def choose_device(devices: Sequence["Transport"]) -> "Transport":
if not len(devices):
raise RuntimeError("No Trezor connected!")
if len(devices) == 1:
try:
return devices[0]
except IOError:
raise RuntimeError("Device is currently in use")
i = 0
sys.stderr.write("----------------------------\n")
sys.stderr.write("Available devices:\n")
for d in devices:
try:
client = TrezorClient(d, ui=ClickUI())
except IOError:
sys.stderr.write("[-] <device is currently in use>\n")
continue
if client.features.label:
sys.stderr.write(f"[{i}] {client.features.label}\n")
else:
sys.stderr.write(f"[{i}] <no label>\n")
client.close()
i += 1
sys.stderr.write("----------------------------\n")
sys.stderr.write("Please choose device to use:")
try:
device_id = int(input())
return devices[device_id]
except Exception:
raise ValueError("Invalid choice, exiting...")
def get_tz_priv(coin, path):
session_id = bytes.fromhex(environ.get('TZ_SESSIONID', ''))
if trezor and len(session_id) == 32:
device = get_transport()
client = TrezorClient(transport=device,
ui=ClickUI(),
session_id=session_id)
n_path = parse_path(
"m/10065'/0'") # Logical path for BIP0065 operation
info = get_public_node(client, n_path, coin_name=coin)
side, pubkey = (info.node.public_key[0], info.node.public_key[1:])
left = True if side == 2 else False
print("seed", b2x(pubkey), side)
priv = encrypt_keyvalue(client,
n_path,
path,
pubkey,
ask_on_decrypt=side,
ask_on_encrypt=False)
client.close()
print("priv", b2x(priv), left)
is_valid(priv)
return CBitcoinSecret.from_secret_bytes(priv)
else:
print("trezorlib must be available")
print("see: https://pypi.org/project/trezor/")
print("TZ_SESSIONID enviroinment variable required")
print("See: trezorctl get-session --help")
sys.exit(2)
def decrypt(type, domain, secret):
transport = get_transport()
client = TrezorClient(transport, ClickUI())
dom = type.upper() + ": " + domain
dec = decrypt_keyvalue(client, BIP32_PATH, dom, secret, False, True)
client.close()
return dec
def main():
if "encfs_root" not in os.environ:
sys.stderr.write(
"\nThis is not a standalone script and is not meant to be run independently.\n"
)
sys.stderr.write(
"\nUsage: encfs --standard --extpass=./encfs_aes_getpass.py ~/.crypt ~/crypt\n"
)
sys.exit(1)
devices = wait_for_devices()
transport = choose_device(devices)
client = TrezorClient(transport, ui=ClickUI())
rootdir = os.environ["encfs_root"] # Read "man encfs" for more
passw_file = os.path.join(rootdir, "password.dat")
if not os.path.exists(passw_file):
# New encfs drive, let's generate password
sys.stderr.write("Please provide label for new drive: ")
label = input()
sys.stderr.write("Computer asked Trezor for new strong password.\n")
# 32 bytes, good for AES
trezor_entropy = trezorlib.misc.get_entropy(client, 32)
urandom_entropy = os.urandom(32)
passw = hashlib.sha256(trezor_entropy + urandom_entropy).digest()
if len(passw) != 32:
raise ValueError("32 bytes password expected")
bip32_path = [10, 0]
passw_encrypted = trezorlib.misc.encrypt_keyvalue(
client, bip32_path, label, passw, False, True
)
data = {
"label": label,
"bip32_path": bip32_path,
"password_encrypted_hex": passw_encrypted.hex(),
}
json.dump(data, open(passw_file, "w"))
# Let's load password
data = json.load(open(passw_file, "r"))
passw = trezorlib.misc.decrypt_keyvalue(
client,
data["bip32_path"],
data["label"],
bytes.fromhex(data["password_encrypted_hex"]),
False,
True,
)
print(passw)
def get_trezor_client() -> TrezorClient:
"""
Wrapper to open connection to Trezor One
Returns:
TrezorClient object
"""
# List all connected TREZORs on USB
devices = enumerate_devices()
