Coverage for adm_ledger.py: 82%

49 statements  

« prev     ^ index     » next       coverage.py v7.5.3, created at 2025-07-10 13:43 +0000

1# The MIT License (MIT) 

2# 

3# Copyright (c) 2021 RSK Labs Ltd 

4# 

5# Permission is hereby granted, free of charge, to any person obtaining a copy of 

6# this software and associated documentation files (the "Software"), to deal in 

7# the Software without restriction, including without limitation the rights to 

8# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies 

9# of the Software, and to permit persons to whom the Software is furnished to do 

10# so, subject to the following conditions: 

11# 

12# The above copyright notice and this permission notice shall be included in all 

13# copies or substantial portions of the Software. 

14# 

15# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 

16# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 

17# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 

18# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 

19# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 

20# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 

21# SOFTWARE. 

22 

23import sys 

24from argparse import ArgumentParser 

25import logging 

26from ledger.hsm2dongle import HSM2DongleError 

27from comm.platform import Platform 

28from admin.misc import not_implemented, info, AdminError, DEFAULT_ATT_UD_SOURCE 

29from admin.unlock import do_unlock 

30from admin.onboard import do_onboard 

31from admin.pubkeys import do_get_pubkeys 

32from admin.changepin import do_changepin 

33from admin.ledger_attestation import do_attestation 

34from admin.verify_ledger_attestation import do_verify_attestation 

35from admin.authorize_signer import do_authorize_signer 

36 

37 

38def main(): 

39 logging.disable(logging.CRITICAL) 

40 

41 actions = { 

42 "unlock": do_unlock, 

43 "onboard": do_onboard, 

44 "pubkeys": do_get_pubkeys, 

45 "changepin": do_changepin, 

46 "attestation": do_attestation, 

47 "verify_attestation": do_verify_attestation, 

48 "authorize_signer": do_authorize_signer, 

49 } 

50 

51 parser = ArgumentParser(description="Ledger powHSM Administrative tool") 

52 parser.add_argument("operation", choices=list(actions.keys())) 

53 parser.add_argument("-p", "--pin", dest="pin", help="PIN.") 

54 parser.add_argument( 

55 "-n", 

56 "--newpin", 

57 dest="new_pin", 

58 help="New PIN (only valid for 'changepin' operation).", 

59 ) 

60 parser.add_argument( 

61 "-a", 

62 "--anypin", 

63 dest="any_pin", 

64 action="store_const", 

65 help="Allow any pin (only valid for 'changepin' operation).", 

66 default=False, 

67 const=True, 

68 ) 

69 parser.add_argument( 

70 "-o", 

71 "--output", 

72 dest="output_file_path", 

73 help="Output file (only valid for 'onboard', 'pubkeys' and 'attestation' " 

74 "operations).", 

75 ) 

76 parser.add_argument( 

77 "-u", 

78 "--nounlock", 

79 dest="no_unlock", 

80 action="store_const", 

81 help="Do not attempt to unlock (only valid for 'changepin' and 'pubkeys' " 

82 "operations).", 

83 default=False, 

84 const=True, 

85 ) 

86 parser.add_argument( 

87 "-e", 

88 "--noexec", 

89 dest="no_exec", 

90 action="store_const", 

91 help="Do not attempt to execute the signer after unlocking (only valid for the " 

92 "'unlock' operation).", 

93 default=False, 

94 const=True, 

95 ) 

96 parser.add_argument( 

97 "-t", 

98 "--attcert", 

99 dest="attestation_certificate_file_path", 

100 help="Attestation key certificate file (only valid for 'attestation' and " 

101 "'verify_attestation' operations).", 

102 ) 

103 parser.add_argument( 

104 "-r", 

105 "--root", 

106 dest="root_authority", 

107 help="Root attestation authority (only valid for 'verify_attestation' " 

108 "operation). Defaults to Ledger's root authority.", 

109 ) 

110 parser.add_argument( 

111 "-b", 

112 "--pubkeys", 

113 dest="pubkeys_file_path", 

114 help="Public keys file (only valid for 'verify_attestation' operation).", 

115 ) 

116 parser.add_argument( 

117 "--attudsource", 

118 dest="attestation_ud_source", 

119 default=DEFAULT_ATT_UD_SOURCE, 

120 help="JSON-RPC endpoint used to retrieve the latest RSK block hash used " 

121 "as the user defined value for the attestation (defaults to " 

122 f"{DEFAULT_ATT_UD_SOURCE}). Can also specify a 32-byte hex string to use as" 

123 " the value.", 

124 ) 

125 parser.add_argument( 

126 "-z", 

127 "--signauth", 

128 dest="signer_authorization_file_path", 

129 help="Signer authorization file (only valid for 'authorize_signer' " 

130 "operations).", 

131 ) 

132 parser.add_argument( 

133 "-v", 

134 "--verbose", 

135 dest="verbose", 

136 action="store_const", 

137 help="Enable verbose mode", 

138 default=False, 

139 const=True, 

140 ) 

141 

142 try: 

143 options = parser.parse_args() 

144 Platform.set(Platform.LEDGER) 

145 actions.get(options.operation, not_implemented)(options) 

146 sys.exit(0) 

147 except AdminError as e: 

148 info(str(e)) 

149 sys.exit(1) 

150 except HSM2DongleError as e: 

151 info(str(e)) 

152 sys.exit(2) 

153 except KeyboardInterrupt: 

154 info("Interrupted by user!") 

155 sys.exit(3) 

156 except Exception as e: 

157 info(str(e)) 

158 sys.exit(4) 

159 

160 

161if __name__ == "__main__": 

162 main()