trezor-firmware/core/tools/keyctl-proxy

#!/usr/bin/env python3
import sys
import traceback

import click
import Pyro4
from trezorlib import cosi
from trezorlib.client import get_default_client
from trezorlib.tools import parse_path
from trezorlib._internal.firmware_headers import (
    parse_image,
    VendorHeader,
    BootloaderImage,
    FirmwareImage,
)

from typing import Tuple

Pyro4.config.SERIALIZER = "marshal"

PORT = 5001
indexmap = {
    "bootloader": BootloaderImage,
    "vendorheader": VendorHeader,
    "firmware": FirmwareImage,
}

PATH = "10018h/{}h"


def make_commit(name, index, digest):
    path = PATH.format(index)
    address_n = parse_path(path)
    first_pass = True
    while True:
        try:
            t = get_default_client()
            if first_pass:
                t.clear_session()
                first_pass = False

            click.echo(f"\n\n\nCommiting to {click.style(name, bold=True)} hash:")
            for partid in range(4):
                digest_part = digest[partid * 8 : (partid + 1) * 8]
                color = "red" if partid % 2 else "blue"
                digest_str = click.style(digest_part.hex().upper(), fg=color)
                click.echo(digest_str)

            click.echo(f"Using path: {click.style(path, bold=True)}")
            commit = cosi.commit(t, address_n, digest)
            return commit.pubkey, commit.commitment
        except Exception as e:
            click.echo(e)
            traceback.print_exc()
            click.echo("Trying again ...")


@Pyro4.expose
class KeyctlProxy:
    def __init__(self, image_type, digest: bytes, commit: Tuple[bytes, bytes]) -> None:
        self.name = image_type.NAME
        self.address_n = parse_path(PATH.format(image_type.BIP32_INDEX))
        self.digest = digest
        self.commit = commit

    def _check_name_digest(self, name, digest):
        if name != self.name or digest != self.digest:
            click.echo(f"ERROR! Remote wants to sign {name} with digest {digest.hex()}")
            click.echo(f"Expected: {self.name} with digest {self.digest.hex()}")
            raise ValueError("Unexpected index/digest")

    def get_commit(self, name, digest):
        self._check_name_digest(name, digest)
        click.echo("Sending commitment!")
        return self.commit

    def get_signature(self, name, digest, global_R, global_pk):
        self._check_name_digest(name, digest)
        while True:
            try:
                t = get_default_client()
                click.echo("\n\n\nSigning...")
                signature = cosi.sign(t, self.address_n, digest, global_R, global_pk)
                click.echo("Sending signature!")
                return signature.signature
            except Exception as e:
                click.echo(e)
                traceback.print_exc()
                click.echo("Trying again ...")


@click.command()
@click.option(
    "-l", "--listen", "ipaddr", default="0.0.0.0", help="Bind to particular ip address"
)
@click.option("-t", "--header-type", type=click.Choice(indexmap.keys()))
@click.option("-d", "--digest")
@click.argument("fw_file", type=click.File("rb"), required=False)
def cli(ipaddr, fw_file, header_type, digest):
    """Participate in signing of firmware.

    Specify either fw_file to auto-detect type and digest, or use -t and -d to specify
    the type and digest manually.
    """
    public_keys = None
    if fw_file:
        if header_type or digest:
            raise click.ClickException("Do not specify fw_file together with -t/-d")

        fw = parse_image(fw_file.read())
        digest = fw.digest()
        public_keys = fw.public_keys

        click.echo(fw.format())

    if not fw_file and (not header_type or not digest):
        raise click.ClickException("Please specify either fw_file or -t and -h")

    while True:
        pubkey, R = make_commit(header_type.BIP32_INDEX, digest)
        if public_keys is not None and pubkey not in public_keys:
            click.echo(f"\n\nPublic key {pubkey.hex()} is unknown.")
            if click.confirm("Retry with a different passphrase?"):
                continue
        break

    daemon = Pyro4.Daemon(host=ipaddr, port=PORT)
    proxy = KeyctlProxy(header_type, digest, (pubkey, R))
    uri = daemon.register(proxy, "keyctl")
    click.echo(f"keyctl-proxy running at URI: {uri}")
    click.echo("Press Ctrl+C to abort.")
    daemon.requestLoop()


if __name__ == "__main__":
    cli()
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago			`#!/usr/bin/env python3`
			`import sys`
tools: fix keyctl-proxy 5 years ago			`import traceback`

core/tools: update keyctl-proxy to work with headertool 5 years ago			`import click`
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago			`import Pyro4`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`from trezorlib import cosi`
			`from trezorlib.client import get_default_client`
			`from trezorlib.tools import parse_path`
			`from trezorlib._internal.firmware_headers import (`
			`parse_image,`
			`VendorHeader,`
			`BootloaderImage,`
			`FirmwareImage,`
			`)`

