1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-27 00:28:10 +00:00

tools: remove ed25519 dependency, prepare for ed25519cosi signing

This commit is contained in:
Pavol Rusnak 2017-10-01 16:26:51 +02:00
parent 430117dd16
commit ca649eb8f0
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
5 changed files with 38 additions and 25 deletions

View File

@ -35,7 +35,7 @@ before_install:
install: install:
- pip3 install --user scons - pip3 install --user scons
- pip3 install --user ed25519 pyblake2 - pip3 install --user pyblake2
- pip3 install --user flake8 - pip3 install --user flake8
- pip3 install --user pytest - pip3 install --user pytest
- pip3 install --user ecdsa mnemonic protobuf requests - pip3 install --user ecdsa mnemonic protobuf requests

View File

@ -25,7 +25,7 @@ cd trezor-core
#### Debian/Ubuntu #### Debian/Ubuntu
```sh ```sh
sudo -H pip install ed25519 pyblake2 sudo -H pip install pyblake2
sudo dpkg --add-architecture i386 sudo dpkg --add-architecture i386
sudo apt-get update sudo apt-get update
@ -37,7 +37,7 @@ make build_unix
#### Fedora #### Fedora
```sh ```sh
sudo pip install ed25519 pyblake2 sudo pip install pyblake2
sudo yum install scons SDL2-devel.i686 SDL2_image-devel.i686 sudo yum install scons SDL2-devel.i686 SDL2_image-devel.i686
@ -47,7 +47,7 @@ make build_unix
#### openSUSE #### openSUSE
```sh ```sh
sudo pip install ed25519 pyblake2 sudo pip install pyblake2
sudo zypper install scons libSDL2-devel-32bit libSDL2_image-devel-32bit sudo zypper install scons libSDL2-devel-32bit libSDL2_image-devel-32bit
@ -57,7 +57,7 @@ make build_unix
### OS X ### OS X
```sh ```sh
pip install ed25519 pyblake2 pip install pyblake2
brew install scons sdl2 sdl2_image brew install scons sdl2 sdl2_image
@ -78,7 +78,7 @@ or `make flash STLINKv21=1` if using a ST-LINK/V2.1 interface.
#### Debian/Ubuntu #### Debian/Ubuntu
```sh ```sh
sudo pip install ed25519 pyblake2 sudo pip install pyblake2
sudo apt-get install gcc-arm-none-eabi libnewlib-arm-none-eabi sudo apt-get install gcc-arm-none-eabi libnewlib-arm-none-eabi

View File

@ -5,14 +5,19 @@ from __future__ import print_function
import sys import sys
import struct import struct
import binascii import binascii
import ed25519
import pyblake2 import pyblake2
import ed25519raw
def sign_data(seckey, data):
signkey = ed25519.SigningKey(seckey) def sign_data(seckeys, data):
digest = pyblake2.blake2s(data).digest() if len(seckeys) == 1:
return signkey.sign(digest) sk = seckeys[0]
pk = ed25519raw.publickey(sk)
digest = pyblake2.blake2s(data).digest()
return ed25519raw.signature(digest, sk, pk)
else:
raise NotImplementedError
def format_sigmask(sigmask): def format_sigmask(sigmask):
@ -79,12 +84,12 @@ class BinImage(object):
assert len(header) == self.hdrlen assert len(header) == self.hdrlen
return header return header
def sign(self, sigmask, seckey): def sign(self, sigmask, seckeys):
header = self.serialize_header(sig=False) header = self.serialize_header(sig=False)
data = header + self.code data = header + self.code
assert len(data) == self.hdrlen + self.codelen assert len(data) == self.hdrlen + self.codelen
self.sigmask = sigmask self.sigmask = sigmask
self.sig = sign_data(seckey, data) self.sig = sign_data(seckeys, data)
def write(self, filename): def write(self, filename):
with open(filename, 'wb') as f: with open(filename, 'wb') as f:
@ -180,10 +185,10 @@ class VendorHeader(object):
assert len(header) == self.hdrlen assert len(header) == self.hdrlen
return header return header
def sign(self, sigmask, seckey): def sign(self, sigmask, seckeys):
header = self.serialize_header(sig=False) header = self.serialize_header(sig=False)
self.sigmask = sigmask self.sigmask = sigmask
self.sig = sign_data(seckey, header) self.sig = sign_data(seckeys, header)
def write(self, filename): def write(self, filename):
with open(filename, 'wb') as f: with open(filename, 'wb') as f:
@ -216,9 +221,17 @@ def main():
sign = len(sys.argv) > 2 and sys.argv[2] == '-s' sign = len(sys.argv) > 2 and sys.argv[2] == '-s'
b = binopen(fn) b = binopen(fn)
if sign: if sign:
sigmask = 1 << (int(sys.argv[3]) - 1) sigmask = 0
seckey = binascii.unhexlify(sys.argv[4]) if ':' in sys.argv[3]:
b.sign(sigmask, seckey) for idx in sys.argv[3].split(':'):
sigmask = 1 << (int(idx) - 1)
else:
sigmask = 1 << (int(sys.argv[3]) - 1)
if ':' in sys.argv[4]:
seckeys = [binascii.unhexlify(h) for h in sys.argv[4].split(':')]
else:
seckeys = [binascii.unhexlify(sys.argv[4])]
b.sign(sigmask, seckeys)
print() print()
b.write(fn) b.write(fn)
b.print() b.print()

9
tools/keytool → tools/ed25519cosi.py Executable file → Normal file
View File

@ -1,4 +1,3 @@
#!/usr/bin/env python3
import sys import sys
import binascii import binascii
import ed25519raw import ed25519raw
@ -201,8 +200,7 @@ def main():
usage() usage()
def test(): def test(data):
data = sys.argv[1].encode()
N = 3 N = 3
keyset = [0, 2] keyset = [0, 2]
@ -257,4 +255,7 @@ def test():
if __name__ == '__main__': if __name__ == '__main__':
test() if len(sys.argv) > 1:
test(data=sys.argv[1].encode())
else:
test(data=b'test')

View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import binascii import binascii
import ed25519 import ed25519raw
def hex_to_c(s): def hex_to_c(s):
return '"\\x' + '\\x'.join([s[i:i + 2] for i in range(0, len(s), 2)]) + '"' return '"\\x' + '\\x'.join([s[i:i + 2] for i in range(0, len(s), 2)]) + '"'
@ -12,8 +12,7 @@ for c in 'ABCDEFGHI':
seckey_hex = binascii.hexlify(seckey).decode() seckey_hex = binascii.hexlify(seckey).decode()
print('seckey', seckey_hex) print('seckey', seckey_hex)
print(' ', hex_to_c(seckey_hex)) print(' ', hex_to_c(seckey_hex))
sk = ed25519.SigningKey(seckey) pubkey = ed25519raw.publickey(seckey)
pubkey = sk.get_verifying_key().to_bytes()
pubkey_hex = binascii.hexlify(pubkey).decode() pubkey_hex = binascii.hexlify(pubkey).decode()
print('pubkey', pubkey_hex) print('pubkey', pubkey_hex)
print(' ', hex_to_c(pubkey_hex)) print(' ', hex_to_c(pubkey_hex))