jade: update Jade api to 1.0.31

This extends the serial api to recognise recently supported hardware.
1 year ago · 11f5ba31ce
5 changed files with 128 additions and 15 deletions
--- a/electrum/plugins/jade/jade.py
+++ b/electrum/plugins/jade/jade.py
@ -26,14 +26,15 @@ _logger = get_logger(__name__)
 #import logging
 #LOGGING = logging.INFO
 #if LOGGING:
-#    logger = logging.getLogger('jade')
+#    logger = logging.getLogger('electrum.plugins.jade.jadepy.jade')
 #    logger.setLevel(LOGGING)
-#    device_logger = logging.getLogger('jade-device')
+#    device_logger = logging.getLogger('electrum.plugins.jade.jadepy.jade-device')
 #    device_logger.setLevel(LOGGING)

 try:
    # Do imports
    from .jadepy.jade import JadeAPI
+    from .jadepy.jade_serial import JadeSerialImpl
    from serial.tools import list_ports
 except ImportError as e:
    _logger.exception('error importing Jade plugin deps')
@ -353,12 +354,9 @@ class Jade_KeyStore(Hardware_KeyStore):
 class JadePlugin(HW_PluginBase):
    keystore_class = Jade_KeyStore
    minimum_library = (0, 0, 1)
-    DEVICE_IDS = [(0x10c4, 0xea60), # Development Jade device
-                  (0x1a86, 0x55d4), # Retail Blockstream Jade (And some DIY devices)
-                  (0x0403, 0x6001), # DIY FTDI Based Devices (Eg: M5StickC-Plus)
-                  (0x1a86, 0x7523)] # DIY CH340 Based devices (Eg: ESP32-Wrover)
+    DEVICE_IDS = JadeSerialImpl.JADE_DEVICE_IDS
    SUPPORTED_XTYPES = ('standard', 'p2wpkh-p2sh', 'p2wpkh', 'p2wsh-p2sh', 'p2wsh')
-    MIN_SUPPORTED_FW_VERSION = (0, 1, 32)
+    MIN_SUPPORTED_FW_VERSION = (0, 1, 47)

    # For testing with qemu simulator (experimental)
    SIMULATOR_PATH = None  # 'tcp:127.0.0.1:2222'
--- a/electrum/plugins/jade/jadepy/README.md
+++ b/electrum/plugins/jade/jadepy/README.md
@ -2,10 +2,9 @@

 This is a slightly modified version of the official [Jade](https://github.com/Blockstream/Jade) python library.

-This modified version was made from tag [1.0.29](https://github.com/Blockstream/Jade/releases/tag/1.0.29).
-
-Intention is to fold these modifications back into Jade repo, for future api release.
+This modified version was made from tag [1.0.31](https://github.com/Blockstream/Jade/releases/tag/1.0.31).

 ## Changes
+
 - Removed BLE module, reducing transitive dependencies
 - _http_request() function removed, so cannot be used as unintentional fallback
--- a/electrum/plugins/jade/jadepy/init.py
+++ b/electrum/plugins/jade/jadepy/init.py
@ -1,4 +1,4 @@
 from .jade import JadeAPI
 from .jade_error import JadeError

-__version__ = "0.2.0"
+__version__ = "1.0.31"
--- a/electrum/plugins/jade/jadepy/jade.py
+++ b/electrum/plugins/jade/jadepy/jade.py
@ -7,6 +7,7 @@ import collections
 import collections.abc
 import traceback
 import random
+import socket
 import sys

 # JadeError
@ -24,7 +25,7 @@ device_logger = logging.getLogger(f'{__name__}-device')
 # It relies on the BLE dependencies being available
 try:
    from .jade_ble import JadeBleImpl
-except ImportError as e:
+except (ImportError, FileNotFoundError) as e:
    logger.warning(e)
    logger.warning('BLE scanning/connectivity will not be available')

@ -123,6 +124,32 @@ def _hexlify(data):
 #     logger.info(e)
 #     logger.info('Default _http_requests() function will not be available')

+def generate_dump():
+    while True:
+        try:
+            with socket.create_connection(("localhost", 4444)) as s:
+                output = b""
+                while b"Open On-Chip Debugger" not in output:
+                    data = s.recv(1024)
+                    if not data:
+                        continue
+                    output += data
+
+                s.sendall(b"esp gcov dump\n")
+
+                output = b""
+                while b"Targets disconnected." not in output:
+                    data = s.recv(1024)
+                    if not data:
+                        continue
+                    output += data
+                s.sendall(b"resume\n")
+                time.sleep(1)
+            return
+        except ConnectionRefusedError:
+            pass
+
+
 class JadeAPI:
    """
    High-Level Jade Client API
@ -431,7 +458,8 @@ class JadeAPI:
        """
        return self._jadeRpc('logout')

-    def ota_update(self, fwcmp, fwlen, chunksize, fwhash=None, patchlen=None, cb=None):
+    def ota_update(self, fwcmp, fwlen, chunksize, fwhash=None, patchlen=None, cb=None,
+                   gcov_dump=False):
        """
        RPC call to attempt to update the unit's firmware.