			`from typing import Tuple`
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago
core/keyctl: get rid of serpent conversions 5 years ago			`Pyro4.config.SERIALIZER = "marshal"`

tools: drop combine_sign; rework keyctl into 3 tools 6 years ago			`PORT = 5001`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`indexmap = {`
			`"bootloader": BootloaderImage,`
			`"vendorheader": VendorHeader,`
			`"firmware": FirmwareImage,`
			`}`
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago
core/tools: update keyctl-proxy to work with headertool 5 years ago			`PATH = "10018h/{}h"`
tools: run black and flake8 on tools/ 6 years ago
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago
core/tools: make keyctl-proxy output nicer 5 years ago			`def make_commit(name, index, digest):`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`path = PATH.format(index)`
			`address_n = parse_path(path)`
			`first_pass = True`
			`while True:`
			`try:`
			`t = get_default_client()`
			`if first_pass:`
			`t.clear_session()`
			`first_pass = False`
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo(f"\n\n\nCommiting to {click.style(name, bold=True)} hash:")`
			`for partid in range(4):`
			`digest_part = digest[partid * 8 : (partid + 1) * 8]`
			`color = "red" if partid % 2 else "blue"`
			`digest_str = click.style(digest_part.hex().upper(), fg=color)`
			`click.echo(digest_str)`

			`click.echo(f"Using path: {click.style(path, bold=True)}")`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`commit = cosi.commit(t, address_n, digest)`
			`return commit.pubkey, commit.commitment`
			`except Exception as e:`
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo(e)`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`traceback.print_exc()`
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo("Trying again ...")`
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago

			`@Pyro4.expose`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`class KeyctlProxy:`
			`def __init__(self, image_type, digest: bytes, commit: Tuple[bytes, bytes]) -> None:`
			`self.name = image_type.NAME`
			`self.address_n = parse_path(PATH.format(image_type.BIP32_INDEX))`
			`self.digest = digest`
			`self.commit = commit`

			`def _check_name_digest(self, name, digest):`
			`if name != self.name or digest != self.digest:`
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo(f"ERROR! Remote wants to sign {name} with digest {digest.hex()}")`
			`click.echo(f"Expected: {self.name} with digest {self.digest.hex()}")`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`raise ValueError("Unexpected index/digest")`

			`def get_commit(self, name, digest):`
			`self._check_name_digest(name, digest)`
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo("Sending commitment!")`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`return self.commit`

			`def get_signature(self, name, digest, global_R, global_pk):`
			`self._check_name_digest(name, digest)`
			`while True:`
tools: loop on error in keyctl-proxy 6 years ago			`try:`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`t = get_default_client()`
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo("\n\n\nSigning...")`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`signature = cosi.sign(t, self.address_n, digest, global_R, global_pk)`
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo("Sending signature!")`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`return signature.signature`
tools: loop on error in keyctl-proxy 6 years ago			`except Exception as e:`
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo(e)`
tools: fix keyctl-proxy 5 years ago			`traceback.print_exc()`
core/tools: make keyctl-proxy output nicer 5 years ago			`click.echo("Trying again ...")`
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago

core/tools: update keyctl-proxy to work with headertool 5 years ago			`@click.command()`
			`@click.option(`
			`"-l", "--listen", "ipaddr", default="0.0.0.0", help="Bind to particular ip address"`
			`)`
			`@click.option("-t", "--header-type", type=click.Choice(indexmap.keys()))`
			`@click.option("-d", "--digest")`
			`@click.argument("fw_file", type=click.File("rb"), required=False)`
			`def cli(ipaddr, fw_file, header_type, digest):`
			`"""Participate in signing of firmware.`

			`Specify either fw_file to auto-detect type and digest, or use -t and -d to specify`
			`the type and digest manually.`
			`"""`
			`public_keys = None`
			`if fw_file:`
			`if header_type or digest:`
			`raise click.ClickException("Do not specify fw_file together with -t/-d")`

			`fw = parse_image(fw_file.read())`
			`digest = fw.digest()`
			`public_keys = fw.public_keys`

			`click.echo(fw.format())`

			`if not fw_file and (not header_type or not digest):`
			`raise click.ClickException("Please specify either fw_file or -t and -h")`

			`while True:`
			`pubkey, R = make_commit(header_type.BIP32_INDEX, digest)`
			`if public_keys is not None and pubkey not in public_keys:`
			`click.echo(f"\n\nPublic key {pubkey.hex()} is unknown.")`
			`if click.confirm("Retry with a different passphrase?"):`
			`continue`
			`break`

tools: drop netifaces requirement from keyctl-proxy 6 years ago			`daemon = Pyro4.Daemon(host=ipaddr, port=PORT)`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`proxy = KeyctlProxy(header_type, digest, (pubkey, R))`
tools: run black and flake8 on tools/ 6 years ago			`uri = daemon.register(proxy, "keyctl")`
core/tools: update keyctl-proxy to work with headertool 5 years ago			`click.echo(f"keyctl-proxy running at URI: {uri}")`
			`click.echo("Press Ctrl+C to abort.")`
tools: drop combine_sign; rework keyctl into 3 tools 6 years ago			`daemon.requestLoop()`
core/tools: update keyctl-proxy to work with headertool 5 years ago

			`if __name__ == "__main__":`
			`cli()`