# Check whether we found any
if len(devices) == 0:
raise ConnectionError('No TREZOR found')
# Use first connected device
#transport = devices[0]
transport = get_transport()
ui = ClickUI()
# Creates object for manipulating TREZOR
client = TrezorClient(transport, ui)
return client
def encrypt(type, domain, secret):
transport = get_transport()
client = TrezorClient(transport, ClickUI())
dom = type.upper() + ": " + domain
enc = encrypt_keyvalue(client, BIP32_PATH, dom, secret.encode(), False,
True)
client.close()
return enc.hex()
def __init__(self, path, password=''):
super(TrezorClient, self).__init__(path, password)
if path.startswith('udp'):
logging.debug('Simulator found, using DebugLink')
transport = get_transport(path)
self.client = TrezorClientDebugLink(transport=transport)
else:
self.client = Trezor(transport=get_transport(path), ui=ClickUI())
# if it wasn't able to find a client, throw an error
if not self.client:
raise IOError("no Device")
self.password = password
os.environ['PASSPHRASE'] = password
def main():
# Use first connected device
transport = get_transport()
# Creates object for manipulating TREZOR
ui = ClickUI()
client = TrezorClient(transport, ui)
# Print out TREZOR's features and settings
print(client.features)
# Get the first address of first BIP44 account
# (should be the same address as shown in wallet.trezor.io)
bip32_path = parse_path("44'/0'/0'/0/0")
address = btc.get_address(client, 'Bitcoin', bip32_path, True)
print('Bitcoin address:', address)
client.close()
def main():
transport = get_transport(os.environ.get("TREZOR_PATH"))
identity_proto = IdentityType(proto='gpg', host='foo@bar')
client = TrezorClient(transport=transport, ui=ClickUI(), state=None)
digest = sys.stdin.buffer.read()
assert len(digest) == 64, len(digest)
result = sign_identity(client=client,
identity=identity_proto,
challenge_hidden=digest,
challenge_visual='',
ecdsa_curve_name='ed25519')
assert len(result.signature) == 65, result
assert result.signature[:1] == b'\x00'
sig = bytes(result.signature[1:])
sys.stdout.buffer.write(sig)
def unlock_trezor(self, device_path, derivation_path):
"""Unlock a Trezor for signing transactions to this network.
:param device_path: Device path of the Trezor
:param derivation_path: Derivation path of the key to use
:return: True if success, else False
"""
try:
device = get_transport(device_path, prefix_search=False)
except Exception:
try:
device = get_transport(device_path, prefix_search=True)
except Exception:
logger.exception('Failed to find Trezor device on path %s',
device_path)
return False
self.trezor = TrezorClient(transport=device, ui=ClickUI())
self.address_n = parse_path(derivation_path)
self.address = self.normalize_address(
trezoreth.get_address(self.trezor, self.address_n).hex())
return True
coin = "Testnet"
path = "m/84'/1'/0'/0/0"
nLockTime = 1602572140 # 10/13/2020 @ 6:55am (UTC)
# ########## Constants
def is_valid(priv):
n = 'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141'
priv = int(b2x(priv), 16)
n = int(n.replace(' ', ''), 16)
assert priv > 0
assert priv < n
device = get_transport()
client = TrezorClient(transport=device, ui=ClickUI())
n_path = parse_path(path)
info = get_public_node(client, n_path, coin_name=coin)
side, pubkey = (info.node.public_key[0], info.node.public_key[1:])
left = True if side == 2 else False
print("seed", b2x(pubkey), side)
priv = decrypt_keyvalue(client,
n_path,
path,
pubkey,
ask_on_decrypt=False,
ask_on_encrypt=side)
is_valid(priv)
print("priv", b2x(priv), left)
def get_client(path=None, ui=None):
if ui is None:
ui = ClickUI()
device = get_transport(path)
return TrezorClient(device, ui)
