Removing trailing spaces.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2026-01-17 01:18:06 +00:00 · 2022-08-19 01:44:27 +02:00 · 2022-08-19 01:44:27 +02:00 · aebb68724a
commit aebb68724a
parent 1f2ccd8c1c
52 changed files with 583 additions and 568 deletions
--- a/burn-cvcerts.py
+++ b/burn-cvcerts.py
@ -7,17 +7,18 @@ from cvc.asn1 import ASN1
 import json
 import urllib.request
 import base64
-from getpass import getpass
 from binascii import hexlify

+
 class APDUResponse(Exception):
    def __init__(self, sw1, sw2):
        self.sw1 = sw1
        self.sw2 = sw2
        super().__init__(f'SW:{sw1:02X}{sw2:02X}')

+
 def send_apdu(card, command, p1, p2, data):
-    lc = [0x00] + list(len(data).to_bytes(2,'big'))
+    lc = [0x00] + list(len(data).to_bytes(2, 'big'))
    le = [0x00, 0x00]
    if (isinstance(command, list) and len(command) > 1):
        apdu = command
@ -27,9 +28,10 @@ def send_apdu(card, command, p1, p2, data):
    apdu = apdu + [p1, p2] + lc + data + le
    response, sw1, sw2 = card.connection.transmit(apdu)
    if (sw1 != 0x90):
-        raise APDUResponse(sw1,sw2)
+        raise APDUResponse(sw1, sw2)
    return response

+
 def main():
    print('Pico HSM burning certificates tool v1.0')
    print('Author: Pol Henarejos')
@ -40,7 +42,8 @@ def main():
    print('*   PLEASE READ IT CAREFULLY   *')
    print('********************************')
    print('')
-    print('This tool will erase and reset your device. It will delete all private and secret keys.')
+    print('This tool will erase and reset your device. It will delete all '
+          'private and secret keys.')
    print('Are you sure?')
    _ = input('[Press enter to confirm]')
    cardtype = AnyCardType()
@ -52,43 +55,55 @@ def main():
        # connect to the card and perform a few transmits
        card.connection.connect()

-        reset_data = [0x80, 0x02, 0x00, 0x01, 0x81, 0x06, 0x36, 0x34, 0x38, 0x32, 0x31, 0x39, 0x82, 0x08, 0x35, 0x37, 0x36, 0x32, 0x31, 0x38, 0x38, 0x30, 0x91, 0x01, 0x03]
+        reset_data = [0x80, 0x02, 0x00, 0x01, 0x81, 0x06, 0x36, 0x34, 0x38,
+                      0x32, 0x31,
+                      0x39, 0x82, 0x08, 0x35, 0x37, 0x36, 0x32, 0x31, 0x38,
+                      0x38, 0x30, 0x91, 0x01, 0x03]
        response = send_apdu(card, [0x80, 0x50], 0x00, 0x00, reset_data)

-        response = send_apdu(card, 0xB1, 0xCE, 0x00, [0x54,0x02,0x00,0x00])
+        response = send_apdu(card, 0xB1, 0xCE, 0x00, [0x54, 0x02, 0x00, 0x00])

        cert = bytearray(response)
        Y = CVC().decode(cert).pubkey().find(0x86).data()
        print(f'Public Point: {hexlify(Y).decode()}')

-        user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7'
+        user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; '
+        'rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7'
        pbk = base64.urlsafe_b64encode(Y)
-        data = urllib.parse.urlencode({'pubkey':pbk}).encode()
-        req = urllib.request.Request("https://www.henarejos.me/pico-hsm/cvc/", method='POST', data=data, headers={'User-Agent':user_agent,} ) #The assembled request
+        data = urllib.parse.urlencode({'pubkey': pbk}).encode()
+        req = urllib.request.Request("https://www.henarejos.me/pico-hsm/cvc/",
+                                     method='POST',
+                                     data=data,
+                                     headers={'User-Agent': user_agent, })
        response = urllib.request.urlopen(req)
        resp = response.read().decode('utf-8')
        j = json.loads(resp)
        print('Device name: '+j['devname'])
-        dataef = base64.urlsafe_b64decode(j['cvcert']) + base64.urlsafe_b64decode(j['dvcert'])
+        dataef = base64.urlsafe_b64decode(
+            j['cvcert']) + base64.urlsafe_b64decode(j['dvcert'])

-        response = send_apdu(card, 0xa4, 0x00, 0x00, [0x2f,0x02])
+        response = send_apdu(card, 0xa4, 0x00, 0x00, [0x2f, 0x02])
        pin = b'648219'
        response = send_apdu(card, 0x20, 0x00, 0x81, list(pin))

-        apdu_data = [0x54, 0x02, 0x00, 0x00] + list(ASN1.make_tag(0x53, dataef))
+        apdu_data = [0x54, 0x02, 0x00, 0x00] + \
+            list(ASN1.make_tag(0x53, dataef))
        response = send_apdu(card, 0xd7, 0x00, 0x00, apdu_data)

        print('Certificate uploaded successfully!')
        print('')
-        print('Note that the device is initialized with a default PIN and configuration.')
-        print('Now you can initialize the device as usual with you chosen PIN and configuration options.')
+        print('Note that the device is initialized with a default PIN and '
+              'configuration.')
+        print('Now you can initialize the device as usual with you chosen PIN '
+              'and configuration options.')

    except CardRequestTimeoutException:
        print('time-out: no card inserted during last 10s')

+
 def run():
    main()

+
 if __name__ == "__main__":
    run()
-    
--- a/doc/public_key_authentication.md
+++ b/doc/public_key_authentication.md
@ -86,7 +86,7 @@ sc-hsm-tool -X --so-pin 1234567890123456 --pin 648219 -K 1 -n 1 -s 1

 and PKA and PIN are enabled, jointly with DKEK protection.

-### With SCS3
+###<EFBFBD>With SCS3

 Unfortunately, SCS3 does not allow to initialize the device with PKA and PIN at the same time, though it can be achieved in separated steps: