def decrypt(type, domain, secret): transport = get_transport() client = TrezorClient(transport, ClickUI()) dom = type.upper() + ": " + domain dec = decrypt_keyvalue(client, BIP32_PATH, dom, secret, False, True) client.close() return dec
def decrypt(ctrl, hw_session: HwSessionInfo, bip32_path_n: List[int], label: str, value: bytearray): ctrl.dlg_config_fun(dlg_title="Data decryption", show_progress_bar=False) ctrl.display_msg_fun(f'<b>Decrypting \'{label}\'...</b><br><br>Enter the hardware wallet PIN/passphrase ' f'(if needed)<br> and click the confirmation button to decrypt data.') if hw_session.hw_type == HWType.trezor: from trezorlib import misc, btc client = hw_session.hw_client data = misc.decrypt_keyvalue(client, bip32_path_n, label, value, ask_on_encrypt, ask_on_decrypt) pub_key = btc.get_public_node(client, bip32_path_n).node.public_key return data, pub_key elif hw_session.hw_type == HWType.keepkey: client = hw_session.hw_client data = client.decrypt_keyvalue(bip32_path_n, label, value, ask_on_encrypt, ask_on_decrypt) pub_key = client.get_public_node(bip32_path_n).node.public_key return data, pub_key elif hw_session.hw_type == HWType.ledger_nano_s: raise Exception('Feature not available for Ledger Nano S.') else: raise Exception('Invalid HW type: ' + str(hw_session))
def decrypt_item(self, key, encrypted_nonce, encrypted_value): u"""Decrypt the given value using the connected Trezor.""" trezor = self.find_trezor() address_n = tools.parse_path(self.BIP_ADDRESS) nonce_key = 'Decrypt key {}?'.format(key) nonce = bytes( misc.decrypt_keyvalue(trezor, address_n, nonce_key, encrypted_nonce, ask_on_encrypt=False, ask_on_decrypt=True)) value = aes_gcm_decrypt(nonce, encrypted_value) trezor.close() return value.decode()
def getDecryptedNonce(self, entry): self.__getClient() if 'item' in entry: item = entry['item'] else: item = entry['title'] pr = urlparse(item) if pr.scheme and pr.netloc: item = pr.netloc ENC_KEY = 'Unlock %s for user %s?' % (item, entry['username']) ENC_VALUE = entry['nonce'] decrypted_nonce = misc.decrypt_keyvalue(self.client, BIP32_PATH, ENC_KEY, bytes.fromhex(ENC_VALUE), False, True) return decrypted_nonce.hex()
def getDecryptedNonce(client, entry): print() print('Waiting for Trezor input ...') print() if 'item' in entry: item = entry['item'] else: item = entry['title'] pr = urlparse(item) if pr.scheme and pr.netloc: item = pr.netloc ENC_KEY = f"Unlock {item} for user {entry['username']}?" ENC_VALUE = entry['nonce'] decrypted_nonce = misc.decrypt_keyvalue(client, BIP32_PATH, ENC_KEY, bytes.fromhex(ENC_VALUE), False, True) return decrypted_nonce.hex()
def getDecryptedNonce(client: TrezorClient, entry: dict) -> str: print() print("Waiting for Trezor input ...") print() if "item" in entry: item = entry["item"] else: item = entry["title"] pr = urlparse(item) if pr.scheme and pr.netloc: item = pr.netloc ENC_KEY = f"Unlock {item} for user {entry['username']}?" ENC_VALUE = entry["nonce"] decrypted_nonce = misc.decrypt_keyvalue( client, BIP32_PATH, ENC_KEY, bytes.fromhex(ENC_VALUE), False, True ) return decrypted_nonce.hex()
def getDecryptedNonce(client, entry): print() print('Waiting for TREZOR input ...') print() if 'item' in entry: item = entry['item'] else: item = entry['title'] pr = urlparse(item) if pr.scheme and pr.netloc: item = pr.netloc ENC_KEY = 'Unlock %s for user %s?' % (item, entry['username']) ENC_VALUE = entry['nonce'] decrypted_nonce = misc.decrypt_keyvalue( client, BIP32_PATH, ENC_KEY, bytes.fromhex(ENC_VALUE), False, True ) return decrypted_nonce.hex()
def test_decrypt_badlen(client: Client): with pytest.raises(Exception): misc.decrypt_keyvalue(client, [0, 1, 2], "test", b"testing")
