ChainMeUp/CardReader.py at master · chr0x6eos/ChainMeUp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
'''
Created by Simon Possegger on 12.11.2019 as part of the Infineon Hackathon.
This Class asynchronously reads from the card reader
and provides the needed functions to interact with the Infineon Blockchain Security 2Go cards.
'''

import blocksec2go
import hashlib
import os
import json


def initReading():
    reader = get_reader()
    if reader:
        activate_card(reader)
    return reader


def get_reader():
    reader = None
    reader_name = 'Identiv uTrust 3700 F'
    while reader is None:
        try:
            reader = blocksec2go.find_reader(reader_name)
            print('Found reader %s' % reader_name)
        except Exception as details:
            if ('No reader found' == str(details)):
                print('No card reader found!', end='\r')
            elif ('No card on reader' == str(details)):
                print('Found reader, but no card!', end='\r')
            else:
                print('ERROR: ' + str(details))
                raise SystemExit
        return reader


def activate_card(reader):
    try:
        blocksec2go.select_app(reader)
        print('Found reader and Security 2Go card!')
    except Exception as details:
        print('ERROR: %s' % str(details))
        raise SystemExit


# Returns true if the card was initiated
def initCard(reader):
    try:
        if reader is not None:
            key_id = blocksec2go.generate_keypair(reader)
            print("Generated key on slot: %s" % str(key_id))
            return True
        else:
            return False
    except:
        return False


def read_public_key(reader, key_id):
    try:
        if blocksec2go.is_key_valid(reader, key_id):  # Check if key is valid
            global_counter, counter, key = blocksec2go.get_key_info(reader, key_id)
            return key
        else:
            return None
    except Exception as details:
        print('ERROR: ' + str(details))
        raise SystemExit


def auth(reader, pub):
    return verifyPub(reader, pub)


def generateSignature(reader, json_object=None):
    if json_object is None:
        hash = (hashlib.sha256(b'Hash' + bytearray(os.urandom(10000)))).digest()
    else:
        block_string = json.dumps(json_object, sort_keys=True)
        hash_object = hashlib.sha256(block_string.encode())
        hash = hash_object.digest()
    try:
        global_counter, counter, signature = blocksec2go.generate_signature(reader, 1, hash)
        return hash, signature
    except:
        return None, None


def verifyPub(reader, pub, hash=None, signature=None):
    # Generate random hash
    if signature is None:
        hash, signature = generateSignature(reader, hash)
    try:
        return blocksec2go.verify_signature(pub, hash, signature)
    except Exception as ex:
        print("Verification failed because of error: %s" % str(ex))
        return False


# testing:
def test():
    reader = initReading()
    print("Testing read pub:")
    pub = read_public_key(reader, 1)
    if pub is not None:
        print(pub.hex())
    else:
        print("No pub yet... creating one")
        print("Testing init card")
        print(initCard(reader))
        print("Testing read pub again:")
        pub = read_public_key(reader, 1)
        print(pub.hex())

    print("Testing auth:")
    print(auth(reader, read_public_key(reader, 1)))

    print("Testing verify pub with custom hash")
    hash = (hashlib.sha256(b'OtherHash' + bytearray(os.urandom(10000)))).digest()
    print(verifyPub(reader, read_public_key(reader, 1), hash))