_address(node->public_key, coin->address_type, resp->address, sizeof(resp->address));
}
if (msg->has_show_display && msg->show_display) {
char desc[16];
if (msg->has_multisig) {
strlcpy(desc, "Msig __ of __:", sizeof(desc));
const uint32_t m = msg->multisig.m;
const uint32_t n = msg->multisig.pubkeys_count;
desc[5] = (m < 10) ? ' ': ('0' + (m / 10));
desc[6] = '0' + (m % 10);
desc[11] = (n < 10) ? ' ': ('0' + (n / 10));
desc[12] = '0' + (n % 10);
} else {
strlcpy(desc, "Address:", sizeof(desc));
}
layoutAddress(resp->address, desc);
if (!protectButton(ButtonRequestType_ButtonRequest_Address, true)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Show address cancelled");
layoutHome();
return;
}
}
msg_write(MessageType_MessageType_Address, resp);
layoutHome();
}
void fsm_msgApplySettings(ApplySettings *msg)
{
if (msg->has_label) {
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL, "Do you really want to", "change label to", msg->label, "?", NULL, NULL);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Apply settings cancelled");
layoutHome();
return;
}
}
if (msg->has_language) {
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL, "Do you really want to", "change language to", msg->language, "?", NULL, NULL);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Apply settings cancelled");
layoutHome();
return;
}
}
if (msg->has_use_passphrase) {
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL, "Do you really want to", msg->use_passphrase ? "enable passphrase" : "disable passphrase", "encryption?", NULL, NULL, NULL);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Apply settings cancelled");
layoutHome();
return;
}
}
if (msg->has_homescreen) {
layoutDialogSwipe(DIALOG_ICON_QUESTION, "Cancel", "Confirm", NULL, "Do you really want to", "change the home", "screen ?", NULL, NULL, NULL);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Apply settings cancelled");
layoutHome();
return;
}
}
if (!msg->has_label && !msg->has_language && !msg->has_use_passphrase && !msg->has_homescreen) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No setting provided");
return;
}
if (!protectPin(true)) {
layoutHome();
return;
}
if (msg->has_label) {
storage_setLabel(msg->label);
}
if (msg->has_language) {
storage_setLanguage(msg->language);
}
if (msg->has_use_passphrase) {
storage_setPassphraseProtection(msg->use_passphrase);
}
if (msg->has_homescreen) {
storage_setHomescreen(msg->homescreen.bytes, msg->homescreen.size);
}
storage_commit();
fsm_sendSuccess("Settings applied");
layoutHome();
}
void recovery_word(const char *word)
{
if (!awaiting_word) {
fsm_sendFailure(FailureType_Failure_UnexpectedMessage, "Not in Recovery mode");
layoutHome();
return;
}
if (word_pos == 0) { // fake word
if (strcmp(word, fake_word) != 0) {
storage_reset();
fsm_sendFailure(FailureType_Failure_SyntaxError, "Wrong word retyped");
layoutHome();
return;
}
} else { // real word
if (enforce_wordlist) { // check if word is valid
const char * const *wl = mnemonic_wordlist();
bool found = false;
while (*wl) {
if (strcmp(word, *wl) == 0) {
found = true;
break;
}
wl++;
}
if (!found) {
storage_reset();
fsm_sendFailure(FailureType_Failure_SyntaxError, "Word not found in a wordlist");
layoutHome();
return;
}
}
strlcpy(words[word_pos - 1], word, sizeof(words[word_pos - 1]));
}
if (word_index + 1 == 24) { // last one
uint32_t i;
strlcpy(storage.mnemonic, words[0], sizeof(storage.mnemonic));
