Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
G
Geth-Modification
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
张蕾
Geth-Modification
Commits
54d332e1
Commit
54d332e1
authored
Nov 29, 2019
by
Guillaume Ballet
Committed by
Felix Lange
Nov 29, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
accounts/scwallet: fix staticcheck warnings (#20370)
parent
e0bf5f0c
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
21 additions
and
18 deletions
+21
-18
securechannel.go
accounts/scwallet/securechannel.go
+12
-12
wallet.go
accounts/scwallet/wallet.go
+9
-6
No files found.
accounts/scwallet/securechannel.go
View file @
54d332e1
...
...
@@ -71,7 +71,7 @@ func NewSecureChannelSession(card *pcsc.Card, keyData []byte) (*SecureChannelSes
cardPublic
,
ok
:=
gen
.
Unmarshal
(
keyData
)
if
!
ok
{
return
nil
,
fmt
.
Errorf
(
"
C
ould not unmarshal public key from card"
)
return
nil
,
fmt
.
Errorf
(
"
c
ould not unmarshal public key from card"
)
}
secret
,
err
:=
gen
.
GenerateSharedSecret
(
private
,
cardPublic
)
...
...
@@ -109,7 +109,7 @@ func (s *SecureChannelSession) Pair(pairingPassword []byte) error {
cardChallenge
:=
response
.
Data
[
32
:
64
]
if
!
bytes
.
Equal
(
expectedCryptogram
,
cardCryptogram
)
{
return
fmt
.
Errorf
(
"
I
nvalid card cryptogram %v != %v"
,
expectedCryptogram
,
cardCryptogram
)
return
fmt
.
Errorf
(
"
i
nvalid card cryptogram %v != %v"
,
expectedCryptogram
,
cardCryptogram
)
}
md
.
Reset
()
...
...
@@ -132,7 +132,7 @@ func (s *SecureChannelSession) Pair(pairingPassword []byte) error {
// Unpair disestablishes an existing pairing.
func
(
s
*
SecureChannelSession
)
Unpair
()
error
{
if
s
.
PairingKey
==
nil
{
return
fmt
.
Errorf
(
"
C
annot unpair: not paired"
)
return
fmt
.
Errorf
(
"
c
annot unpair: not paired"
)
}
_
,
err
:=
s
.
transmitEncrypted
(
claSCWallet
,
insUnpair
,
s
.
PairingIndex
,
0
,
[]
byte
{})
...
...
@@ -148,7 +148,7 @@ func (s *SecureChannelSession) Unpair() error {
// Open initializes the secure channel.
func
(
s
*
SecureChannelSession
)
Open
()
error
{
if
s
.
iv
!=
nil
{
return
fmt
.
Errorf
(
"
S
ession already opened"
)
return
fmt
.
Errorf
(
"
s
ession already opened"
)
}
response
,
err
:=
s
.
open
()
...
...
@@ -185,11 +185,11 @@ func (s *SecureChannelSession) mutuallyAuthenticate() error {
return
err
}
if
response
.
Sw1
!=
0x90
||
response
.
Sw2
!=
0x00
{
return
fmt
.
Errorf
(
"
G
ot unexpected response from MUTUALLY_AUTHENTICATE: 0x%x%x"
,
response
.
Sw1
,
response
.
Sw2
)
return
fmt
.
Errorf
(
"
g
ot unexpected response from MUTUALLY_AUTHENTICATE: 0x%x%x"
,
response
.
Sw1
,
response
.
Sw2
)
}
if
len
(
response
.
Data
)
!=
scSecretLength
{
return
fmt
.
Errorf
(
"
R
esponse from MUTUALLY_AUTHENTICATE was %d bytes, expected %d"
,
len
(
response
.
Data
),
scSecretLength
)
return
fmt
.
Errorf
(
"
r
esponse from MUTUALLY_AUTHENTICATE was %d bytes, expected %d"
,
len
(
response
.
Data
),
scSecretLength
)
}
return
nil
...
...
@@ -222,7 +222,7 @@ func (s *SecureChannelSession) pair(p1 uint8, data []byte) (*responseAPDU, error
// transmitEncrypted sends an encrypted message, and decrypts and returns the response.
func
(
s
*
SecureChannelSession
)
transmitEncrypted
(
cla
,
ins
,
p1
,
p2
byte
,
data
[]
byte
)
(
*
responseAPDU
,
error
)
{
if
s
.
iv
==
nil
{
return
nil
,
fmt
.
