Beta 1

Support spend/receive/sweep

Makefile

@@ -1,4 +1,6 @@
-# Copyright 2017 Cedric Mesnil <cslashm@gmail.com>, Ledger SAS
+#*******************************************************************************
+#   Ledger Nano S
+#   (c) 2016 Ledger
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -11,72 +13,93 @@
 #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
-#
+#*******************************************************************************
 
 ifeq ($(BOLOS_SDK),)
 $(error Environment variable BOLOS_SDK is not set)
 endif
 include $(BOLOS_SDK)/Makefile.defines
 
 #Monero /44'/128'
+#--appFlags 0x40
+APP_LOAD_PARAMS=  --path "2147483692/2147483776" --curve secp256k1 $(COMMON_LOAD_PARAMS)
 APPNAME = "Monero"
-APP_LOAD_PARAMS=--appFlags 0x40  --path "2147483692/2147483776" --curve secp256k1 $(COMMON_LOAD_PARAMS)
+
+ifeq ($(TARGET_NAME),TARGET_BLUE)
+ICONNAME = images/icon_monero_blue.gif
+else
+ICONNAME = images/icon_monero.gif
+endif
 
 APPVERSION_M=0
-APPVERSION_N=2
+APPVERSION_N=7
 APPVERSION_P=0
 
 APPVERSION=$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)
-SPECVERSION="0.9"
-ICONNAME=images/icon_monero.gif
+SPECVERSION="0.7.0"
+
+DEFINES   += $(MONERO_CONFIG) MONERO_VERSION=$(APPVERSION) MONERO_NAME=$(APPNAME) SPEC_VERSION=$(SPECVERSION)
 
 
 ################
 # Default rule #
 ################
+
 all: default
 
 ############
 # Platform #
 ############
-DEFINES   += OS_IO_SEPROXYHAL IO_SEPROXYHAL_BUFFER_SIZE_B=128
-DEFINES   += HAVE_BAGL HAVE_PRINTF HAVE_SPRINTF
-DEFINES   += HAVE_IO_USB HAVE_L4_USBLIB IO_USB_MAX_ENDPOINTS=7 IO_HID_EP_LENGTH=64 HAVE_USB_APDU
+
+ifneq ($(NO_CONSENT),)
+DEFINES   += NO_CONSENT
+endif
+
+DEFINES   += OS_IO_SEPROXYHAL IO_SEPROXYHAL_BUFFER_SIZE_B=300
+DEFINES   += HAVE_BAGL HAVE_SPRINTF
+#DEFINES   += HAVE_PRINTF PRINTF=screen_printf
+DEFINES   += PRINTF\(...\)=
+DEFINES   += HAVE_IO_USB HAVE_L4_USBLIB IO_USB_MAX_ENDPOINTS=6 IO_HID_EP_LENGTH=64 HAVE_USB_APDU
+#DEFINES  += HAVE_BLE
+DEFINES   += UNUSED\(x\)=\(void\)x
+DEFINES   += APPVERSION=\"$(APPVERSION)\"
+DEFINES   += CUSTOM_IO_APDU_BUFFER_SIZE=\(255+5+64\)
+
 DEFINES   += HAVE_USB_CLASS_CCID
 
-## App Conf
-DEFINES   += $(MONERO_CONFIG) MONERO_VERSION=$(APPVERSION) MONERO_NAME=$(APPNAME) SPEC_VERSION=$(SPECVERSION)
 
 #DEFINES += IOCRYPT
 ## Debug options
-#DEFINES   += DEBUGLEDGER
-DEFINES   += IODUMMYCRYPT
+#DEFINES   += DEBUG_HWDEVICE
+#DEFINES   += IODUMMYCRYPT
 #DEFINES   += IONOCRYPT
 #DEFINES   += TESTKEY
 
 ##############
-#  Compiler  #
+# Compiler #
 ##############
 #GCCPATH   := $(BOLOS_ENV)/gcc-arm-none-eabi-5_3-2016q1/bin/
 #CLANGPATH := $(BOLOS_ENV)/clang-arm-fropi/bin/
-CC       := $(CLANGPATH)clang
+CC       := $(CLANGPATH)clang 
 
