I have tried to install app-ethereum that was successful.
Then I tried to install it using the debug mode.
The install failed.
I am not able to reinstall it again as it seems the app storage is full (tried with blue-loader and ledger live)

Looking at USB debug I am getting
Warning: cannot query manufacturer for VID=0x2c97 PID=0x1011: Result too large

Any way to wipe the storage without whipping the enclave so that I don't have to do the setup again?

When running loadApp, it fails on installing to Ledger Nano S running firmware 1.55.

Command:
python -m ledgerblue.loadApp --appFlags 0x40 --apdu --tlv --targetId 0x31100004 --delete --fileName app.hex --appName "Ravencoin" --appVersion 1.3.2 --dataSize 0x00000000 --icon 0100000000ffffff00ffffffffffff1ffc0ff80fe107c0078003f003f807f81ffc3ffcfffcffffffff

Error:
sha256.update(struct.pack('>I', targetId) + bytes(targetVersion, 'utf-8')) TypeError: encoding without a string argument``

I don't see any examples of setting the --targetVersion parameter. It seems to work for most people without? Not sure what's going on here.

Is there anything new required to use the scripts with a Ledger Nano X?

Running:
python -m ledgerblue.checkGenuine --targetId 0x33000004

Results in:

> python -m ledgerblue.checkGenuine --targetId 0x33000004
Traceback (most recent call last):
  File "C:\Python27\lib\runpy.py", line 174, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "C:\Python27\lib\runpy.py", line 72, in _run_code
    exec code in run_globals
  File "C:\dev\ledger\blue-loader-python\ledgerblue\checkGenuine.py", line 140, in <module>
    secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
  File "C:\dev\ledger\blue-loader-python\ledgerblue\checkGenuine.py", line 58, in getDeployedSecretV2
    dongle.exchange(apdu)
  File "ledgerblue\comm.py", line 135, in exchange
    raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 69d5 (Unknown reason)

The same thing with a Ledger Nano S:

python -m ledgerblue.checkGenuine --targetId 0x31100004

Results in (I have loaded a custom CA so that message is expected):

> python -m ledgerblue.checkGenuine --targetId 0x31100004
WARNING : Product is genuine but has a Custom CA loaded
SE Version 1.5.5
MCU Version 1.7
MCU Hash 2013fe17e06cf2f710d33328aa46d1053f8fadd48dcaeca2c5512dd79e2158d5

Using ledgerblue in coordination with various Ethereum tools (e.g. https://github.com/ethereum/web3.py/blob/master/setup.py#L27) is problematic as pycryptodome has replaced pycrypto in most modern tool dependency trees. As pycryptodome is largely a drop-in replacement for pycrypto, updating this dependency would solve a significant amount of headache.

Information

• Python 2.7.6
• ledgerblue 1.1.16

Description

When loading an application on the ledger, I am seeing the following error:

Traceback (most recent call last):
  File "/usr/lib/python2.7/runpy.py", line 162, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
    exec code in run_globals
  File "/usr/local/lib/python2.7/dist-packages/ledgerblue/loadApp.py", line 174, in <module>
    loader.createApp(args.appFlags, appLength, args.appName, icon, path, None, None, args.appVersion)
  File "/usr/local/lib/python2.7/dist-packages/ledgerblue/hexLoader.py", line 163, in createApp
    data = self.encryptAES(data)
  File "/usr/local/lib/python2.7/dist-packages/ledgerblue/hexLoader.py", line 95, in encryptAES
    encryptedData = cipher.encrypt(paddedData)
  File "/usr/lib/python2.7/dist-packages/Crypto/Cipher/blockalgo.py", line 244, in encrypt
    return self._cipher.encrypt(plaintext)
TypeError: argument must be string or read-only buffer, not bytearray
make: *** [load] Error 1

This appears to be due to the change to hexLoader.py here ed1e3a4 for Python 3 compatibility, which unfortunately does not with python 2.7.x.

Version 0.1.15 works correctly and as intended.

OS: MacOS Sierra 10.12.5
device: Ledger Nano S
firmware: 1.4.1
Script: Any
Python: Either 2.7 or 3 - same results.
command: python -m ledgerblue.checkGenuine --targetId 0x31100003
Version: 0.1.17 (commit 01ac90675898c14c5d2b1cef379cfdcc5774fe4f - ie. non pip version)
trace (for checkGenuine.py - but replace for any script):

Traceback (most recent call last):
  File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/Users/tadhgriordan/Documents/blue-loader-python/ledgerblue/checkGenuine.py", line 137, in <module>
    dongle = getDongle(args.apdu)
  File "/Users/tadhgriordan/Documents/blue-loader-python/ledgerblue/comm.py", line 221, in getDongle
    raise CommException("No dongle found")
ledgerblue.commException.CommException: Exception : No dongle found

