forked from Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
111 lines
3.6 KiB
111 lines
3.6 KiB
#! /usr/bin/python |
|
|
|
""" |
|
gnuk_put_binary.py - a tool to put binary to Gnuk Token |
|
This tool is for importing certificate, writing serial number, etc. |
|
|
|
Copyright (C) 2011, 2012 Free Software Initiative of Japan |
|
Author: NIIBE Yutaka <[email protected]> |
|
|
|
This file is a part of Gnuk, a GnuPG USB Token implementation. |
|
|
|
Gnuk is free software: you can redistribute it and/or modify it |
|
under the terms of the GNU General Public License as published by |
|
the Free Software Foundation, either version 3 of the License, or |
|
(at your option) any later version. |
|
|
|
Gnuk is distributed in the hope that it will be useful, but WITHOUT |
|
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public |
|
License for more details. |
|
|
|
You should have received a copy of the GNU General Public License |
|
along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
""" |
|
|
|
from struct import * |
|
import sys, time, os, binascii |
|
from gnuk_token import * |
|
|
|
# INPUT: binary file |
|
|
|
# Assume only single CCID device is attached to computer, and it's Gnuk Token |
|
|
|
DEFAULT_PW3 = "12345678" |
|
BY_ADMIN = 3 |
|
|
|
def main(fileid, is_update, data, passwd): |
|
gnuk = None |
|
for (dev, config, intf) in gnuk_devices(): |
|
try: |
|
gnuk = gnuk_token(dev, config, intf) |
|
print("Device: %s" % dev.filename) |
|
print("Configuration: %d" % config.value) |
|
print("Interface: %d" % intf.interfaceNumber) |
|
break |
|
except: |
|
pass |
|
if gnuk.icc_get_status() == 2: |
|
raise ValueError("No ICC present") |
|
elif gnuk.icc_get_status() == 1: |
|
gnuk.icc_power_on() |
|
gnuk.cmd_select_openpgp() |
|
gnuk.cmd_verify(BY_ADMIN, passwd.encode('UTF-8')) |
|
gnuk.cmd_write_binary(fileid, data, is_update) |
|
gnuk.cmd_select_openpgp() |
|
if fileid == 0: |
|
data_in_device = gnuk.cmd_get_data(0x00, 0x4f) |
|
print(' '.join([ "%02x" % d for d in data_in_device ])) |
|
compare(data + b'\x00\x00', data_in_device[8:].tostring()) |
|
elif fileid >= 1 and fileid <= 4: |
|
data_in_device = gnuk.cmd_read_binary(fileid) |
|
compare(data, data_in_device) |
|
else: |
|
data_in_device = gnuk.cmd_get_data(0x7f, 0x21) |
|
compare(data, data_in_device) |
|
gnuk.icc_power_off() |
|
return 0 |
|
|
|
if __name__ == '__main__': |
|
passwd = DEFAULT_PW3 |
|
if sys.argv[1] == '-p': |
|
from getpass import getpass |
|
passwd = getpass("Admin password: ") |
|
sys.argv.pop(1) |
|
if sys.argv[1] == '-u': |
|
is_update = True |
|
sys.argv.pop(1) |
|
else: |
|
is_update = False |
|
if sys.argv[1] == '-s': |
|
fileid = 0 # serial number |
|
filename = sys.argv[2] |
|
f = open(filename) |
|
email = os.environ['EMAIL'] |
|
serial_data_hex = None |
|
for line in f.readlines(): |
|
field = str.split(line) |
|
if field[0] == email: |
|
serial_data_hex = field[1].replace(':','') |
|
f.close() |
|
if not serial_data_hex: |
|
print("No serial number") |
|
exit(1) |
|
print("Writing serial number") |
|
data = binascii.unhexlify(serial_data_hex) |
|
elif sys.argv[1] == '-k': # firmware update key |
|
keyno = sys.argv[2] |
|
fileid = 1 + int(keyno) |
|
filename = sys.argv[3] |
|
f = open(filename, "rb") |
|
data = f.read() |
|
f.close() |
|
else: |
|
fileid = 5 # Card holder certificate |
|
filename = sys.argv[1] |
|
f = open(filename, "rb") |
|
data = f.read() |
|
f.close() |
|
print("%s: %d" % (filename, len(data))) |
|
print("Updating card holder certificate") |
|
main(fileid, is_update, data, passwd)
|
|
|