 #CFLAGS   += -O0 -gdwarf-2  -gstrict-dwarf
 CFLAGS   += -O3 -Os
+#CFLAGS   += -fno-jump-tables -fno-lookup-tables -fsave-optimization-record
+#$(info $(CFLAGS))
 
 AS     := $(GCCPATH)arm-none-eabi-gcc
 
 LD       := $(GCCPATH)arm-none-eabi-gcc
 #LDFLAGS  += -O0 -gdwarf-2  -gstrict-dwarf
 LDFLAGS  += -O3 -Os
-LDLIBS   += -lm -lgcc -lc
+LDLIBS   += -lm -lgcc -lc 
 
 # import rules to compile glyphs(/pone)
 include $(BOLOS_SDK)/Makefile.glyphs
 
-### computed variables
+### variables processed by the common makefile.rules of the SDK to grab source files and include dirs
 APP_SOURCE_PATH  += src
-SDK_SOURCE_PATH  += lib_stusb lib_stusb_impl
+SDK_SOURCE_PATH  += lib_stusb lib_stusb_impl 
 
 
 load: all
@@ -89,5 +112,5 @@ delete:
 include $(BOLOS_SDK)/Makefile.rules
 
 #add dependency on custom makefile filename
-dep/%.d: %.c Makefile.genericwallet
+dep/%.d: %.c Makefile
 

README.md

@@ -1,5 +1,4 @@
 # blue-app-monero
-Monero wallet application for Ledger Blue and Nano S
 
-The architecture documentation is included for review - the implementation plan will be defined next
+Monero wallet application for Ledger Blue and Nano S - Beta 1
 

doc/developer/blue-app-commands.rst

@@ -1491,6 +1491,8 @@ So for each command received, do:
 +========+=================================================================+
 | 01     | options                                                         |
 +--------+-----------------------------------------------------------------+
+| 01     | 1 if sub-address, 0 else                                        |
++--------+-----------------------------------------------------------------+
 | 20     | Real destination view key |Aout|                                |
 +--------+-----------------------------------------------------------------+
 | 20     | Real destination spend key |Bout|                               |

src/monero_api.h

@@ -65,7 +65,7 @@ int monero_apdu_close_tx(void);
 /* ----------------------------------------------------------------------- */
 #define OFFSETOF(type, field)    ((unsigned int)&(((type*)NULL)->field))
 
-int monero_base58_public_key( char* str_b58, unsigned char *view, unsigned char *spend);
+int monero_base58_public_key( char* str_b58, unsigned char *view, unsigned char *spend, unsigned char is_subbadress);
 /** unsigned varint amount to str */
 int monero_vamount2str(unsigned char *binary,  char *str, unsigned int str_len);
 /** binary little endian unsigned  int amount to str */

src/monero_crypto.c

@@ -468,8 +468,12 @@ void monero_derive_secret_key(unsigned char *x,
 
     //derivation to scalar
     monero_derivation_to_scalar(tmp,drv_data,out_idx);
+
     //generate
     monero_addm(x, tmp, ec_priv);
+    monero_io_insert(tmp,32);
+    monero_io_insert(ec_priv,32);
+    monero_io_insert(x,32);
 }
 
 /* ----------------------------------------------------------------------- */

src/monero_init.c

@@ -61,7 +61,7 @@ void monero_init() {
 
   //first init ?
   if (os_memcmp(N_monero_pstate->magic, (void*)C_MAGIC, sizeof(C_MAGIC)) != 0) {
-    monero_install(TESTNET_CRYPTONOTE_PUBLIC_ADDRESS_BASE58_PREFIX);
+    monero_install(TESTNET);
   }
 