Ledger is recognised by my machine for all Apps, Ledger Manager, MyEtherWallet etc.
running system_profiler SPUSBDataType:

Nano S:

     Product ID: 0x0001
     Vendor ID: 0x2c97
     Version: 2.00
     Serial Number: 0001
     Speed: Up to 12 Mb/sec
     Manufacturer: Ledger
     Location ID: 0x14400000 / 8
     Current Available (mA): 500
     Current Required (mA): 100
     Extra Operating Current (mA): 0

I have another Nano S on 1.3 which works as normal.

when trying to do checkGenuine, I receive this:

$ python -m ledgerblue.checkGenuine --targetId 0x31100002
Traceback (most recent call last):
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
    exec code in run_globals
  File "/Users/geoff/src/ledger/ledger/lib/python2.7/site-packages/ledgerblue/checkGenuine.py", line 129, in <module>
    secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
  File "/Users/geoff/src/ledger/ledger/lib/python2.7/site-packages/ledgerblue/checkGenuine.py", line 40, in getDeployedSecretV2
    dongle.exchange(apdu)
  File "/Users/geoff/src/ledger/ledger/lib/python2.7/site-packages/ledgerblue/comm.py", line 130, in exchange
    raise CommException("Invalid status %04x" % sw, sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6a84

OS: MacOS Sierra 10.12.6
device: Ledger Nano S
firmware: 1.4.1
Script(s): loadApp
Python: 3.6.4 (virtualenv)
command (from blue-app-btc root):
python -m ledgerblue.loadApp --appFlags 0x50 --curve secp256k1 --targetId 0x31100003 --fileName bin/app.hex --appName "Bitcoin" --path ""
Version: 0.1.17 (commit ab58917 - ie. non pip version)
trace:

Traceback (most recent call last):
  File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/Users/tadhgriordan/.virtualenvs/ledger/lib/python3.6/site-packages/ledgerblue-0.1.17-py3.6.egg/ledgerblue/loadApp.py", line 248, in <module>
    loader.createAppNoInstallParams(args.appFlags, appLength, args.appName, args.icon, path, None, None, args.appVersion)
  File "/Users/tadhgriordan/.virtualenvs/ledger/lib/python3.6/site-packages/ledgerblue-0.1.17-py3.6.egg/ledgerblue/hexLoader.py", line 344, in createAppNoInstallParams
    self.exchange(self.cla, 0x00, 0x00, 0x00, data)
  File "/Users/tadhgriordan/.virtualenvs/ledger/lib/python3.6/site-packages/ledgerblue-0.1.17-py3.6.egg/ledgerblue/hexLoader.py", line 194, in exchange
    return self.scpUnwrap(bytes(self.card.exchange(apdu)))
  File "/Users/tadhgriordan/.virtualenvs/ledger/lib/python3.6/site-packages/ledgerblue-0.1.17-py3.6.egg/ledgerblue/comm.py", line 129, in exchange
    raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6700 (Unknown reason)

status 6700 is incorrect length.

can u please help me understand what --icon format I should provide

Was meaning to run a hardware integrity test on my Nano S Plus, instead I get an exception

Running Python 3.10.2 using virtualenv in MacOS and libtool 2.4.7 installed via brew

Command ran

python3 -m ledgerblue.checkGenuine --targetId 0x33100004

Error

Traceback (most recent call last):
  File "/usr/local/Cellar/[email protected]/3.10.2/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", line 196, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/usr/local/Cellar/[email protected]/3.10.2/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", line 86, in _run_code
    exec(code, run_globals)
  File "/usr/local/lib/python3.10/site-packages/ledgerblue/checkGenuine.py", line 137, in <module>
    secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
  File "/usr/local/lib/python3.10/site-packages/ledgerblue/checkGenuine.py", line 44, in getDeployedSecretV2
    dongle.exchange(apdu)
  File "/usr/local/lib/python3.10/site-packages/ledgerblue/comm.py", line 145, in exchange
    raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6d06 (Unknown reason)

I'm trying to load one of the sample apps to a brand new Ledger Blue (Firmware: MCU 3.4-hw15, SE: 2.1.1). I've tried using both --targetId 0x31000002 and --targetId 0x31000004 and neither one works.

With 0x31000002, I get "Target ID does not support SCP V2", and with 0x31000004 I get "Invalid status 6484". Is there a different targetId I should be using? If so, where should I have found that information?

As documented here:

https://ledger.readthedocs.io/en/latest/userspace/debugging.html

I swear this used to work, but now I get

ledgerblue.commException.CommException: Exception : Invalid status 6984 (Unknown reason)

when trying to load either the updater or the firmware.

