def decrypt(type, domain, secret):
transport = get_transport()
client = TrezorClient(transport, ClickUI())
dom = type.upper() + ": " + domain
dec = decrypt_keyvalue(client, BIP32_PATH, dom, secret, False, True)
client.close()
return dec
def decrypt(ctrl, hw_session: HwSessionInfo, bip32_path_n: List[int], label: str, value: bytearray):
ctrl.dlg_config_fun(dlg_title="Data decryption", show_progress_bar=False)
ctrl.display_msg_fun(f'<b>Decrypting \'{label}\'...</b><br><br>Enter the hardware wallet PIN/passphrase '
f'(if needed)<br> and click the confirmation button to decrypt data.')
if hw_session.hw_type == HWType.trezor:
from trezorlib import misc, btc
client = hw_session.hw_client
data = misc.decrypt_keyvalue(client, bip32_path_n, label, value, ask_on_encrypt, ask_on_decrypt)
pub_key = btc.get_public_node(client, bip32_path_n).node.public_key
return data, pub_key
elif hw_session.hw_type == HWType.keepkey:
client = hw_session.hw_client
data = client.decrypt_keyvalue(bip32_path_n, label, value, ask_on_encrypt, ask_on_decrypt)
pub_key = client.get_public_node(bip32_path_n).node.public_key
return data, pub_key
elif hw_session.hw_type == HWType.ledger_nano_s:
raise Exception('Feature not available for Ledger Nano S.')
else:
raise Exception('Invalid HW type: ' + str(hw_session))
def decrypt(type, domain, secret):
transport = get_transport()
client = TrezorClient(transport, ClickUI())
dom = type.upper() + ": " + domain
dec = decrypt_keyvalue(client, BIP32_PATH, dom, secret, False, True)
client.close()
return dec
def decrypt_item(self, key, encrypted_nonce, encrypted_value):
u"""Decrypt the given value using the connected Trezor."""
trezor = self.find_trezor()
address_n = tools.parse_path(self.BIP_ADDRESS)
nonce_key = 'Decrypt key {}?'.format(key)
nonce = bytes(
misc.decrypt_keyvalue(trezor,
address_n,
nonce_key,
encrypted_nonce,
ask_on_encrypt=False,
ask_on_decrypt=True))
value = aes_gcm_decrypt(nonce, encrypted_value)
trezor.close()
return value.decode()
def getDecryptedNonce(self, entry):
self.__getClient()
if 'item' in entry:
item = entry['item']
else:
item = entry['title']
pr = urlparse(item)
if pr.scheme and pr.netloc:
item = pr.netloc
ENC_KEY = 'Unlock %s for user %s?' % (item, entry['username'])
ENC_VALUE = entry['nonce']
decrypted_nonce = misc.decrypt_keyvalue(self.client, BIP32_PATH,
ENC_KEY,
bytes.fromhex(ENC_VALUE),
False, True)
return decrypted_nonce.hex()
def getDecryptedNonce(client, entry):
print()
print('Waiting for Trezor input ...')
print()
if 'item' in entry:
item = entry['item']
else:
item = entry['title']
pr = urlparse(item)
if pr.scheme and pr.netloc:
item = pr.netloc
ENC_KEY = f"Unlock {item} for user {entry['username']}?"
ENC_VALUE = entry['nonce']
decrypted_nonce = misc.decrypt_keyvalue(client, BIP32_PATH, ENC_KEY,
bytes.fromhex(ENC_VALUE), False,
True)
return decrypted_nonce.hex()
def getDecryptedNonce(client: TrezorClient, entry: dict) -> str:
print()
print("Waiting for Trezor input ...")
print()
if "item" in entry:
item = entry["item"]
else:
item = entry["title"]
pr = urlparse(item)
if pr.scheme and pr.netloc:
item = pr.netloc
ENC_KEY = f"Unlock {item} for user {entry['username']}?"
ENC_VALUE = entry["nonce"]
decrypted_nonce = misc.decrypt_keyvalue(
client, BIP32_PATH, ENC_KEY, bytes.fromhex(ENC_VALUE), False, True
)
return decrypted_nonce.hex()
def getDecryptedNonce(client, entry):
print()
print('Waiting for TREZOR input ...')
print()
if 'item' in entry:
item = entry['item']
else:
item = entry['title']
pr = urlparse(item)
if pr.scheme and pr.netloc:
item = pr.netloc
ENC_KEY = 'Unlock %s for user %s?' % (item, entry['username'])
ENC_VALUE = entry['nonce']
decrypted_nonce = misc.decrypt_keyvalue(
client,
BIP32_PATH,
ENC_KEY,
bytes.fromhex(ENC_VALUE),
False,
True
)
return decrypted_nonce.hex()
def test_decrypt_badlen(client: Client):
with pytest.raises(Exception):
misc.decrypt_keyvalue(client, [0, 1, 2], "test", b"testing")
def test_decrypt(client: Client):
res = misc.decrypt_keyvalue(
client,
[0, 1, 2],
"test",
bytes.fromhex("676faf8f13272af601776bc31bc14e8f"),
ask_on_encrypt=True,
ask_on_decrypt=True,
)
assert res == b"testing message!"
res = misc.decrypt_keyvalue(
client,
[0, 1, 2],
"test",
bytes.fromhex("5aa0fbcb9d7fa669880745479d80c622"),
ask_on_encrypt=True,
ask_on_decrypt=False,
)
assert res == b"testing message!"
res = misc.decrypt_keyvalue(
client,
[0, 1, 2],
"test",
bytes.fromhex("958d4f63269b61044aaedc900c8d6208"),
ask_on_encrypt=False,
ask_on_decrypt=True,
)
assert res == b"testing message!"
res = misc.decrypt_keyvalue(
client,
[0, 1, 2],
"test",
bytes.fromhex("e0cf0eb0425947000eb546cc3994bc6c"),
ask_on_encrypt=False,
ask_on_decrypt=False,
)
assert res == b"testing message!"
