mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-22 15:38:11 +00:00
chore(core): remove keyctl-proxy + remove Pyro4 from Python deps
[no changelog]
This commit is contained in:
parent
e612d58f36
commit
cd5425884f
@ -1,167 +0,0 @@
|
||||
#!/usr/bin/env python3
|
||||
import sys
|
||||
import traceback
|
||||
|
||||
import click
|
||||
import Pyro4
|
||||
from trezorlib import cosi
|
||||
from trezorlib.client import get_default_client
|
||||
from trezorlib.tools import parse_path
|
||||
from trezorlib._internal.firmware_headers import (
|
||||
parse_image,
|
||||
VendorHeader,
|
||||
BootloaderImage,
|
||||
FirmwareImage,
|
||||
)
|
||||
|
||||
from typing import Tuple
|
||||
|
||||
Pyro4.config.SERIALIZER = "marshal"
|
||||
|
||||
PORT = 5001
|
||||
indexmap = {
|
||||
"bootloader": BootloaderImage,
|
||||
"vendorheader": VendorHeader,
|
||||
"firmware": FirmwareImage,
|
||||
}
|
||||
|
||||
PATH = "10018h/{}h"
|
||||
|
||||
TREZOR = None
|
||||
|
||||
|
||||
def make_commit(image_type, digest, public_keys):
|
||||
path = PATH.format(image_type.BIP32_INDEX)
|
||||
address_n = parse_path(path)
|
||||
|
||||
# device information - show only first time
|
||||
click.echo(
|
||||
"\nUsing device {} ".format(click.style(TREZOR.features.label, bold=True)) +
|
||||
"at path {}".format(TREZOR.transport.get_path())
|
||||
)
|
||||
|
||||
while True:
|
||||
# signing information - repeat every time
|
||||
click.echo("Commiting to {} hash:".format(click.style(image_type.NAME, bold=True)))
|
||||
for partid in range(4):
|
||||
digest_part = digest[partid * 8 : (partid + 1) * 8]
|
||||
color = "red" if partid % 2 else "cyan"
|
||||
digest_str = click.style(digest_part.hex().upper(), fg=color)
|
||||
click.echo("\t" + digest_str)
|
||||
click.echo("Using path: {}".format(click.style(path, bold=True)))
|
||||
|
||||
try:
|
||||
commit = cosi.commit(TREZOR, address_n, digest)
|
||||
if public_keys is not None and commit.pubkey not in public_keys:
|
||||
click.echo("\n\nPublic key {} is unknown.".format(commit.pubkey.hex()))
|
||||
if click.confirm("Retry with a different passphrase?", default=True):
|
||||
TREZOR.init_device()
|
||||
continue
|
||||
|
||||
return commit.pubkey, commit.commitment
|
||||
except Exception as e:
|
||||
click.echo(e)
|
||||
traceback.print_exc()
|
||||
click.echo("Trying again ...\n\n")
|
||||
|
||||
|
||||
@Pyro4.expose
|
||||
class KeyctlProxy:
|
||||
def __init__(
|
||||
self, daemon, image_type, digest: bytes, commit: Tuple[bytes, bytes]
|
||||
) -> None:
|
||||
self.daemon = daemon
|
||||
self.name = image_type.NAME
|
||||
self.address_n = parse_path(PATH.format(image_type.BIP32_INDEX))
|
||||
self.digest = digest
|
||||
self.commit = commit
|
||||
self.signature = None
|
||||
self.global_params = None
|
||||
|
||||
def _check_name_digest(self, name, digest):
|
||||
if name != self.name or digest != self.digest:
|
||||
click.echo("ERROR! Remote wants to sign {} with digest {}".format(name, digest.hex()))
|
||||
click.echo("Expected: {} with digest {}".format(self.name, self.digest.hex()))
|
||||
raise ValueError("Unexpected index/digest")
|
||||
|
||||
def get_commit(self, name, digest):
|
||||
self._check_name_digest(name, digest)
|
||||
click.echo("Sending commitment!")