• Python 2.7
• Nano S - open at dashboard
• ECPy version==0.8.1 (to get around 'ECPy requires Python '>=3' but the running Python is 2.7.13' issue)

Command:
$ python -m ledgerblue.runApp --targetId 0x31100002 --appName Bitcoin

Trace:

Traceback (most recent call last):
  File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 174, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
    exec code in run_globals
  File "/usr/local/lib/python2.7/site-packages/ledgerblue/runApp.py", line 61, in <module>
    loader.runApp(args.appName)
  File "/usr/local/lib/python2.7/site-packages/ledgerblue/hexLoader.py", line 242, in runApp
    self.exchange(self.cla, 0x00, 0x00, 0x00, data)
  File "/usr/local/lib/python2.7/site-packages/ledgerblue/hexLoader.py", line 86, in exchange
    return self.card.exchange(apdu)
  File "/usr/local/lib/python2.7/site-packages/ledgerblue/comm.py", line 130, in exchange
    raise CommException("Invalid status %04x" % sw, sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6d00

results appear to be the same regardless of the argument passed to --appName (or whether or not the argument is enclosed in quotes).

Hi,
I am trying to load the app boilerplate on a Nano X.
The development environment was setup using the setup-env script from https://developers.ledger.com/docs/nano-app/quickstart.
When I load the app using make load, it fails with the following backtrace:

Traceback (most recent call last):
  File "/usr/lib/python3.8/runpy.py", line 194, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/usr/lib/python3.8/runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "/home/user/.local/lib/python3.8/site-packages/ledgerblue/loadApp.py", line 204, in <module>
    secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId)
  File "/home/user/.local/lib/python3.8/site-packages/ledgerblue/deployed.py", line 115, in getDeployedSecretV2
    dongle.exchange(apdu)
  File "/home/user/.local/lib/python3.8/site-packages/ledgerblue/comm.py", line 145, in exchange
    raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 69d5 (Unknown reason)

• Python 3.6, Windows 10, Powershell
• Nano S
• Firmware: 1.4.2, MCU 1.5

Python input (setupCustomCA) :
python -m ledgerblue.setupCustomCA --targetId 0x31100003 --name backpacker69 --public 04300986d41d30de87eea1c33b8783f6ddb9c26df5278818a464b3fd2ba5026df16510628fb8ada3033fc605ebf409070b408fa49423c2b1f543fa542e098947a2 --apdu

APDU output:
`

• Generated random root public key : b'046dcb1c3d104349658596ebbb0e1c1eb35e3d5a3d936a99c3319d90a9cf3871a252b4b2a1c483bfdc879c3f72eb0516eecf0b9d88c9bd595c525ebaaa2ebff3c6'
• HID => e00400000431100003
• HID <= 9000
• HID => e05000000814d27deef414d94d
• HID <= 000000023de1f6f99f3efa859000
• Using test master key b'046dcb1c3d104349658596ebbb0e1c1eb35e3d5a3d936a99c3319d90a9cf3871a252b4b2a1c483bfdc879c3f72eb0516eecf0b9d88c9bd595c525ebaaa2ebff3c6'
• HID => e05100008a41046dcb1c3d104349658596ebbb0e1c1eb35e3d5a3d936a99c3319d90a9cf3871a252b4b2a1c483bfdc879c3f72eb0516eecf0b9d88c9bd595c525ebaaa2ebff3c6473045022040f8625684543ebb9931511e399953ebfb01df29eb722acb084f6834fb646a28022100f95d8ae8ac66568628f8018c90e8eb3643ac58b29a6989aa1a5ce9c2cb4cefda
• HID <= 9000
• Using ephemeral key b'04ff9a8c1b3feaf2f0c3047f72328e304b1698e84d9ff2fd5f09573b1c9d0c2b095ad628ec80027dce859436121dc47a8954f07300af517db5f125059b002d4807'
• HID => e0518000894104ff9a8c1b3feaf2f0c3047f72328e304b1698e84d9ff2fd5f09573b1c9d0c2b095ad628ec80027dce859436121dc47a8954f07300af517db5f125059b002d4807463044022056b8173024acccb4f47588d55374c99ed5e8f1d74a9d42f472cc14e159142e69022041ae96fdf2f7a41fb729bd7678a1e6df780ba14a1b92fcee1701e73b0202ba40
• HID <= 9000
• HID => e052000000
• HID <= 0790fe4021bc49554104a9aa4435d956f97024060b1e8e0f95c1e6a6a4576e059ff898d252a6a7bb7b2ddabfe6a1fce6279b9f75e1a04548e55efae02b755cbefbbfa31a04e7136698894630440220642cc236bf2a1358801f76410416a7fa7ec17a90ab428fd07682d06b8b3f5cd602202db833d93cbdf189a07eb94070093f2dcb58ebfbaabef867e3cea60b6e2cd9179000
• Broken certificate chain - loading from user key
• HID => e052800000
• HID <= 0041041575c8e7d3023abe839342c0a9fd61a40d9a9fedaee0a975354e69c03f24612ea9bf0d8dc323930e96721afdbae7393880439198826e0ceb79d9b7427aa22065473045022100bddae7100db49d90101bd43d8203e701223027d1faeb927ea465920a9c1cc67502202f963bc12e10540e69d427db12a9b9a863cc68c5101a855a08659362a20189ff9000
• HID => e053000000
• HID <= 9000
• HID => e00000006ea847906f6b195fa5f7becc700dbafcb8c7c9a451bc606a77ced0f434c93e57dcd519f205be22902cd14a920e5937f6da30bbb982a7dc045ae55ecfb24a1d598a817b27f0a81f0371320316ed704d2a189c1573864113729b2c1ab0d734663d36cd1571fa113dfb4defe827bd33dd
• HID <= 6985

