diff --git a/core/tools/keyctl-proxy b/core/tools/keyctl-proxy deleted file mode 100755 index 3ac57e187d..0000000000 --- a/core/tools/keyctl-proxy +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/env python3 -import sys -import traceback - -import click -import Pyro4 -from trezorlib import cosi -from trezorlib.client import get_default_client -from trezorlib.tools import parse_path -from trezorlib._internal.firmware_headers import ( - parse_image, - VendorHeader, - BootloaderImage, - FirmwareImage, -) - -from typing import Tuple - -Pyro4.config.SERIALIZER = "marshal" - -PORT = 5001 -indexmap = { - "bootloader": BootloaderImage, - "vendorheader": VendorHeader, - "firmware": FirmwareImage, -} - -PATH = "10018h/{}h" - -TREZOR = None - - -def make_commit(image_type, digest, public_keys): - path = PATH.format(image_type.BIP32_INDEX) - address_n = parse_path(path) - - # device information - show only first time - click.echo( - "\nUsing device {} ".format(click.style(TREZOR.features.label, bold=True)) + - "at path {}".format(TREZOR.transport.get_path()) - ) - - while True: - # signing information - repeat every time - click.echo("Commiting to {} hash:".format(click.style(image_type.NAME, bold=True))) - for partid in range(4): - digest_part = digest[partid * 8 : (partid + 1) * 8] - color = "red" if partid % 2 else "cyan" - digest_str = click.style(digest_part.hex().upper(), fg=color) - click.echo("\t" + digest_str) - click.echo("Using path: {}".format(click.style(path, bold=True))) - - try: - commit = cosi.commit(TREZOR, address_n, digest) - if public_keys is not None and commit.pubkey not in public_keys: - click.echo("\n\nPublic key {} is unknown.".format(commit.pubkey.hex())) - if click.confirm("Retry with a different passphrase?", default=True): - TREZOR.init_device() - continue - - return commit.pubkey, commit.commitment - except Exception as e: - click.echo(e) - traceback.print_exc() - click.echo("Trying again ...\n\n") - - -@Pyro4.expose -class KeyctlProxy: - def __init__( - self, daemon, image_type, digest: bytes, commit: Tuple[bytes, bytes] - ) -> None: - self.daemon = daemon - self.name = image_type.NAME - self.address_n = parse_path(PATH.format(image_type.BIP32_INDEX)) - self.digest = digest - self.commit = commit - self.signature = None - self.global_params = None - - def _check_name_digest(self, name, digest): - if name != self.name or digest != self.digest: - click.echo("ERROR! Remote wants to sign {} with digest {}".format(name, digest.hex())) - click.echo("Expected: {} with digest {}".format(self.name, self.digest.hex())) - raise ValueError("Unexpected index/digest") - - def get_commit(self, name, digest): - self._check_name_digest(name, digest) - click.echo("Sending commitment!") - return self.commit - - def _make_signature(self, global_R, global_pk): - while True: - try: - click.echo("\n\n\nSigning...") - signature = cosi.sign( - TREZOR, self.address_n, self.digest, global_R, global_pk - ) - return signature.signature - except Exception as e: - click.echo(e) - traceback.print_exc() - click.echo("Trying again ...") - - - def get_signature(self, name, digest, global_R, global_pk): - self._check_name_digest(name, digest) - global_params = global_R, global_pk - if global_params != self.global_params: - self.signature = self._make_signature(global_R, global_pk) - self.global_params = global_params - click.echo("Sending signature!") - return self.signature - - @Pyro4.oneway - def finish(self): - click.echo("Done! \\(^o^)/") - self.daemon.shutdown() - - -@click.command() -@click.option( - "-l", "--listen", "ipaddr", default="0.0.0.0", help="Bind to particular ip address" -) -@click.option("-t", "--image-type", type=click.Choice(indexmap.keys())) -@click.option("-d", "--digest") -@click.argument("fw_file", type=click.File("rb"), required=False) -def cli(ipaddr, fw_file, image_type, digest): - """Participate