Errorf
(
"
C
hannel not open"
)
return
nil
,
fmt
.
Errorf
(
"
c
hannel not open"
)
}
data
,
err
:=
s
.
encryptAPDU
(
data
)
...
...
@@ -261,14 +261,14 @@ func (s *SecureChannelSession) transmitEncrypted(cla, ins, p1, p2 byte, data []b
return
nil
,
err
}
if
!
bytes
.
Equal
(
s
.
iv
,
rmac
)
{
return
nil
,
fmt
.
Errorf
(
"
I
nvalid MAC in response"
)
return
nil
,
fmt
.
Errorf
(
"
i
nvalid MAC in response"
)
}
rapdu
:=
&
responseAPDU
{}
rapdu
.
deserialize
(
plainData
)
if
rapdu
.
Sw1
!=
sw1Ok
{
return
nil
,
fmt
.
Errorf
(
"
U
nexpected response status Cla=0x%x, Ins=0x%x, Sw=0x%x%x"
,
cla
,
ins
,
rapdu
.
Sw1
,
rapdu
.
Sw2
)
return
nil
,
fmt
.
Errorf
(
"
u
nexpected response status Cla=0x%x, Ins=0x%x, Sw=0x%x%x"
,
cla
,
ins
,
rapdu
.
Sw1
,
rapdu
.
Sw2
)
}
return
rapdu
,
nil
...
...
@@ -277,7 +277,7 @@ func (s *SecureChannelSession) transmitEncrypted(cla, ins, p1, p2 byte, data []b
// encryptAPDU is an internal method that serializes and encrypts an APDU.
func
(
s
*
SecureChannelSession
)
encryptAPDU
(
data
[]
byte
)
([]
byte
,
error
)
{
if
len
(
data
)
>
maxPayloadSize
{
return
nil
,
fmt
.
Errorf
(
"
P
ayload of %d bytes exceeds maximum of %d"
,
len
(
data
),
maxPayloadSize
)
return
nil
,
fmt
.
Errorf
(
"
p
ayload of %d bytes exceeds maximum of %d"
,
len
(
data
),
maxPayloadSize
)
}
data
=
pad
(
data
,
0x80
)
...
...
@@ -323,10 +323,10 @@ func unpad(data []byte, terminator byte) ([]byte, error) {
case
terminator
:
return
data
[
:
len
(
data
)
-
i
],
nil
default
:
return
nil
,
fmt
.
Errorf
(
"
E
xpected end of padding, got %d"
,
data
[
len
(
data
)
-
i
])
return
nil
,
fmt
.
Errorf
(
"
e
xpected end of padding, got %d"
,
data
[
len
(
data
)
-
i
])
}
}
return
nil
,
fmt
.
Errorf
(
"
E
xpected end of padding, got 0"
)
return
nil
,
fmt
.
Errorf
(
"
e
xpected end of padding, got 0"
)
}
// updateIV is an internal method that updates the initialization vector after
...
...
accounts/scwallet/wallet.go
View file @
54d332e1
...
...
@@ -167,7 +167,7 @@ func transmit(card *pcsc.Card, command *commandAPDU) (*responseAPDU, error) {
}
if
response
.
Sw1
!=
sw1Ok
{
return
nil
,
fmt
.
Errorf
(
"
U
nexpected insecure response status Cla=0x%x, Ins=0x%x, Sw=0x%x%x"
,
command
.
Cla
,
command
.
Ins
,
response
.
Sw1
,
response
.
Sw2
)
return
nil
,
fmt
.
Errorf
(
"
u
nexpected insecure response status Cla=0x%x, Ins=0x%x, Sw=0x%x%x"
,
command
.
Cla
,
command
.
Ins
,
response
.
Sw1
,
response
.
Sw2
)
}
return
response
,
nil
...
...
@@ -252,7 +252,7 @@ func (w *Wallet) release() error {
// with the wallet.
func
(
w
*
Wallet
)
pair
(
puk
[]
byte
)
error
{
if
w
.
session
.
paired
()
{
return
fmt
.