`

Python input (loadApp) :
python -m ledgerblue.loadApp --curve secp256k1 --tlv --targetId 0x31100003 --delete --fileName C:/Users/Jwilly/app.hex --appName "Peercoin" --appVersion 1.2.5 --icon 0100000000ffffff00ffffffffffffffff0fff0ffc0ff88ff80ff11ff21ffa7ffeffffffffffffffff -- appFlags 0x50 --dep Bitcoin --signature 304502205ddf68949eb3856193be284bbd080d5f63582f009ab437ee5f65c8af96dfd588022100abba7ea6f6fcc466b1ef1a752238c3394f638f6e78f7503af26abd9cea075e1c --apdu

APDU output:

`

• Generated random root public key : b'0483db4236a1bffdf5ef44830d1544ccebf3a748fe710296fe06ffbd8b90ae32bc71e75321e70baa48cced30e271a54503229202606796516f84ffb62c633f3c08'
• HID => e00400000431100003
• HID <= 9000
• HID => e050000008bafa99324dcb1313
• HID <= 00000002d97042a62fddffab9000
• Using test master key b'0483db4236a1bffdf5ef44830d1544ccebf3a748fe710296fe06ffbd8b90ae32bc71e75321e70baa48cced30e271a54503229202606796516f84ffb62c633f3c08'
• HID => e05100008a410483db4236a1bffdf5ef44830d1544ccebf3a748fe710296fe06ffbd8b90ae32bc71e75321e70baa48cced30e271a54503229202606796516f84ffb62c633f3c0847304502201e9143e74cf8fa631645d43ca3be9105fc1a44be7234f8151aeb81e48690a14c022100a23c1ecc4c02143d45378853a33d7c45fdf129de6a74268149f83a440e790da0
• HID <= 9000
• Using ephemeral key b'042ea99971a30e8de4204fd9d6a128f3f4a905621b3bf9902adef62a4fba461e33ec08936ace03974767876b612861f4192ad52de515dcd4a5d6ae2b8cc67cfe5b'
• HID => e05180008a41042ea99971a30e8de4204fd9d6a128f3f4a905621b3bf9902adef62a4fba461e33ec08936ace03974767876b612861f4192ad52de515dcd4a5d6ae2b8cc67cfe5b473045022100f0de41619f2cda6ece6b755f6c73eff1b7b42a1a09e4711ccbb229dca7ee8c5702200c295ca6623d14c47007c21baca273ab3f01d5fab4b8f7f7ebdf7ebce2ba1131
• HID <= 9000
• HID => e052000000
• HID <= 0790fe4021bc49554104a9aa4435d956f97024060b1e8e0f95c1e6a6a4576e059ff898d252a6a7bb7b2ddabfe6a1fce6279b9f75e1a04548e55efae02b755cbefbbfa31a04e7136698894630440220642cc236bf2a1358801f76410416a7fa7ec17a90ab428fd07682d06b8b3f5cd602202db833d93cbdf189a07eb94070093f2dcb58ebfbaabef867e3cea60b6e2cd9179000
• Broken certificate chain - loading from user key
• HID => e052800000
• HID <= 00410494377dfc95d61c1da1d0ac60e41bd8721d5beebf10239a3e683f89b9528f7b6531dcdce559744efe9024efe7f46f537410b04dc9782d4a07bb939a0daf2c43cf473045022100c1870039eb905cb8a09c92d3417b90656704f1c7cd5809bfb0ee02e9083bb1cc02207060090a14587fd81bb7486c41978eb0d3e0e495bf70d7d7b563bd386f9525579000
• HID => e053000000
• HID <= 9000
• HID => e00000001e8cce5016962a0012f1e47df44a82baa9fb2b9005286d5f7d6c0c32146374
• HID <= 9000
• HID => e00000002e91712a230bc743d883fe1cdfca9c9588b1f9d22aeb3f4713d9bd4411be264a4152d726017bbafd34c0edceaf6fa9
• HID <= 9000
• HID => e00000001e588dc05c8e474d46c2cd3501900b84e1c6deba49b41ee73f8f2340dbd867
• HID <= 9000