# different key
res = misc.decrypt_keyvalue(
client,
[0, 1, 2],
"test2",
bytes.fromhex("de247a6aa6be77a134bb3f3f925f13af"),
ask_on_encrypt=True,
ask_on_decrypt=True,
)
assert res == b"testing message!"
# different message
res = misc.decrypt_keyvalue(
client,
[0, 1, 2],
"test",
bytes.fromhex(
"676faf8f13272af601776bc31bc14e8f3ae1c88536bf18f1b44f1e4c2c4a613d"
),
ask_on_encrypt=True,
ask_on_decrypt=True,
)
assert res == b"testing message! it is different"
# different path
res = misc.decrypt_keyvalue(
client,
[0, 1, 3],
"test",
bytes.fromhex("b4811a9d492f5355a5186ddbfccaae7b"),
ask_on_encrypt=True,
ask_on_decrypt=True,
)
assert res == b"testing message!"
def test_decrypt_badlen(self):
self.setup_mnemonic_nopin_nopassphrase()
with pytest.raises(Exception):
misc.decrypt_keyvalue(self.client, [0, 1, 2], b"test", b"testing")
n = int(n.replace(' ', ''), 16)
assert priv > 0
assert priv < n
device = get_transport()
client = TrezorClient(transport=device, ui=ClickUI())
n_path = parse_path(path)
info = get_public_node(client, n_path, coin_name=coin)
side, pubkey = (info.node.public_key[0], info.node.public_key[1:])
left = True if side == 2 else False
print("seed", b2x(pubkey), side)
priv = decrypt_keyvalue(client,
n_path,
path,
pubkey,
ask_on_decrypt=False,
ask_on_encrypt=side)
is_valid(priv)
print("priv", b2x(priv), left)
client.close()
SelectParams(coin.lower())
seckey = CBitcoinSecret.from_secret_bytes(priv)
# Create a witnessScript and corresponding redeemScript. Similar to a scriptPubKey
# the redeemScript must be satisfied for the funds to be spent.
txin_witnessScript = CScript([seckey.pub, OP_CHECKSIG])
expiry = lx(hex(nLockTime).replace('0x', ''))
def decrypt(key, value):
addr = [0,1,2]
dec = misc.decrypt_keyvalue(client, addr, key, binascii.unhexlify(value), ask_on_encrypt=True, ask_on_decrypt=True)
return dec
def test_decrypt_badlen(self):
self.setup_mnemonic_nopin_nopassphrase()
with pytest.raises(Exception):
misc.decrypt_keyvalue(self.client, [0, 1, 2], b"test", b"testing")
def test_decrypt(self):
self.setup_mnemonic_nopin_nopassphrase()
# different ask values
res = misc.decrypt_keyvalue(
self.client,
[0, 1, 2],
b"test",
bytes.fromhex("676faf8f13272af601776bc31bc14e8f"),
ask_on_encrypt=True,
ask_on_decrypt=True,
)
assert res == b"testing message!"
res = misc.decrypt_keyvalue(
self.client,
[0, 1, 2],
b"test",
bytes.fromhex("5aa0fbcb9d7fa669880745479d80c622"),
ask_on_encrypt=True,
ask_on_decrypt=False,
)
assert res == b"testing message!"
res = misc.decrypt_keyvalue(
self.client,
[0, 1, 2],
b"test",
bytes.fromhex("958d4f63269b61044aaedc900c8d6208"),
ask_on_encrypt=False,
ask_on_decrypt=True,
)
assert res == b"testing message!"
res = misc.decrypt_keyvalue(
self.client,
[0, 1, 2],
b"test",
bytes.fromhex("e0cf0eb0425947000eb546cc3994bc6c"),
ask_on_encrypt=False,
ask_on_decrypt=False,
)
assert res == b"testing message!"
# different key
res = misc.decrypt_keyvalue(
self.client,
[0, 1, 2],
b"test2",
bytes.fromhex("de247a6aa6be77a134bb3f3f925f13af"),
ask_on_encrypt=True,
ask_on_decrypt=True,
)
assert res == b"testing message!"
# different message
res = misc.decrypt_keyvalue(
self.client,
[0, 1, 2],
b"test",
bytes.fromhex(
"676faf8f13272af601776bc31bc14e8f3ae1c88536bf18f1b44f1e4c2c4a613d"
),
ask_on_encrypt=True,
ask_on_decrypt=True,
)
assert res == b"testing message! it is different"
# different path
res = misc.decrypt_keyvalue(
self.client,
[0, 1, 3],
b"test",
bytes.fromhex("b4811a9d492f5355a5186ddbfccaae7b"),
ask_on_encrypt=True,
ask_on_decrypt=True,
)
assert res == b"testing message!"