for (i = 1; i < word_count; i++) {
strlcat(storage.mnemonic, " ", sizeof(storage.mnemonic));
strlcat(storage.mnemonic, words[i], sizeof(storage.mnemonic));
}
if (!enforce_wordlist || mnemonic_check(storage.mnemonic)) {
storage.has_mnemonic = true;
storage_commit();
fsm_sendSuccess("Device recovered");
} else {
storage_reset();
fsm_sendFailure(FailureType_Failure_SyntaxError, "Invalid mnemonic, are words in correct order?");
}
awaiting_word = false;
layoutHome();
} else {
word_index++;
next_word();
}
}
void fsm_msgCipherKeyValue(CipherKeyValue *msg)
{
if (!msg->has_key) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No key provided");
return;
}
if (!msg->has_value) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No value provided");
return;
}
if (msg->value.size % 16) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "Value length must be a multiple of 16");
return;
}
if (!protectPin(true)) {
layoutHome();
return;
}
HDNode *node = fsm_getRootNode();
if (!node) return;
fsm_deriveKey(node, msg->address_n, msg->address_n_count);
bool encrypt = msg->has_encrypt && msg->encrypt;
bool ask_on_encrypt = msg->has_ask_on_encrypt && msg->ask_on_encrypt;
bool ask_on_decrypt = msg->has_ask_on_decrypt && msg->ask_on_decrypt;
if ((encrypt && ask_on_encrypt) || (!encrypt && ask_on_decrypt)) {
layoutCipherKeyValue(encrypt, msg->key);
if (!protectButton(ButtonRequestType_ButtonRequest_Other, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "CipherKeyValue cancelled");
layoutHome();
return;
}
}
uint8_t data[256 + 4];
strlcpy((char *)data, msg->key, sizeof(data));
strlcat((char *)data, ask_on_encrypt ? "E1" : "E0", sizeof(data));
strlcat((char *)data, ask_on_decrypt ? "D1" : "D0", sizeof(data));
hmac_sha512(node->private_key, 32, data, strlen((char *)data), data);
RESP_INIT(Success);
if (encrypt) {
aes_encrypt_ctx ctx;
aes_encrypt_key256(data, &ctx);
aes_cbc_encrypt(msg->value.bytes, resp->payload.bytes, msg->value.size, data + 32, &ctx);
} else {
aes_decrypt_ctx ctx;
aes_decrypt_key256(data, &ctx);
aes_cbc_decrypt(msg->value.bytes, resp->payload.bytes, msg->value.size, data + 32, &ctx);
}
resp->has_payload = true;
resp->payload.size = msg->value.size;
msg_write(MessageType_MessageType_Success, resp);
layoutHome();
}
bool protectPin(bool use_cached)
{
if (!storage.has_pin || storage.pin[0] == 0 || (use_cached && session_isPinCached())) {
return true;
}
uint32_t *fails = storage_getPinFailsPtr();
uint32_t wait = ~*fails;
protectCheckMaxTry(wait);
usbTiny(1);
while (wait > 0) {
// convert wait to secstr string
char secstrbuf[20];
strlcpy(secstrbuf, _("________0 seconds"), sizeof(secstrbuf));
char *secstr = secstrbuf + 9;
uint32_t secs = wait;
while (secs > 0 && secstr >= secstrbuf) {
secstr--;
*secstr = (secs % 10) + '0';
secs /= 10;
}
if (wait == 1) {
secstrbuf[16] = 0;
}
layoutDialog(&bmp_icon_info, NULL, NULL, NULL, _("Wrong PIN entered"), NULL, _("Please wait"), secstr, _("to continue ..."), NULL);
// wait one second
usbSleep(1000);
if (msg_tiny_id == MessageType_MessageType_Initialize) {
protectAbortedByInitialize = true;
msg_tiny_id = 0xFFFF;
usbTiny(0);
fsm_sendFailure(FailureType_Failure_PinCancelled, NULL);
return false;
}
wait--;
}
usbTiny(0);
const char *pin;
pin = requestPin(PinMatrixRequestType_PinMatrixRequestType_Current, _("Please enter current PIN:"));
if (!pin) {
fsm_sendFailure(FailureType_Failure_PinCancelled, NULL);