• HID => e0000000eef08c7a1e285683832335893c4586dd5a79dd8492b5f1bcf7370f00eded33659a6cbb4abf44ecff8eaa562011a2ad4b42a92e99330bef046fc177ef63522ae9a537259643eb922196010e7194c51f4eab72f27ae610a31b576b0ba6bc4cee3413fd728fddc225de99a26b454b9d8d45fe54a58cc1b12db1c0422bd7c48a47ab269c956ad59cab73c2c2141b23294f20e2fce1a8f457241ebc09ad03368d76d258e9f31d4d1a270bfb4fb75b6babce83f0291c3bcc3efa42687f5482ac37c42cb1bc6216c2efea1b3b35cb4df7ef3d58e8c9a73f909e6cb8a687777e166e9c4e9fd16a4340ccb95b4c14a9ceef6221
• HID <= 9000
• HID => e0000000eebad49cd995dd9ddeccfbfec8f76cde02f1686a30e5d93ce37cce2b5831b33ee0e7cd7d3038443da9d1adc998e1cbcf3f08efe5767ef64778cd895941f2e382e0d605def06bbdc1215c29f38acf037b3dbb21e311271955aa66311faa4ad4e2c3eb3098f7b0089cf27af4590f00de0d1e1c5ab1349834d72af5f7994c8a4975dbf61f38bbd164b0c795da0a9cea29cb4a64a27ab9c332c9a7e28979185239b95b3f162851a2b17c755ab4fb362e5b2e529f2cd65a24f906acd8c07df802c12086c3a1f92f5347a35eb25843fdf224ef228b3bcf1d64d0ab167548137bfd6853f4c80cb14dcf5a0aeb28bf9f73dd4e
• HID <= 9000
• HID => e0000000ee542e0be61e33ad85e8a810cdbbe3e5c1a17eced7baf7aaa4ce19b25acfaaa55aab473049fbf3414a36547c421c772686563ec48f517203f60506cc29490fd828859e2f8ff2485637e1272e473f7be82bea967684bf6eac2370256b11e9d3e967259dbb18b85513bddd6c513442f91af5b5f86b048d99df1ca509c18ec247b26df2224deae9735eeaf88aa1300384f6ba275232ff848ce82f1dcc71cfcb69257d1cfb9eb631ac239d70b98fb8c4d6012acaa5a78dee359f0e284a06eb4ec3953056bf87e975c3b73e296d1b7d0ad509ee15c51c3be463a62f4defc268cbab609f82f7b6d8463860db8e13388c5c13
• HID <= 9000
• HID => e0000000ee9cec66ec21488b7e31df29c77313d05d9a1ef8fb116652ea1aa019437ff027298e551f8e3e5a5b4d23b3703ab366a2cbdfc40abbd1796060509a66282fd33859531571ecb81a4aad9605f92c3da42913759ed431e1c90308942239c9ed76ad2958bbd8dd76813674ed77def4701e1f143e21c0157166e86857c27ab161d37aaa48acce750007505841a31e41747288a6fc5d17855c332a56db012cee13187b4adc12fb2c71e73db1ec6fc608ec46242b97d99082d9e29b15134d3bb1936a290617b0d4eefe51c0a7e438c6c7857bb5651f85a4b4475e9ebc87d1b7575a973f8908598f2c5cc0350fbaffe9728e6c
• HID <= 9000
• HID => e00000001efb9cf9535415a63865904236cbeb0f8f6ba24d8d4138dc4aaaca38adefa5
• HID <= 9000
• HID => e00000001ef938dcf78bb90c95dcda7de4caa78a065fac5892c07326af7f8a59e3de4b
• HID <= 9000
• HID => e00000001e96940e571345330c07d1cede460e9f03359016557b0c4669b03ac588b5d9
• HID <= 9000
• HID => e00000005e285490f3441aa6ad884e43a82bcc725266631663ed6aae6ba9c805ec457d43a9b4a8fff741d0dad5038d91e5d60dfba20dc833bb96709689c03e1eb81992e04cb933368c3b31064e75e662954e48c752c6a73620cec28fd3583bc5efa58e
• HID <= 9000
• HID => e00000001e7ebe9e00b0089759593ec361960f8c34bc1b851ecee5528fc320c409b3a3
• HID <= 9000
• HID => e00000001e332ec734ddf884358e407a9e5c60f5f88e7b08381f4f609c3807c621fe98
• HID <= 9000
• Application full hash : b1de33eda58c02642b8e2fe8cf035e3955d975c562efd6718ee8cfd97e845fcc
• HID => e00000005e1cadd53d0062d56a96fa2db4f23b33e169c8bf6857562ba12529186ced6eaa0ba7d6efbc08019de8680fd1945b33524387e3a332e9ca501ff4ea6ba3b4269662fdf1d3bba0c0ec5da25ec0500eb6c07935e8dd3d1aee7abecf531fd9fe0a
• HID <= 6985