@ -507,6 +535,9 @@ class JadeAPI:
            if (cb):
                cb(written, cmplen)

+        if gcov_dump:
+            self.run_remote_gcov_dump()
+
        # All binary data uploaded
        return self._jadeRpc('ota_complete')

@ -523,6 +554,22 @@ class JadeAPI:
        """
        return self._jadeRpc('debug_selfcheck', long_timeout=True)

+    def run_remote_gcov_dump(self):
+        """
+        RPC call to run in-built gcov-dump.
+        NOTE: Only available in a DEBUG build of the firmware.
+
+        Returns
+        -------
+        bool
+            Always True.
+        """
+        result = self._jadeRpc('debug_gcov_dump', long_timeout=True)
+        time.sleep(0.5)
+        generate_dump()
+        time.sleep(2)
+        return result
+
    def capture_image_data(self, check_qr=False):
        """
        RPC call to capture raw image data from the camera.
@ -951,6 +998,42 @@ class JadeAPI:
        params = {'multisig_file': multisig_file}
        return self._jadeRpc('register_multisig', params)

+    def get_registered_descriptors(self):
+        """
+        RPC call to fetch brief summaries of any descriptor wallets registered to this signer.
+
+        Returns
+        -------
+        dict
+            Brief description of registered descriptor, keyed by registration name.
+            Each entry contains keys:
+                descriptor_len - int, length of descriptor output script
+                num_datavalues - int, total number of substitution placeholders passed with script
+                master_blinding_key - 32-bytes, any liquid master blinding key for this wallet
+        """
+        return self._jadeRpc('get_registered_descriptors')
+
+    def get_registered_descriptor(self, descriptor_name):
+        """
+        RPC call to fetch details of a named descriptor wallet registered to this signer.
+
+        Parameters
+        ----------
+        descriptor_name : string
+            Name of descriptor registration record to return.
+
+        Returns
+        -------
+        dict
+            Description of registered descriptor wallet identified by registration name.
+            Contains keys:
+                descriptor_name - str, name of descritpor registration
+                descriptor - str, descriptor output script, may contain substitution placeholders
+                datavalues - dict containing placeholders for substitution into script
+        """
+        params = {'descriptor_name': descriptor_name}
+        return self._jadeRpc('get_registered_descriptor', params)
+
    def register_descriptor(self, network, descriptor_name, descriptor_script, datavalues=None):
        """
        RPC call to register a new descriptor wallet, which must contain the hw signer.
@ -959,7 +1042,7 @@ class JadeAPI:
        Parameters
        ----------
        network : string
-            Network to which the multisig should apply - eg. 'mainnet', 'liquid', 'testnet', etc.
+            Network to which the descriptor should apply - eg. 'mainnet', 'liquid', 'testnet', etc.

        descriptor_name : string
            Name to use to identify this descriptor wallet registration record.
@ -1221,6 +1304,35 @@ class JadeAPI:
        params = {'identity': identity, 'curve': curve, 'index': index, 'challenge': challenge}
        return self._jadeRpc('sign_identity', params)

+    def sign_attestation(self, challenge):
+        """
+        RPC call to sign passed challenge with embedded hw RSA-4096 key, such that the caller
+        can check the authenticity of the hardware unit.  eg. whether it is a genuine
+        Blockstream production Jade unit.
+        Caller must have the public key of the external verifying authority they wish to validate
+        against (eg. Blockstream's Jade verification public key).
+        NOTE: only supported by ESP32S3-based hardware units.
+
+        Parameters
+        ----------
+        challenge : bytes
+            Challenge bytes to sign
+
+        Returns
+        -------
+        dict
+            Contains keys:
+            signature - 512-bytes, hardware RSA signature of the SHA256 hash of the passed
+                        challenge bytes.
+            pubkey_pem - str, PEM export of RSA pubkey of the hardware unit, to verify the returned
+            RSA signature.
+            ext_signature - bytes, RSA signature of the verifying authority over the returned
+            pubkey_pem data.
+            (Caller can verify this signature with the public key of the verifying authority.)
+        """
+        params = {'challenge': challenge}
+        return self._jadeRpc('sign_attestation', params)
+
    def get_master_blinding_key(self, only_if_silent=False):
        """
        RPC call to fetch the master (SLIP-077) blinding key for the hw signer.
--- a/electrum/plugins/jade/jadepy/jade_serial.py
+++ b/electrum/plugins/jade/jadepy/jade_serial.py
@ -2,6 +2,7 @@ import serial
 import logging

 from serial.tools import list_ports
+from .jade_error import JadeError

 logger = logging.getLogger(__name__)

@ -53,7 +54,10 @@ class JadeSerialImpl:
        assert self.ser is not None

        if not self.ser.is_open:
-            self.ser.open()
+            try:
+                self.ser.open()
+            except serial.serialutil.SerialException:
+                raise JadeError(1, "Unable to open port", self.device)

        # Ensure RTS and DTR are not set (as this can cause the hw to reboot)
        self.ser.setRTS(False)