trezor: verify public key correctness

2015-07-20 17:21:46 +03:00
parent 00730069e7
commit e1e4a6b93e
2 changed files with 14 additions and 12 deletions
--- a/sshagent/formats.py
+++ b/sshagent/formats.py
@@ -9,6 +9,8 @@ import logging
 log = logging.getLogger(__name__)

 DER_OCTET_STRING = b'\x04'
+ECDSA_KEY_TYPE = 'ecdsa-sha2-nistp256'
+ECDSA_CURVE_NAME = 'nistp256'

 curve = ecdsa.NIST256p
 hashfunc = hashlib.sha256
@@ -66,18 +68,16 @@ def decompress_pubkey(pub):
    x = util.bytes2num(pub[1:33])
    beta = pow(int(x*x*x+A*x+B), int((P+1)//4), int(P))
    y = (P-beta) if ((beta + ord(pub[0])) % 2) else beta
-    return (x, y)

-
-def export_public_key(pubkey, label):
-    x, y = decompress_pubkey(pubkey)
    point = ecdsa.ellipticcurve.Point(curve.curve, x, y)
    vk = ecdsa.VerifyingKey.from_public_point(point, curve=curve,
                                              hashfunc=hashfunc)
-    key_type = 'ecdsa-sha2-nistp256'
-    curve_name = 'nistp256'
-    parts = [key_type, curve_name, DER_OCTET_STRING + vk.to_string()]
-    blob = ''.join([util.frame(p) for p in parts])
+    parts = [ECDSA_KEY_TYPE, ECDSA_CURVE_NAME, DER_OCTET_STRING + vk.to_string()]
+    return ''.join([util.frame(p) for p in parts])
+
+
+def export_public_key(pubkey, label):
+    blob = decompress_pubkey(pubkey)
    log.debug('fingerprint: %s', fingerprint(blob))
    b64 = base64.b64encode(blob)
-    return '{} {} {}\n'.format(key_type, b64, label)
+    return '{} {} {}\n'.format(ECDSA_KEY_TYPE, b64, label)
--- a/sshagent/trezor.py
+++ b/sshagent/trezor.py
@@ -76,6 +76,8 @@ class Client(object):
                                           challenge_hidden=blob,
                                           challenge_visual=visual,
                                           ecdsa_curve_name=self.curve_name)
+        public_key_blob = formats.decompress_pubkey(result.public_key)
+        assert public_key_blob == msg['public_key']['blob']
        assert len(result.signature) == 65
        assert result.signature[0] == b'\x00'

@@ -141,11 +143,11 @@ def _parse_ssh_blob(data):
        res['auth'] = util.read_frame(i)
        i.read(1)  # TBD
        res['key_type'] = util.read_frame(i)
-        res['pubkey'] = util.read_frame(i)
+        public_key = util.read_frame(i)
+        res['public_key'] = formats.parse_pubkey(public_key)
        assert not i.read()
        log.debug('%s: user %r via %r (%r)',
                  res['conn'], res['user'], res['auth'], res['key_type'])
        log.debug('nonce: %s', binascii.hexlify(res['nonce']))
-        pubkey = formats.parse_pubkey(res['pubkey'])
-        log.debug('fingerprint: %s', pubkey['fingerprint'])
+        log.debug('fingerprint: %s', res['public_key']['fingerprint'])
    return res