`

Trying to do integrity check of Ledger nano s plus using guide https://support.ledger.com/hc/en-us/articles/4404382029329-Check-hardware-integrity?support=true, since using ledger live app doesn't do check before you put private keys in the device

Command failes

$ python3 -m ledgerblue.checkGenuineRemote --targetId 0x33000004
Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "/usr/local/lib/python3.11/site-packages/ledgerblue/checkGenuineRemote.py", line 79, in <module>
    result = json.loads(ws.recv())
                        ^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 388, in recv
    opcode, data = self.recv_data()
                   ^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 416, in recv_data
    opcode, frame = self.recv_data_frame(control_frame)
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 437, in recv_data_frame
    frame = self.recv_frame()
            ^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 478, in recv_frame
    return self.frame_buffer.recv_frame()
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/websocket/_abnf.py", line 363, in recv_frame
    self.recv_header()
  File "/usr/local/lib/python3.11/site-packages/websocket/_abnf.py", line 319, in recv_header
    header = self.recv_strict(2)
             ^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/websocket/_abnf.py", line 398, in recv_strict
    bytes_ = self.recv(min(16384, shortage))
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 563, in _recv
    return recv(self.sock, bufsize)
           ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/websocket/_socket.py", line 129, in recv
    raise WebSocketConnectionClosedException("Connection to remote host was lost.")
websocket._exceptions.WebSocketConnectionClosedException: Connection to remote host was lost.

Hi!

We are developing an app for ledger and we have troubles with the name. This app has a two words name separated by a whitespace. Ledger devices have no problems with whitespaces in its appName but ledgerblue has. Quoting the variable doesn't help at all, this is the output of print(sys.argv) when introducing that quoted variable:

['/home/carlo/.local/lib/python3.10/site-packages/ledgerblue/loadApp.py', ..., '--appName', '"xx', 'network"', ...]

As you can see, the first quote goes with the first part of the name and the second with the second one. Same happens with single quotes.
I am running Linux.

The idea that I came up with is to make --appName repeteable and to join all the parts after parsing the arguments, using action="append" in argparse, but I kinda tricky.
Any ideas?

Thanks for your help!

I want to load app to nano x , i get the following errors:

python -m ledgerblue.loadApp --appFlags 0x00 --delete --tlv --targetId 0x33000004 --fileName bin/app.hex --appName "Test" --appVersion 0.0.1 --icon 0100000000ffffff00ffffffffffffffffffff73ce3186218463ccc7f887f08ff1cff9ffffffffffff

Traceback (most recent call last):
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"main", fname, loader, pkg_name)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/Users/shangzuo/work/document/ledger/ledger/lib/python2.7/site-packages/ledgerblue/loadApp.py", line 176, in
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId)
File "/Users/shangzuo/work/document/ledger/ledger/lib/python2.7/site-packages/ledgerblue/deployed.py", line 115, in getDeployedSecretV2
dongle.exchange(apdu)
File "/Users/shangzuo/work/document/ledger/ledger/lib/python2.7/site-packages/ledgerblue/comm.py", line 141, in exchange
raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 69d5 (Unknown reason)

the error is the same as the pro issue:
#58

Hi There,

I tried to use this app with the following dependencies:

brew install libtool
brew install libusb
brew install libusb-compat

But it's not able to connect to Ledger Nano X "OSError: open failed". Are there any other dependencies that are needed to use this library?

Hi, I tried to install the package through pip but I got the error about extra_require.

Here is my command.

pip install setuptools==67.0.0 && pip install --no-cache-dir .

Here is the error.

error in ledgerblue setup command: 'extras_require' must be a dictionary whose values are strings or lists of strings containing valid project/version requirement specifiers.

I think it's because the setuptools package (version >=67.0.0) is not allowed package specifications that don't comply with PEP440 and 1.6.12-4build1 for python-pyscard in setup.py doesn't comply with PEP440.

setup.py

    extras_require = {
	'smartcard': [ 'python-pyscard>=1.6.12-4build1' ]
    },

also, I can't find this package and this version in PyPI. I guess it's this one (https://pypi.org/project/pyscard/).
Is it possible to update it to the correct package and version?

please let me know if you want me to open PR or have any other solution without downgrading setuptools version.

Hi,
I am using WSL (Windows SubSystem for Linux), and it always complains "no dongle found", please could you advice how to fix this?

python3 -m ledgerblue.loadApp --targetId 0x31100003 --fileName bin\app.hex --icon 0100000000ffffff0000000000fc000c0f3814c822103f101120092005400340018001800000000000 --curve secp256k1 --path "44'/195'" --apdu --appName "Tron" --appVersion "VERSION_NUMBER" --appFlags 0x40 --delete --dataSize 145311 --tlv 

Traceback (most recent call last):
  File "/usr/lib/python3.8/runpy.py", line 194, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/usr/lib/python3.8/runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "/usr/local/lib/python3.8/dist-packages/ledgerblue/loadApp.py", line 199, in <module>
    dongle = getDongle(args.apdu)
  File "/usr/local/lib/python3.8/dist-packages/ledgerblue/comm.py", line 240, in getDongle
    raise CommException("No dongle found")
ledgerblue.commException.CommException: Exception : No dongle found

secp256r1 and prime256r1 are two different curves and prime256r1 cannot be just renamed into secp256r1. Nevertheless, the curve prime256r1 has been removed and thus it is no longer possible to use ledgerblue with the PSD.