return false;
}
if (!storage_increasePinFails(fails)) {
fsm_sendFailure(FailureType_Failure_PinInvalid, NULL);
return false;
}
if (storage_containsPin(pin)) {
session_cachePin();
storage_resetPinFails(fails);
return true;
} else {
protectCheckMaxTry(~*fails);
fsm_sendFailure(FailureType_Failure_PinInvalid, NULL);
return false;
}
}
void fsm_msgDecryptMessage(DecryptMessage *msg)
{
if (!msg->has_nonce) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No nonce provided");
return;
}
if (!msg->has_message) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No message provided");
return;
}
if (!msg->has_hmac) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No message hmac provided");
return;
}
curve_point nonce_pubkey;
if (msg->nonce.size != 33 || ecdsa_read_pubkey(&secp256k1, msg->nonce.bytes, &nonce_pubkey) == 0) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "Invalid nonce provided");
return;
}
if (!protectPin(true)) {
layoutHome();
return;
}
const HDNode *node = fsm_getDerivedNode(msg->address_n, msg->address_n_count);
if (!node) return;
layoutProgressSwipe("Decrypting", 0);
RESP_INIT(DecryptedMessage);
bool display_only = false;
bool signing = false;
uint8_t address_raw[21];
if (cryptoMessageDecrypt(&nonce_pubkey, msg->message.bytes, msg->message.size, msg->hmac.bytes, msg->hmac.size, node->private_key, resp->message.bytes, &(resp->message.size), &display_only, &signing, address_raw) != 0) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Error decrypting message");
layoutHome();
return;
}
if (signing) {
base58_encode_check(address_raw, 21, resp->address, sizeof(resp->address));
}
layoutDecryptMessage(resp->message.bytes, resp->message.size, signing ? resp->address : 0);
protectButton(ButtonRequestType_ButtonRequest_Other, true);
if (display_only) {
resp->has_address = false;
resp->has_message = false;
memset(resp->address, 0, sizeof(resp->address));
memset(&(resp->message), 0, sizeof(resp->message));
} else {
resp->has_address = signing;
resp->has_message = true;
}
msg_write(MessageType_MessageType_DecryptedMessage, resp);
layoutHome();
}
void msg_read_tiny(uint8_t *buf, int len)
{
if (len != 64) return;
if (buf[0] != '?' || buf[1] != '#' || buf[2] != '#') {
return;
}
uint16_t msg_id = (buf[3] << 8) + buf[4];
uint32_t msg_size = (buf[5] << 24) + (buf[6] << 16) + (buf[7] << 8) + buf[8];
if (msg_size > 64 || len - msg_size < 9) {
return;
}
const pb_field_t *fields = 0;
pb_istream_t stream = pb_istream_from_buffer(buf + 9, msg_size);
switch (msg_id) {
case MessageType_MessageType_PinMatrixAck:
fields = PinMatrixAck_fields;
break;
case MessageType_MessageType_ButtonAck:
fields = ButtonAck_fields;
break;
case MessageType_MessageType_PassphraseAck:
fields = PassphraseAck_fields;
break;
case MessageType_MessageType_Cancel:
fields = Cancel_fields;
break;
case MessageType_MessageType_Initialize:
fields = Initialize_fields;
break;
#if DEBUG_LINK
case MessageType_MessageType_DebugLinkDecision:
fields = DebugLinkDecision_fields;
break;
case MessageType_MessageType_DebugLinkGetState:
fields = DebugLinkGetState_fields;
break;
#endif
}
if (fields) {
bool status = pb_decode(&stream, fields, msg_tiny);
if (status) {
msg_tiny_id = msg_id;
} else {
fsm_sendFailure(FailureType_Failure_SyntaxError, stream.errmsg);
msg_tiny_id = 0xFFFF;
}
} else {
fsm_sendFailure(FailureType_Failure_UnexpectedMessage, "Unknown message");
