You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
87 lines
2.4 KiB
87 lines
2.4 KiB
7 years ago
|
#!/usr/bin/env python3
|
||
|
import binascii
|
||
|
import sys
|
||
6 years ago
|
import traceback
|
||
|
|
||
7 years ago
|
import Pyro4
|
||
|
import serpent
|
||
6 years ago
|
from trezorlib import cosi, tools
|
||
7 years ago
|
|
||
|
PORT = 5001
|
||
6 years ago
|
indexmap = {"bootloader": 0, "vendorheader": 1, "firmware": 2}
|
||
7 years ago
|
|
||
|
|
||
|
def get_trezor():
|
||
|
from trezorlib.client import TrezorClient
|
||
6 years ago
|
from trezorlib.transport import get_transport
|
||
6 years ago
|
from trezorlib.ui import ClickUI
|
||
6 years ago
|
|
||
6 years ago
|
return TrezorClient(get_transport(), ui=ClickUI())
|
||
7 years ago
|
|
||
|
|
||
|
def get_path(index):
|
||
|
return "10018'/%d'" % indexmap[index]
|
||
|
|
||
|
|
||
|
@Pyro4.expose
|
||
|
class KeyctlProxy(object):
|
||
|
def get_commit(self, index, digest):
|
||
|
digest = serpent.tobytes(digest)
|
||
|
path = get_path(index)
|
||
7 years ago
|
commit = None
|
||
|
while commit is None:
|
||
|
try:
|
||
|
t = get_trezor()
|
||
6 years ago
|
print(
|
||
|
"\n\n\nCommiting to hash %s with path %s:"
|
||
|
% (binascii.hexlify(digest).decode(), path)
|
||
|
)
|
||
6 years ago
|
commit = cosi.commit(t, tools.parse_path(path), digest)
|
||
7 years ago
|
except Exception as e:
|
||
|
print(e)
|
||
6 years ago
|
traceback.print_exc()
|
||
6 years ago
|
print("Trying again ...")
|
||
7 years ago
|
pk = commit.pubkey
|
||
|
R = commit.commitment
|
||
6 years ago
|
print("Commitment sent!")
|
||
7 years ago
|
return (pk, R)
|
||
|
|
||
|
def get_signature(self, index, digest, global_R, global_pk):
|
||
6 years ago
|
digest, global_R, global_pk = (
|
||
|
serpent.tobytes(digest),
|
||
|
serpent.tobytes(global_R),
|
||
|
serpent.tobytes(global_pk),
|
||
|
)
|
||
7 years ago
|
path = get_path(index)
|
||
7 years ago
|
signature = None
|
||
|
while signature is None:
|
||
|
try:
|
||
|
t = get_trezor()
|
||
6 years ago
|
print(
|
||
|
"\n\n\nSigning hash %s with path %s:"
|
||
|
% (binascii.hexlify(digest).decode(), path)
|
||
|
)
|
||
6 years ago
|
signature = cosi.sign(
|
||
|
t, tools.parse_path(path), digest, global_R, global_pk
|
||
6 years ago
|
)
|
||
7 years ago
|
except Exception as e:
|
||
|
print(e)
|
||
6 years ago
|
traceback.print_exc()
|
||
6 years ago
|
print("Trying again ...")
|
||
7 years ago
|
sig = signature.signature
|
||
6 years ago
|
print("Signature sent!")
|
||
7 years ago
|
return sig
|
||
|
|
||
|
|
||
6 years ago
|
if __name__ == "__main__":
|
||
7 years ago
|
if len(sys.argv) > 1:
|
||
7 years ago
|
ipaddr = sys.argv[1]
|
||
7 years ago
|
else:
|
||
6 years ago
|
print("Usage: keyctl-proxy ipaddress")
|
||
7 years ago
|
sys.exit(1)
|
||
7 years ago
|
daemon = Pyro4.Daemon(host=ipaddr, port=PORT)
|
||
7 years ago
|
proxy = KeyctlProxy()
|
||
6 years ago
|
uri = daemon.register(proxy, "keyctl")
|
||
7 years ago
|
print('keyctl-proxy running at URI: "%s"' % uri)
|
||
|
daemon.requestLoop()
|