core/tools: make keyctl remote signing more resilient

4 years ago · 8a5242ed0f
parent 611b734d21
commit 8a5242ed0f
2 changed files with 25 additions and 12 deletions
--- a/core/tools/headertool.py
+++ b/core/tools/headertool.py
@ -64,14 +64,15 @@ def process_remote_signers(fw, addrs: List[str]) -> Tuple[int, List[bytes]]:
    digest = fw.digest()
    name = fw.NAME

+    def mkproxy(addr):
+        return Pyro4.Proxy(f"PYRO:keyctl@{addr}:{PORT}")
+
    sigmask = 0
-    proxies = []
    pks, Rs = [], []
    for addr in addrs:
        click.echo(f"Connecting to {addr}...")
-        proxy = Pyro4.Proxy(f"PYRO:keyctl@{addr}:{PORT}")
-        proxies.append((addr, proxy))
-        pk, R = proxy.get_commit(name, digest)
+        with mkproxy(addr) as proxy:
+            pk, R = proxy.get_commit(name, digest)
        if pk not in fw.public_keys:
            raise click.ClickException(
                f"Signer at {addr} commits with unknown public key {pk.hex()}"
@ -88,14 +89,16 @@ def process_remote_signers(fw, addrs: List[str]) -> Tuple[int, List[bytes]]:

    # collect signatures
    sigs = []
-    for addr, proxy in proxies:
+    for addr in addrs:
        click.echo(f"Waiting for {addr} to sign... ", nl=False)
-        sig = proxy.get_signature(name, digest, global_R, global_pk)
+        with mkproxy(addr) as proxy:
+            sig = proxy.get_signature(name, digest, global_R, global_pk)
        sigs.append(sig)
        click.echo("OK")

-    for _, proxy in proxies:
-        proxy.finish()
+    for addr in addrs:
+        with mkproxy(addr) as proxy:
+            proxy.finish()

    # compute global signature
    return sigmask, cosi.combine_sig(global_R, sigs)
--- a/core/tools/keyctl-proxy
+++ b/core/tools/keyctl-proxy
@ -75,6 +75,8 @@ class KeyctlProxy:
        self.address_n = parse_path(PATH.format(image_type.BIP32_INDEX))
        self.digest = digest
        self.commit = commit
+        self.signature = None
+        self.global_params = None

    def _check_name_digest(self, name, digest):
        if name != self.name or digest != self.digest:
@ -87,21 +89,29 @@ class KeyctlProxy:
        click.echo("Sending commitment!")
        return self.commit

-    def get_signature(self, name, digest, global_R, global_pk):
-        self._check_name_digest(name, digest)
+    def _make_signature(self, global_R, global_pk):
        while True:
            try:
                click.echo("\n\n\nSigning...")
                signature = cosi.sign(
-                    TREZOR, self.address_n, digest, global_R, global_pk
+                    TREZOR, self.address_n, self.digest, global_R, global_pk
                )
-                click.echo("Sending signature!")
                return signature.signature
            except Exception as e:
                click.echo(e)
                traceback.print_exc()
                click.echo("Trying again ...")

+
+    def get_signature(self, name, digest, global_R, global_pk):
+        self._check_name_digest(name, digest)
+        global_params = global_R, global_pk
+        if global_params != self.global_params:
+            self.signature = self._make_signature(global_R, global_pk)
+            self.global_params = global_params
+        click.echo("Sending signature!")
+        return self.signature
+
    @Pyro4.oneway
    def finish(self):
        click.echo("Done! \\(^o^)/")