trezor-agent/trezor_agent/gpg/encode.py

204 lines
7.9 KiB
Python
Raw Normal View History

"""Create GPG ECDSA signatures and public keys using TREZOR device."""
import logging
import time
2016-05-21 17:17:58 +00:00
from . import decode, keyring, proto
from .. import client, factory, formats, util
log = logging.getLogger(__name__)
class HardwareSigner(object):
2016-04-30 07:04:44 +00:00
"""Sign messages and get public keys from a hardware device."""
def __init__(self, user_id, curve_name):
2016-04-30 07:04:44 +00:00
"""Connect to the device and retrieve required public key."""
self.client_wrapper = factory.load()
self.identity = self.client_wrapper.identity_type()
self.identity.proto = 'gpg'
self.identity.host = user_id
self.curve_name = curve_name
def pubkey(self):
2016-04-30 07:04:44 +00:00
"""Return public key as VerifyingKey object."""
addr = client.get_address(self.identity)
public_node = self.client_wrapper.connection.get_public_node(
n=addr, ecdsa_curve_name=self.curve_name)
return formats.decompress_pubkey(
pubkey=public_node.node.public_key,
curve_name=self.curve_name)
2016-04-29 19:23:12 +00:00
def sign(self, digest):
2016-04-30 10:01:14 +00:00
"""Sign the digest and return a serialized signature."""
result = self.client_wrapper.connection.sign_identity(
identity=self.identity,
challenge_hidden=digest,
2016-05-21 04:44:27 +00:00
challenge_visual='',
ecdsa_curve_name=self.curve_name)
assert result.signature[:1] == b'\x00'
sig = result.signature[1:]
2016-04-30 13:50:01 +00:00
return (proto.mpi(util.bytes2num(sig[:32])) +
proto.mpi(util.bytes2num(sig[32:])))
def close(self):
2016-04-30 07:04:44 +00:00
"""Close the connection to the device."""
self.client_wrapper.connection.clear_session()
self.client_wrapper.connection.close()
class AgentSigner(object):
2016-04-30 07:04:44 +00:00
"""Sign messages and get public keys using gpg-agent tool."""
2016-04-30 10:20:06 +00:00
def __init__(self, user_id):
2016-04-30 07:04:44 +00:00
"""Connect to the agent and retrieve required public key."""
2016-05-21 17:17:58 +00:00
self.sock = keyring.connect_to_agent()
self.keygrip = keyring.get_keygrip(user_id)
2016-04-29 19:23:12 +00:00
def sign(self, digest):
2016-04-30 07:04:44 +00:00
"""Sign the digest and return an ECDSA signature."""
2016-05-21 17:17:58 +00:00
params = keyring.sign_digest(sock=self.sock,
keygrip=self.keygrip, digest=digest)
2016-04-30 13:50:01 +00:00
return b''.join(proto.mpi(p) for p in params)
def close(self):
2016-04-30 07:04:44 +00:00
"""Close the connection to gpg-agent."""
self.sock.close()
2016-05-21 14:04:18 +00:00
def _time_format(t):
return time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(t))
2016-05-21 14:25:01 +00:00
class Factory(object):
2016-04-29 14:45:16 +00:00
"""Performs GPG signing operations."""
def __init__(self, user_id, created, curve_name):
"""Construct and loads a public key from the device."""
self.user_id = user_id
assert curve_name in formats.SUPPORTED_CURVES
self.conn = HardwareSigner(user_id, curve_name=curve_name)
2016-05-21 14:10:17 +00:00
self.pubkey = proto.PublicKey(
2016-04-29 14:45:16 +00:00
curve_name=curve_name, created=created,
verifying_key=self.conn.pubkey())
2016-05-06 19:16:03 +00:00
log.info('%s GPG public key %s created at %s for "%s"',
curve_name, self.pubkey,
2016-05-21 14:04:18 +00:00
_time_format(self.pubkey.created), user_id)
2016-04-29 14:45:16 +00:00
@classmethod
def from_public_key(cls, pubkey, user_id):
"""
Create from an existing GPG public key.
`pubkey` should be loaded via `decode.load_from_gpg(user_id)`
from the local GPG keyring.
"""
2016-05-21 14:25:01 +00:00
s = cls(user_id=user_id,
created=pubkey['created'],
curve_name=proto.find_curve_by_algo_id(pubkey['algo']))
2016-04-29 14:45:16 +00:00
assert s.pubkey.key_id() == pubkey['key_id']
return s
def close(self):
"""Close connection and turn off the screen of the device."""
self.conn.close()
2016-05-21 14:25:01 +00:00
def create_primary(self):
"""Export new primary GPG public key, ready for "gpg2 --import"."""
