search

polhenarejos / pico-fido

Transforming a Raspberry Pico into a FIDO Passkey
https://www.picokeys.com
GNU General Public License v3.0
270 stars 36 forks source link

Can't use pico-fido-tool.py secure function #23

Closed M11158002 closed 10 months ago

M11158002 commented 11 months ago

An error occurred while enabling the secure feature using pico-fido-tool.py

Pico Fido Tool v1.5
Author: Pol Henarejos
Report bugs to https://github.com/polhenarejos/pico-fido/issues

Traceback (most recent call last):
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 469, in <module>
    run()
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 466, in run
    main(args)
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 458, in main
    secure(vdr, args)
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 416, in secure
    vdr.enable_device_aut()
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 375, in enable_device_aut
    ct = self.get_skey()
         ^^^^^^^^^^^^^^^
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 371, in get_skey
    ct = self.encrypt_chacha(self._get_key_device())
                             ^^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 367, in _get_key_device
    return skey.get_secure_key()
           ^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/Documents/pico/pico-fido/tools/secure_key/windows.py", line 44, in get_secure_key
    return get_d(key.encode())
                 ^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'encode'
polhenarejos commented 11 months ago

Open your python

import keyring

key = keyring.get_password(DOMAIN, USERNAME)

Does `key` return `NoneType`  or raises an exception?

- 2nd:

import keyring from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat, NoEncryption, load_pem_private_key from cryptography.hazmat.primitives.asymmetric import ec pkey = ec.generate_private_key(ec.SECP256R1()) keyring.set_password("test", "test", pkey.private_bytes(Encoding.PEM, PrivateFormat.PKCS8, NoEncryption()).decode()) key = keyring.get_password(DOMAIN, USERNAME)


Does `key` return `NoneType`  or raises an exception?
M11158002 commented 11 months ago

None of these two 1st:No 2nd:No

polhenarejos commented 11 months ago

Sorry, the 2nd is wrong. Please use this:

import keyring
DOMAIN = "PicoKeys.com"
USERNAME = "Pico-Fido"
from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat, NoEncryption, load_pem_private_key
from cryptography.hazmat.primitives.asymmetric import ec
pkey = ec.generate_private_key(ec.SECP256R1())
keyring.set_password(DOMAIN, USERNAME, pkey.private_bytes(Encoding.PEM, PrivateFormat.PKCS8, NoEncryption()).decode())
key = keyring.get_password(DOMAIN, USERNAME)
M11158002 commented 11 months ago

Both of these can be executed normally

polhenarejos commented 10 months ago

But in the 3rd code, is key of NoneType or exists?

M11158002 commented 10 months ago

key return str

-----BEGIN PRIVATE KEY-----
******************************************************
******************************************************
**********************************************
-----END PRIVATE KEY-----
polhenarejos commented 10 months ago

Now that you've generated the key, does backup work?

M11158002 commented 10 months ago

Refer to the backup process mentioned in #22 and the execution of "python3 pico-fido-tool.py --pin 123456 secure enable" pico-fido-tool.py will not end. After debugging, I saw that it stopped at line 94 "enable_device_aut _call"

M11158002 commented 10 months ago

Refer to the backup process mentioned in #22 and the execution of "python3 pico-fido-tool.py --pin 123456 secure enable" pico-fido-tool.py will not end. After debugging, I saw that it stopped at line 94 "enable_device_aut _call"

Sorry, it can run normally after compiling the development version of the firmware. Thanks.