diff --git a/trezor_agent/factory.py b/trezor_agent/factory.py index da38613..f767867 100644 --- a/trezor_agent/factory.py +++ b/trezor_agent/factory.py @@ -93,15 +93,12 @@ def _load_ledger(): @staticmethod def expand_path(path): - result = "" - for pathElement in path: - result = result + struct.pack(">I", pathElement) - return result + return b''.join((struct.pack('>I', e) for e in path)) @staticmethod def convert_public_key(ecdsa_curve_name, result): from trezorlib.messages_pb2 import PublicKey # pylint: disable=import-error - if ecdsa_curve_name == "nist256p1": + if ecdsa_curve_name == 'nist256p1': if (result[64] & 1) != 0: result = bytearray([0x03]) + result[1:33] else: @@ -112,48 +109,48 @@ def _load_ledger(): keyY = bytearray(result[32:][::-1]) if (keyX[31] & 1) != 0: keyY[31] |= 0x80 - result = chr(0) + str(keyY) + result = b'\x00' + bytes(keyY) publicKey = PublicKey() - publicKey.node.public_key = str(result) + publicKey.node.public_key = bytes(result) return publicKey # pylint: disable=unused-argument - def get_public_node(self, n, ecdsa_curve_name="secp256k1", show_display=False): + def get_public_node(self, n, ecdsa_curve_name='secp256k1', show_display=False): donglePath = LedgerClientConnection.expand_path(n) - if ecdsa_curve_name == "nist256p1": - p2 = "01" + if ecdsa_curve_name == 'nist256p1': + p2 = '01' else: - p2 = "02" - apdu = "800200" + p2 - apdu = apdu.decode('hex') - apdu += chr(len(donglePath) + 1) + chr(len(donglePath) / 4) + p2 = '02' + apdu = '800200' + p2 + apdu = binascii.unhexlify(apdu) + apdu += bytearray([len(donglePath) + 1, len(donglePath) // 4]) apdu += donglePath result = bytearray(self.dongle.exchange(bytes(apdu)))[1:] return LedgerClientConnection.convert_public_key(ecdsa_curve_name, result) # pylint: disable=too-many-locals def sign_identity(self, identity, challenge_hidden, challenge_visual, - ecdsa_curve_name="secp256k1"): + ecdsa_curve_name='secp256k1'): from trezorlib.messages_pb2 import SignedIdentity # pylint: disable=import-error n = util.get_bip32_address(identity) donglePath = LedgerClientConnection.expand_path(n) if identity.proto == 'ssh': - ins = "04" - p1 = "00" + ins = '04' + p1 = '00' else: - ins = "08" - p1 = "00" - if ecdsa_curve_name == "nist256p1": - p2 = "81" if identity.proto == 'ssh' else "01" + ins = '08' + p1 = '00' + if ecdsa_curve_name == 'nist256p1': + p2 = '81' if identity.proto == 'ssh' else '01' else: - p2 = "82" if identity.proto == 'ssh' else "02" - apdu = "80" + ins + p1 + p2 - apdu = apdu.decode('hex') - apdu += chr(len(challenge_hidden) + len(donglePath) + 1) - apdu += chr(len(donglePath) / 4) + donglePath + p2 = '82' if identity.proto == 'ssh' else '02' + apdu = '80' + ins + p1 + p2 + apdu = binascii.unhexlify(apdu) + apdu += bytearray([len(challenge_hidden) + len(donglePath) + 1]) + apdu += bytearray([len(donglePath) // 4]) + donglePath apdu += challenge_hidden result = bytearray(self.dongle.exchange(bytes(apdu))) - if ecdsa_curve_name == "nist256p1": + if ecdsa_curve_name == 'nist256p1': offset = 3 length = result[offset] r = result[offset+1:offset+1+length] @@ -166,7 +163,7 @@ def _load_ledger(): s = s[1:] offset = offset + 1 + length signature = SignedIdentity() - signature.signature = chr(0) + str(r) + str(s) + signature.signature = b'\x00' + bytes(r) + bytes(s) if identity.proto == 'ssh': keyData = result[offset:] pk = LedgerClientConnection.convert_public_key(ecdsa_curve_name, keyData) @@ -174,29 +171,29 @@ def _load_ledger(): return signature else: signature = SignedIdentity() - signature.signature = chr(0) + str(result[0:64]) + signature.signature = b'\x00' + bytes(result[0:64]) if identity.proto == 'ssh': keyData = result[64:] pk = LedgerClientConnection.convert_public_key(ecdsa_curve_name, keyData) signature.public_key = pk.node.public_key return signature - def get_ecdh_session_key(self, identity, peer_public_key, ecdsa_curve_name="secp256k1"): + def get_ecdh_session_key(self, identity, peer_public_key, ecdsa_curve_name='secp256k1'): from trezorlib.messages_pb2 import ECDHSessionKey # pylint: disable=import-error n = util.get_bip32_address(identity, True) donglePath = LedgerClientConnection.expand_path(n) - if ecdsa_curve_name == "nist256p1": - p2 = "01" + if ecdsa_curve_name == 'nist256p1': + p2 = '01' else: - p2 = "02" - apdu = "800a00" + p2 - apdu = apdu.decode('hex') - apdu += chr(len(peer_public_key) + len(donglePath) + 1) - apdu += chr(len(donglePath) / 4) + donglePath + p2 = '02' + apdu = '800a00' + p2 + apdu = binascii.unhexlify(apdu) + apdu += bytearray([len(peer_public_key) + len(donglePath) + 1]) + apdu += bytearray([len(donglePath) // 4]) + donglePath apdu += peer_public_key result = bytearray(self.dongle.exchange(bytes(apdu))) sessionKey = ECDHSessionKey() - sessionKey.session_key = str(result) + sessionKey.session_key = bytes(result) return sessionKey def clear_session(self):