SmartPGP/bin/smartpgp-cli

#!/usr/bin/env python

# SmartPGP : JavaCard implementation of OpenPGP card v3 specification
# https://github.com/ANSSI-FR/SmartPGP
# Copyright (C) 2016 ANSSI

# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.

# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

import argparse
import os
import sys

from getpass import getpass

from smartpgp.highlevel import *

VALID_COMMANDS={
        'list-readers':CardConnectionContext.cmd_list_readers,
        'full-reset':  CardConnectionContext.cmd_full_reset,
        'reset':       CardConnectionContext.cmd_reset,
        'switch-rsa2048':  CardConnectionContext.cmd_switch_rsa2048,
        'switch-rsa3072':  CardConnectionContext.cmd_switch_rsa3072,
        'switch-rsa4096':  CardConnectionContext.cmd_switch_rsa4096,
        'switch-bp256':CardConnectionContext.cmd_switch_bp256,
        'switch-bp384':CardConnectionContext.cmd_switch_bp384,
        'switch-bp512':CardConnectionContext.cmd_switch_bp512,
        'switch-p256': CardConnectionContext.cmd_switch_p256,
        'switch-p384': CardConnectionContext.cmd_switch_p384,
        'switch-p521': CardConnectionContext.cmd_switch_p521,
        'generate-sm-key': CardConnectionContext.cmd_generate_sm_key,
        'get-sm-key': CardConnectionContext.cmd_get_sm_key,
        'set-resetting-code': CardConnectionContext.cmd_set_resetting_code,
        'unblock-pin': CardConnectionContext.cmd_unblock_pin,
        'put-sm-key': CardConnectionContext.cmd_put_sm_key,
        'put-sign-certificate': CardConnectionContext.cmd_put_sign_certificate,
        'put-auth-certificate': CardConnectionContext.cmd_put_auth_certificate,
        'put-sm-certificate': CardConnectionContext.cmd_put_sm_certificate,
        'get-sm-certificate': CardConnectionContext.cmd_get_sm_certificate,
        'put-aes-key': CardConnectionContext.cmd_put_aes_key,
        'encrypt-aes': CardConnectionContext.cmd_encrypt_aes,
        'decrypt-aes': CardConnectionContext.cmd_decrypt_aes,
        'get-kdf': CardConnectionContext.cmd_get_kdf,
        'set-kdf': CardConnectionContext.cmd_set_kdf,
        'setup-kdf': CardConnectionContext.cmd_setup_kdf,
        }

def read_pin_interactive(name):
    pw = getpass("Enter %s PIN: " % name)
    return pw

def parse_args(ctx):
    parser = argparse.ArgumentParser()
    parser.add_argument("command", help="The command. Valid commands are: %s" % ', '.join([c for c in VALID_COMMANDS.keys()]))
    parser.add_argument("-r", "--reader", type=int,
            help="Select reader index (default: 0)")
    parser.add_argument("-i", "--input", type=str,
            help="Input file for commands requiring input data (other than PIN codes)")
    parser.add_argument("-o", "--output", type=str,
            help="Output file for commands emitting output data")
    group = parser.add_mutually_exclusive_group()
    group.add_argument("-p", "--pin", type=str,
            help="Admin PIN (default: 12345678). Use ENV:VARNAME to read from an environment variable")
    group.add_argument("-I", "--interactive", action='store_true',
            help="Ask Admin PIN interactively")
    args = parser.parse_args()
    # option -r
    ctx.reader_index = args.reader or 0
    # option -p
    if args.pin is not None:
        if args.pin.startswith('ENV:'):
            varname = args.pin[4:]
            try:
                ctx.admin_pin=os.environ[varname]
            except KeyError,e:
                print "Environment variable %s not found" % varname
                sys.exit(1)
        else:
            ctx.admin_pin = args.pin
    # option -I
    if args.interactive:
        ctx.set_pin_read_function(read_pin_interactive)
    # option -i
    ctx.input = args.input
    # option -O
    ctx.output = args.output
    return ctx,args

def main():
    ctx = CardConnectionContext()
    ctx,args = parse_args(ctx)
    if args.command in VALID_COMMANDS:
        VALID_COMMANDS[args.command](ctx)
    else:
        print "Unknown command '%s'" % args.command
        print "Run '%s -h' for help" % sys.argv[0]
        sys.exit(1)

if __name__=='__main__':
    main()
Initial commit 2016-10-21 12:56:47 +00:00			`#!/usr/bin/env python`

			`# SmartPGP : JavaCard implementation of OpenPGP card v3 specification`
Update github project URL in header 2016-10-24 08:45:50 +00:00			`# https://github.com/ANSSI-FR/SmartPGP`
Initial commit 2016-10-21 12:56:47 +00:00			`# Copyright (C) 2016 ANSSI`

			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of the GNU General Public License`
			`# as published by the Free Software Foundation; either version 2`
			`# of the License, or (at your option) any later version.`

			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`

			`# You should have received a copy of the GNU General Public License`
			`# along with this program; if not, write to the Free Software`
			`# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`

