trezor 0.1.0

data/lib/net/ssh/authentication/methods/trezor.rb

@@ -0,0 +1,25 @@
+require 'net/ssh/authentication/methods/publickey'
+
+require 'trezor/key_manager'
+
+module Net
+  module SSH
+    module Authentication
+      module Methods
+
+        # Usage:
+        #
+        # Net::SSH.start("host", "user", auth_methods: %w[publickey-trezor], keys: %w[~/.ssh/config]) do |ssh|
+        #   result = ssh.exec!("ls -l")
+        #   puts result
+        # end
+        class PublickeyTrezor < Publickey
+          def initialize(session, options = {})
+            super
+            @key_manager = Trezor::KeyManager.new(@key_manager.options[:keys])
+          end
+        end
+      end
+    end
+  end
+end

data/lib/trezor.rb

@@ -0,0 +1,2 @@
+module Trezor
+end

data/lib/trezor/agent.rb

@@ -0,0 +1,88 @@
+require 'base64'
+require 'socket'
+
+require 'net/ssh/authentication/agent'
+
+require 'trezor/utils'
+require 'trezor/key_manager'
+
+module Trezor
+  class Agent
+    include Utils
+
+    MAPPING = {
+      Net::SSH::Authentication::Agent::SSH2_AGENT_REQUEST_VERSION => :send_version,
+      Net::SSH::Authentication::Agent::SSH2_AGENT_REQUEST_IDENTITIES => :list_identities,
+      Net::SSH::Authentication::Agent::SSH2_AGENT_SIGN_REQUEST => :sign_challenge
+    }
+
+    def initialize(socket_path:, key_manager:)
+      @socket_path = socket_path
+      @key_manager = key_manager
+    end
+
+    def server
+      @server ||= UNIXServer.new(@socket_path)
+    end
+
+    def on_request
+      socket = server.accept
+      Thread.new do
+        yield(socket)
+        socket.close
+      end
+    end
+
+    def run
+      while true
+        on_request do |socket|
+          while true
+            type, body = read_packet(socket)
+            break unless method_name = MAPPING[type]
+            response = send(method_name, body)
+            socket.write(Buffer.from(:string, response.to_s))
+          end
+        end
+      end
+    ensure
+      File.unlink(@socket_path) if File.exists?(@socket_path)
+    end
+
+    def send_version(body)
+      # Net::SSH::Authentication::Agent::SSH2_AGENT_VERSION_RESPONSE
+      buffer = body.read
+      Buffer.from(:byte, 2, :long, 0)
+    end
+
+    def list_identities(body)
+      Buffer.from(
+        :byte, Net::SSH::Authentication::Agent::SSH2_AGENT_IDENTITIES_ANSWER,
+        :long, @key_manager.identities.count,
+        :string,
+        @key_manager.map { |i| [i.key.to_blob, i.key_name] }.flatten
+      )
+    end
+
+    def failure_message
+      Buffer.from(:byte, Net::SSH::Authentication::Agent::SSH_AGENT_FAILURE)
+    end
+
+    def sign_challenge(body)
+      server_key = body.read_buffer.read_key
+      blob = body.read_buffer
+      return failure_message unless signature = @key_manager.sign(server_key, blob)
+      Buffer.from(
+        :byte, Net::SSH::Authentication::Agent::SSH2_AGENT_SIGN_RESPONSE,
+        :string, signature
+      )
+    end
+
+    def read_packet(socket)
+      buffer = Buffer.new(socket.read(4))
+      buffer.append(socket.read(buffer.read_long))
+      type = buffer.read_byte
+      #debug { "received agent packet #{type} len #{buffer.length - 4}" }
+      return type, buffer
+    end
+  end
+end

