Segwit and new protcol support for full hash

Author: btchip

btchip/bitcoinTransaction.py

@@ -89,10 +89,15 @@ def __init__(self, data=None):
 		self.inputs = []
 		self.outputs = []
 		self.lockTime = ""
+		self.witness = False
+		self.witnessScript = ""
 		if data is not None:
 			offset = 0
 			self.version = data[offset:offset + 4]
 			offset += 4
+			if (data[offset] == 0) and (data[offset + 1] <> 0):
+				offset += 2
+				self.witness = True
 			inputSize = readVarint(data, offset)
 			offset += inputSize['size']
 			numInputs = inputSize['value']
@@ -107,18 +112,31 @@ def __init__(self, data=None):
 				tmp = { 'buffer': data, 'offset' : offset}
 				self.outputs.append(bitcoinOutput(tmp))
 				offset = tmp['offset']
-			self.lockTime = data[offset:offset + 4]
+			if self.witness:
+				self.witnessScript = data[offset : len(data) - 4]
+				self.lockTime = data[len(data) - 4:]
+			else:
+				self.lockTime = data[offset:offset + 4]
 
-	def serialize(self, skipOutputLocktime=None):
+	def serialize(self, skipOutputLocktime=False, skipWitness=False):
+		if skipWitness or (not self.witness):
+			useWitness = False
+		else:
+			useWitness = True
 		result = []
 		result.extend(self.version)
+		if useWitness:
+			result.append(0x00)
+			result.append(0x01)
 		writeVarint(len(self.inputs), result)
 		for trinput in self.inputs:
 			result.extend(trinput.serialize())
 		if not skipOutputLocktime:
 			writeVarint(len(self.outputs), result)
 			for troutput in self.outputs:
 				result.extend(troutput.serialize())
+			if useWitness:
+				result.extend(self.witnessScript)
 			result.extend(self.lockTime)
 		return result
 
@@ -142,4 +160,6 @@ def __str__(self):
 			buf += str(troutput)
 			index+=1
 		buf += "Locktime : " + hexlify(self.lockTime) + "\r\n"
+		if self.witness:
+			buf += "Witness script : " + hexlify(self.witnessScript) + "\r\n"
 		return buf

btchip/btchip.py

@@ -62,7 +62,7 @@ class btchip:
 	BTCHIP_INS_EXT_CACHE_GET_FEATURES = 0x26
 
 	OPERATION_MODE_WALLET = 0x01
-	OPERATION_MODE_RELAXED_WALLET = 0x02
+	OPERATION_MODE_RELAXED_WALLET = 0x02 
 	OPERATION_MODE_SERVER = 0x04
 	OPERATION_MODE_DEVELOPER = 0x08
 
@@ -159,6 +159,7 @@ def getTrustedInput(self, transaction, index):
 		apdu.extend(params)
 		self.dongle.exchange(bytearray(apdu))
 		# Each output
+		indexOutput = 0
 		for troutput in transaction.outputs:
 			apdu = [ self.BTCHIP_CLA, self.BTCHIP_INS_GET_TRUSTED_INPUT, 0x80, 0x00 ]
 			params = bytearray(troutput.amount)
@@ -187,7 +188,20 @@ def getTrustedInput(self, transaction, index):
 
 	def startUntrustedTransaction(self, newTransaction, inputIndex, outputList, redeemScript):
 		# Start building a fake transaction with the passed inputs
-		apdu = [ self.BTCHIP_CLA, self.BTCHIP_INS_HASH_INPUT_START, 0x00, (0x00 if newTransaction else 0x80) ]
+		segwit = False
+		if newTransaction:
+			for passedOutput in outputList:
+				if ('witness' in passedOutput) and passedOutput['witness']:
+					segwit = True
+					break
+		if newTransaction:
+			if segwit:
+				p2 = 0x02
+			else:
+				p2 = 0x00
+		else:
+				p2 = 0x80
+		apdu = [ self.BTCHIP_CLA, self.BTCHIP_INS_HASH_INPUT_START, 0x00, p2 ]
 		params = bytearray([0x01, 0x00, 0x00, 0x00]) # default version
 		writeVarint(len(outputList), params)
 		apdu.append(len(params))
@@ -199,11 +213,13 @@ def startUntrustedTransaction(self, newTransaction, inputIndex, outputList, rede
 			apdu = [ self.BTCHIP_CLA, self.BTCHIP_INS_HASH_INPUT_START, 0x80, 0x00 ]
 			params = []
 			script = redeemScript
-			if passedOutput['trustedInput']:
+			if ('witness' in passedOutput) and passedOutput['witness']:
+				params.append(0x02)
+			elif ('trustedInput' in passedOutput) and passedOutput['trustedInput']:
 				params.append(0x01)
 			else:
 				params.append(0x00)
-			if passedOutput['trustedInput']:
+			if ('trustedInput' in passedOutput) and passedOutput['trustedInput']:
 				params.append(len(passedOutput['value']))
 			params.extend(passedOutput['value'])
 			if currentIndex <> inputIndex:
@@ -236,6 +252,7 @@ def finalizeInput(self, outputAddress, amount, fees, changePath, rawTx=None):
 		if self.needKeyCache:
 			self.resolvePublicKeysInPath(changePath)		
 		result = {}
+		outputs = None
 		if rawTx is not None:
 			try:
 				fullTx = bitcoinTransaction(bytearray(rawTx))
@@ -278,7 +295,14 @@ def finalizeInput(self, outputAddress, amount, fees, changePath, rawTx=None):
 			result['keycardData'] = response[offset : offset + keycardDataLength]
 			offset = offset + keycardDataLength
 			result['secureScreenData'] = response[offset:]
-		result['outputData'] = response[1 : 1 + response[0]]
+		if result['confirmationType'] == 0x04:
+			offset = 1 + response[0] + 1
+			keycardDataLength = response[offset]
+			result['keycardData'] = response[offset + 1 : offset + 1 + keycardDataLength]			
+		if outputs == None:
+			result['outputData'] = response[1 : 1 + response[0]]
+		else:
+			result['outputData'] = outputs
 		return result
 
 	def finalizeInputFull(self, outputData):
@@ -299,20 +323,22 @@ def finalizeInputFull(self, outputData):
 			response = self.dongle.exchange(bytearray(apdu))
 			encryptedOutputData = encryptedOutputData + response[1 : 1 + response[0]]
 			offset += dataLength
-                result['confirmationNeeded'] = response[1 + response[0]] <> 0x00
-                result['confirmationType'] = response[1 + response[0]]
-                if result['confirmationType'] == 0x02:
+		result['confirmationNeeded'] = response[1 + response[0]] <> 0x00
+		result['confirmationType'] = response[1 + response[0]]
+		if result['confirmationType'] == 0x02:
+			result['keycardData'] = response[1 + response[0] + 1:] # legacy
+		if result['confirmationType'] == 0x03:
 			offset = 1 + response[0] + 1
 			keycardDataLength = response[offset]
-                        result['keycardData'] = response[offset : offset + keycardDataLength]
-                if result['confirmationType'] == 0x03:
-                        offset = 1 + response[0] + 1
-                        keycardDataLength = response[offset]
-                        offset = offset + 1
-                        result['keycardData'] = response[offset : offset + keycardDataLength]
-                        offset = offset + keycardDataLength
-                        result['secureScreenData'] = response[offset:]
-                result['encryptedOutputData'] = encryptedOutputData 
+			offset = offset + 1
+			result['keycardData'] = response[offset : offset + keycardDataLength]
+			offset = offset + keycardDataLength
+			result['secureScreenData'] = response[offset:]
+			result['encryptedOutputData'] = encryptedOutputData 
+		if result['confirmationType'] == 0x04:
+			offset = 1 + response[0] + 1
+			keycardDataLength = response[offset]
+			result['keycardData'] = response[offset + 1 : offset + 1 + keycardDataLength]						
 		return result
 
 	def untrustedHashSign(self, path, pin="", lockTime=0, sighashType=0x01):
@@ -435,6 +461,14 @@ def setOperationMode(self, operationMode):
 		apdu = [ self.BTCHIP_CLA, self.BTCHIP_INS_SET_OPERATION_MODE, 0x00, 0x00, 0x01, operationMode ]
 		self.dongle.exchange(bytearray(apdu))
 
+	def enableAlternate2fa(self, persistent):
+		if persistent:
+			p1 = 0x02
+		else:
+			p1 = 0x01
+		apdu = [ self.BTCHIP_CLA, self.BTCHIP_INS_SET_OPERATION_MODE, p1, 0x00, 0x01, btchip.OPERATION_MODE_WALLET ]
+		self.dongle.exchange(bytearray(apdu))
+
 	def getFirmwareVersion(self):
 		result = {}
 		apdu = [ self.BTCHIP_CLA, self.BTCHIP_INS_GET_FIRMWARE_VERSION, 0x00, 0x00, 0x00 ]