def activate_card(reader):
try:
blocksec2go.select_app(reader)
print('Found the specified reader and a Blockchain Security 2Go card!')
except Exception as details:
print('ERROR: ' + str(details))
raise SystemExit
def activate_card(reader):
try:
blocksec2go.select_app(reader)
print('Found reader and Security 2Go card!')
except Exception as details:
print('ERROR: %s' % str(details))
raise SystemExit
def _unlock_pin(args):
reader = open_pyscard(args.reader)
select_app(reader)
unlock_pin(reader, args.puk)
if args.machine_readable:
json.dump({'status': 'success'}, fp=sys.stdout)
else:
print('OK - unlocked')
def _generate_keypair(args):
reader = open_pyscard(args.reader)
select_app(reader)
key_id = generate_keypair(reader)
if args.machine_readable:
json.dump({'status': 'success', 'key_id': key_id}, fp=sys.stdout)
else:
print('Key ID: {}'.format(key_id))
def _set_pin(args):
reader = open_pyscard(args.reader)
select_app(reader)
puk = set_pin(reader, args.pin)
if args.machine_readable:
json.dump({'status': 'success', 'puk': puk.hex()}, fp=sys.stdout)
else:
print('PUK to unlock card (hex): ' + puk.hex())
def _encrypted_keyimport(args):
reader = open_pyscard(args.reader)
select_app(reader)
if args.pin is not None:
verify_pin(reader, args.pin)
encrypted_keyimport(reader, args.seed)
if args.machine_readable:
json.dump({'status': 'success'}, fp=sys.stdout)
else:
print('OK - import succeeded')
def _unlock_pin(args):
reader = open_pyscard(args.reader)
select_app(reader)
status = unlock_pin(reader, args.puk)
if (True == status):
if args.machine_readable:
json.dump({'status': 'success'}, fp=sys.stdout)
else:
print('OK - unlocked')
elif (0 != status):
print('ERROR - ' + str(status) + ' tries left')
else:
print('ERROR - Locked')
def _get_key_info(args):
reader = open_pyscard(args.reader)
select_app(reader)
(global_counter, counter, key) = get_key_info(reader, args.key_id)
if args.machine_readable:
json.dump({
'status': 'success',
'key_id': args.key_id,
'global_counter': global_counter,
'counter': counter,
'key': key.hex()}, fp=sys.stdout)
else:
print('Remaining signatures with card: {}'.format(global_counter))
print('Remaining signatures with key {}: {}'.format(args.key_id, counter))
print('Public key (hex, encoded according to SEC1): ' + key.hex())
def _init(self):
while self.reader is None:
try:
self.reader = open_pyscard()
except Exception as details:
self.logger.debug(details)
if "No reader found" != str(
details) and "No card on reader" != str(details):
self.logger.error(details)
raise Exception(f"Reader error: {details}")
self.logger.info(
'Reader or card not found. Retrying in 1 second...')
time.sleep(1)
blocksec2go.select_app(self.reader)
self.pub_key = self._get_pub_key()
self.logger.info('Initialized security2go')
def init(self, key_id=1, retrying=False):
self.key_id = key_id
while self.reader == None:
try:
self.reader = blocksec2go.find_reader(READER_ID)
except Exception as details:
logger.debug(details)
if "No reader found" != str(
details) and "No card on reader" != str(details):
logger.error(details)
raise Exception(f"Reader error: {details}")
if retrying:
return None
time.sleep(1)
try:
blocksec2go.select_app(self.reader)
except Exception as details:
logger.error(details)
raise SystemExit
def _init(self):
retries_left = self._connect_retry_count
while not self._reader and retries_left >= 0:
try:
self._reader = open_pyscard()
except RuntimeError as details:
self._logger.debug(details)
self._logger.info(
f'Reader or card not found. {retries_left} retries left.')