Readme specifies to use python 2.7 however it wont install ledgerblue
I used python 3.5 to install but having issues when installing the icon on the blue-app-btc

which python should be used?

Will this be available for pthon3? In Fedora 35 Silverblue I don't find python2-setuptools which are needed for pkg_resources.

I'm attempting to verify my new Ledger Nano S per https://ledger.zendesk.com/hc/en-us/articles/115005321449-How-to-verify-the-security-integrity-of-my-Nano-S- on Mac OS X 10.13.2 and after getting past the pycrypto issue in #22 I am still unable to verify it. Here's the output:

$ python -m ledgerblue.checkGenuine --targetId 0x31100002                 1 ↵
Traceback (most recent call last):
  File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/Users/cardoe/work/blue-loader-python/ledgerblue/checkGenuine.py", line 127, in <module>
    dongle = getDongle(args.apdu)
  File "/Users/cardoe/work/blue-loader-python/ledgerblue/comm.py", line 212, in getDongle
    raise CommException("No dongle found")
ledgerblue.commException.CommException: Exception : No dongle found

Hello, I'm trying to check a Nano S on firmware 2.0.0 by running

python3 -m ledgerblue.checkGenuine --targetId 0x31100003

The docs indicate that 0x31100003 is correct for my firmware: https://support.ledger.com/hc/en-us/articles/4404382029329-Check-hardware-integrity?support=true.

I'm getting the following error

Traceback (most recent call last):
  File "/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/runpy.py", line 193, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/runpy.py", line 86, in _run_code
    exec(code, run_globals)
  File "/Users/moshe/Library/Python/3.8/lib/python/site-packages/ledgerblue/checkGenuine.py", line 137, in <module>
    secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
  File "/Users/moshe/Library/Python/3.8/lib/python/site-packages/ledgerblue/checkGenuine.py", line 44, in getDeployedSecretV2
    dongle.exchange(apdu)
  File "/Users/moshe/Library/Python/3.8/lib/python/site-packages/ledgerblue/comm.py", line 145, in exchange
    raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6814 (Unknown reason)

When I try checkGenuineRemote it works.

python3 -m ledgerblue.checkGenuineRemote --targetId 0x31100003

However, the docs indicate the checkGenuineRemote is the right script for a Nano X, not a Nano S. What's even more confusing is when I run the command listed for the Nano X (which has a different targetId) on my Nano S, it also tells me the device is genuine:

python3 -m ledgerblue.checkGenuineRemote --targetId 0x33000004

What's the right command to use for a Nano S running firmware 2.0.0?

followed the instructions on ubuntu 20.04...

Traceback (most recent call last):
  File "/usr/lib/python3.8/runpy.py", line 193, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/usr/lib/python3.8/runpy.py", line 86, in _run_code
    exec(code, run_globals)
  File "/home/developer/Tools/ledger/blue-loader-python/ledgerblue/loadApp.py", line 296, in <module>
    loader.createAppNoInstallParams(args.appFlags, appLength, args.appName, args.icon, path, None, None, string_to_bytes(args.appVersion))
  File "/home/developer/Tools/ledger/blue-loader-python/ledgerblue/hexLoader.py", line 45, in string_to_bytes
    return bytes(x, 'ascii')
TypeError: encoding without a string argument

pip show ledgerblue
Name: ledgerblue
Version: 0.1.32
Summary: Python library to communicate with Ledger Blue/Nano S
Home-page: https://github.com/LedgerHQ/blue-loader-python
Author: Ledger
Author-email: [email protected]
License: UNKNOWN
Location: /home/developer/Tools/ledger/blue-loader-python/ledger/lib/python3.8/site-packages
Requires: hidapi, ecpy, python-u2flib-host, protobuf, pycryptodomex, pillow, future, websocket-client
Required-by: 

here's my setup;

python --version
Python 3.8.2

python -m ledgerblue.loadApp --targetId 0x31100004 --apdu --fileName app.hex --appName Hello --appFlags 0x00 --icon ""

What does Invalid status 6d00 mean? Is there something wrong with my nano?

