trezor-agent/trezor_agent/gpg/agent.py

"""GPG-agent utilities."""
import binascii
import contextlib
import logging
import os

from . import decode, encode, keyring
from .. import util

log = logging.getLogger(__name__)


def yield_connections(sock):
    """Run a server on the specified socket."""
    while True:
        log.debug('waiting for connection on %s', sock.getsockname())
        try:
            conn, _ = sock.accept()
        except KeyboardInterrupt:
            return
        conn.settimeout(None)
        log.debug('accepted connection on %s', sock.getsockname())
        yield conn


def serialize(data):
    """Serialize data according to ASSUAN protocol."""
    for c in ['%', '\n', '\r']:
        data = data.replace(c, '%{:02X}'.format(ord(c)))
    return data


def sig_encode(r, s):
    """Serialize ECDSA signature data into GPG S-expression."""
    r = serialize(util.num2bytes(r, 32))
    s = serialize(util.num2bytes(s, 32))
    return '(7:sig-val(5:ecdsa(1:r32:{})(1:s32:{})))'.format(r, s)


def pksign(keygrip, digest, algo):
    """Sign a message digest using a private EC key."""
    assert algo == '8'
    user_id = os.environ['TREZOR_GPG_USER_ID']
    pubkey_dict = decode.load_public_key(
        pubkey_bytes=keyring.export_public_key(user_id=user_id),
        use_custom=True, ecdh=False)
    pubkey, conn = encode.load_from_public_key(pubkey_dict=pubkey_dict)
    with contextlib.closing(conn):
        assert pubkey.keygrip == binascii.unhexlify(keygrip)
        r, s = conn.sign(binascii.unhexlify(digest))
        result = sig_encode(r, s)
        log.debug('result: %r', result)
        return result


def _serialize_point(data):
    data = '{}:'.format(len(data)) + data
    # https://www.gnupg.org/documentation/manuals/assuan/Server-responses.html
    for c in ['%', '\n', '\r']:
        data = data.replace(c, '%{:02X}'.format(ord(c)))
    return '(5:value' + data + ')'


def parse_ecdh(line):
    """Parse ECDH request and return remote public key."""
    prefix, line = line.split(' ', 1)
    assert prefix == 'D'
    exp, leftover = keyring.parse(keyring.unescape(line))
    log.debug('ECDH s-exp: %r', exp)
    assert not leftover
    label, exp = exp
    assert label == b'enc-val'
    assert exp[0] == b'ecdh'
    items = exp[1:]
    log.debug('ECDH parameters: %r', items)
    return dict(items)['e']


def pkdecrypt(keygrip, conn):
    """Handle decryption using ECDH."""
    for msg in [b'S INQUIRE_MAXLEN 4096', b'INQUIRE CIPHERTEXT']:
        keyring.sendline(conn, msg)

    line = keyring.recvline(conn)
    assert keyring.recvline(conn) == b'END'
    remote_pubkey = parse_ecdh(line)

    user_id = os.environ['TREZOR_GPG_USER_ID']
    local_pubkey = decode.load_public_key(
        pubkey_bytes=keyring.export_public_key(user_id=user_id),
        use_custom=True, ecdh=True)
    pubkey, conn = encode.load_from_public_key(pubkey_dict=local_pubkey)
    with contextlib.closing(conn):
        assert pubkey.keygrip == binascii.unhexlify(keygrip)
        shared_secret = conn.ecdh(remote_pubkey)

    assert len(shared_secret) == 65
    assert shared_secret[:1] == b'\x04'
    return _serialize_point(shared_secret)


def handle_connection(conn):
    """Handle connection from GPG binary using the ASSUAN protocol."""
    keygrip = None
    digest = None
    algo = None
    version = keyring.gpg_version()

    keyring.sendline(conn, b'OK')
    for line in keyring.iterlines(conn):
        parts = line.split(' ')
        command = parts[0]
        args = parts[1:]
        if command in {'RESET', 'OPTION', 'HAVEKEY', 'SETKEYDESC'}:
            pass  # reply with OK
        elif command == 'GETINFO':
            keyring.sendline(conn, b'D ' + version)
        elif command == 'AGENT_ID':
            keyring.sendline(conn, b'D TREZOR')
        elif command in {'SIGKEY', 'SETKEY'}:
            keygrip, = args
        elif command == 'SETHASH':
            algo, digest = args
        elif command == 'PKSIGN':
            sig = pksign(keygrip, digest, algo)
            keyring.sendline(conn, b'D ' + sig)
        elif command == 'PKDECRYPT':
            sec = pkdecrypt(keygrip, conn)
            keyring.sendline(conn, b'D ' + sec)
        elif command == 'BYE':
            return
        else:
            log.error('unknown request: %r', line)
            return