in signing of firmware. - - Specify either fw_file to auto-detect type and digest, or use -t and -d to specify - the type and digest manually. - """ - global TREZOR - - public_keys = None - if fw_file: - if image_type or digest: - raise click.ClickException("Do not specify fw_file together with -t/-d") - - image_type = parse_image(fw_file.read()) - digest = image_type.digest() - public_keys = image_type.public_keys - - click.echo(image_type.format()) - - if not fw_file and (not image_type or not digest): - raise click.ClickException("Please specify either fw_file or -t and -d") - - try: - TREZOR = get_default_client() - TREZOR.ui.always_prompt = True - except Exception as e: - raise click.ClickException("Please connect a Trezor and retry.") from e - - pubkey, R = make_commit(image_type, digest, public_keys) - - daemon = Pyro4.Daemon(host=ipaddr, port=PORT) - proxy = KeyctlProxy(daemon, image_type, digest, (pubkey, R)) - uri = daemon.register(proxy, "keyctl") - click.echo("keyctl-proxy running at URI: {}".format(uri)) - click.echo("Press Ctrl+C to abort.") - daemon.requestLoop() - - -if __name__ == "__main__": - cli() diff --git a/poetry.lock b/poetry.lock index fe8ea3f6d2..3e459dcf93 100644 --- a/poetry.lock +++ b/poetry.lock @@ -667,17 +667,6 @@ python-versions = ">=3.6" [package.extras] diagrams = ["jinja2", "railroad-diagrams"] -[[package]] -name = "pyro4" -version = "4.82" -description = "distributed object middleware for Python (RPC)" -category = "main" -optional = false -python-versions = "*" - -[package.dependencies] -serpent = {version = ">=1.27", markers = "python_version >= \"3.2\""} - [[package]] name = "pyserial" version = "3.5" @@ -824,14 +813,6 @@ category = "main" optional = false python-versions = ">=3.5" -[[package]] -name = "serpent" -version = "1.40" -description = "Serialization based on ast.literal_eval" -category = "main" -optional = false -python-versions = ">=3.2" - [[package]] name = "shamir-mnemonic" version = "0.2.2" @@ -1590,10 +1571,6 @@ pyparsing = [ {file = "pyparsing-3.0.7-py3-none-any.whl", hash = "sha256:a6c06a88f252e6c322f65faf8f418b16213b51bdfaece0524c1c1bc30c63c484"}, {file = "pyparsing-3.0.7.tar.gz", hash = "sha256:18ee9022775d270c55187733956460083db60b37d0d0fb357445f3094eed3eea"}, ] -pyro4 = [ - {file = "Pyro4-4.82-py2.py3-none-any.whl", hash = "sha256:bbf5d7413e616d3e1978a05d7caca62eec59692d2dab75dd22a4426ef9b8a691"}, - {file = "Pyro4-4.82.tar.gz", hash = "sha256:511f5b0804e92dd77dc33adf9c947787e3f9e9c5a96b12162f0557a7c4ce21fb"}, -] pyserial = [ {file = "pyserial-3.5-py2.py3-none-any.whl", hash = "sha256:c4451db6ba391ca6ca299fb3ec7bae67a5c55dde170964c7a14ceefec02f2cf0"}, {file = "pyserial-3.5.tar.gz", hash = "sha256:3c77e014170dfffbd816e6ffc205e9842efb10be9f58ec16d3e8675b4925cddb"}, @@ -1681,10 +1658,6 @@ scons = [ {file = "SCons-4.3.0-py3-none-any.whl", hash = "sha256:8c13911a2aa40552553488f7d625af4c0768fc8cdedab4a858d8ce42c8c3664d"}, {file = "SCons-4.3.0.tar.gz", hash = "sha256:d47081587e3675cc168f1f54f0d74a69b328a2fc90ec4feb85f728677419b879"}, ] -serpent = [ - {file = "serpent-1.40-py3-none-any.whl", hash = "sha256:14d531cedeed593e793bae4e14eb1463445e8b161cb24ddf795800a50973d3d3"}, - {file = "serpent-1.40.tar.gz", hash = "sha256:10b34e7f8e3207ee6fb70dcdc9bce473851ee3daf0b47c58aec1b48032ac11ce"}, -] shamir-mnemonic = [ {file = "shamir-mnemonic-0.2.2.tar.gz", hash = "sha256:7fb9b592e5c518192c0b0caa2c2d82e342fddd186693bc64be9647eace1b9182"}, {file = "shamir_mnemonic-0.2.2-py3-none-any.whl", hash = "sha256:7d9facea70379cad02bab18d4572c0fcd033c9d7effe5da095b9e0944bf5fbbf"}, diff --git a/pyproject.toml b/pyproject.toml index 34eb3788a0..bc640bc57f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -11,7 +11,6 @@ trezor = {path = "./python", develop = true} scons = "*" protobuf = "*" pyblake2 = "*" -Pyro4 = "*" nanopb = "^0.4.3" ## test tools