client: not visual challength for SSH

trezor_agent/__main__.py

@@ -1,12 +1,10 @@
 """SSH-agent implementation using hardware authentication devices."""
 import argparse
-import functools
 import logging
 import os
 import re
 import subprocess
 import sys
-import time
 
 from . import client, formats, protocol, server
 
@@ -103,16 +101,10 @@ def git_host(remote_name, attributes):
             return '{user}@{host}'.format(**match.groupdict())
 
 
-def ssh_sign(conn, label, blob):
-    """Perform SSH signature using given hardware device connection."""
-    now = time.strftime('%Y-%m-%d %H:%M:%S')
-    return conn.sign_ssh_challenge(label=label, blob=blob, visual=now)
-
-
 def run_server(conn, public_key, command, debug, timeout):
     """Common code for run_agent and run_git below."""
     try:
-        signer = functools.partial(ssh_sign, conn=conn)
+        signer = conn.sign_ssh_challenge
         public_key = formats.import_public_key(public_key)
         log.info('using SSH public key: %s', public_key['fingerprint'])
         handler = protocol.Handler(keys=[public_key], signer=signer,

trezor_agent/client.py

@@ -59,7 +59,7 @@ class Client(object):
         vk = formats.decompress_pubkey(pubkey=pubkey, curve_name=self.curve)
         return formats.export_public_key(vk=vk, label=label)
 
-    def sign_ssh_challenge(self, label, blob, visual=''):
+    def sign_ssh_challenge(self, label, blob):
         """Sign given blob using a private key, specified by the label."""
         identity = self.get_identity(label=label)
         msg = _parse_ssh_blob(blob)
@@ -68,7 +68,6 @@ class Client(object):
         log.debug('nonce: %s', binascii.hexlify(msg['nonce']))
         log.debug('fingerprint: %s', msg['public_key']['fingerprint'])
         log.debug('hidden challenge size: %d bytes', len(blob))
-        log.debug('visual challenge size: %d bytes = %r', len(visual), visual)
 
         log.info('please confirm user "%s" login to "%s" using %s...',
                  msg['user'], label, self.device_name)
@@ -76,7 +75,7 @@ class Client(object):
         try:
             result = self.client.sign_identity(identity=identity,
                                                challenge_hidden=blob,
-                                               challenge_visual=visual,
+                                               challenge_visual='',
                                                ecdsa_curve_name=self.curve)
         except self.call_exception as e:
             code, msg = e.args

trezor_agent/tests/test_client.py

@@ -90,7 +90,7 @@ def test_ssh_agent():
             assert (client.identity_to_string(identity) ==
                     client.identity_to_string(ident))
             assert challenge_hidden == BLOB
-            assert challenge_visual == 'VISUAL'
+            assert challenge_visual == ''
             assert ecdsa_curve_name == 'nist256p1'
 
             result = mock.Mock(spec=[])
@@ -99,8 +99,7 @@ def test_ssh_agent():
             return result
 
         c.client.sign_identity = ssh_sign_identity
-        signature = c.sign_ssh_challenge(label=label, blob=BLOB,
-                                         visual='VISUAL')
+        signature = c.sign_ssh_challenge(label=label, blob=BLOB)
 
         key = formats.import_public_key(PUBKEY_TEXT)
         serialized_sig = key['verifier'](sig=signature, msg=BLOB)
@@ -122,7 +121,7 @@ def test_ssh_agent():
 
         c.client.sign_identity = cancel_sign_identity
         with pytest.raises(IOError):
-            c.sign_ssh_challenge(label=label, blob=BLOB, visual='VISUAL')
+            c.sign_ssh_challenge(label=label, blob=BLOB)
 
 
 def test_utils():