        keyring.sendline(conn, b'OK')
HACK: add preliminary gpg support 2016-05-30 14:49:21 +00:00			`"""GPG-agent utilities."""`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`import binascii`
			`import contextlib`
			`import logging`
Use TREZOR_GPG_USER_ID in agent 2016-06-21 23:56:37 +00:00			`import os`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00
HACK: add preliminary gpg support 2016-05-30 14:49:21 +00:00			`from . import decode, encode, keyring`
gpg: move agent main code to __main__ 2016-06-04 06:36:48 +00:00			`from .. import util`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00
			`log = logging.getLogger(__name__)`


			`def yield_connections(sock):`
			`"""Run a server on the specified socket."""`
			`while True:`
			`log.debug('waiting for connection on %s', sock.getsockname())`
gpg: allow graceful exit via Ctrl+C 2016-06-03 11:42:40 +00:00			`try:`
			`conn, _ = sock.accept()`
			`except KeyboardInterrupt:`
			`return`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`conn.settimeout(None)`
			`log.debug('accepted connection on %s', sock.getsockname())`
			`yield conn`


			`def serialize(data):`
HACK: add preliminary gpg support 2016-05-30 14:49:21 +00:00			`"""Serialize data according to ASSUAN protocol."""`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`for c in ['%', '\n', '\r']:`
			`data = data.replace(c, '%{:02X}'.format(ord(c)))`
			`return data`


HACK: add preliminary gpg support 2016-05-30 14:49:21 +00:00			`def sig_encode(r, s):`
			`"""Serialize ECDSA signature data into GPG S-expression."""`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`r = serialize(util.num2bytes(r, 32))`
			`s = serialize(util.num2bytes(s, 32))`
HACK: better logging 2016-06-01 15:34:22 +00:00			`return '(7:sig-val(5:ecdsa(1:r32:{})(1:s32:{})))'.format(r, s)`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00

HACK: add preliminary gpg support 2016-05-30 14:49:21 +00:00			`def pksign(keygrip, digest, algo):`
			`"""Sign a message digest using a private EC key."""`
			`assert algo == '8'`
Use TREZOR_GPG_USER_ID in agent 2016-06-21 23:56:37 +00:00			`user_id = os.environ['TREZOR_GPG_USER_ID']`
agent: refactor signature and ECDH 2016-06-11 12:06:35 +00:00			`pubkey_dict = decode.load_public_key(`
Use TREZOR_GPG_USER_ID in agent 2016-06-21 23:56:37 +00:00			`pubkey_bytes=keyring.export_public_key(user_id=user_id),`
gpg: load correct key if ECDH is requested 2016-06-17 06:32:43 +00:00			`use_custom=True, ecdh=False)`
agent: refactor signature and ECDH 2016-06-11 12:06:35 +00:00			`pubkey, conn = encode.load_from_public_key(pubkey_dict=pubkey_dict)`
			`with contextlib.closing(conn):`
			`assert pubkey.keygrip == binascii.unhexlify(keygrip)`
			`r, s = conn.sign(binascii.unhexlify(digest))`
HACK: add preliminary gpg support 2016-05-30 14:49:21 +00:00			`result = sig_encode(r, s)`
			`log.debug('result: %r', result)`
			`return result`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00

HACK: support ECDH in agent - note keygrip and ID errors. 2016-06-02 20:24:36 +00:00			`def _serialize_point(data):`
			`data = '{}:'.format(len(data)) + data`
			`# https://www.gnupg.org/documentation/manuals/assuan/Server-responses.html`
			`for c in ['%', '\n', '\r']:`
			`data = data.replace(c, '%{:02X}'.format(ord(c)))`
			`return '(5:value' + data + ')'`


gpg: refactor ecdh case 2016-06-03 11:39:16 +00:00			`def parse_ecdh(line):`
gpg: add docstrings 2016-06-03 19:44:25 +00:00			`"""Parse ECDH request and return remote public key."""`
gpg: refactor ecdh case 2016-06-03 11:39:16 +00:00			`prefix, line = line.split(' ', 1)`
			`assert prefix == 'D'`
			`exp, leftover = keyring.parse(keyring.unescape(line))`
			`log.debug('ECDH s-exp: %r', exp)`
			`assert not leftover`
			`label, exp = exp`
			`assert label == b'enc-val'`
			`assert exp[0] == b'ecdh'`
			`items = exp[1:]`
			`log.debug('ECDH parameters: %r', items)`
			`return dict(items)['e']`


