Merge branch 'master' of https://github.com/LedgerHQ/blue-loader-python

2017-01-22 18:05:16 +01:00 · 2017-01-22 18:05:16 +01:00 · 53a76b055e
parent 3738a758e3 e73a8a6389
commit 53a76b055e
3 changed files with 73 additions and 65 deletions
--- a/ledgerblue/endorsementSetup.py
+++ b/ledgerblue/endorsementSetup.py
@ -21,29 +21,32 @@ from .comm import getDongle
 import binascii
 import argparse

+
 def auto_int(x):
    return int(x, 0)

 parser = argparse.ArgumentParser()
-parser.add_argument("--key", help="Reference of the endorsement key to setup (1 or 2)", type=auto_int)
-parser.add_argument("--certificate", help="Certificate to store if finalizing the endorsement (hex encoded)")
+parser.add_argument(
+    "--key", help="Reference of the endorsement key to setup (1 or 2)", type=auto_int)
+parser.add_argument(
+    "--certificate", help="Certificate to store if finalizing the endorsement (hex encoded)")
 parser.add_argument("--apdu", help="Display APDU log", action='store_true')

 args = parser.parse_args()

 if args.key == None:
-	raise Exception("Missing endorsement key reference")
+    raise Exception("Missing endorsement key reference")
 if args.key != 1 and args.key != 2:
-	raise Exception("Invalid endorsement key reference")
+    raise Exception("Invalid endorsement key reference")

 dongle = getDongle(args.apdu)
 if args.certificate == None:
-	apdu = bytearray([0xe0, 0xC0, args.key, 0x00, 0x00]) 
-	response = dongle.exchange(apdu)
-	print "Public key " + str(response[0:65]).encode('hex')
-	print "Certificate " + str(response[65:]).encode('hex')
+    apdu = bytearray([0xe0, 0xC0, args.key, 0x00, 0x00])
+    response = dongle.exchange(apdu)
+    print("Public key " + str(response[0:65]).encode('hex'))
+    print("Certificate " + str(response[65:]).encode('hex'))
 else:
-	certificate = bytearray.fromhex(args.certificate)
-	apdu = bytearray([0xe0, 0xC2, 0x00, 0x00, len(certificate)]) + certificate
-	dongle.exchange(apdu)
-	print "Endorsement setup finalized"
+    certificate = bytearray.fromhex(args.certificate)
+    apdu = bytearray([0xe0, 0xC2, 0x00, 0x00, len(certificate)]) + certificate
+    dongle.exchange(apdu)
+    print("Endorsement setup finalized")
--- a/ledgerblue/hashApp.py
+++ b/ledgerblue/hashApp.py
@ -32,7 +32,7 @@ parser.add_argument("--hex", help="Hex file to be hashed")
 args = parser.parse_args()

 if args.hex == None:
-	raise Exception("Missing hex filename to hash")
+    raise Exception("Missing hex filename to hash")

 # parse
 parser = IntelHexParser(args.hex)
@ -41,7 +41,7 @@ parser = IntelHexParser(args.hex)
 m = hashlib.sha256()
 # consider areas are ordered by ascending address and non-overlaped
 for a in parser.getAreas():
-	m.update(a.data)
+    m.update(a.data)
 dataToSign = m.digest()

-print dataToSign.encode('hex')
+print(dataToSign.encode('hex'))
--- a/ledgerblue/runScript.py
+++ b/ledgerblue/runScript.py
@ -25,76 +25,81 @@ import argparse
 import sys
 import fileinput

+
 def auto_int(x):
-	return int(x, 0)
+    return int(x, 0)

 parser = argparse.ArgumentParser()
 parser.add_argument("--fileName", help="Set the file name to load")
 parser.add_argument("--apdu", help="Display APDU log", action='store_true')
-parser.add_argument("--scp", help="open secure channel to exchange apdu", action='store_true')
+parser.add_argument(
+    "--scp", help="open secure channel to exchange apdu", action='store_true')
 parser.add_argument("--targetId", help="Set the chip target ID", type=auto_int)
 parser.add_argument("--rootPrivateKey", help="Set the root private key")

 args = parser.parse_args()

 if args.targetId is None:
-	args.targetId = 0x31100002
+    args.targetId = 0x31100002
 if not args.fileName:
-	#raise Exception("Missing fileName")
-	file = sys.stdin
+    #raise Exception("Missing fileName")
+    file = sys.stdin
 else:
-	file = open(args.fileName, "r")
+    file = open(args.fileName, "r")


 class SCP:
-	def __init__(self, dongle, targetId, rootPrivateKey):
-		self.key = getDeployedSecretV2(dongle, rootPrivateKey, targetId)
-		self.iv = b'\x00' * 16

