2018-01-29 14:02:32 +00:00
|
|
|
#!/usr/bin/env python3
|
|
|
|
import binascii
|
|
|
|
import sys
|
|
|
|
import Pyro4
|
|
|
|
import serpent
|
|
|
|
|
|
|
|
PORT = 5001
|
2018-07-31 09:35:09 +00:00
|
|
|
indexmap = {"bootloader": 0, "vendorheader": 1, "firmware": 2}
|
2018-01-29 14:02:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
def get_trezor():
|
|
|
|
from trezorlib.client import TrezorClient
|
2018-06-19 14:43:00 +00:00
|
|
|
from trezorlib.transport import get_transport
|
2018-07-31 09:35:09 +00:00
|
|
|
|
2018-06-19 14:43:00 +00:00
|
|
|
return TrezorClient(get_transport())
|
2018-01-29 14:02:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
def get_path(index):
|
|
|
|
return "10018'/%d'" % indexmap[index]
|
|
|
|
|
|
|
|
|
|
|
|
@Pyro4.expose
|
|
|
|
class KeyctlProxy(object):
|
|
|
|
def get_commit(self, index, digest):
|
|
|
|
digest = serpent.tobytes(digest)
|
|
|
|
path = get_path(index)
|
2018-01-29 14:28:17 +00:00
|
|
|
commit = None
|
|
|
|
while commit is None:
|
|
|
|
try:
|
|
|
|
t = get_trezor()
|
2018-07-31 09:35:09 +00:00
|
|
|
print(
|
|
|
|
"\n\n\nCommiting to hash %s with path %s:"
|
|
|
|
% (binascii.hexlify(digest).decode(), path)
|
|
|
|
)
|
2018-01-29 14:28:17 +00:00
|
|
|
commit = t.cosi_commit(t.expand_path(path), digest)
|
|
|
|
except Exception as e:
|
|
|
|
print(e)
|
2018-07-31 09:35:09 +00:00
|
|
|
print("Trying again ...")
|
2018-01-29 14:02:32 +00:00
|
|
|
pk = commit.pubkey
|
|
|
|
R = commit.commitment
|
2018-07-31 09:35:09 +00:00
|
|
|
print("Commitment sent!")
|
2018-01-29 14:02:32 +00:00
|
|
|
return (pk, R)
|
|
|
|
|
|
|
|
def get_signature(self, index, digest, global_R, global_pk):
|
2018-07-31 09:35:09 +00:00
|
|
|
digest, global_R, global_pk = (
|
|
|
|
serpent.tobytes(digest),
|
|
|
|
serpent.tobytes(global_R),
|
|
|
|
serpent.tobytes(global_pk),
|
|
|
|
)
|
2018-01-29 14:02:32 +00:00
|
|
|
path = get_path(index)
|
2018-01-29 14:28:17 +00:00
|
|
|
signature = None
|
|
|
|
while signature is None:
|
|
|
|
try:
|
|
|
|
t = get_trezor()
|
2018-07-31 09:35:09 +00:00
|
|
|
print(
|
|
|
|
"\n\n\nSigning hash %s with path %s:"
|
|
|
|
% (binascii.hexlify(digest).decode(), path)
|
|
|
|
)
|
|
|
|
signature = t.cosi_sign(
|
|
|
|
t.expand_path(path), digest, global_R, global_pk
|
|
|
|
)
|
2018-01-29 14:28:17 +00:00
|
|
|
except Exception as e:
|
|
|
|
print(e)
|
2018-07-31 09:35:09 +00:00
|
|
|
print("Trying again ...")
|
2018-01-29 14:02:32 +00:00
|
|
|
sig = signature.signature
|
2018-07-31 09:35:09 +00:00
|
|
|
print("Signature sent!")
|
2018-01-29 14:02:32 +00:00
|
|
|
return sig
|
|
|
|
|
|
|
|
|
2018-07-31 09:35:09 +00:00
|
|
|
if __name__ == "__main__":
|
2018-01-29 14:02:32 +00:00
|
|
|
if len(sys.argv) > 1:
|
2018-01-29 14:49:55 +00:00
|
|
|
ipaddr = sys.argv[1]
|
2018-01-29 14:02:32 +00:00
|
|
|
else:
|
2018-07-31 09:35:09 +00:00
|
|
|
print("Usage: keyctl-proxy ipaddress")
|
2018-01-29 14:02:32 +00:00
|
|
|
sys.exit(1)
|
2018-01-29 14:49:55 +00:00
|
|
|
daemon = Pyro4.Daemon(host=ipaddr, port=PORT)
|
2018-01-29 14:02:32 +00:00
|
|
|
proxy = KeyctlProxy()
|
2018-07-31 09:35:09 +00:00
|
|
|
uri = daemon.register(proxy, "keyctl")
|
2018-01-29 14:02:32 +00:00
|
|
|
print('keyctl-proxy running at URI: "%s"' % uri)
|
|
|
|
daemon.requestLoop()
|