Trezor is a hardware wallet for many purposes. For instance, you can use it to encrypt/decrypt a message.
In this article you'll learn how to create a simple program that encrypts and decrypts a message with the help of the Trezor hardware wallet.
This is a terminal app, but you could create a GUI for it with PyQt.
Ill give it a try.
Setup
So how do we do that? First make sure you know the python basics. You need Python 3.x, can't go with the old 2.x. Then install trezorlib.
pip install trezor
You may also know some other modules.
Example
The program I'll make will ask the user for a message, encrypt it, and then ask for confirmation for both encrypting and decrypting.
Connect to the trezor like this:
#!/usr/bin/python3
device = get_transport()
client = TrezorClient(transport=device, ui=ui.ClickUI())
Then I create functions for encryption and decryption:
#!/usr/bin/python3
def encrypt(key, value):
addr = [0,1,2]
enc = misc.encrypt_keyvalue(client, addr, key, value, ask_on_encrypt=True, ask_on_decrypt=True)
return enc
def decrypt(key, value):
addr = [0,1,2]
dec = misc.decrypt_keyvalue(client, addr, key, binascii.unhexlify(value), ask_on_encrypt=True, ask_on_decrypt=True)
return dec
This implementation uses the AES block cipher, aka the encryption algorithm.
(yeah, we'll skip explaining the algorithm for now).
Why is that important? It means that the message length must be a multiple of 16 for the blocks. To ensure that, you can use simple padding:
plain = plain.ljust(256, ' ')
The key is hard-coded in the code
key = "password"
So what do you need Trezor for? In this implementation, you need to have the Trezor connected to decrypt and encrypt the message. Think of it like U2F.
Of course, without compiling the code an attacker could easily change it. Overall, first attempt.
In any case, don't hardcode the password.
Sums up and some more this and that:
#!/usr/bin/python3
import unittest
import common
import binascii
from trezorlib.tools import parse_path
from trezorlib import tezos, ui, device
from trezorlib import messages as proto
from trezorlib.transport import TransportException
from trezorlib.exceptions import TrezorFailure
from trezorlib import btc, coins, messages as proto, tools, ui
from trezorlib.client import TrezorClient
from trezorlib.transport import get_transport
from trezorlib import misc
device = get_transport()
client = TrezorClient(transport=device, ui=ui.ClickUI())
def encrypt(key, value):
addr = [0,1,2]
enc = misc.encrypt_keyvalue(client, addr, key, value, ask_on_encrypt=True, ask_on_decrypt=True)
return enc
def decrypt(key, value):
addr = [0,1,2]
dec = misc.decrypt_keyvalue(client, addr, key, binascii.unhexlify(value), ask_on_encrypt=True, ask_on_decrypt=True)
return dec
plain = input("Enter message: ")
plain = plain.ljust(256, ' ')
message = plain.encode()
key = "password"
res = encrypt(key, message)
print(res.hex())
dec = decrypt(key,res.hex())
print(dec)
Related links:
Top comments (0)