   //generate key protection
@@ -106,11 +106,13 @@ void monero_init_private_key() {
     #else
     os_perso_derive_node_bip32(CX_CURVE_SECP256K1, path, 5 , seed, G_monero_vstate.a);
     monero_keccak_F(seed,32,G_monero_vstate.b);
-    G_monero_vstate.b[0]  &= 0xF8;
-    G_monero_vstate.b[31]  = (G_monero_vstate.b[31] & 0x7F) | 0x40;
+    monero_reduce(G_monero_vstate.b,G_monero_vstate.b);
+    //G_monero_vstate.b[0]  &= 0xF8;
+    //G_monero_vstate.b[31]  = (G_monero_vstate.b[31] & 0x7F) | 0x40;
     monero_keccak_F(G_monero_vstate.b,32,G_monero_vstate.a);
-    G_monero_vstate.a[0]  &= 0xF8;
-    G_monero_vstate.a[31]  = (G_monero_vstate.a[31] & 0x7F) | 0x40;
+    monero_reduce(G_monero_vstate.a,G_monero_vstate.a);
+    //G_monero_vstate.a[0]  &= 0xF8;
+    //G_monero_vstate.a[31]  = (G_monero_vstate.a[31] & 0x7F) | 0x40;
     #endif
     break;
 
@@ -158,7 +160,7 @@ void monero_install(unsigned char netId) {
   monero_ecmul_G(B, G_monero_vstate.b);
   monero_nvm_write(N_monero_pstate->A, A, 32);
   monero_nvm_write(N_monero_pstate->B, B, 32);
-  monero_base58_public_key((char*)G_monero_vstate.io_buffer, N_monero_pstate->A,N_monero_pstate->B);
+  monero_base58_public_key((char*)G_monero_vstate.io_buffer, N_monero_pstate->A,N_monero_pstate->B, 0);
   G_monero_vstate.io_buffer[95] = 0;
   monero_nvm_write(N_monero_pstate->public_address, G_monero_vstate.io_buffer, 96);
 

src/monero_io.c

@@ -19,6 +19,14 @@
 #include "monero_api.h"
 #include "monero_vars.h"
 
+#if defined(IODUMMYCRYPT)
+  #warning IODUMMYCRYPT activated
+#endif
+#if defined(IONOCRYPT)
+  #warning IONOCRYPT activated
+#endif
+
+
 /*
  * io_buff: contains current message part
  * io_off: offset in current message part
@@ -37,7 +45,7 @@ void monero_io_set_offset(unsigned int offset) {
     G_monero_vstate.io_offset = G_monero_vstate.io_mark;
   }
   else if (offset < G_monero_vstate.io_length) {
-    G_monero_vstate.io_offset = G_monero_vstate.io_length;
+    G_monero_vstate.io_offset = offset;
   }
   else {
     THROW(ERROR_IO_OFFSET);
@@ -99,18 +107,17 @@ void monero_io_insert_encrypt(unsigned char* buffer, int len) {
     return ;
   }
 
-#ifdef IOCRYPT
-  cx_aes(&G_monero_vstate.spk, CX_ENCRYPT|CX_CHAIN_CBC|CX_LAST|CX_PAD_NONE,
-         buffer, len,
-         G_monero_vstate.io_buffer+G_monero_vstate.io_offset);
-#elif defined(IODUMMYCRYPT)
-  #warning IODUMMYCRYPT activated
+
+#if defined(IODUMMYCRYPT)
   for (int i = 0; i<len; i++) {
        G_monero_vstate.io_buffer[G_monero_vstate.io_offset+i] = buffer[i] ^ 0x55;
     }
 #elif defined(IONOCRYPT)
-  #warning IONOCRYPT activated
   os_memmove(G_monero_vstate.io_buffer+G_monero_vstate.io_offset, buffer, len);
+#else 
+  cx_aes(&G_monero_vstate.spk, CX_ENCRYPT|CX_CHAIN_CBC|CX_LAST|CX_PAD_NONE,
+         buffer, len,
+         G_monero_vstate.io_buffer+G_monero_vstate.io_offset);
 #endif
   G_monero_vstate.io_offset += len;
 }
@@ -198,18 +205,16 @@ int monero_io_fetch_decrypt(unsigned char* buffer, int len) {
   }
 
