tools: update encfs_aes_getpass, add version check

2024-11-14 03:30:02 +00:00 · 2018-11-26 16:07:22 +01:00 · 2018-11-26 16:07:22 +01:00 · ab461548ce
commit ab461548ce
parent 4982fd1cf5
1 changed files with 15 additions and 6 deletions
--- a/tools/encfs_aes_getpass.py
+++ b/tools/encfs_aes_getpass.py
@ -12,10 +12,18 @@ import sys
 import json
 import hashlib

+import trezorlib
+
+version_tuple = tuple(map(int, trezorlib.__version__.split(".")))
+if not (0, 11) <= version_tuple < (0, 12):
+    raise RuntimeError("trezorlib version mismatch (0.11.x is required)")
+
 from trezorlib.client import TrezorClient
 from trezorlib.transport import enumerate_devices
 from trezorlib.ui import ClickUI

+import trezorlib.misc
+

 def wait_for_devices():
    devices = enumerate_devices()
@ -77,7 +85,7 @@ def main():

    devices = wait_for_devices()
    transport = choose_device(devices)
-    client = TrezorClient(transport, ui=ClickUI)
+    client = TrezorClient(transport, ui=ClickUI())

    rootdir = os.environ["encfs_root"]  # Read "man encfs" for more
    passw_file = os.path.join(rootdir, "password.dat")
@ -89,10 +97,9 @@ def main():
        label = input()

        sys.stderr.write("Computer asked TREZOR for new strong password.\n")
-        sys.stderr.write("Please confirm the action on your device ...\n")

        # 32 bytes, good for AES
-        trezor_entropy = client.get_entropy(32)
+        trezor_entropy = trezorlib.misc.get_entropy(client, 32)
        urandom_entropy = os.urandom(32)
        passw = hashlib.sha256(trezor_entropy + urandom_entropy).digest()

@ -100,7 +107,9 @@ def main():
            raise ValueError("32 bytes password expected")

        bip32_path = [10, 0]
-        passw_encrypted = client.encrypt_keyvalue(bip32_path, label, passw, False, True)
+        passw_encrypted = trezorlib.misc.encrypt_keyvalue(
+            client, bip32_path, label, passw, False, True
+        )

        data = {
            "label": label,
@ -113,8 +122,8 @@ def main():
    # Let's load password
    data = json.load(open(passw_file, "r"))

-    sys.stderr.write("Please confirm the action on your device ...\n")
-    passw = client.decrypt_keyvalue(
+    passw = trezorlib.misc.decrypt_keyvalue(
+        client,
        data["bip32_path"],
        data["label"],
        bytes.fromhex(data["password_encrypted_hex"]),