Errorf
(
"
W
allet already paired"
)
return
fmt
.
Errorf
(
"
w
allet already paired"
)
}
pairing
,
err
:=
w
.
session
.
pair
(
puk
)
if
err
!=
nil
{
...
...
@@ -773,12 +773,12 @@ func (w *Wallet) findAccountPath(account accounts.Account) (accounts.DerivationP
// Look for the path in the URL
if
account
.
URL
.
Scheme
!=
w
.
Hub
.
scheme
{
return
nil
,
fmt
.
Errorf
(
"
S
cheme %s does not match wallet scheme %s"
,
account
.
URL
.
Scheme
,
w
.
Hub
.
scheme
)
return
nil
,
fmt
.
Errorf
(
"
s
cheme %s does not match wallet scheme %s"
,
account
.
URL
.
Scheme
,
w
.
Hub
.
scheme
)
}
parts
:=
strings
.
SplitN
(
account
.
URL
.
Path
,
"/"
,
2
)
if
len
(
parts
)
!=
2
{
return
nil
,
fmt
.
Errorf
(
"
I
nvalid URL format: %s"
,
account
.
URL
)
return
nil
,
fmt
.
Errorf
(
"
i
nvalid URL format: %s"
,
account
.
URL
)
}
if
parts
[
0
]
!=
fmt
.
Sprintf
(
"%x"
,
w
.
PublicKey
[
1
:
3
])
{
...
...
@@ -813,7 +813,7 @@ func (s *Session) pair(secret []byte) (smartcardPairing, error) {
// unpair deletes an existing pairing.
func
(
s
*
Session
)
unpair
()
error
{
if
!
s
.
verified
{
return
fmt
.
Errorf
(
"
U
npair requires that the PIN be verified"
)
return
fmt
.
Errorf
(
"
u
npair requires that the PIN be verified"
)
}
return
s
.
Channel
.
Unpair
()
}
...
...
@@ -850,7 +850,7 @@ func (s *Session) paired() bool {
// authenticate uses an existing pairing to establish a secure channel.
func
(
s
*
Session
)
authenticate
(
pairing
smartcardPairing
)
error
{
if
!
bytes
.
Equal
(
s
.
Wallet
.
PublicKey
,
pairing
.
PublicKey
)
{
return
fmt
.
Errorf
(
"
C
annot pair using another wallet's pairing; %x != %x"
,
s
.
Wallet
.
PublicKey
,
pairing
.
PublicKey
)
return
fmt
.
Errorf
(
"
c
annot pair using another wallet's pairing; %x != %x"
,
s
.
Wallet
.
PublicKey
,
pairing
.
PublicKey
)
}
s
.
Channel
.
PairingKey
=
pairing
.
PairingKey
s
.
Channel
.
PairingIndex
=
pairing
.
PairingIndex
...
...
@@ -879,6 +879,7 @@ func (s *Session) walletStatus() (*walletStatus, error) {
}
// derivationPath fetches the wallet's current derivation path from the card.
//lint:ignore U1000 needs to be added to the console interface
func
(
s
*
Session
)
derivationPath
()
(
accounts
.
DerivationPath
,
error
)
{
response
,
err
:=
s
.
Channel
.
transmitEncrypted
(
claSCWallet
,
insStatus
,
statusP1Path
,
0
,
nil
)
if
err
!=
nil
{
...
...
@@ -993,12 +994,14 @@ func (s *Session) derive(path accounts.DerivationPath) (accounts.Account, error)
}
// keyExport contains information on an exported keypair.
//lint:ignore U1000 needs to be added to the console interface
type
keyExport
struct
{
PublicKey
[]
byte
`asn1:"tag:0"`
PrivateKey
[]
byte
`asn1:"tag:1,optional"`
}
// publicKey returns the public key for the current derivation path.
//lint:ignore U1000 needs to be added to the console interface
func
(
s
*
Session
)
publicKey
()
([]
byte
,
error
)
{
response
,
err
:=
s
.
Channel
.
transmitEncrypted
(
claSCWallet
,
insExportKey
,
exportP1Any
,
exportP2Pubkey
,
nil
)
if
err
!=
nil
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment