2018-01-29 14:02:32 +00:00
|
|
|
#!/usr/bin/env python3
|
|
|
|
import binascii
|
|
|
|
import sys
|
|
|
|
import Pyro4
|
|
|
|
import serpent
|
|
|
|
|
|
|
|
PORT = 5001
|
|
|
|
indexmap = {
|
|
|
|
'bootloader': 0,
|
|
|
|
'vendorheader': 1,
|
|
|
|
'firmware': 2,
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
def get_trezor():
|
|
|
|
from trezorlib.client import TrezorClient
|
|
|
|
from trezorlib.transport_hid import HidTransport
|
|
|
|
devices = HidTransport.enumerate()
|
|
|
|
if len(devices) > 0:
|
|
|
|
return TrezorClient(devices[0])
|
|
|
|
else:
|
|
|
|
raise Exception('No TREZOR found')
|
|
|
|
|
|
|
|
|
|
|
|
def get_path(index):
|
|
|
|
return "10018'/%d'" % indexmap[index]
|
|
|
|
|
|
|
|
|
|
|
|
@Pyro4.expose
|
|
|
|
class KeyctlProxy(object):
|
|
|
|
|
|
|
|
def get_commit(self, index, digest):
|
|
|
|
digest = serpent.tobytes(digest)
|
|
|
|
path = get_path(index)
|
2018-01-29 14:28:17 +00:00
|
|
|
commit = None
|
|
|
|
while commit is None:
|
|
|
|
try:
|
|
|
|
t = get_trezor()
|
|
|
|
print('\n\n\nCommiting to hash %s with path %s:' % (binascii.hexlify(digest).decode(), path))
|
|
|
|
commit = t.cosi_commit(t.expand_path(path), digest)
|
|
|
|
except Exception as e:
|
|
|
|
print(e)
|
|
|
|
print('Trying again ...')
|
2018-01-29 14:02:32 +00:00
|
|
|
pk = commit.pubkey
|
|
|
|
R = commit.commitment
|
2018-01-29 14:28:17 +00:00
|
|
|
print('Commitment sent!')
|
2018-01-29 14:02:32 +00:00
|
|
|
return (pk, R)
|
|
|
|
|
|
|
|
def get_signature(self, index, digest, global_R, global_pk):
|
|
|
|
digest, global_R, global_pk = serpent.tobytes(digest), serpent.tobytes(global_R), serpent.tobytes(global_pk)
|
|
|
|
path = get_path(index)
|
2018-01-29 14:28:17 +00:00
|
|
|
signature = None
|
|
|
|
while signature is None:
|
|
|
|
try:
|
|
|
|
t = get_trezor()
|
|
|
|
print('\n\n\nSigning hash %s with path %s:' % (binascii.hexlify(digest).decode(), path))
|
|
|
|
signature = t.cosi_sign(t.expand_path(path), digest, global_R, global_pk)
|
|
|
|
except Exception as e:
|
|
|
|
print(e)
|
|
|
|
print('Trying again ...')
|
2018-01-29 14:02:32 +00:00
|
|
|
sig = signature.signature
|
2018-01-29 14:28:17 +00:00
|
|
|
print('Signature sent!')
|
2018-01-29 14:02:32 +00:00
|
|
|
return sig
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
if len(sys.argv) > 1:
|
2018-01-29 14:49:55 +00:00
|
|
|
ipaddr = sys.argv[1]
|
2018-01-29 14:02:32 +00:00
|
|
|
else:
|
2018-01-29 14:49:55 +00:00
|
|
|
print('Usage: keyctl-proxy ipaddress')
|
2018-01-29 14:02:32 +00:00
|
|
|
sys.exit(1)
|
2018-01-29 14:49:55 +00:00
|
|
|
daemon = Pyro4.Daemon(host=ipaddr, port=PORT)
|
2018-01-29 14:02:32 +00:00
|
|
|
proxy = KeyctlProxy()
|
|
|
|
uri = daemon.register(proxy, 'keyctl')
|
|
|
|
print('keyctl-proxy running at URI: "%s"' % uri)
|
|
|
|
daemon.requestLoop()
|