retries_left = retries_left - 1
time.sleep(1)
if not self._reader:
self._logger.error('Exceeded connection retry count')
raise CardNotAvailable
blocksec2go.select_app(self._reader)
self._pub_key = self._get_pub_key()
self._logger.debug(f'Using public key {self._pub_key.hex()}')
self._logger.info(f'Initialized for address {self.get_address()}')
def _get_card_info(args):
reader = args.reader
(pin_active, card_id, version) = select_app(reader)
if args.machine_readable:
json.dump(
{
'status': 'success',
'pin_active': pin_active,
'card_id': card_id.hex(),
'version': version
},
fp=sys.stdout)
else:
print('PIN is: ' + ('ENABLED' if pin_active else 'disabled'))
print('Card ID (hex): ' + card_id.hex())
print('Version: ' + version)
def main(argv=None):
if argv == None:
argv = sys.argv
prog = sys.argv[0]
args = sys.argv[1:]
parser = argparse.ArgumentParser(
prog=prog,
description=
'Command line interface for Infineon\'s Blockchain Security 2Go starter kit'
)
subparsers = parser.add_subparsers(help='subcommands')
parser.add_argument('--reader', help='name of the reader to use')
parser.add_argument('--security_level', help='SCP03 security level')
parser.add_argument('--key_path', help='relative path to file with keys')
parser.add_argument('--machine-readable',
help='json output',
action='store_true')
parser.add_argument(
'--loglevel',
help='log level',
default='info',
choices=['debug', 'info', 'warning', 'error', 'critical', 'nolog'],
)
from blocksec2go.cli import (generate_signature, generate_keypair,
get_key_info, list_readers, get_card_info,
encrypted_keyimport, set_pin, change_pin,
unlock_pin, disable_pin, open_secure_channel,
get_status, enable_protected_mode,
add_key_label, get_key_label)
generate_signature.add_subcommand(subparsers)
generate_keypair.add_subcommand(subparsers)
get_key_info.add_subcommand(subparsers)
list_readers.add_subcommand(subparsers)
get_card_info.add_subcommand(subparsers)
encrypted_keyimport.add_subcommand(subparsers)
set_pin.add_subcommand(subparsers)
change_pin.add_subcommand(subparsers)
unlock_pin.add_subcommand(subparsers)
disable_pin.add_subcommand(subparsers)
open_secure_channel.add_subcommand(subparsers)
get_status.add_subcommand(subparsers)
enable_protected_mode.add_subcommand(subparsers)
add_key_label.add_subcommand(subparsers)
get_key_label.add_subcommand(subparsers)
args = parser.parse_args(args)
if hasattr(args, 'func'):
if args.loglevel != 'nolog':
logging.basicConfig(level=args.loglevel.upper())
try:
args.reader = open_pyscard(args.reader)
select_app(args.reader)
if (args.security_level is not None):
open_secure_channel._open_secure_channel(args)
print("Channel opened...")
args.func(args)
return 0
except CardError as e:
if args.machine_readable:
json.dump({
'status': 'CardError',
'error': e.response.sw
},
fp=sys.stdout)
else:
print(str(e))
return -1
except Exception as e:
if args.machine_readable:
json.dump({'status': 'error', 'error': str(e)}, fp=sys.stdout)
return -1
else:
raise e
else:
parser.print_help()
return 0
import blocksec2go
if ('__main__' == __name__):
reader = None
reader_name = 'Identiv uTrust 3700 F'
while (reader == None):
try:
reader = blocksec2go.find_reader(reader_name)
print('Found the specified reader and a card!', end='\r')
except Exception as details:
if ('No reader found' == str(details)):
print('No card reader found! ', end='\r')
elif ('No card on reader' == str(details)):
print('Found reader, but no card!', end='\r')
else:
print('ERROR:', details)
raise SystemExit
try:
pin_active, card_id, version = blocksec2go.select_app(reader)
print('Found the specified reader and a Blockchain Security 2Go card!')
except Exception as details:
print('ERROR:', details)
raise SystemExit
print('Is PIN enabled?', pin_active)
print('Card ID (hex):', card_id.hex())
print('Version: ' + version)
