deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

more change for Python

Browse Source
This commit is contained in:
NIIBE Yutaka
2015-08-04 11:57:46 +09:00
parent a6fd40d4fd
commit 254742bc6d
7 changed files with 20 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
tool/gnuk_put_binary_libusb.py
View File

@@ -24,7 +24,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
""" """
from struct import * from struct import *
import sys, time, os, binascii, string import sys, time, os, binascii
from gnuk_token import * from gnuk_token import *
# INPUT: binary file # INPUT: binary file
@@ -54,10 +54,8 @@ def main(fileid, is_update, data, passwd):
gnuk.cmd_select_openpgp() gnuk.cmd_select_openpgp()
if fileid == 0: if fileid == 0:
data_in_device = gnuk.cmd_get_data(0x00, 0x4f) data_in_device = gnuk.cmd_get_data(0x00, 0x4f)
for d in data_in_device: print(' '.join([ "%02x" % d for d in data_in_device ]))
print("%02x" % d, end=' ') compare(data + b'\x00\x00', data_in_device[8:].tostring())
print()
compare(data + b'\x00\x00', data_in_device[8:])
elif fileid >= 1 and fileid <= 4: elif fileid >= 1 and fileid <= 4:
data_in_device = gnuk.cmd_read_binary(fileid) data_in_device = gnuk.cmd_read_binary(fileid)
compare(data, data_in_device) compare(data, data_in_device)
@@ -85,7 +83,7 @@ if __name__ == '__main__':
email = os.environ['EMAIL'] email = os.environ['EMAIL']
serial_data_hex = None serial_data_hex = None
for line in f.readlines(): for line in f.readlines():
field = string.split(line) field = str.split(line)
if field[0] == email: if field[0] == email:
serial_data_hex = field[1].replace(':','') serial_data_hex = field[1].replace(':','')
f.close() f.close()

2
tool/gnuk_remove_keys_libusb.py
View File

@@ -22,7 +22,7 @@ You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
""" """
import sys, os, string import sys, os
from gnuk_token import * from gnuk_token import *

10
tool/gnuk_token.py
View File

@@ -22,7 +22,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
""" """
from struct import * from struct import *
import string, binascii import binascii
import usb, time import usb, time
from array import array from array import array
@@ -294,7 +294,7 @@ class gnuk_token(object):
cmd_data = iso7816_compose(0xa4, 0x04, 0x0c, b"\xD2\x76\x00\x01\x24\x01") cmd_data = iso7816_compose(0xa4, 0x04, 0x0c, b"\xD2\x76\x00\x01\x24\x01")
sw = self.icc_send_cmd(cmd_data) sw = self.icc_send_cmd(cmd_data)
if len(sw) != 2: if len(sw) != 2:
raise ValueError, sw raise ValueError(sw)
if not (sw[0] == 0x90 and sw[1] == 0x00): if not (sw[0] == 0x90 and sw[1] == 0x00):
raise ValueError("%02x%02x" % (sw[0], sw[1])) raise ValueError("%02x%02x" % (sw[0], sw[1]))
return True return True
@@ -303,7 +303,7 @@ class gnuk_token(object):
cmd_data = iso7816_compose(0xca, tagh, tagl, b"") cmd_data = iso7816_compose(0xca, tagh, tagl, b"")
sw = self.icc_send_cmd(cmd_data) sw = self.icc_send_cmd(cmd_data)
if len(sw) != 2: if len(sw) != 2:
raise ValueError, sw raise ValueError(sw)
if sw[0] == 0x90 and sw[1] == 0x00: if sw[0] == 0x90 and sw[1] == 0x00:
return array('B') return array('B')
elif sw[0] != 0x61: elif sw[0] != 0x61:
@@ -427,7 +427,7 @@ class gnuk_token(object):
cmd_data = iso7816_compose(0xda, tagh, tagl, b"") cmd_data = iso7816_compose(0xda, tagh, tagl, b"")
sw = self.icc_send_cmd(cmd_data) sw = self.icc_send_cmd(cmd_data)
if sw[0] != 0x90 and sw[1] != 0x00: if sw[0] != 0x90 and sw[1] != 0x00:
raise ValueError, ("%02x%02x" % (sw[0], sw[1])) raise ValueError("%02x%02x" % (sw[0], sw[1]))
def cmd_put_data_key_import_remove(self, keyno): def cmd_put_data_key_import_remove(self, keyno):
if keyno == 1: if keyno == 1:
@@ -439,7 +439,7 @@ class gnuk_token(object):
cmd_data = iso7816_compose(0xdb, 0x3f, 0xff, b"\x4d\x02" + keyspec) cmd_data = iso7816_compose(0xdb, 0x3f, 0xff, b"\x4d\x02" + keyspec)
sw = self.icc_send_cmd(cmd_data) sw = self.icc_send_cmd(cmd_data)
if sw[0] != 0x90 and sw[1] != 0x00: if sw[0] != 0x90 and sw[1] != 0x00:
raise ValueError, ("%02x%02x" % (sw[0], sw[1])) raise ValueError("%02x%02x" % (sw[0], sw[1]))
def cmd_get_challenge(self): def cmd_get_challenge(self):
cmd_data = iso7816_compose(0x84, 0x00, 0x00, '') cmd_data = iso7816_compose(0x84, 0x00, 0x00, '')

