arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-10 23:40:58 +00:00
Code Issues Releases Wiki Activity

Refactored password.dat format, backward incompatible change.

Browse Source
This commit is contained in:
slush0 2014-06-12 21:45:33 +02:00
parent f48646ac83
commit fc64a40769
1 changed files with 24 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
tools/encfs_aes_getpass.py
View File

@ -11,7 +11,6 @@ encfs --standard --extpass=./encfs_aes_getpass.py ~/.crypt ~/crypt
import os import os
import sys import sys
import json import json
import base64
import hashlib import hashlib
import binascii import binascii
@ -28,6 +27,15 @@ def wait_for_devices():
return devices return devices
def choose_device(devices): def choose_device(devices):
if not len(devices):
raise Exception("No Trezor connected!")
if len(devices) == 1:
try:
return HidTransport(devices[0])
except IOError:
raise Exception("Device is currently in use")
i = 0 i = 0
sys.stderr.write("----------------------------\n") sys.stderr.write("----------------------------\n")
sys.stderr.write("Available devices:\n") sys.stderr.write("Available devices:\n")
@ -52,21 +60,13 @@ def choose_device(devices):
try: try:
device_id = int(raw_input()) device_id = int(raw_input())
transport = HidTransport(devices[device_id]) return HidTransport(devices[device_id])
except: except:
raise Exception("Invalid choice, exiting...") raise Exception("Invalid choice, exiting...")
return transport
def main(): def main():
devices = wait_for_devices() devices = wait_for_devices()
if len(devices) > 1:
transport = choose_device(devices) transport = choose_device(devices)
else:
transport = HidTransport(devices[0])
client = TrezorClient(transport) client = TrezorClient(transport)
rootdir = os.environ['encfs_root'] # Read "man encfs" for more rootdir = os.environ['encfs_root'] # Read "man encfs" for more
@ -78,7 +78,8 @@ def main():
sys.stderr.write('Please provide label for new drive: ') sys.stderr.write('Please provide label for new drive: ')
label = raw_input() label = raw_input()
sys.stderr.write('Computer asked Trezor for new strong password.\nPlease confirm action on your device.\n') sys.stderr.write('Computer asked Trezor for new strong password.\n')
sys.stderr.write('Please confirm action on your device.\n')
# 32 bytes, good for AES # 32 bytes, good for AES
trezor_entropy = client.get_entropy(32) trezor_entropy = client.get_entropy(32)
@ -89,24 +90,24 @@ def main():
raise Exception("32 bytes password expected") raise Exception("32 bytes password expected")
bip32_path = [10, 0] bip32_path = [10, 0]
passw_encrypted = client.encrypt_keyvalue(bip32_path, passw_encrypted = client.encrypt_keyvalue(bip32_path, label, passw, False, True)
label, passw, False, True)
f = open(passw_file, 'wb') data = {'label': label,
f.write(binascii.hexlify(label) + ',' + binascii.hexlify(passw_encrypted) + \ 'bip32_path': bip32_path,
',' + binascii.hexlify(json.dumps(bip32_path))) 'password_encrypted_hex': binascii.hexlify(passw_encrypted)}
f.close()
json.dump(data, open(passw_file, 'wb'))
# Let's load password # Let's load password
data = json.load(open(passw_file, 'r'))
sys.stderr.write('Please confirm action on your device.\n') sys.stderr.write('Please confirm action on your device.\n')
label, passw_encrypted, bip32_path = open(passw_file, 'r').read().split(',') passw = client.decrypt_keyvalue(data['bip32_path'],
passw = client.decrypt_keyvalue(json.loads(binascii.unhexlify(bip32_path)), data['label'],
binascii.unhexlify(label), binascii.unhexlify(data['password_encrypted_hex']),
binascii.unhexlify(passw_encrypted),
False, True) False, True)
print passw
print passw
if __name__ == '__main__': if __name__ == '__main__':
main() main()