1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-14 03:30:02 +00:00

tools: update encfs_aes_getpass, add version check

This commit is contained in:
matejcik 2018-11-26 16:07:22 +01:00
parent 4982fd1cf5
commit ab461548ce

View File

@ -12,10 +12,18 @@ import sys
import json
import hashlib
import trezorlib
version_tuple = tuple(map(int, trezorlib.__version__.split(".")))
if not (0, 11) <= version_tuple < (0, 12):
raise RuntimeError("trezorlib version mismatch (0.11.x is required)")
from trezorlib.client import TrezorClient
from trezorlib.transport import enumerate_devices
from trezorlib.ui import ClickUI
import trezorlib.misc
def wait_for_devices():
devices = enumerate_devices()
@ -77,7 +85,7 @@ def main():
devices = wait_for_devices()
transport = choose_device(devices)
client = TrezorClient(transport, ui=ClickUI)
client = TrezorClient(transport, ui=ClickUI())
rootdir = os.environ["encfs_root"] # Read "man encfs" for more
passw_file = os.path.join(rootdir, "password.dat")
@ -89,10 +97,9 @@ def main():
label = input()
sys.stderr.write("Computer asked TREZOR for new strong password.\n")
sys.stderr.write("Please confirm the action on your device ...\n")
# 32 bytes, good for AES
trezor_entropy = client.get_entropy(32)
trezor_entropy = trezorlib.misc.get_entropy(client, 32)
urandom_entropy = os.urandom(32)
passw = hashlib.sha256(trezor_entropy + urandom_entropy).digest()
@ -100,7 +107,9 @@ def main():
raise ValueError("32 bytes password expected")
bip32_path = [10, 0]
passw_encrypted = client.encrypt_keyvalue(bip32_path, label, passw, False, True)
passw_encrypted = trezorlib.misc.encrypt_keyvalue(
client, bip32_path, label, passw, False, True
)
data = {
"label": label,
@ -113,8 +122,8 @@ def main():
# Let's load password
data = json.load(open(passw_file, "r"))
sys.stderr.write("Please confirm the action on your device ...\n")
passw = client.decrypt_keyvalue(
passw = trezorlib.misc.decrypt_keyvalue(
client,
data["bip32_path"],
data["label"],
bytes.fromhex(data["password_encrypted_hex"]),