   if (buffer) {
-#ifdef IOCRYPT
-    cx_aes(&G_monero_vstate.spk, CX_DECRYPT|CX_CHAIN_CBC|CX_LAST|CX_PAD_NONE,
-           G_monero_vstate.io_buffer+G_monero_vstate.io_offset, len,
-           buffer);
-#elif defined(IODUMMYCRYPT)
+#if defined(IODUMMYCRYPT)
     for (int i = 0; i<len; i++) {
       buffer[i] = G_monero_vstate.io_buffer[G_monero_vstate.io_offset+i] ^ 0x55;
     }
 #elif defined(IONOCRYPT)
      os_memmove(buffer, G_monero_vstate.io_buffer+G_monero_vstate.io_offset, len);
-#else
-     #error 'PLEASE DEFINED ONE OF IO CRYPT MODE'
+#else IOCRYPT
+    cx_aes(&G_monero_vstate.spk, CX_DECRYPT|CX_CHAIN_CBC|CX_LAST|CX_PAD_NONE,
+           G_monero_vstate.io_buffer+G_monero_vstate.io_offset, len,
+           buffer);
 #endif
   }
   G_monero_vstate.io_offset += len;

src/monero_key.c

@@ -89,7 +89,7 @@ int monero_apdu_get_key() {
     monero_io_insert((unsigned char*)N_monero_pstate->public_address, 95);
     break;
 
-#ifdef DEBUGLEDGER
+#ifdef DEBUG_HWDEVICE
   //get private
   case 2:
     //view key
@@ -342,7 +342,9 @@ int monero_apdu_derive_secret_key(/*const crypto::key_derivation &derivation, co
   monero_derive_secret_key(drvsec, derivation, output_index, sec);
 
   //pub key
+  monero_io_set_offset(0);
   monero_io_insert_encrypt(drvsec,32);
+  monero_io_set_offset(IO_OFFSET_END);
   return SW_OK;
 }
 

src/monero_monero.c

@@ -1,12 +1,31 @@
-/*
- * Initial source from Monero Project
- * Adpated by  Cedric Mesnil <cslashm@gmail.com> <cedric@ledger.fr>, Ledger SAS 
+/* Copyright 2017-2018 Cedric Mesnil <cslashm@gmail.com>, Ledger SAS
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  */
 #include "os.h"
 #include "monero_types.h"
 #include "monero_api.h"
 #include "monero_vars.h"
 
+const unsigned char C_MAINNET_NETWORK_ID[] = {
+    0x12 ,0x30, 0xF1, 0x71 , 0x61, 0x04 , 0x41, 0x61, 0x17, 0x31, 0x00, 0x82, 0x16, 0xA1, 0xA1, 0x10
+};
+const unsigned char C_TESTNET_NETWORK_ID[] =  {
+    0x12 ,0x30, 0xF1, 0x71 , 0x61, 0x04 , 0x41, 0x61, 0x17, 0x31, 0x00, 0x82, 0x16, 0xA1, 0xA1, 0x11
+};
+const unsigned char C_STAGENET_NETWORK_ID[] =  {
+    0x12 ,0x30, 0xF1, 0x71 , 0x61, 0x04 , 0x41, 0x61, 0x17, 0x31, 0x00, 0x82, 0x16, 0xA1, 0xA1, 0x12
+};
 
 
 // Copyright (c) 2014-2017, The Monero Project
@@ -41,9 +60,9 @@
 const char         alphabet[]              = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
 #define            alphabet_size           (sizeof(alphabet) - 1)
 const unsigned int encoded_block_sizes[]   = {0, 2, 3, 5, 6, 7, 9, 10, 11};
-#define  full_block_size                   8 //(sizeof(encoded_block_sizes) / sizeof(encoded_block_sizes[0]) - 1)
-#define  full_encoded_block_size           11 //encoded_block_sizes[full_block_size];
-#define  addr_checksum_size                4
+#define  FULL_BLOCK_SIZE                   8 //(sizeof(encoded_block_sizes) / sizeof(encoded_block_sizes[0]) - 1)
+#define  FULL_ENCODED_BLOCK_SIZE           11 //encoded_block_sizes[full_block_size];
+#define  ADDR_CHECKSUM_SIZE                4
 
 
 static uint64_t uint_8be_to_64(const unsigned char* data, size_t size) {
@@ -74,24 +93,38 @@ static void encode_block(const unsigned char* block, unsigned int  size,  char*
     }
 }
 
