trezor-firmware/trezorlib/transport/bridge.py

# This file is part of the Trezor project.
#
# Copyright (C) 2012-2018 SatoshiLabs and contributors
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License version 3
# as published by the Free Software Foundation.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the License along with this library.
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.

import logging
import struct
from io import BytesIO

import requests

from . import Transport, TransportException
from .. import mapping, protobuf

LOG = logging.getLogger(__name__)

TREZORD_HOST = "http://127.0.0.1:21325"


class BridgeTransport(Transport):
    """
    BridgeTransport implements transport through TREZOR Bridge (aka trezord).
    """

    PATH_PREFIX = "bridge"
    HEADERS = {"Origin": "https://python.trezor.io"}

    def __init__(self, device):
        super().__init__()

        self.device = device
        self.conn = requests.Session()
        self.session = None
        self.request = None

    def get_path(self):
        return "%s:%s" % (self.PATH_PREFIX, self.device["path"])

    @classmethod
    def _call(cls, action, data=None, uri_suffix=None, session=None):
        if uri_suffix is not None:
            uri_suffix = "/" + uri_suffix
        elif session is not None:
            uri_suffix = "/{}".format(session)
        else:
            uri_suffix = ""

        url = "{}/{}{}".format(TREZORD_HOST, action, uri_suffix)
        r = requests.post(url, headers=cls.HEADERS, data=data)

        if r.status_code != 200:
            raise TransportException(
                "trezord: '{}' action failed with code {}: {}".format(
                    action, r.status_code, r.json().get("error", "(no error message)")
                )
            )
        return r

    @classmethod
    def enumerate(cls):
        try:
            r = cls._call("enumerate")
            return [BridgeTransport(dev) for dev in r.json()]
        except Exception:
            return []

    def open(self):
        r = self._call("acquire", uri_suffix="{}/null".format(self.device["path"]))
        self.session = r.json()["session"]

    def close(self):
        if not self.session:
            return
        self._call("release", session=self.session)
        self.session = None

    def write(self, msg):
        if self.request is not None:
            raise TransportException("trezord can't perform two writes without a read")

        LOG.debug(
            "preparing message: {}".format(msg.__class__.__name__),
            extra={"protobuf": msg},
        )
        # encode the message
        data = BytesIO()
        protobuf.dump_message(data, msg)
        ser = data.getvalue()
        header = struct.pack(">HL", mapping.get_type(msg), len(ser))
        # store for later
        self.request = (header + ser).hex()

    def read(self):
        if self.request is None:
            raise TransportException("trezord: no request in queue")

        try:
            LOG.debug("sending prepared message")
            r = self._call("call", data=self.request, session=self.session)

            data = bytes.fromhex(r.text)
            headerlen = struct.calcsize(">HL")
            msg_type, datalen = struct.unpack(">HL", data[:headerlen])
            data = BytesIO(data[headerlen : headerlen + datalen])
            msg = protobuf.load_message(data, mapping.get_class(msg_type))
            LOG.debug(
                "received message: {}".format(msg.__class__.__name__),
                extra={"protobuf": msg},
            )
            return msg
        finally:
            self.request = None


TRANSPORT = BridgeTransport
regenerate license headers This clarifies the intent: the project is licenced under terms of LGPL version 3 only, but the standard headers cover only "3 or later", so we had to rewrite them. In the same step, we removed author information from individual files in favor of "SatoshiLabs and contributors", and include an AUTHORS file that lists the contributors. Apologies to those whose names are missing; please contact us if you wish to add your info to the AUTHORS file. 2018-06-21 14:28:34 +00:00			`# This file is part of the Trezor project.`
add LGPLv3 headers to sources files 2016-11-25 21:53:55 +00:00			`#`
regenerate license headers This clarifies the intent: the project is licenced under terms of LGPL version 3 only, but the standard headers cover only "3 or later", so we had to rewrite them. In the same step, we removed author information from individual files in favor of "SatoshiLabs and contributors", and include an AUTHORS file that lists the contributors. Apologies to those whose names are missing; please contact us if you wish to add your info to the AUTHORS file. 2018-06-21 14:28:34 +00:00			`# Copyright (C) 2012-2018 SatoshiLabs and contributors`
add LGPLv3 headers to sources files 2016-11-25 21:53:55 +00:00			`#`
			`# This library is free software: you can redistribute it and/or modify`
regenerate license headers This clarifies the intent: the project is licenced under terms of LGPL version 3 only, but the standard headers cover only "3 or later", so we had to rewrite them. In the same step, we removed author information from individual files in favor of "SatoshiLabs and contributors", and include an AUTHORS file that lists the contributors. Apologies to those whose names are missing; please contact us if you wish to add your info to the AUTHORS file. 2018-06-21 14:28:34 +00:00			`# it under the terms of the GNU Lesser General Public License version 3`
			`# as published by the Free Software Foundation.`
add LGPLv3 headers to sources files 2016-11-25 21:53:55 +00:00			`#`
			`# This library is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Lesser General Public License for more details.`
			`#`
regenerate license headers This clarifies the intent: the project is licenced under terms of LGPL version 3 only, but the standard headers cover only "3 or later", so we had to rewrite them. In the same step, we removed author information from individual files in favor of "SatoshiLabs and contributors", and include an AUTHORS file that lists the contributors. Apologies to those whose names are missing; please contact us if you wish to add your info to the AUTHORS file. 2018-06-21 14:28:34 +00:00			`# You should have received a copy of the License along with this library.`
			`# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.`
add LGPLv3 headers to sources files 2016-11-25 21:53:55 +00:00
style: apply black/isort 2018-08-13 16:21:24 +00:00			`import logging`
transport: update to new bridge API 2018-01-29 16:46:24 +00:00			`import struct`
style: apply black/isort 2018-08-13 16:21:24 +00:00			`from io import BytesIO`

			`import requests`
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00
trezorlib/transport: make changes to support being a separate submodule, move common functions to superclass 2018-03-02 14:44:24 +00:00			`from . import Transport, TransportException`
style: apply black/isort 2018-08-13 16:21:24 +00:00			`from .. import mapping, protobuf`
add transport for bridge 2014-07-26 14:27:28 +00:00
transport: add message logging to bridge 2018-05-24 15:55:41 +00:00			`LOG = logging.getLogger(__name__)`

style: apply black/isort 2018-08-13 16:21:24 +00:00			`TREZORD_HOST = "http://127.0.0.1:21325"`
add transport for bridge 2014-07-26 14:27:28 +00:00
style: use flake8 2017-06-23 19:31:42 +00:00
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00			`class BridgeTransport(Transport):`
style: apply black/isort 2018-08-13 16:21:24 +00:00			`"""`
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00			`BridgeTransport implements transport through TREZOR Bridge (aka trezord).`
style: apply black/isort 2018-08-13 16:21:24 +00:00			`"""`
Configure Bridge only once per process (#107) This saves a lot of time on requests retrieving config_signed.bin and reconfiguring the bridge for every device enumeration or transport instantiation. 2017-04-20 11:16:15 +00:00
style: apply black/isort 2018-08-13 16:21:24 +00:00			`PATH_PREFIX = "bridge"`
			`HEADERS = {"Origin": "https://python.trezor.io"}`
Adding bridge transport to TrezorDevice, using as default transport 2018-02-02 18:17:48 +00:00
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00			`def __init__(self, device):`
trezorlib/transport: make changes to support being a separate submodule, move common functions to superclass 2018-03-02 14:44:24 +00:00			`super().__init__()`
fixing bridge transport enumerate + init 2015-12-21 17:18:06 +00:00
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00			`self.device = device`
			`self.conn = requests.Session()`
fixing bridge transport enumerate + init 2015-12-21 17:18:06 +00:00			`self.session = None`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`self.request = None`
fixing bridge transport enumerate + init 2015-12-21 17:18:06 +00:00
Added get_path() to transports 2018-02-06 20:10:30 +00:00			`def get_path(self):`
style: apply black/isort 2018-08-13 16:21:24 +00:00			`return "%s:%s" % (self.PATH_PREFIX, self.device["path"])`
fixing bridge transport enumerate + init 2015-12-21 17:18:06 +00:00
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`@classmethod`
			`def _call(cls, action, data=None, uri_suffix=None, session=None):`
			`if uri_suffix is not None:`
			`uri_suffix = "/" + uri_suffix`
			`elif session is not None:`
			`uri_suffix = "/{}".format(session)`
			`else:`
			`uri_suffix = ""`