12
tool/gnuk_upgrade.py
View File

@@ -23,7 +23,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
""" """
from struct import * from struct import *
import sys, time, os, binascii, string import sys, time, os, binascii
# INPUT: binary files (regnual_image, upgrade_firmware_image) # INPUT: binary files (regnual_image, upgrade_firmware_image)
@@ -33,12 +33,6 @@ import usb
from gnuk_token import * from gnuk_token import *
def to_string(t):
result = ""
for c in t:
result += chr(c)
return result
from subprocess import check_output from subprocess import check_output
SHA256_OID_PREFIX="3031300d060960864801650304020105000420" SHA256_OID_PREFIX="3031300d060960864801650304020105000420"
@@ -97,8 +91,8 @@ def main(keyno,keygrip, data_regnual, data_upgrade):
elif icc.icc_get_status() == 1: elif icc.icc_get_status() == 1:
icc.icc_power_on() icc.icc_power_on()
icc.cmd_select_openpgp() icc.cmd_select_openpgp()
challenge = icc.cmd_get_challenge() challenge = icc.cmd_get_challenge().tostring()
signed = gpg_sign(keygrip, binascii.hexlify(to_string(challenge))) signed = gpg_sign(keygrip, binascii.hexlify(challenge))
icc.cmd_external_authenticate(keyno, signed) icc.cmd_external_authenticate(keyno, signed)
icc.stop_gnuk() icc.stop_gnuk()
mem_info = icc.mem_info() mem_info = icc.mem_info()

8
tool/rsa.py
View File

@@ -1,5 +1,4 @@
from binascii import hexlify, unhexlify from binascii import hexlify, unhexlify
import string
from os import urandom from os import urandom
def read_key_from_file(file): def read_key_from_file(file):
@@ -35,8 +34,9 @@ def modinv(a, m):
return x % m return x % m
def pkcs1_pad_for_sign(digestinfo): def pkcs1_pad_for_sign(digestinfo):
byte_repr = '\x00' + '\x01' + string.ljust('', 256 - 19 - 32 - 3, '\xff') \ byte_repr = b'\x00' + b'\x01' \
+ '\x00' + digestinfo + bytes.ljust(b'', 256 - 19 - 32 - 3, b'\xff') \
+ b'\x00' + digestinfo
return int(hexlify(byte_repr), 16) return int(hexlify(byte_repr), 16)
def compute_signature(key, digestinfo): def compute_signature(key, digestinfo):
@@ -64,7 +64,7 @@ def integer_to_bytes_256(i):
s = s.rstrip('L') s = s.rstrip('L')
if len(s) & 1: if len(s) & 1:
s = '0' + s s = '0' + s
return string.rjust(unhexlify(s), 256, '\x00') return bytes.rjust(unhexlify(s), 256, b'\x00')
def get_raw_pubkey(key): def get_raw_pubkey(key):
return key[0] return key[0]

2
tool/upgrade_by_passwd.py
View File

@@ -48,7 +48,7 @@ def main(keyno, passwd, data_regnual, data_upgrade):
gnuk.cmd_write_binary(1+keyno, rsa_raw_pubkey, False) gnuk.cmd_write_binary(1+keyno, rsa_raw_pubkey, False)
gnuk.cmd_select_openpgp() gnuk.cmd_select_openpgp()
challenge = gnuk.cmd_get_challenge() challenge = gnuk.cmd_get_challenge().tostring()
digestinfo = binascii.unhexlify(SHA256_OID_PREFIX) + challenge digestinfo = binascii.unhexlify(SHA256_OID_PREFIX) + challenge
signed = rsa.compute_signature(rsa_key, digestinfo) signed = rsa.compute_signature(rsa_key, digestinfo)
signed_bytes = rsa.integer_to_bytes_256(signed) signed_bytes = rsa.integer_to_bytes_256(signed)

4
tool/usb_strings.py
View File

@@ -41,9 +41,9 @@ def gnuk_devices_by_vidpid():
field = ['', 'Vendor', 'Product', 'Serial', 'Revision', 'Config', 'Sys', 'Board'] field = ['', 'Vendor', 'Product', 'Serial', 'Revision', 'Config', 'Sys', 'Board']
def main(n): def main(n):
for dev in gnuk_devices(): for dev in gnuk_devices_by_vidpid():
handle = dev.open() handle = dev.open()
print("Device: " % dev.filename) print("Device: %s" % dev.filename)
try: try:
for i in range(1,n): for i in range(1,n):
s = handle.getString(i, 512) s = handle.getString(i, 512)