data/lib/trezor/device.rb

@@ -0,0 +1,141 @@
+require 'io/console'
+
+require 'http'
+
+require 'trezor/utils'
+require 'trezor/protobuf'
+
+module Trezor
+  class Device
+    include Utils
+
+    HOST = 'http://127.0.0.1:21325'
+    HEADERS = { origin: 'https://python.trezor.io' }
+
+    def initialize(device_info)
+      @session_counter = 0
+      @device_info = device_info
+      @connection = HTTP.persistent(HOST)
+      @connection.default_options.headers.merge!(HEADERS)
+    end
+
+    def start_session
+      acquire! if @session_counter == 0
+      @session_counter += 1
+    end
+
+    def end_session
+      @session_counter -= 1
+      release! if @session_counter == 0
+    end
+
+    def acquire!
+      response = @connection.post("/acquire/#{@device_info['path']}/null")
+      body = response.to_s
+      raise body unless response.status.ok?
+      @session = JSON.parse(body)['session']
+    end
+
+    def release!
+      return unless @session
+      response = @connection.post("/release/#{@session}")
+      body = response.to_s
+      raise body unless response.status.ok?
+      @session = nil
+    end
+
+    def call(message)
+      response = post(message)
+      handler = "callback_#{response.class.name.demodulize}"
+      unless respond_to?(handler)
+        #puts "could not find handler for #{response.class.name}"
+        return response
+      end
+      call(send(handler, response))
+    end
+
+    def post(message)
+      serialized = Protobuf.serialize(message)
+      response = @connection.post("/call/#{@session}", body: serialized)
+      raise response.to_s unless response.status.ok?
+      Protobuf.decode(response.to_s)
+    end
+
+    def method_missing(method_name, *args, &block)
+      return super unless respond_to?(method_name)
+      call(Protobuf[method_name].new(*args), &block)
+    end
+
+    def respond_to_missing?(method_name, include_private = false)
+      super || Protobuf[method_name].present?
+    end
+
+    def callback_ButtonRequest(msg)
+      Protobuf::ButtonAck.new
+    end
+
+    def callback_PassphraseRequest(msg)
+      return Protobuf::PassphraseAck.new if msg.on_device
+      passphrase = ask('Enter passphrase:', false).unicode_normalize(:nfkd)
+      Protobuf::PassphraseAck.new(passphrase: passphrase)
+    end
+
+    def callback_PassphraseStateRequest(msg)
+      Protobuf::PassphraseStateAck.new
+    end
+
+    def callback_PinMatrixRequest(msg)
+      prompt =
+        case msg.type
+        when Protobuf::PinMatrixRequestType::PinMatrixRequestType_Current
+          'current PIN'
+        when Protobuf::PinMatrixRequestType::PinMatrixRequestType_NewFirst
+          'new PIN'
+        when Protobuf::PinMatrixRequestType::PinMatrixRequestType_NewSecond
+          'new PIN again'
+        else
+          'PIN'
+        end
+      Protobuf::PinMatrixAck.new(pin: ask("Enter #{prompt}:", false))
+    end
+
+    def self.enumerate
+      JSON.parse(HTTP[HEADERS].post("#{HOST}/enumerate").to_s).map do |device_info|
+        new(device_info)
+      end
+    end
+
+    MUTEX = Mutex.new
+    def self.with_session
+      MUTEX.lock
+      device = enumerate.first
+      unless device
+        # log debug message 'Trezor not found'
+        return
+      end
+      device.start_session
+      yield(device)
+    ensure
+      device.end_session if device
+      MUTEX.unlock
+    end
+
+    def self.prompter(&block)
+      return @default_prompter = lambda(&block) if block_given?
+      prompter do |prompt, echo|
+        STDOUT.print(prompt)
+        if echo
+          STDIN.gets
+        else
+          STDIN.noecho(&:gets)
+        end.chomp.tap { STDOUT.print("\n") }
+      end
+    end
+
+    private
+
+    def ask(prompt, echo = true)
+      self.class.prompter.call(prompt, echo)
+    end
+  end
+end

data/lib/trezor/identity.rb

@@ -0,0 +1,102 @@
+require 'uri'
+
+require 'openssl'
+
+require 'trezor/device'
+require 'trezor/utils'
+
+module Trezor
+  class Identity
+    extend Forwardable
+    include Utils
+
+    # Supported ECDSA curves for SSH (GPG not implemented)
+    CURVE_NIST256 = 'nist256p1'
+    CURVE_ED25519 = 'ed25519'
+
+    # Supported ECDH curves for GPG (not implemented)
+    ECDH_NIST256 = 'nist256p1'
+    ECDH_CURVE25519 = 'curve25519'
+
+    SSH_NIST256_KEY_PREFIX = 'ecdsa-sha2-'
+    SSH_NIST256_CURVE_NAME = 'nistp256'
+    SSH_NIST256_KEY_TYPE = SSH_NIST256_KEY_PREFIX + SSH_NIST256_CURVE_NAME
+    SSH_ED25519_KEY_TYPE = 'ssh-ed25519'
+
+    delegate [:user, :host, :port, :path] => :@uri
+    def_delegator :@uri, :scheme, :proto
+    attr_accessor :curve_name
+
+    def initialize(identity_string, curve_name = CURVE_NIST256, key = nil)
+      @uri = URI.parse(identity_string)
+      @uri = URI.parse('ssh://' + identity_string) unless @uri.scheme
+      @curve_name = curve_name
+      @key = key
+    end
+
+    def key
+      @key ||= load_public_key
+    end
+
+    def key_name
+      "<#{@uri.to_s}|#{@curve_name}>"
+    end
+
+    def export_public_key
+      "#{key.ssh_type} #{Base64.strict_encode64(key.to_blob).strip} #{key_name}"
+    end
+
+    def sign(blob)
+      response = Device.with_session do |device|
+        device.sign_identity(
+          challenge_hidden: blob.to_s, ecdsa_curve_name: @curve_name,
+          identity: { user: user, host: host, proto: proto }
+        )
+      end
+      return if response.is_a?(Protobuf::Failure)
+      signature = response.signature[1..-1]
+      if key.ssh_type == SSH_NIST256_KEY_TYPE
+        parts = [signature[0..31], signature[32..-1]]
+        signature = Buffer.from(:string, parts.map { |p| "\x00" + p }).to_s
+      end
+      Buffer.from(:string, [key.ssh_type, signature]).to_s
+    end
+
+    private
+
+    # Compute BIP32 derivation address according to SLIP-0013/0017
+    def get_bip32_address(ecdh = false)
+      identity_string = [0].pack('<L') + @uri.to_s
+      digest = OpenSSL::Digest.digest('SHA256', identity_string)
+      hardened = 0x80000000
+      addr_0 = ecdh ? 17 : 13
+      address_n = [addr_0] + digest.unpack('<L4')
+      address_n.map { |n| hardened | n }
+    end
+
+    def raw_public_key
+      response = Device.with_session do |device|
+        device.get_public_key(address_n: get_bip32_address, ecdsa_curve_name: @curve_name)
+      end
+      return if response.is_a?(Protobuf::Failure)
+      public_key = response.node.public_key
+      return public_key[1..-1] unless @curve_name == CURVE_NIST256
+      public_key
+    end
+
+    def key_type
+      {
+        CURVE_NIST256 => SSH_NIST256_KEY_TYPE,
+        CURVE_ED25519 => SSH_ED25519_KEY_TYPE,
+        ECDH_CURVE25519 => SSH_ED25519_KEY_TYPE
+      }[@curve_name]
+    end
+
+    def load_public_key
+      parts = [key_type]
+      parts << SSH_NIST256_CURVE_NAME if @curve_name == CURVE_NIST256
+      parts << raw_public_key
+      Buffer.from(:string, parts).read_key
+    end
+  end
+end