def test_decrypt(client: Client): res = misc.decrypt_keyvalue( client, [0, 1, 2], "test", bytes.fromhex("676faf8f13272af601776bc31bc14e8f"), ask_on_encrypt=True, ask_on_decrypt=True, ) assert res == b"testing message!" res = misc.decrypt_keyvalue( client, [0, 1, 2], "test", bytes.fromhex("5aa0fbcb9d7fa669880745479d80c622"), ask_on_encrypt=True, ask_on_decrypt=False, ) assert res == b"testing message!" res = misc.decrypt_keyvalue( client, [0, 1, 2], "test", bytes.fromhex("958d4f63269b61044aaedc900c8d6208"), ask_on_encrypt=False, ask_on_decrypt=True, ) assert res == b"testing message!" res = misc.decrypt_keyvalue( client, [0, 1, 2], "test", bytes.fromhex("e0cf0eb0425947000eb546cc3994bc6c"), ask_on_encrypt=False, ask_on_decrypt=False, ) assert res == b"testing message!" # different key res = misc.decrypt_keyvalue( client, [0, 1, 2], "test2", bytes.fromhex("de247a6aa6be77a134bb3f3f925f13af"), ask_on_encrypt=True, ask_on_decrypt=True, ) assert res == b"testing message!" # different message res = misc.decrypt_keyvalue( client, [0, 1, 2], "test", bytes.fromhex( "676faf8f13272af601776bc31bc14e8f3ae1c88536bf18f1b44f1e4c2c4a613d" ), ask_on_encrypt=True, ask_on_decrypt=True, ) assert res == b"testing message! it is different" # different path res = misc.decrypt_keyvalue( client, [0, 1, 3], "test", bytes.fromhex("b4811a9d492f5355a5186ddbfccaae7b"), ask_on_encrypt=True, ask_on_decrypt=True, ) assert res == b"testing message!"
def test_decrypt_badlen(self): self.setup_mnemonic_nopin_nopassphrase() with pytest.raises(Exception): misc.decrypt_keyvalue(self.client, [0, 1, 2], b"test", b"testing")
n = int(n.replace(' ', ''), 16) assert priv > 0 assert priv < n device = get_transport() client = TrezorClient(transport=device, ui=ClickUI()) n_path = parse_path(path) info = get_public_node(client, n_path, coin_name=coin) side, pubkey = (info.node.public_key[0], info.node.public_key[1:]) left = True if side == 2 else False print("seed", b2x(pubkey), side) priv = decrypt_keyvalue(client, n_path, path, pubkey, ask_on_decrypt=False, ask_on_encrypt=side) is_valid(priv) print("priv", b2x(priv), left) client.close() SelectParams(coin.lower()) seckey = CBitcoinSecret.from_secret_bytes(priv) # Create a witnessScript and corresponding redeemScript. Similar to a scriptPubKey # the redeemScript must be satisfied for the funds to be spent. txin_witnessScript = CScript([seckey.pub, OP_CHECKSIG]) expiry = lx(hex(nLockTime).replace('0x', ''))
def decrypt(key, value): addr = [0,1,2] dec = misc.decrypt_keyvalue(client, addr, key, binascii.unhexlify(value), ask_on_encrypt=True, ask_on_decrypt=True) return dec
def test_decrypt(self): self.setup_mnemonic_nopin_nopassphrase() # different ask values res = misc.decrypt_keyvalue( self.client, [0, 1, 2], b"test", bytes.fromhex("676faf8f13272af601776bc31bc14e8f"), ask_on_encrypt=True, ask_on_decrypt=True, ) assert res == b"testing message!" res = misc.decrypt_keyvalue( self.client, [0, 1, 2], b"test", bytes.fromhex("5aa0fbcb9d7fa669880745479d80c622"), ask_on_encrypt=True, ask_on_decrypt=False, ) assert res == b"testing message!" res = misc.decrypt_keyvalue( self.client, [0, 1, 2], b"test", bytes.fromhex("958d4f63269b61044aaedc900c8d6208"), ask_on_encrypt=False, ask_on_decrypt=True, ) assert res == b"testing message!" res = misc.decrypt_keyvalue( self.client, [0, 1, 2], b"test", bytes.fromhex("e0cf0eb0425947000eb546cc3994bc6c"), ask_on_encrypt=False, ask_on_decrypt=False, ) assert res == b"testing message!" # different key res = misc.decrypt_keyvalue( self.client, [0, 1, 2], b"test2", bytes.fromhex("de247a6aa6be77a134bb3f3f925f13af"), ask_on_encrypt=True, ask_on_decrypt=True, ) assert res == b"testing message!" # different message res = misc.decrypt_keyvalue( self.client, [0, 1, 2], b"test", bytes.fromhex( "676faf8f13272af601776bc31bc14e8f3ae1c88536bf18f1b44f1e4c2c4a613d" ), ask_on_encrypt=True, ask_on_decrypt=True, ) assert res == b"testing message! it is different" # different path res = misc.decrypt_keyvalue( self.client, [0, 1, 3], b"test", bytes.fromhex("b4811a9d492f5355a5186ddbfccaae7b"), ask_on_encrypt=True, ask_on_decrypt=True, ) assert res == b"testing message!"