HACK: support ECDH in agent - note keygrip and ID errors. 2016-06-02 20:24:36 +00:00			`def pkdecrypt(keygrip, conn):`
gpg: add docstrings 2016-06-03 19:44:25 +00:00			`"""Handle decryption using ECDH."""`
HACK: support ECDH in agent - note keygrip and ID errors. 2016-06-02 20:24:36 +00:00			`for msg in [b'S INQUIRE_MAXLEN 4096', b'INQUIRE CIPHERTEXT']:`
			`keyring.sendline(conn, msg)`

			`line = keyring.recvline(conn)`
gpg: refactor ecdh case 2016-06-03 11:39:16 +00:00			`assert keyring.recvline(conn) == b'END'`
			`remote_pubkey = parse_ecdh(line)`

Use TREZOR_GPG_USER_ID in agent 2016-06-21 23:56:37 +00:00			`user_id = os.environ['TREZOR_GPG_USER_ID']`
gpg: refactor ecdh case 2016-06-03 11:39:16 +00:00			`local_pubkey = decode.load_public_key(`
Use TREZOR_GPG_USER_ID in agent 2016-06-21 23:56:37 +00:00			`pubkey_bytes=keyring.export_public_key(user_id=user_id),`
gpg: load correct key if ECDH is requested 2016-06-17 06:32:43 +00:00			`use_custom=True, ecdh=True)`
agent: refactor signature and ECDH 2016-06-11 12:06:35 +00:00			`pubkey, conn = encode.load_from_public_key(pubkey_dict=local_pubkey)`
			`with contextlib.closing(conn):`
			`assert pubkey.keygrip == binascii.unhexlify(keygrip)`
			`shared_secret = conn.ecdh(remote_pubkey)`
HACK: support ECDH in agent - note keygrip and ID errors. 2016-06-02 20:24:36 +00:00
			`assert len(shared_secret) == 65`
			`assert shared_secret[:1] == b'\x04'`
			`return _serialize_point(shared_secret)`


gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`def handle_connection(conn):`
HACK: add preliminary gpg support 2016-05-30 14:49:21 +00:00			`"""Handle connection from GPG binary using the ASSUAN protocol."""`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`keygrip = None`
			`digest = None`
			`algo = None`
gpg: use local version 2016-06-04 16:45:03 +00:00			`version = keyring.gpg_version()`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00
HACK: better logging 2016-06-01 15:34:22 +00:00			`keyring.sendline(conn, b'OK')`
gpg: move 'iterlines' to keyring 2016-07-26 14:50:49 +00:00			`for line in keyring.iterlines(conn):`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`parts = line.split(' ')`
			`command = parts[0]`
			`args = parts[1:]`
			`if command in {'RESET', 'OPTION', 'HAVEKEY', 'SETKEYDESC'}:`
			`pass # reply with OK`
			`elif command == 'GETINFO':`
gpg: use local version 2016-06-04 16:45:03 +00:00			`keyring.sendline(conn, b'D ' + version)`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`elif command == 'AGENT_ID':`
HACK: better logging 2016-06-01 15:34:22 +00:00			`keyring.sendline(conn, b'D TREZOR')`
HACK: support ECDH in agent - note keygrip and ID errors. 2016-06-02 20:24:36 +00:00			`elif command in {'SIGKEY', 'SETKEY'}:`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`keygrip, = args`
			`elif command == 'SETHASH':`
			`algo, digest = args`
			`elif command == 'PKSIGN':`
HACK: add preliminary gpg support 2016-05-30 14:49:21 +00:00			`sig = pksign(keygrip, digest, algo)`
HACK: better logging 2016-06-01 15:34:22 +00:00			`keyring.sendline(conn, b'D ' + sig)`
HACK: support ECDH in agent - note keygrip and ID errors. 2016-06-02 20:24:36 +00:00			`elif command == 'PKDECRYPT':`
			`sec = pkdecrypt(keygrip, conn)`
			`keyring.sendline(conn, b'D ' + sec)`
gpg: handle BYE command 2016-06-03 14:43:46 +00:00			`elif command == 'BYE':`
			`return`
gpg: hack agent prototype 2016-05-28 20:02:45 +00:00			`else:`
			`log.error('unknown request: %r', line)`
			`return`

HACK: better logging 2016-06-01 15:34:22 +00:00			`keyring.sendline(conn, b'OK')`