			`url = "{}/{}{}".format(TREZORD_HOST, action, uri_suffix)`
			`r = requests.post(url, headers=cls.HEADERS, data=data)`

			`if r.status_code != 200:`
			`raise TransportException(`
			`"trezord: '{}' action failed with code {}: {}".format(`
			`action, r.status_code, r.json().get("error", "(no error message)")`
			`)`
			`)`
			`return r`

Fixing Origin header for Bridge 2.0.7 2018-03-01 09:33:47 +00:00			`@classmethod`
			`def enumerate(cls):`
Adding bridge transport to TrezorDevice, using as default transport 2018-02-02 18:17:48 +00:00			`try:`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`r = cls._call("enumerate")`
Adding bridge transport to TrezorDevice, using as default transport 2018-02-02 18:17:48 +00:00			`return [BridgeTransport(dev) for dev in r.json()]`
style: bare excepts, left-over bad imports 2018-08-10 14:05:14 +00:00			`except Exception:`
Adding bridge transport to TrezorDevice, using as default transport 2018-02-02 18:17:48 +00:00			`return []`
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00
			`def open(self):`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`r = self._call("acquire", uri_suffix="{}/null".format(self.device["path"]))`
style: apply black/isort 2018-08-13 16:21:24 +00:00			`self.session = r.json()["session"]`
add transport for bridge 2014-07-26 14:27:28 +00:00
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00			`def close(self):`
			`if not self.session:`
			`return`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`self._call("release", session=self.session)`
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00			`self.session = None`

			`def write(self, msg):`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`if self.request is not None:`
			`raise TransportException("trezord can't perform two writes without a read")`

style: apply black/isort 2018-08-13 16:21:24 +00:00			`LOG.debug(`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`"preparing message: {}".format(msg.__class__.__name__),`
style: apply black/isort 2018-08-13 16:21:24 +00:00			`extra={"protobuf": msg},`
			`)`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`# encode the message`
transport: update to new bridge API 2018-01-29 16:46:24 +00:00			`data = BytesIO()`
			`protobuf.dump_message(data, msg)`
			`ser = data.getvalue()`
			`header = struct.pack(">HL", mapping.get_type(msg), len(ser))`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`# store for later`
			`self.request = (header + ser).hex()`
add transport for bridge 2014-07-26 14:27:28 +00:00
transports: refactor, split protocol code 2017-08-24 12:29:27 +00:00			`def read(self):`
bridge: perform HTTP request in `read`, not `write` This allows us to return early from a `write`, which we need in cases where we want to perform an operation inbetween `read` and `write` - namely, callback for ButtonRequest should technically be invoked after returning ButtonAck but before waiting for device's response. Of course that doesn't really work. The callback will actually be invoked _before_ ButtonAck, so there's still the condition that it must return immediately or the device gets stuck with a black screen. But doing this allows us to write code as if it worked, which lets the other transports run free and wild, by which I mean, do the Right Thing 2018-10-04 15:05:10 +00:00			`if self.request is None:`
			`raise TransportException("trezord: no request in queue")`

			`try:`
			`LOG.debug("sending prepared message")`
			`r = self._call("call", data=self.request, session=self.session)`

			`data = bytes.fromhex(r.text)`
			`headerlen = struct.calcsize(">HL")`
			`msg_type, datalen = struct.unpack(">HL", data[:headerlen])`
			`data = BytesIO(data[headerlen : headerlen + datalen])`
			`msg = protobuf.load_message(data, mapping.get_class(msg_type))`
			`LOG.debug(`
			`"received message: {}".format(msg.__class__.__name__),`
			`extra={"protobuf": msg},`
			`)`
			`return msg`
			`finally:`
			`self.request = None`
transport: better ways to handle errors when enumerating devices 2018-05-24 17:14:05 +00:00

			`TRANSPORT = BridgeTransport`