1 | "use strict";
|
2 |
|
3 | Object.defineProperty(exports, "__esModule", {
|
4 | value: true
|
5 | });
|
6 | exports.default = void 0;
|
7 |
|
8 | var _u2fApi = require("u2f-api");
|
9 |
|
10 | var _hwTransport = _interopRequireDefault(require("@ledgerhq/hw-transport"));
|
11 |
|
12 | var _logs = require("@ledgerhq/logs");
|
13 |
|
14 | var _errors = require("@ledgerhq/errors");
|
15 |
|
16 | function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
17 |
|
18 | function wrapU2FTransportError(originalError, message, id) {
|
19 | const err = new _errors.TransportError(message, id);
|
20 |
|
21 | err.originalError = originalError;
|
22 | return err;
|
23 | }
|
24 |
|
25 | function wrapApdu(apdu, key) {
|
26 | const result = Buffer.alloc(apdu.length);
|
27 |
|
28 | for (let i = 0; i < apdu.length; i++) {
|
29 | result[i] = apdu[i] ^ key[i % key.length];
|
30 | }
|
31 |
|
32 | return result;
|
33 | }
|
34 |
|
35 |
|
36 | const webSafe64 = base64 => base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
37 |
|
38 |
|
39 | const normal64 = base64 => base64.replace(/-/g, "+").replace(/_/g, "/") + "==".substring(0, 3 * base64.length % 4);
|
40 |
|
41 | function attemptExchange(apdu, timeoutMillis, scrambleKey, unwrap) {
|
42 | const keyHandle = wrapApdu(apdu, scrambleKey);
|
43 | const challenge = Buffer.from("0000000000000000000000000000000000000000000000000000000000000000", "hex");
|
44 | const signRequest = {
|
45 | version: "U2F_V2",
|
46 | keyHandle: webSafe64(keyHandle.toString("base64")),
|
47 | challenge: webSafe64(challenge.toString("base64")),
|
48 | appId: location.origin
|
49 | };
|
50 | (0, _logs.log)("apdu", "=> " + apdu.toString("hex"));
|
51 | return (0, _u2fApi.sign)(signRequest, timeoutMillis / 1000).then(response => {
|
52 | const {
|
53 | signatureData
|
54 | } = response;
|
55 |
|
56 | if (typeof signatureData === "string") {
|
57 | const data = Buffer.from(normal64(signatureData), "base64");
|
58 | let result;
|
59 |
|
60 | if (!unwrap) {
|
61 | result = data;
|
62 | } else {
|
63 | result = data.slice(5);
|
64 | }
|
65 |
|
66 | (0, _logs.log)("apdu", "<= " + result.toString("hex"));
|
67 | return result;
|
68 | } else {
|
69 | throw response;
|
70 | }
|
71 | });
|
72 | }
|
73 |
|
74 | let transportInstances = [];
|
75 |
|
76 | function emitDisconnect() {
|
77 | transportInstances.forEach(t => t.emit("disconnect"));
|
78 | transportInstances = [];
|
79 | }
|
80 |
|
81 | function isTimeoutU2FError(u2fError) {
|
82 | return u2fError.metaData.code === 5;
|
83 | }
|
84 |
|
85 |
|
86 |
|
87 |
|
88 |
|
89 |
|
90 |
|
91 |
|
92 |
|
93 | class TransportU2F extends _hwTransport.default {
|
94 | |
95 |
|
96 |
|
97 | |
98 |
|
99 |
|
100 | |
101 |
|
102 |
|
103 | static async open(_, _openTimeout = 5000) {
|
104 | return new TransportU2F();
|
105 | }
|
106 |
|
107 | constructor() {
|
108 | super();
|
109 | this.scrambleKey = void 0;
|
110 | this.unwrap = true;
|
111 | transportInstances.push(this);
|
112 | }
|
113 | |
114 |
|
115 |
|
116 |
|
117 |
|
118 |
|
119 |
|
120 | async exchange(apdu) {
|
121 | try {
|
122 | return await attemptExchange(apdu, this.exchangeTimeout, this.scrambleKey, this.unwrap);
|
123 | } catch (e) {
|
124 | const isU2FError = typeof e.metaData === "object";
|
125 |
|
126 | if (isU2FError) {
|
127 | if (isTimeoutU2FError(e)) {
|
128 | emitDisconnect();
|
129 | }
|
130 |
|
131 |
|
132 | throw wrapU2FTransportError(e, "Failed to sign with Ledger device: U2F " + e.metaData.type, "U2F_" + e.metaData.code);
|
133 | } else {
|
134 | throw e;
|
135 | }
|
136 | }
|
137 | }
|
138 | |
139 |
|
140 |
|
141 |
|
142 | setScrambleKey(scrambleKey) {
|
143 | this.scrambleKey = Buffer.from(scrambleKey, "ascii");
|
144 | }
|
145 | |
146 |
|
147 |
|
148 |
|
149 | setUnwrap(unwrap) {
|
150 | this.unwrap = unwrap;
|
151 | }
|
152 |
|
153 | close() {
|
154 |
|
155 | return Promise.resolve();
|
156 | }
|
157 |
|
158 | }
|
159 |
|
160 | exports.default = TransportU2F;
|
161 | TransportU2F.isSupported = _u2fApi.isSupported;
|
162 |
|
163 | TransportU2F.list = () =>
|
164 | (0, _u2fApi.isSupported)().then(supported => supported ? [null] : []);
|
165 |
|
166 | TransportU2F.listen = observer => {
|
167 | let unsubscribed = false;
|
168 | (0, _u2fApi.isSupported)().then(supported => {
|
169 | if (unsubscribed) return;
|
170 |
|
171 | if (supported) {
|
172 | observer.next({
|
173 | type: "add",
|
174 | descriptor: null
|
175 | });
|
176 | observer.complete();
|
177 | } else {
|
178 | observer.error(new _errors.TransportError("U2F browser support is needed for Ledger. " + "Please use Chrome, Opera or Firefox with a U2F extension. " + "Also make sure you're on an HTTPS connection", "U2FNotSupported"));
|
179 | }
|
180 | });
|
181 | return {
|
182 | unsubscribe: () => {
|
183 | unsubscribed = true;
|
184 | }
|
185 | };
|
186 | };
|
187 |
|
\ | No newline at end of file |