data/lib/trezor/key_manager.rb

@@ -0,0 +1,77 @@
+require 'trezor/identity'
+require 'trezor/utils'
+
+module Trezor
+  class KeyManager
+    include Enumerable
+    include Utils
+
+    def initialize(identities_file_or_string)
+      @path = identities_file_or_string
+    end
+
+    def identities
+      @identities ||= load_identities
+    end
+
+    def each
+      identities.each { |i| yield i }
+    end
+
+    # For compatibility with Net::SSH::Authentication::KeyManager
+    def each_identity
+      each { |i| yield i.key }
+    end
+
+    def sign(ssh_identity, blob)
+      nonce = blob.read_buffer.to_s
+      type = blob.read_byte # SSH2_MSG_USERAUTH_REQUEST == 50 (from ssh2.h, line 108)
+      user = blob.read_buffer.to_s
+      conn = blob.read_buffer.to_s
+      auth = blob.read_buffer.to_s
+      have_sig = blob.read_byte  # have_sig == 1 (from sshconnect2.c, line 1056)
+      key_type = blob.read_buffer.to_s
+      public_key = blob.read_buffer.to_s
+      identity = identities.find { |i| i.key.fingerprint == ssh_identity.fingerprint }
+      return unless identity
+      identity.sign(blob)
+    end
+
+    private
+
+    def load_identities
+      if @path.is_a?(Array)
+        @path.reduce([]) do |identities, file_or_string|
+          identities.concat(self.class.load_from_file_or_string(file_or_string))
+        end
+      else
+        self.class.load_from_file_or_string(@path)
+      end
+    end
+
+    private_class_method
+
+    def self.load_from_file_or_string(file_or_string)
+      path = File.expand_path(file_or_string)
+      return load_from_file(path) if File.exist?(path)
+      [Trezor::Identity.new(file_or_string)]
+    end
+
+    def self.load_from_file(path)
+      identity_curve_regex = /\<(.*?)\|(.*?)\>/
+
+      if path.end_with?('.pub')
+        File.foreach(path).map do |line|
+          ssh_type, blob, key_name = line.split
+          identity_string, curve_name = key_name.scan(identity_curve_regex).first
+          key = Buffer.new(Base64.strict_decode64(blob)).read_key
+          Trezor::Identity.new(identity_string, curve_name, key)
+        end
+      else
+        File.read(path).scan(identity_curve_regex).map do |identity_string, curve_name|
+          Trezor::Identity.new(identity_string, curve_name)
+        end
+      end
+    end
+  end
+end

data/lib/trezor/protobuf.rb

@@ -0,0 +1,38 @@
+require 'active_support/core_ext/string/inflections'
+
+require 'trezor/utils/buffer'
+require 'trezor/protobuf/messages.pb'
+
+module Trezor
+  module Protobuf
+    def self.serialize(message)
+      msg_type = MessageType.for(message)
+      serialized = message.serialize
+      header = Utils::Buffer.from(:short, msg_type.to_i, :long, serialized.length)
+      payload = Utils::Buffer.from(:bth, [header.to_s, serialized])
+      payload.to_s
+    end
+
+    def self.decode(blob)
+      buffer = Utils::Buffer.from(:htb, blob)
+      MessageType[buffer.read_short].decode(buffer.read_string)
+    end
+
+    def self.[](class_name)
+      const_get(class_name.to_s.camelize)
+    rescue NameError
+      # log debug message
+    end
+
+    class MessageType
+      def self.[](tag)
+        message_type_name = fetch(tag).name.to_s.split('_').last
+        Protobuf[message_type_name]
+      end
+
+      def self.for(message)
+        fetch("MessageType_#{message.class.name.demodulize}")
+      end
+    end
+  end
+end