-	def encryptAES(self, data):
-		paddedData = data + b'\x80'
-		while (len(paddedData) % 16) != 0:
-			paddedData += b'\x00'
-		cipher = AES.new(self.key, AES.MODE_CBC, self.iv)
-		encryptedData = cipher.encrypt(paddedData)
-		self.iv = encryptedData[len(encryptedData) - 16:]
-		return encryptedData
+    def __init__(self, dongle, targetId, rootPrivateKey):
+        self.key = getDeployedSecretV2(dongle, rootPrivateKey, targetId)
+        self.iv = b'\x00' * 16

-        def decryptAES(self, data):
-                if len(data) == 0:
-                        return data
-                cipher = AES.new(self.key, AES.MODE_CBC, self.iv)
-                decryptedData = cipher.decrypt(data)
-                l = len(decryptedData) - 1
-                while (decryptedData[l] != chr(0x80)):
-                        l-=1
-                decryptedData = decryptedData[0:l]
-                self.iv = data[len(data) - 16:]
-                return decryptedData
+    def encryptAES(self, data):
+        paddedData = data + b'\x80'
+        while (len(paddedData) % 16) != 0:
+            paddedData += b'\x00'
+        cipher = AES.new(self.key, AES.MODE_CBC, self.iv)
+        encryptedData = cipher.encrypt(paddedData)
+        self.iv = encryptedData[len(encryptedData) - 16:]
+        return encryptedData
+
+    def decryptAES(self, data):
+        if len(data) == 0:
+            return data
+        cipher = AES.new(self.key, AES.MODE_CBC, self.iv)
+        decryptedData = cipher.decrypt(data)
+        l = len(decryptedData) - 1
+        while (decryptedData[l] != chr(0x80)):
+            l -= 1
+        decryptedData = decryptedData[0:l]
+        self.iv = data[len(data) - 16:]
+        return decryptedData

 dongle = getDongle(args.apdu)
 if args.scp:
-	if args.rootPrivateKey is None:
-		privateKey = PrivateKey()
-		publicKey = binascii.hexlify(privateKey.pubkey.serialize(compressed=False))
-		print("Generated random root public key : %s" % publicKey)
-		args.rootPrivateKey = privateKey.serialize()
-	scp = SCP(dongle, args.targetId, bytearray.fromhex(args.rootPrivateKey))
+    if args.rootPrivateKey is None:
+        privateKey = PrivateKey()
+        publicKey = binascii.hexlify(
+            privateKey.pubkey.serialize(compressed=False))
+        print("Generated random root public key : %s" % publicKey)
+        args.rootPrivateKey = privateKey.serialize()
+    scp = SCP(dongle, args.targetId, bytearray.fromhex(args.rootPrivateKey))

 for data in file:
-	data = data.rstrip('\r\n').decode('hex')
-	if len(data) < 5:
-		continue
-	if args.scp:
-		data = bytearray(data)
-		if data[4] > 0 and len(data)>5:
-			apduData = data[5 : 5 + data[4]]
-			apduData = scp.encryptAES(str(apduData))
-			result = dongle.exchange(data[0:4] + bytearray([len(apduData)]) + bytearray(apduData))
-		else:
-			result = dongle.exchange(data[0:5])
-		result = scp.decryptAES(str(result))
-		if args.apdu:
-			print("<= Clear " + result.encode('hex'))
-	else:
-		dongle.exchange(bytearray(data))
+    data = data.rstrip('\r\n').decode('hex')
+    if len(data) < 5:
+        continue
+    if args.scp:
+        data = bytearray(data)
+        if data[4] > 0 and len(data) > 5:
+            apduData = data[5: 5 + data[4]]
+            apduData = scp.encryptAES(str(apduData))
+            result = dongle.exchange(
+                data[0:4] + bytearray([len(apduData)]) + bytearray(apduData))
+        else:
+            result = dongle.exchange(data[0:5])
+        result = scp.decryptAES(str(result))
+        if args.apdu:
+            print("<= Clear " + result.encode('hex'))
+    else:
+        dongle.exchange(bytearray(data))