slip-0016: move pwd_reader to python-trezor

slip-0016.md

@@ -159,4 +159,4 @@ true) // askOnDecrypt? we want this becuase otherwise somebody could rob us!
 
 2. Other steps are the same as in entry encryption, we just symetrically decrypt values of `password` and  `safe_note` via `AES-256-GCM` algorithm. Size of IV and authTag for AES is the same as in encryption. Beware on cipher Key data type - it must be hex. Output is in JSON.
 
-Check example of password reader implementation in python [pwdreader.py](slip-0016/pwdreader.py) there is an example code for decryption.
+Check example of password reader implementation in Python: [pwd_reader.py](https://github.com/trezor/python-trezor/blob/master/tools/pwd_reader.py) - there is an example code for decryption.

slip-0016/pwdreader.py

-#!/usr/bin/env python
-
-from __future__ import print_function
-
-from binascii import hexlify, unhexlify
-from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
-from cryptography.hazmat.backends import default_backend
-import hmac
-import hashlib
-import json
-import os
-try:
-    from urllib.parse import urlparse
-except:
-    from urlparse import urlparse
-    input = raw_input
-
-from trezorlib.client import TrezorClient
-from trezorlib.transport_hid import HidTransport
-
-# Return path by BIP-32
-def getPath(client):
-    return client.expand_path("10016'/0")
-
-# Deriving master key
-def getMasterKey(client):
-    bip32_path = getPath(client)
-    ENC_KEY = 'Activate TREZOR Password Manager?'
-    ENC_VALUE = unhexlify('2d650551248d792eabf628f451200d7f51cb63e46aadcbb1038aacb05e8c8aee2d650551248d792eabf628f451200d7f51cb63e46aadcbb1038aacb05e8c8aee')
-    key = hexlify(client.encrypt_keyvalue(
-        bip32_path,
-        ENC_KEY,
-        ENC_VALUE,
-        True,
-        True
-    ))
-    return key
-
-# Deriving file name and encryption key
-def getFileEncKey(key):
-    filekey, enckey = key[:len(key) // 2], key[len(key) //2:]
-    FILENAME_MESS = b'5f91add3fa1c3c76e90c90a3bd0999e2bd7833d06a483fe884ee60397aca277a'
-    digest = hmac.new(filekey, FILENAME_MESS, hashlib.sha256).hexdigest()
-    filename = digest + '.pswd'
-    return [filename, filekey, enckey]
-
-# File level decryption and file reading
-def decryptStorage(path, key):
-    cipherkey = unhexlify(key)
-    with open(path, 'rb') as f:
-        iv = f.read(12)
-        tag = f.read(16)
-        cipher = Cipher(algorithms.AES(cipherkey), modes.GCM(iv, tag), backend=default_backend())
-        decryptor = cipher.decryptor()
-        data = ''
-        while True:
-            block = f.read(16)
-            # data are not authenticated yet
-            if block:
-                data = data + decryptor.update(block).decode()
-            else:
-                break
-        # throws exception when the tag is wrong
-        data = data + decryptor.finalize().decode()
-    return json.loads(data)
-
-def decryptEntryValue(nonce, val):
-    cipherkey = unhexlify(nonce)
-    iv = val[:12]
-    tag = val[12:28]
-    cipher = Cipher(algorithms.AES(cipherkey), modes.GCM(iv, tag), backend=default_backend())
-    decryptor = cipher.decryptor()
-    data = ''
-    inputData = val[28:]
-    while True:
-        block = inputData[:16]
-        inputData = inputData[16:]
-        if block:
-            data = data + decryptor.update(block).decode()
-        else:
-            break
-        # throws exception when the tag is wrong
-    data = data + decryptor.finalize().decode()
-    return json.loads(data)
-
-# Decrypt give entry nonce
-def getDecryptedNonce(client, entry):
-    print()
-    print('Waiting for TREZOR input ...')
-    print()
-    if 'item' in entry:
-        item = entry['item']
-    else:
-        item = entry['title']
-
-    pr = urlparse(item)
-    if pr.scheme and pr.netloc:
-        item = pr.netloc
-
-    ENC_KEY = 'Unlock %s for user %s?' % (item, entry['username'])
-    ENC_VALUE = entry['nonce']
-    decrypted_nonce =  hexlify(client.decrypt_keyvalue(
-        getPath(client),
-        ENC_KEY,
-        unhexlify(ENC_VALUE),
-        False,
-        True
-    ))
-    return decrypted_nonce
-
-# Pretty print of list
-def printEntries(entries):
-    print('Password entries')
-    print('================')
-    print()
-    for k, v in entries.items():
-        print('Entry id: #%s' % k)
-        print('-------------')
-        for kk, vv in v.items():
-            if kk in ['nonce', 'safe_note', 'password']: continue # skip these fields
-            print('*', kk, ': ', vv)
-        print()
-    return
-
-
-def main():
-    devices = HidTransport.enumerate()
-    if not devices:
-        print('TREZOR is not plugged in. Please, connect TREZOR and retry.')
-        return
-
-    client = TrezorClient(devices[0])
-
-    print()
-    print('Confirm operation on TREZOR')
-    print()
-
-    masterKey = getMasterKey(client)
-    # print('master key:', masterKey)
-
-    fileName = getFileEncKey(masterKey)[0]
-    # print('file name:', fileName)
-
-    path = os.path.expanduser('~/Dropbox/Apps/TREZOR Password Manager/')
-    # print('path to file:', path)
-
-    encKey = getFileEncKey(masterKey)[2]
-    # print('enckey:', encKey)
-
-    full_path = path + fileName
-    parsed_json = decryptStorage(full_path, encKey)
-
-    # list entries
-    entries = parsed_json['entries']
-    printEntries(entries)
-
-    entry_id = input('Select entry number to decrypt: ')
-    entry_id = str(entry_id)
-
-    plain_nonce = getDecryptedNonce(client, entries[entry_id])
-
-    pwdArr = entries[entry_id]['password']['data']
-    pwdHex = ''.join([ hex(x)[2:].zfill(2) for x in pwdArr ])
-    print('password: ', decryptEntryValue(plain_nonce, unhexlify(pwdHex)))
-
-    safeNoteArr = entries[entry_id]['safe_note']['data']
-    safeNoteHex = ''.join([ hex(x)[2:].zfill(2) for x in safeNoteArr ])
-    print('safe_note:', decryptEntryValue(plain_nonce, unhexlify(safeNoteHex)))
-
-    return
-
-if __name__ == '__main__':
-    main()