From 64bdd3e2e16c141e3681d757990859cba1c689d1 Mon Sep 17 00:00:00 2001 From: Elliot Cameron Date: Thu, 11 Jul 2019 15:17:13 -0400 Subject: [PATCH 1/4] Ledger: Allow non-hardened paths --- src/lib_signer_backends/ledger.ml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/lib_signer_backends/ledger.ml b/src/lib_signer_backends/ledger.ml index ec09f9432f84..044531ce9175 100644 --- a/src/lib_signer_backends/ledger.ml +++ b/src/lib_signer_backends/ledger.ml @@ -332,7 +332,7 @@ module Ledger_uri = struct type t = [ `Ledger of Ledger_id.t | `Ledger_account of Ledger_account.t ] - let int32_of_path_element_exn ?(allow_weak = false) x = + let int32_of_path_element_exn ?(allow_weak = true) x = let failf ppf = Printf.ksprintf Pervasives.failwith ppf in let len = String.length x in match String.get x (len - 1) with @@ -349,7 +349,6 @@ module Ledger_uri = struct | None -> failf "Path is not a non-hardened integer: %S" x end | _ -> - (* Future derivation schemes will support weak paths, not for now. *) failf "Non-hardened paths are not allowed (%S)" x let parse_animals animals = -- GitLab From 1f4b93d4824784d542c6aff5fbd36ff6274763b6 Mon Sep 17 00:00:00 2001 From: Elliot Cameron Date: Thu, 11 Jul 2019 15:18:04 -0400 Subject: [PATCH 2/4] Ledger: Allow 'h' as an alternative syntax to '\'' for non-hardened paths --- src/lib_signer_backends/ledger.ml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib_signer_backends/ledger.ml b/src/lib_signer_backends/ledger.ml index 044531ce9175..744e63d64b5c 100644 --- a/src/lib_signer_backends/ledger.ml +++ b/src/lib_signer_backends/ledger.ml @@ -337,7 +337,7 @@ module Ledger_uri = struct let len = String.length x in match String.get x (len - 1) with | exception _ -> failf "Empty path element" - | '\'' -> + | '\'' | 'h' -> let intpart = String.sub x 0 (len - 1) in begin match Int32.of_string_opt intpart with | Some i -> Bip32_path.hard i -- GitLab From c5c5c0cd534cfd67e8478fcae2a6f0e057394451 Mon Sep 17 00:00:00 2001 From: Elliot Cameron Date: Thu, 11 Jul 2019 17:51:04 -0400 Subject: [PATCH 3/4] Ledger: Use 'h' syntax instead of '\'' for showing ledger URIs --- src/lib_signer_backends/ledger.ml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lib_signer_backends/ledger.ml b/src/lib_signer_backends/ledger.ml index 744e63d64b5c..a8e9423b695e 100644 --- a/src/lib_signer_backends/ledger.ml +++ b/src/lib_signer_backends/ledger.ml @@ -51,7 +51,7 @@ module Bip32_path = struct let pp_node ppf node = match is_hard node with - | true -> Fmt.pf ppf "%ld'" (unhard node) + | true -> Fmt.pf ppf "%ldh" (unhard node) | false -> Fmt.pf ppf "%ld" node let string_of_node = Fmt.to_to_string pp_node @@ -670,7 +670,7 @@ let generic_commands group = Clic.[ List.iter (fun curve -> fprintf ppf " tezos-client import secret key \ - ledger_%s \"ledger://%a/%a/0'/0'\"" + ledger_%s \"ledger://%a/%a/0h/0h\"" (Sys.getenv_opt "USER" |> Option.unopt ~default:"user") Ledger_id.pp ledger_id Ledgerwallet_tezos.pp_curve curve ; -- GitLab From 7e983864788c935179ff265921ddbf52f9770b5b Mon Sep 17 00:00:00 2001 From: Elliot Cameron Date: Mon, 22 Jul 2019 14:31:08 -0400 Subject: [PATCH 4/4] Ledger: Make support for non-hardened paths depend on derivation scheme --- src/lib_signer_backends/ledger.ml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/lib_signer_backends/ledger.ml b/src/lib_signer_backends/ledger.ml index a8e9423b695e..e8265e313694 100644 --- a/src/lib_signer_backends/ledger.ml +++ b/src/lib_signer_backends/ledger.ml @@ -332,7 +332,7 @@ module Ledger_uri = struct type t = [ `Ledger of Ledger_id.t | `Ledger_account of Ledger_account.t ] - let int32_of_path_element_exn ?(allow_weak = true) x = + let int32_of_path_element_exn ~allow_weak x = let failf ppf = Printf.ksprintf Pervasives.failwith ppf in let len = String.length x in match String.get x (len - 1) with @@ -349,13 +349,18 @@ module Ledger_uri = struct | None -> failf "Path is not a non-hardened integer: %S" x end | _ -> - failf "Non-hardened paths are not allowed (%S)" x + failf "Non-hardened paths are not allowed for this derivation scheme (%S)" x let parse_animals animals = match String.split '-' animals with | [c; t; h; d] -> Some { Ledger_names.c ; t ; h ; d } | _ -> None + let derivation_supports_weak_paths = function + | Ledgerwallet_tezos.Ed25519 -> false + | Ledgerwallet_tezos.Secp256k1 -> true + | Ledgerwallet_tezos.Secp256r1 -> true + let parse ?allow_weak uri : t tzresult Lwt.t = let host = Uri.host uri in begin match Option.apply host @@ -374,9 +379,12 @@ module Ledger_uri = struct match Ledgerwallet_tezos.curve_of_string s with | Some curve -> curve, tl | None -> Ledger_id.curve, s :: tl in + let actually_allow_weak = match allow_weak with + | None -> derivation_supports_weak_paths curve + | Some x -> x in begin try return (List.map - (int32_of_path_element_exn ?allow_weak) + (int32_of_path_element_exn ~allow_weak:actually_allow_weak) more_path) with Failure s -> failwith "Failed to parse Curve/BIP32 path from %s (%s): %s" -- GitLab