msg_tiny_id = 0xFFFF;
}
}
void fsm_msgSignMessage(SignMessage *msg)
{
RESP_INIT(MessageSignature);
if (!storage_is_initialized())
{
fsm_sendFailure(FailureType_Failure_NotInitialized, "Device not initialized");
return;
}
if(!confirm(ButtonRequestType_ButtonRequest_SignMessage, "Sign Message",
(char *)msg->message.bytes))
{
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Sign message cancelled");
go_home();
return;
}
if(!pin_protect_cached())
{
go_home();
return;
}
const CoinType *coin = fsm_getCoin(msg->coin_name);
if(!coin) { return; }
const HDNode *node = fsm_getDerivedNode(msg->address_n, msg->address_n_count);
if(!node) { return; }
if(cryptoMessageSign(coin, msg->message.bytes, msg->message.size, node->private_key,
resp->signature.bytes) == 0)
{
resp->has_address = true;
uint8_t addr_raw[21];
ecdsa_get_address_raw(node->public_key, coin->address_type, addr_raw);
base58_encode_check(addr_raw, 21, resp->address, sizeof(resp->address));
resp->has_signature = true;
resp->signature.size = 65;
msg_write(MessageType_MessageType_MessageSignature, resp);
}
else
{
fsm_sendFailure(FailureType_Failure_Other, "Error signing message");
}
go_home();
}
void msg_read_common(char type, uint8_t *buf, int len)
{
static char read_state = READSTATE_IDLE;
static uint8_t msg_in[MSG_IN_SIZE];
static uint16_t msg_id = 0xFFFF;
static uint32_t msg_size = 0;
static uint32_t msg_pos = 0;
static const pb_field_t *fields = 0;
if (len != 64) return;
if (read_state == READSTATE_IDLE) {
if (buf[0] != '?' || buf[1] != '#' || buf[2] != '#') { // invalid start - discard
return;
}
msg_id = (buf[3] << 8) + buf[4];
msg_size = (buf[5] << 24)+ (buf[6] << 16) + (buf[7] << 8) + buf[8];
fields = MessageFields(type, 'i', msg_id);
if (!fields) { // unknown message
fsm_sendFailure(FailureType_Failure_UnexpectedMessage, "Unknown message");
return;
}
if (msg_size > MSG_IN_SIZE) { // message is too big :(
fsm_sendFailure(FailureType_Failure_SyntaxError, "Message too big");
return;
}
read_state = READSTATE_READING;
memcpy(msg_in, buf + 9, len - 9);
msg_pos = len - 9;
} else
if (read_state == READSTATE_READING) {
if (buf[0] != '?') { // invalid contents
read_state = READSTATE_IDLE;
return;
}
memcpy(msg_in + msg_pos, buf + 1, len - 1);
msg_pos += len - 1;
}
if (msg_pos >= msg_size) {
msg_process(type, msg_id, fields, msg_in, msg_size);
msg_pos = 0;
read_state = READSTATE_IDLE;
}
}
void lisk_sign_message(const HDNode *node, const LiskSignMessage *msg,
LiskMessageSignature *resp) {
layoutSignMessage(msg->message.bytes, msg->message.size);
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, NULL);
layoutHome();
return;
}
layoutProgressSwipe(_("Signing"), 0);
uint8_t signature[64];
uint8_t hash[32];
lisk_message_hash(msg->message.bytes, msg->message.size, hash);
ed25519_sign(hash, 32, node->private_key, &node->public_key[1], signature);
memcpy(resp->signature.bytes, signature, sizeof(signature));
memcpy(resp->public_key.bytes, &node->public_key[1], 32);
resp->has_signature = true;
resp->signature.size = 64;
resp->has_public_key = true;
resp->public_key.size = 32;
}
void fsm_msgRecoveryDevice(RecoveryDevice *msg)
{
if(storage_is_initialized())
{
fsm_sendFailure(FailureType_Failure_UnexpectedMessage,
"Device is already initialized. Use Wipe first.");
return;
}
if(msg->has_use_character_cipher &&
msg->use_character_cipher == true) // recovery via character cipher
{
recovery_cipher_init(
msg->has_passphrase_protection && msg->passphrase_protection,
msg->has_pin_protection && msg->pin_protection,
msg->has_language ? msg->language : 0,
msg->has_label ? msg->label : 0,
msg->has_enforce_wordlist ? msg->enforce_wordlist : false
);
}
else // legacy way of recovery
{
recovery_init(
msg->has_word_count ? msg->word_count : 12,
msg->has_passphrase_protection && msg->passphrase_protection,
msg->has_pin_protection && msg->pin_protection,
msg->has_language ? msg->language : 0,
msg->has_label ? msg->label : 0,
msg->has_enforce_wordlist ? msg->enforce_wordlist : false
);
}
}
void reset_init(bool display_random, uint32_t _strength, bool passphrase_protection,
bool pin_protection, const char *language, const char *label)
{
if(_strength != 128 && _strength != 192 && _strength != 256)
{
fsm_sendFailure(FailureType_Failure_SyntaxError,
"Invalid strength (has to be 128, 192 or 256 bits)");
go_home();
return;
}
strength = _strength;
random_buffer(int_entropy, 32);
char ent_str[4][17];
data2hex(int_entropy , 8, ent_str[0]);
data2hex(int_entropy + 8, 8, ent_str[1]);
data2hex(int_entropy + 16, 8, ent_str[2]);
data2hex(int_entropy + 24, 8, ent_str[3]);
if(display_random)
{
if(!confirm(ButtonRequestType_ButtonRequest_ResetDevice,
"Internal Entropy", "%s %s %s %s", ent_str[0], ent_str[1], ent_str[2], ent_str[3]))
{
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Reset cancelled");
go_home();
return;
}
}
if(pin_protection && !change_pin())
{
go_home();
return;
}
storage_set_passphrase_protected(passphrase_protection);
storage_set_language(language);
storage_set_label(label);
EntropyRequest resp;
memset(&resp, 0, sizeof(EntropyRequest));
msg_write(MessageType_MessageType_EntropyRequest, &resp);
awaiting_entropy = true;
}
void fsm_msgChangePin(ChangePin *msg)
{
bool removal = msg->has_remove && msg->remove;
bool confirmed = false;
if(removal)
{
if(storage_has_pin())
{
confirmed = confirm(ButtonRequestType_ButtonRequest_RemovePin,
"Remove PIN", "Do you want to remove PIN protection?");
}
else
{
fsm_sendSuccess("PIN removed");
return;
}
}
else
{
if(storage_has_pin())
confirmed = confirm(ButtonRequestType_ButtonRequest_ChangePin,
"Change PIN", "Do you want to change your PIN?");
else
confirmed = confirm(ButtonRequestType_ButtonRequest_CreatePin,
"Create PIN", "Do you want to add PIN protection?");
}
if(!confirmed)
{
fsm_sendFailure(FailureType_Failure_ActionCancelled,
removal ? "PIN removal cancelled" : "PIN change cancelled");
go_home();
return;
}
if(!pin_protect("Enter Current PIN"))
{
go_home();
return;
}
if(removal)
{
storage_set_pin(0);
storage_commit();
fsm_sendSuccess("PIN removed");
}
else
{
if(change_pin())
{
storage_commit();
fsm_sendSuccess("PIN changed");
}
}
go_home();
}
void fsm_msgTxAck(TxAck *msg)
{
if (msg->has_tx) {
signing_txack(&(msg->tx));
} else {
fsm_sendFailure(FailureType_Failure_SyntaxError, "No transaction provided");
}
}
void fsm_msgSignTx(SignTx *msg)
{
if (!storage_is_initialized())
{
fsm_sendFailure(FailureType_Failure_NotInitialized, "Device not initialized");
return;
}
if(msg->inputs_count < 1)
{
fsm_sendFailure(FailureType_Failure_Other,
"Transaction must have at least one input");
go_home();
return;
}
if(msg->outputs_count < 1)
{
fsm_sendFailure(FailureType_Failure_Other,
"Transaction must have at least one output");
go_home();
return;
}
if(!pin_protect("Enter Current PIN"))
{
go_home();
