def test_recovery(): privkeys, chaincode = recover.restore_key_and_chaincode("backup.zip", "priv.pem", "Thefireblocks1!") assert(privkeys['MPC_ECDSA_SECP256K1'] == 0x473d1820ca4bf7cf6b018a8520b1ec0849cb99bce4fff45c5598723f67b3bd52) pub = recover.get_public_key("MPC_ECDSA_SECP256K1", privkeys['MPC_ECDSA_SECP256K1']) assert(pub == "021d84f3b6d7c6888f81c7cc381b658d85319f27e1ea9c93dff128667fb4b82ba0") assert(recover.encode_extended_key('MPC_ECDSA_SECP256K1', privkeys['MPC_ECDSA_SECP256K1'], chaincode, False) == "xprv9s21ZrQH143K24Mfq5zL5MhWK9hUhhGbd45hLXo2Pq2oqzMMo63oStZzF9aunJDs4SsrmoxycAo6xxBTHawSz5sYxEy8TpCkv66Sci373DJ") assert(recover.encode_extended_key('MPC_ECDSA_SECP256K1', pub, chaincode, True) == "xpub661MyMwAqRbcEYS8w7XLSVeEsBXy79zSzH1J8vCdxAZningWLdN3zgtU6QJJZSgiCXT6sq7wa2jCk5t4Vv1r1E4q1venKghAAdyzieufGyX") print("recovery OK")
def test_full_recovery(): privkeys, chaincode = recover.restore_key_and_chaincode("backup_new.zip", "priv2.pem", "Thefireblocks1!") assert(privkeys['MPC_ECDSA_SECP256K1'] == 0x66b1baf063db6e7152480334ebab0ab098e85f682b784754e46c18c962a1aa9d) assert(privkeys['MPC_EDDSA_ED25519'] == 0xd74820d02cc2aa09e2d0bcb36aeb92625b3d92c8d202063eab5513fd4453a44) pub = recover.get_public_key("MPC_ECDSA_SECP256K1", privkeys['MPC_ECDSA_SECP256K1']) assert(pub == "02e0bf609d7ced9c49e9f4c1d1df0142bb95eb622fa617a9f7280fa23b7f013dc6") assert(recover.encode_extended_key('MPC_ECDSA_SECP256K1', privkeys['MPC_ECDSA_SECP256K1'], chaincode, False) == "xprv9s21ZrQH143K2zPNSbKDKusTNW4XVwvTCCEFvcLkeNyauqJJd9UjZg3AtfZbmXa22TFph2NdACUPoWR4sCqMCKQM1j7jRvLuBCF3YoapsX6") assert(recover.encode_extended_key('MPC_ECDSA_SECP256K1', pub, chaincode, True) == "xpub661MyMwAqRbcFUTqYcrDh3pBvXu1uQeJZR9rizkNCiWZnddTAgnz7UMejwX7u4xLmh2JMTtL7DdZmBWGUKa7v836UarassQ3DVFATMzRycV") pub = recover.get_public_key("MPC_EDDSA_ED25519", privkeys['MPC_EDDSA_ED25519']) assert(pub == "0050cfee85dabebed78f43e94a1b7afd13c20461ad66efa083779bdeffd22269d9") assert(recover.encode_extended_key('MPC_EDDSA_ED25519', privkeys['MPC_EDDSA_ED25519'], chaincode, False) == "fprv4LsXPWzhTTp9ax8NGVwbnRFuT3avVQ4ydHNWcu8hCGZd18TRKxgAzbrpY9bLJRe4Y2AyX9TfQdDPbmqEYoDCTju9QFZbUgdsxsmUgfvuEDK") assert(recover.encode_extended_key('MPC_EDDSA_ED25519', pub, chaincode, True) == "fpub8sZZXw2wbqVpURAAA9cCBpv2256rejFtCayHuRAzcYN1qciBxMVmB6UgiDAQTUZh5EP9JZciPQPjKAHyqPYHELqEHWkvo1sxreEJgLyfCJj") print("recovery OK")
def test_cmp_recovery(): privkeys, chaincode = recover.restore_key_and_chaincode("backup_cmp.zip", "priv.pem", "Fireblocks1!") assert(privkeys['MPC_CMP_ECDSA_SECP256K1'] == 0xf57c18e98a24ca0b36fbbd103233aff128b740426da189ce208545d44bbad050) assert(privkeys['MPC_CMP_EDDSA_ED25519'] == 0xa536dc2f2d744ae78eb26fdfb4b9e234a649525e0a1142bf900cd9c26987007) pub = recover.get_public_key("MPC_CMP_ECDSA_SECP256K1", privkeys['MPC_CMP_ECDSA_SECP256K1']) assert(pub == "03321ad97aea16624280b83e1c1b36bb9cb293cac84925fe5fcf956386cd063fec") assert(recover.encode_extended_key('MPC_CMP_ECDSA_SECP256K1', privkeys['MPC_CMP_ECDSA_SECP256K1'], chaincode, False) == "xprv9s21ZrQH143K3PhnQQqPZm38HtkJ3bjcVmwc1SfGG8ddw3jXtrhSBNFNcVVx7VUL8vPpmMg1dqxhecVq8WJ1VHn9yoeRM88qfYEnEEi6XaQ") assert(recover.encode_extended_key('MPC_CMP_ECDSA_SECP256K1', pub, chaincode, True) == "xpub661MyMwAqRbcFsnFWSNPvtyrqvanT4TTrzsCoq4spUAcor4gSQ1gjAZrTkzR1o8XZ5uPq6WELaga3Zh1eJyfXLvfkWTfV7AjdFU5VuWMpPp") pub = recover.get_public_key("MPC_CMP_EDDSA_ED25519", privkeys['MPC_CMP_EDDSA_ED25519']) assert(pub == "00701c977bd4d2038328dd8154c147f9d40225fc8e9fd98c010cc968ea8fabb362") assert(recover.encode_extended_key('MPC_CMP_EDDSA_ED25519', privkeys['MPC_CMP_EDDSA_ED25519'], chaincode, False) == "fprv4LsXPWzhTTp9bMSnEKTn2GRaNSGh33t8vs5rhjTCp2Dg2LtebftscJ52FxRRKeHGLfK6X5Lg3LcsGxQyHZ8ovvPsP2s9PLbZC2VFHc64vFH") assert(recover.encode_extended_key('MPC_CMP_EDDSA_ED25519', pub, chaincode, True) == "fpub8sZZXw2wbqVpUpUa7y8NRg5gwTndCP53WAgdzFVWEJ24rq9RE4iTnngtS2FeusezUsAJb2sZiMvSDqYGeGVSs65wJqYcGzQRuZGM9NHHqog") print("cmp recovery OK")
def main(): parser = argparse.ArgumentParser() parser.add_argument('backup', help='Backup zip file') parser.add_argument('key', help='RSA private key file') parser.add_argument('--prv', default=False, action='store_const', const=True, help='Reveal private key') parser.add_argument('--mobile-key', help='mobile RSA private key file', default=None) args = parser.parse_args() if not os.path.exists(args.backup): print('Backupfile: {} not found.'.format(args.backup)) exit(-1) if not os.path.exists(args.key): print('RSA key: {} not found.'.format(args.key)) exit(-1) mobile_key_pass = None passphrase = None if args.mobile_key is None: passphrase = getpass.getpass( prompt='Please enter mobile recovery passphrase:') else: with open(args.mobile_key, 'r') as _key: if 'ENCRYPTED' in _key.readlines()[1]: mobile_key_pass = getpass.getpass( prompt= 'Please enter mobile recovery RSA private key passphrase:') with open(args.key, 'r') as _key: if 'ENCRYPTED' in _key.readlines()[1]: key_pass = getpass.getpass( prompt='Please enter recovery RSA private key passphrase:') else: key_pass = None try: privkeys, chaincode = recover.restore_key_and_chaincode( args.backup, args.key, passphrase, key_pass, args.mobile_key, mobile_key_pass) except recover.RecoveryErrorMobileKeyDecrypt: print( colored( "Failed to decrypt mobile Key. " + colored( "Please make sure you have the mobile passphrase entered correctly.", attrs=["bold"]), "cyan")) exit(-1) except recover.RecoveryErrorRSAKeyImport: print( colored( "Failed to import RSA Key. " + colored( "Please make sure you have the RSA passphrase entered correctly.", attrs=["bold"]), "cyan")) exit(-1) except recover.RecoveryErrorMobileRSAKeyImport: print( colored( "Failed to import mobile RSA Key. " + colored( "Please make sure you have the RSA passphrase entered correctly.", attrs=["bold"]), "cyan")) exit(-1) except recover.RecoveryErrorMobileRSADecrypt: print( colored( "Failed to decrypt mobile Key. " + colored( "Please make sure you have the mobile private key entered correctly.", attrs=["bold"]), "cyan")) exit(-1) if (not chaincode or len(chaincode) != 32): print( colored("metadata.json doesn't contain a valid chain code.", "cyan")) exit(-1) show_xprv = False if args.prv: show_xprv = query_yes_no(''' Are you sure you want to show the extended private key of the Vault? Be sure you are in a private location and no one can see your screen.''', default="no") for algo, privkey in privkeys.items(): if privkey: pub = recover.get_public_key(algo, privkey) if show_xprv: print(privkey_descriptions[algo] + ":\t" + recover.encode_extended_key( algo, privkey, chaincode, False)) print(pubkey_descriptions[algo] + ":\t%s\t%s" % (recover.encode_extended_key(algo, pub, chaincode, True), colored("Verified!", "green"))) else: print(pubkey_descriptions[algo] + ":\t%s" % (colored("Verification failed", "red")))