			`import argparse`
			`import os`
			`import sys`

			`from getpass import getpass`

			`from smartpgp.highlevel import *`

			`VALID_COMMANDS={`
			`'list-readers':CardConnectionContext.cmd_list_readers,`
			`'full-reset': CardConnectionContext.cmd_full_reset,`
			`'reset': CardConnectionContext.cmd_reset,`
smartpgp-cli: add switch commands for RSA 2021-07-15 08:37:17 +00:00			`'switch-rsa2048': CardConnectionContext.cmd_switch_rsa2048,`
			`'switch-rsa3072': CardConnectionContext.cmd_switch_rsa3072,`
			`'switch-rsa4096': CardConnectionContext.cmd_switch_rsa4096,`
Initial commit 2016-10-21 12:56:47 +00:00			`'switch-bp256':CardConnectionContext.cmd_switch_bp256,`
			`'switch-bp384':CardConnectionContext.cmd_switch_bp384,`
			`'switch-bp512':CardConnectionContext.cmd_switch_bp512,`
			`'switch-p256': CardConnectionContext.cmd_switch_p256,`
			`'switch-p384': CardConnectionContext.cmd_switch_p384,`
			`'switch-p521': CardConnectionContext.cmd_switch_p521,`
			`'generate-sm-key': CardConnectionContext.cmd_generate_sm_key,`
smartpgp-cli: add getm-sm-key command 2020-05-15 08:36:47 +00:00			`'get-sm-key': CardConnectionContext.cmd_get_sm_key,`
Initial commit 2016-10-21 12:56:47 +00:00			`'set-resetting-code': CardConnectionContext.cmd_set_resetting_code,`
			`'unblock-pin': CardConnectionContext.cmd_unblock_pin,`
			`'put-sm-key': CardConnectionContext.cmd_put_sm_key,`
smartpgp-cli: add put AUTH and SIGN certificates 2018-11-30 12:38:25 +00:00			`'put-sign-certificate': CardConnectionContext.cmd_put_sign_certificate,`
			`'put-auth-certificate': CardConnectionContext.cmd_put_auth_certificate,`
Initial commit 2016-10-21 12:56:47 +00:00			`'put-sm-certificate': CardConnectionContext.cmd_put_sm_certificate,`
			`'get-sm-certificate': CardConnectionContext.cmd_get_sm_certificate,`
Add support for AES commands in smartpgp-cli 2017-07-11 14:57:11 +00:00			`'put-aes-key': CardConnectionContext.cmd_put_aes_key,`
			`'encrypt-aes': CardConnectionContext.cmd_encrypt_aes,`
			`'decrypt-aes': CardConnectionContext.cmd_decrypt_aes,`
smartpgp-cli: get KDF-DO 2018-02-09 09:56:51 +00:00			`'get-kdf': CardConnectionContext.cmd_get_kdf,`
smartpgp-cli: set KDF-DO 2018-02-09 09:53:10 +00:00			`'set-kdf': CardConnectionContext.cmd_set_kdf,`
Implement setup-kdf in smartpgp-cli 2020-01-23 18:37:41 +00:00			`'setup-kdf': CardConnectionContext.cmd_setup_kdf,`
Initial commit 2016-10-21 12:56:47 +00:00			`}`

			`def read_pin_interactive(name):`
			`pw = getpass("Enter %s PIN: " % name)`
			`return pw`

			`def parse_args(ctx):`
			`parser = argparse.ArgumentParser()`
			`parser.add_argument("command", help="The command. Valid commands are: %s" % ', '.join([c for c in VALID_COMMANDS.keys()]))`
			`parser.add_argument("-r", "--reader", type=int,`
			`help="Select reader index (default: 0)")`
			`parser.add_argument("-i", "--input", type=str,`
			`help="Input file for commands requiring input data (other than PIN codes)")`
			`parser.add_argument("-o", "--output", type=str,`
			`help="Output file for commands emitting output data")`
			`group = parser.add_mutually_exclusive_group()`
			`group.add_argument("-p", "--pin", type=str,`
			`help="Admin PIN (default: 12345678). Use ENV:VARNAME to read from an environment variable")`
			`group.add_argument("-I", "--interactive", action='store_true',`
			`help="Ask Admin PIN interactively")`
			`args = parser.parse_args()`
			`# option -r`
			`ctx.reader_index = args.reader or 0`
			`# option -p`
			`if args.pin is not None:`
			`if args.pin.startswith('ENV:'):`
			`varname = args.pin[4:]`
			`try:`
			`ctx.admin_pin=os.environ[varname]`
			`except KeyError,e:`
			`print "Environment variable %s not found" % varname`
			`sys.exit(1)`
			`else:`
			`ctx.admin_pin = args.pin`
			`# option -I`
			`if args.interactive:`
			`ctx.set_pin_read_function(read_pin_interactive)`
			`# option -i`
			`ctx.input = args.input`
			`# option -O`
			`ctx.output = args.output`
			`return ctx,args`

			`def main():`
			`ctx = CardConnectionContext()`
			`ctx,args = parse_args(ctx)`
			`if args.command in VALID_COMMANDS:`
			`VALID_COMMANDS[args.command](ctx)`
			`else:`
			`print "Unknown command '%s'" % args.command`
			`print "Run '%s -h' for help" % sys.argv[0]`
			`sys.exit(1)`

			`if __name__=='__main__':`
			`main()`