|
||||
return self.commit
|
||||
|
||||
def _make_signature(self, global_R, global_pk):
|
||||
while True:
|
||||
try:
|
||||
click.echo("\n\n\nSigning...")
|
||||
signature = cosi.sign(
|
||||
TREZOR, self.address_n, self.digest, global_R, global_pk
|
||||
)
|
||||
return signature.signature
|
||||
except Exception as e:
|
||||
click.echo(e)
|
||||
traceback.print_exc()
|
||||
click.echo("Trying again ...")
|
||||
|
||||
|
||||
def get_signature(self, name, digest, global_R, global_pk):
|
||||
self._check_name_digest(name, digest)
|
||||
global_params = global_R, global_pk
|
||||
if global_params != self.global_params:
|
||||
self.signature = self._make_signature(global_R, global_pk)
|
||||
self.global_params = global_params
|
||||
click.echo("Sending signature!")
|
||||
return self.signature
|
||||
|
||||
@Pyro4.oneway
|
||||
def finish(self):
|
||||
click.echo("Done! \\(^o^)/")
|
||||
self.daemon.shutdown()
|
||||
|
||||
|
||||
@click.command()
|
||||
@click.option(
|
||||
"-l", "--listen", "ipaddr", default="0.0.0.0", help="Bind to particular ip address"
|
||||
)
|
||||
@click.option("-t", "--image-type", type=click.Choice(indexmap.keys()))
|
||||
@click.option("-d", "--digest")
|
||||
@click.argument("fw_file", type=click.File("rb"), required=False)
|
||||
def cli(ipaddr, fw_file, image_type, digest):
|
||||
"""Participate in signing of firmware.
|
||||
|
||||
Specify either fw_file to auto-detect type and digest, or use -t and -d to specify
|
||||
the type and digest manually.
|
||||
"""
|
||||
global TREZOR
|
||||
|
||||
public_keys = None
|
||||
if fw_file:
|
||||
if image_type or digest:
|
||||
raise click.ClickException("Do not specify fw_file together with -t/-d")
|
||||
|
||||
image_type = parse_image(fw_file.read())
|
||||
digest = image_type.digest()
|
||||
public_keys = image_type.public_keys
|
||||
|
||||
click.echo(image_type.format())
|
||||
|
||||
if not fw_file and (not image_type or not digest):
|
||||
raise click.ClickException("Please specify either fw_file or -t and -d")
|
||||
|
||||
try:
|
||||
TREZOR = get_default_client()
|
||||
TREZOR.ui.always_prompt = True
|
||||
except Exception as e:
|
||||
raise click.ClickException("Please connect a Trezor and retry.") from e
|
||||
|
||||
pubkey, R = make_commit(image_type, digest, public_keys)
|
||||
|
||||
daemon = Pyro4.Daemon(host=ipaddr, port=PORT)
|
||||
proxy = KeyctlProxy(daemon, image_type, digest, (pubkey, R))
|
||||
uri = daemon.register(proxy, "keyctl")
|
||||
click.echo("keyctl-proxy running at URI: {}".format(uri))
|
||||
click.echo("Press Ctrl+C to abort.")
