BTCPrivate
/
blue-loader-python
mirror of https://github.com/BTCPrivate/blue-loader-python.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Enforce certificate chain properly

This commit is contained in:
BTChip 2016-07-28 09:45:04 +02:00
parent 9032981381
commit f51eff7d96
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ledgerblue/deployed.py
View File

@ -94,6 +94,14 @@ def getDeployedSecretV2(dongle, masterPrivate, targetid):
#if cardKey <> testMasterPublic: #if cardKey <> testMasterPublic:
# raise Exception("Invalid batch public key") # raise Exception("Invalid batch public key")
print "Using test master key " + str(testMasterPublic).encode('hex')
dataToSign = bytes(bytearray([0x01]) + testMasterPublic)
signature = testMaster.ecdsa_sign(bytes(dataToSign))
signature = testMaster.ecdsa_serialize(signature)
certificate = bytearray([len(testMasterPublic)]) + testMasterPublic + bytearray([len(signature)]) + signature
apdu = bytearray([0xE0, 0x51, 0x00, 0x00]) + bytearray([len(certificate)]) + certificate
dongle.exchange(apdu)
# provide the ephemeral certificate # provide the ephemeral certificate
ephemeralPrivate = PrivateKey() ephemeralPrivate = PrivateKey()
ephemeralPublic = bytearray(ephemeralPrivate.pubkey.serialize(compressed=False)) ephemeralPublic = bytearray(ephemeralPrivate.pubkey.serialize(compressed=False))