return;
}
const CoinType *coin = fsm_getCoin(msg->coin_name);
if(!coin) { return; }
/* master node */
const HDNode *node = fsm_getDerivedNode(0, 0);
if(!node) { return; }
layout_simple_message("Preparing Transaction...");
signing_init(msg->inputs_count, msg->outputs_count, coin, node);
}
void fsm_msgVerifyMessage(VerifyMessage *msg)
{
if(!msg->has_address)
{
fsm_sendFailure(FailureType_Failure_Other, "No address provided");
return;
}
if(!msg->has_message)
{
fsm_sendFailure(FailureType_Failure_Other, "No message provided");
return;
}
const CoinType *coin = fsm_getCoin(msg->coin_name);
if (!coin) return;
layout_simple_message("Verifying Message...");
uint8_t addr_raw[21];
if(!ecdsa_address_decode(msg->address, addr_raw))
{
fsm_sendFailure(FailureType_Failure_InvalidSignature, "Invalid address");
}
if(msg->signature.size == 65 &&
cryptoMessageVerify(coin, msg->message.bytes, msg->message.size, addr_raw,
msg->signature.bytes) == 0)
{
if(review(ButtonRequestType_ButtonRequest_Other, "Message Verified",
(char *)msg->message.bytes))
{
fsm_sendSuccess("Message verified");
}
}
else
{
fsm_sendFailure(FailureType_Failure_InvalidSignature, "Invalid signature");
}
go_home();
}
HDNode *fsm_getRootNode(void)
{
static HDNode node;
if (!storage_getRootNode(&node)) {
layoutHome();
fsm_sendFailure(FailureType_Failure_NotInitialized, "Device not initialized or passphrase request cancelled");
return 0;
}
return &node;
}
void reset_init(bool display_random, uint32_t _strength, bool passphrase_protection, bool pin_protection, const char *language, const char *label)
{
if (_strength != 128 && _strength != 192 && _strength != 256) {
fsm_sendFailure(FailureType_Failure_SyntaxError, "Invalid strength (has to be 128, 192 or 256 bits)");
layoutHome();
return;
}
strength = _strength;
random_buffer(int_entropy, 32);
char ent_str[4][17];
data2hex(int_entropy , 8, ent_str[0]);
data2hex(int_entropy + 8, 8, ent_str[1]);
data2hex(int_entropy + 16, 8, ent_str[2]);
data2hex(int_entropy + 24, 8, ent_str[3]);
if (display_random) {
layoutDialogSwipe(DIALOG_ICON_INFO, "Cancel", "Continue", NULL, "Internal entropy:", ent_str[0], ent_str[1], ent_str[2], ent_str[3], NULL);
if (!protectButton(ButtonRequestType_ButtonRequest_ResetDevice, false)) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "Reset cancelled");
layoutHome();
return;
}
}
if (pin_protection && !protectChangePin()) {
fsm_sendFailure(FailureType_Failure_ActionCancelled, "PIN change failed");
layoutHome();
return;
}
storage.has_passphrase_protection = true;
storage.passphrase_protection = passphrase_protection;
storage_setLanguage(language);
storage_setLabel(label);
EntropyRequest resp;
memset(&resp, 0, sizeof(EntropyRequest));
msg_write(MessageType_MessageType_EntropyRequest, &resp);
awaiting_entropy = true;
}
const CoinType *fsm_getCoin(const char *name)
{
const CoinType *coin = coinByName(name);
if (!coin) {
fsm_sendFailure(FailureType_Failure_Other, "Invalid coin name");
layoutHome();
return 0;
}
return coin;
}
void msg_process(char type, uint16_t msg_id, const pb_field_t *fields, uint8_t *msg_raw, uint32_t msg_size)
{
static uint8_t msg_data[MSG_IN_SIZE];
pb_istream_t stream = pb_istream_from_buffer(msg_raw, msg_size);
bool status = pb_decode(&stream, fields, msg_data);
if (status) {
MessageProcessFunc(type, 'i', msg_id, msg_data);
} else {
fsm_sendFailure(FailureType_Failure_SyntaxError, stream.errmsg);
}
}