2016-04-30 13:50:01 +00:00
pubkey_packet = proto.packet(tag=6, blob=self.pubkey.data())
user_id_packet = proto.packet(tag=13, blob=self.user_id)
2016-04-29 19:28:41 +00:00
data_to_sign = (self.pubkey.data_to_hash() +
user_id_packet[:1] +
util.prefix_len('>L', self.user_id))
log.info('signing public key "%s"', self.user_id)
hashed_subpackets = [
2016-04-30 13:50:01 +00:00
proto.subpacket_time(self.pubkey.created), # signature time
2016-05-12 18:49:02 +00:00
# https://tools.ietf.org/html/rfc4880#section-5.2.3.4
2016-04-30 13:50:01 +00:00
proto.subpacket_byte(0x1B, 1 | 2), # key flags (certify & sign)
2016-05-12 18:49:02 +00:00
# https://tools.ietf.org/html/rfc4880#section-5.2.3.21
2016-04-30 13:50:01 +00:00
proto.subpacket_byte(0x15, 8), # preferred hash (SHA256)
2016-05-12 18:49:02 +00:00
# https://tools.ietf.org/html/rfc4880#section-5.2.3.8
2016-04-30 13:50:01 +00:00
proto.subpacket_byte(0x16, 0), # preferred compression (none)
2016-05-12 18:49:02 +00:00
# https://tools.ietf.org/html/rfc4880#section-5.2.3.9
proto.subpacket_byte(0x17, 0x80) # key server prefs (no-modify)
# https://tools.ietf.org/html/rfc4880#section-5.2.3.17
]
2016-04-29 14:45:16 +00:00
unhashed_subpackets = [
2016-04-30 13:50:01 +00:00
proto.subpacket(16, self.pubkey.key_id()), # issuer key id
2016-04-30 18:07:19 +00:00
proto.CUSTOM_SUBPACKET]
2016-04-29 14:45:16 +00:00
2016-05-21 14:25:01 +00:00
signature = proto.make_signature(
2016-04-30 10:20:06 +00:00
signer_func=self.conn.sign,
public_algo=self.pubkey.algo_id,
2016-04-29 14:45:16 +00:00
data_to_sign=data_to_sign,
sig_type=0x13, # user id & public key
hashed_subpackets=hashed_subpackets,
unhashed_subpackets=unhashed_subpackets)
2016-04-30 13:50:01 +00:00
sign_packet = proto.packet(tag=2, blob=signature)
return pubkey_packet + user_id_packet + sign_packet
2016-05-21 14:25:01 +00:00
def create_subkey(self):
"""Export new subkey to `self.user_id` GPG primary key."""
2016-04-30 13:50:01 +00:00
subkey_packet = proto.packet(tag=14, blob=self.pubkey.data())
2016-04-29 19:45:52 +00:00
primary = decode.load_from_gpg(self.user_id)
log.info('adding subkey to primary GPG key "%s" (%s)',
self.user_id, util.hexlify(primary['key_id']))
2016-04-29 19:28:41 +00:00
data_to_sign = primary['_to_hash'] + self.pubkey.data_to_hash()
2016-04-30 10:25:14 +00:00
# Primary Key Binding Signature
2016-04-28 19:10:40 +00:00
hashed_subpackets = [
2016-04-30 13:50:01 +00:00
proto.subpacket_time(self.pubkey.created)] # signature time
2016-04-29 14:45:16 +00:00
unhashed_subpackets = [
2016-04-30 13:50:01 +00:00
proto.subpacket(16, self.pubkey.key_id())] # issuer key id
2016-04-30 19:20:50 +00:00
log.info('confirm signing subkey with hardware device')
2016-05-21 14:25:01 +00:00
embedded_sig = proto.make_signature(
signer_func=self.conn.sign,
data_to_sign=data_to_sign,
public_algo=self.pubkey.algo_id,
sig_type=0x19,
hashed_subpackets=hashed_subpackets,
unhashed_subpackets=unhashed_subpackets)
2016-04-30 10:25:14 +00:00
# Subkey Binding Signature
2016-04-28 18:31:01 +00:00
hashed_subpackets = [
2016-04-30 13:50:01 +00:00
proto.subpacket_time(self.pubkey.created), # signature time
proto.subpacket_byte(0x1B, 2)] # key flags (certify & sign)
2016-04-29 14:45:16 +00:00
unhashed_subpackets = [
2016-04-30 13:50:01 +00:00
proto.subpacket(16, primary['key_id']), # issuer key id
proto.subpacket(32, embedded_sig),
2016-04-30 18:07:19 +00:00
proto.CUSTOM_SUBPACKET]
2016-04-30 19:20:50 +00:00
log.info('confirm signing subkey with gpg-agent')
2016-04-30 10:20:06 +00:00
gpg_agent = AgentSigner(self.user_id)
2016-05-21 14:25:01 +00:00
signature = proto.make_signature(
signer_func=gpg_agent.sign,
data_to_sign=data_to_sign,
public_algo=primary['algo'],
sig_type=0x18,
hashed_subpackets=hashed_subpackets,
unhashed_subpackets=unhashed_subpackets)
2016-04-30 13:50:01 +00:00
sign_packet = proto.packet(tag=2, blob=signature)
2016-04-28 18:31:01 +00:00
return subkey_packet + sign_packet
2016-05-21 14:25:01 +00:00
def sign_message(self, msg, sign_time=None):
"""Sign GPG message at specified time."""
if sign_time is None:
sign_time = int(time.time())
log.info('signing %d byte message at %s',
2016-05-21 14:04:18 +00:00
len(msg), _time_format(sign_time))
2016-04-30 13:50:01 +00:00
hashed_subpackets = [proto.subpacket_time(sign_time)]
2016-04-29 14:45:16 +00:00
unhashed_subpackets = [
2016-04-30 13:50:01 +00:00
proto.subpacket(16, self.pubkey.key_id())] # issuer key id
2016-04-29 14:45:16 +00:00
2016-05-21 14:25:01 +00:00
blob = proto.make_signature(
signer_func=self.conn.sign,
data_to_sign=msg,
public_algo=self.pubkey.algo_id,
hashed_subpackets=hashed_subpackets,
unhashed_subpackets=unhashed_subpackets)
2016-04-30 13:50:01 +00:00
return proto.packet(tag=2, blob=blob)