|
||||
daemon.requestLoop()
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
cli()
|
27
poetry.lock
generated
27
poetry.lock
generated
@ -667,17 +667,6 @@ python-versions = ">=3.6"
|
||||
[package.extras]
|
||||
diagrams = ["jinja2", "railroad-diagrams"]
|
||||
|
||||
[[package]]
|
||||
name = "pyro4"
|
||||
version = "4.82"
|
||||
description = "distributed object middleware for Python (RPC)"
|
||||
category = "main"
|
||||
optional = false
|
||||
python-versions = "*"
|
||||
|
||||
[package.dependencies]
|
||||
serpent = {version = ">=1.27", markers = "python_version >= \"3.2\""}
|
||||
|
||||
[[package]]
|
||||
name = "pyserial"
|
||||
version = "3.5"
|
||||
@ -824,14 +813,6 @@ category = "main"
|
||||
optional = false
|
||||
python-versions = ">=3.5"
|
||||
|
||||
[[package]]
|
||||
name = "serpent"
|
||||
version = "1.40"
|
||||
description = "Serialization based on ast.literal_eval"
|
||||
category = "main"
|
||||
optional = false
|
||||
python-versions = ">=3.2"
|
||||
|
||||
[[package]]
|
||||
name = "shamir-mnemonic"
|
||||
version = "0.2.2"
|
||||
@ -1590,10 +1571,6 @@ pyparsing = [
|
||||
{file = "pyparsing-3.0.7-py3-none-any.whl", hash = "sha256:a6c06a88f252e6c322f65faf8f418b16213b51bdfaece0524c1c1bc30c63c484"},
|
||||
{file = "pyparsing-3.0.7.tar.gz", hash = "sha256:18ee9022775d270c55187733956460083db60b37d0d0fb357445f3094eed3eea"},
|
||||
]
|
||||
pyro4 = [
|
||||
{file = "Pyro4-4.82-py2.py3-none-any.whl", hash = "sha256:bbf5d7413e616d3e1978a05d7caca62eec59692d2dab75dd22a4426ef9b8a691"},
|
||||
{file = "Pyro4-4.82.tar.gz", hash = "sha256:511f5b0804e92dd77dc33adf9c947787e3f9e9c5a96b12162f0557a7c4ce21fb"},
|
||||
]
|
||||
pyserial = [
|
||||
{file = "pyserial-3.5-py2.py3-none-any.whl", hash = "sha256:c4451db6ba391ca6ca299fb3ec7bae67a5c55dde170964c7a14ceefec02f2cf0"},
|
||||
{file = "pyserial-3.5.tar.gz", hash = "sha256:3c77e014170dfffbd816e6ffc205e9842efb10be9f58ec16d3e8675b4925cddb"},
|
||||
@ -1681,10 +1658,6 @@ scons = [
|
||||
{file = "SCons-4.3.0-py3-none-any.whl", hash = "sha256:8c13911a2aa40552553488f7d625af4c0768fc8cdedab4a858d8ce42c8c3664d"},
|
||||
{file = "SCons-4.3.0.tar.gz", hash = "sha256:d47081587e3675cc168f1f54f0d74a69b328a2fc90ec4feb85f728677419b879"},
|
||||
]
|
||||
serpent = [
|
||||
{file = "serpent-1.40-py3-none-any.whl", hash = "sha256:14d531cedeed593e793bae4e14eb1463445e8b161cb24ddf795800a50973d3d3"},
|
||||
{file = "serpent-1.40.tar.gz", hash = "sha256:10b34e7f8e3207ee6fb70dcdc9bce473851ee3daf0b47c58aec1b48032ac11ce"},
|
||||
]
|
||||
shamir-mnemonic = [
|
||||
{file = "shamir-mnemonic-0.2.2.tar.gz", hash = "sha256:7fb9b592e5c518192c0b0caa2c2d82e342fddd186693bc64be9647eace1b9182"},
|
||||
{file = "shamir_mnemonic-0.2.2-py3-none-any.whl", hash = "sha256:7d9facea70379cad02bab18d4572c0fcd033c9d7effe5da095b9e0944bf5fbbf"},
|
||||
|
@ -11,7 +11,6 @@ trezor = {path = "./python", develop = true}
|
||||
scons = "*"
|
||||
protobuf = "*"
|
||||
pyblake2 = "*"
|
||||
Pyro4 = "*"
|
||||
nanopb = "^0.4.3"
|
||||
|
||||
## test tools
|
||||
|
Loading…
Reference in New Issue
Block a user