1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-04 04:21:01 +00:00
trezor-firmware/bootloader/firmware_sign_split.py

35 lines
941 B
Python
Raw Normal View History

2017-02-01 17:07:47 +00:00
#!/usr/bin/env python
from __future__ import print_function
2014-10-23 16:09:41 +00:00
import hashlib
import os
import subprocess
import ecdsa
from binascii import hexlify, unhexlify
2017-02-01 17:07:47 +00:00
print('master secret:', end='')
try:
h = raw_input()
except:
h = input()
2014-10-23 16:09:41 +00:00
if h:
2017-02-01 17:07:47 +00:00
h = unhexlify(h).encode('ascii')
2014-10-23 16:09:41 +00:00
else:
h = hashlib.sha256(os.urandom(1024)).digest()
2017-02-01 17:07:47 +00:00
print()
print('master secret:', hexlify(h))
print()
2014-10-23 16:09:41 +00:00
for i in range(1, 6):
2017-02-01 17:07:47 +00:00
se = hashlib.sha256(h + chr(i).encode('ascii')).hexdigest()
print('seckey', i, ':', se)
2014-10-23 16:09:41 +00:00
sk = ecdsa.SigningKey.from_secret_exponent(secexp = int(se, 16), curve=ecdsa.curves.SECP256k1, hashfunc=hashlib.sha256)
2017-02-01 17:07:47 +00:00
print('pubkey', i, ':', (b'04' + hexlify(sk.get_verifying_key().to_string())).decode('ascii'))
print(sk.to_pem().decode('ascii'))
2014-10-23 16:09:41 +00:00
p = subprocess.Popen('ssss-split -t 3 -n 5 -x'.split(' '), stdin = subprocess.PIPE)
p.communicate(input = hexlify(h) + '\n')
# to recover use:
# $ ssss-combine -t 3 -x