-int monero_base58_public_key(char* str_b58, unsigned char *view, unsigned char *spend) {
-    #define DATA_SIZE 69
-    unsigned char data[69];
+int monero_base58_public_key(char* str_b58, unsigned char *view, unsigned char *spend, unsigned char is_subbadress) {
+    unsigned char data[72];
+    unsigned int offset;
+    unsigned int prefix;
 
-    data[0] = N_monero_pstate->network_id;
-    os_memmove(data+1,spend,32);
-    os_memmove(data+1+32,view,32);
-    monero_keccak_F(data, 65, G_monero_vstate.H);
-    os_memmove(data+1+32+32, G_monero_vstate.H, 4);
+    //data[0] = N_monero_pstate->network_id;
+    switch(N_monero_pstate->network_id) {
+        case TESTNET:
+            prefix = is_subbadress ? TESTNET_CRYPTONOTE_PUBLIC_SUBADDRESS_BASE58_PREFIX : TESTNET_CRYPTONOTE_PUBLIC_ADDRESS_BASE58_PREFIX;
+            break;
+        case STAGENET:
+            prefix = is_subbadress ? STAGENET_CRYPTONOTE_PUBLIC_SUBADDRESS_BASE58_PREFIX : STAGENET_CRYPTONOTE_PUBLIC_ADDRESS_BASE58_PREFIX;
+            break;
+        case MAINNET:
+            prefix = is_subbadress ? MAINNET_CRYPTONOTE_PUBLIC_SUBADDRESS_BASE58_PREFIX : MAINNET_CRYPTONOTE_PUBLIC_ADDRESS_BASE58_PREFIX;
+            break;
+    }
+    offset = monero_encode_varint(data, prefix);
+
+    os_memmove(data+offset,spend,32);
+    os_memmove(data+offset+32,view,32);
+    monero_keccak_F(data, offset+64, G_monero_vstate.H);
+    os_memmove(data+offset+32+32, G_monero_vstate.H, 4);
 
-    unsigned int full_block_count = DATA_SIZE / full_block_size;
-    unsigned int last_block_size = DATA_SIZE % full_block_size;
+    unsigned int full_block_count = (offset+32+32+4) / FULL_BLOCK_SIZE;
+    unsigned int last_block_size  = (offset+32+32+4) % FULL_BLOCK_SIZE;
     for (size_t i = 0; i < full_block_count; ++i) {
-        encode_block(data + i * full_block_size, full_block_size, &str_b58[i * full_encoded_block_size]);
+        encode_block(data + i * FULL_BLOCK_SIZE, FULL_BLOCK_SIZE, &str_b58[i * FULL_ENCODED_BLOCK_SIZE]);
     }
 
     if (0 < last_block_size) {
-        encode_block(data + full_block_count * full_block_size, last_block_size, &str_b58[full_block_count * full_encoded_block_size]);
+        encode_block(data + full_block_count * FULL_BLOCK_SIZE, last_block_size, &str_b58[full_block_count * FULL_ENCODED_BLOCK_SIZE]);
     }
 
     return 0;

src/monero_open_tx.c

@@ -45,7 +45,7 @@ int monero_apdu_open_tx() {
 
     monero_io_insert(G_monero_vstate.R,32);
     monero_io_insert_encrypt(G_monero_vstate.r,32);
-#ifdef DEBUGLEDGER    
+#ifdef DEBUG_HWDEVICE    
     monero_io_insert(G_monero_vstate.r,32);
 #endif
     return SW_OK;