Info

• Python 3.6.4
• Ledger nano s

Output

| => python3 -m ledgerblue.checkGenuine --targetId 0x31100002

Traceback (most recent call last):
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ledgerblue/checkGenuine.py", line 129, in <module>
    secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ledgerblue/checkGenuine.py", line 40, in getDeployedSecretV2
    dongle.exchange(apdu)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ledgerblue/comm.py", line 130, in exchange
    raise CommException("Invalid status %04x" % sw, sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6d00

Hello

Trying to run this command:

 python3 -m ledgerblue.loadApp \
        --targetId 0x31100004  \
        --fileName bin/"app".hex \
        --appFlags 0x00 \
        --appName "RSK Sign" \
        --appVersion 4 \
        --icon `cat icon.hex` \
        --apiLevel 1 \
        --path ""

Getting

Generated random root public key : b'044bee7960dc1a4597d4510a4179214650f1f8f1c8fd3de859cc98939524bc239dc5f16d3f81a8862652ad5a5e32333cf2b00be650066957a04356f96d76fec42b'
Using test master key b'044bee7960dc1a4597d4510a4179214650f1f8f1c8fd3de859cc98939524bc239dc5f16d3f81a8862652ad5a5e32333cf2b00be650066957a04356f96d76fec42b' 
Using ephemeral key b'0434a0ad668c6553f5c1dc0915c347e1494ca6f6b29fdc7eae04f8bfff79027b47d63e655781db6d3edb165d0058b33bf7e6f4193ad644b4673525e1ff8b4ae663'
Broken certificate chain - loading from user key
Traceback (most recent call last):
  File "/Users/bitch/.pyenv/versions/3.7.16/lib/python3.7/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/Users/bitch/.pyenv/versions/3.7.16/lib/python3.7/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/Users/bitch/PycharmProjects/rsk-powhsm/ledger/test/venv/lib/python3.7/site-packages/ledgerblue/loadApp.py", line 268, in <module>
    loader.createAppNoInstallParams(args.appFlags, appLength, args.appName, args.icon, path, None, None, string_to_bytes(args.appVersion))
  File "/Users/bitch/PycharmProjects/rsk-powhsm/ledger/test/venv/lib/python3.7/site-packages/ledgerblue/hexLoader.py", line 364, in createAppNoInstallParams
    self.exchange(self.cla, 0x00, 0x00, 0x00, data)
  File "/Users/bitch/PycharmProjects/rsk-powhsm/ledger/test/venv/lib/python3.7/site-packages/ledgerblue/hexLoader.py", line 207, in exchange
    return self.scpUnwrap(bytes(self.card.exchange(apdu)))
  File "/Users/bitch/PycharmProjects/rsk-powhsm/ledger/test/venv/lib/python3.7/site-packages/ledgerblue/comm.py", line 157, in exchange
    raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6512 (Unknown reason)

ledgerblue version ledgerblue==0.1.48
Device

Product is genuine
SE Version 2.1.0
MCU Version 1.1
MCU Hash 04302e3131

Does anyone know what that could potentially be? It goes through the secret negotiation and then drops in createAppNoInstallParams. Is is some sort of incompatibility or am I passing bad args?

Running on Mac OS

Thank you in advance!

So for reasons I haven't figured out yet, I am unable to install pycrypto 2.6.1 (which ledgerblue depends on) on Mac OS X 10.13.2 due to being unable to find gmp.h despite it being installed with Homebrew. Its likely because Homebrew changed up paths (I think I recall pkg-config changing behaviors a while back). But in trying to find the issue I went to pycrypto's GitHub and stumbled across pycrypto/pycrypto#238 which seems to imply that pycryptodome is the continuation of pycrypto which is very clearly dead. I mention this issue for you to consider switching since I was at least able to install it.

Hi,

I've tried to use the python command to check if my Ledger is legit (ordered from Ledger directly).

I get this:

Traceback (most recent call last):
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
    exec code in run_globals
  File "/Library/Python/2.7/site-packages/ledgerblue/checkGenuine.py", line 131, in <module>
    secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
  File "/Library/Python/2.7/site-packages/ledgerblue/checkGenuine.py", line 40, in getDeployedSecretV2
    dongle.exchange(apdu)
  File "/Library/Python/2.7/site-packages/ledgerblue/comm.py", line 130, in exchange
    raise CommException("Invalid status %04x" % sw, sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6484

Is it a concern ?

With the recent release of the long awaited Nano X SDK: https://github.com/LedgerHQ/nanox-secure-sdk

It seems it's still impossible to load apps on the Nano X, still getting the same error:

Invalid status 69d5 (Unknown reason)

Would be great to add support for the Nano X.

Thanks!

Hi, after installing and running the software in a virtualenv because of issues with hidapi (I just tried without first, but oh well), I still have problems!

I'll try a sixth restart and installing with a third separate virtualenv - my guess is that i still have something wrong on my side. Here's the stacktrace I get after running python -m ledgerblue.checkGenuine --targetId 0x31100003 on the following hardware:
Ubuntu 18.04 with latest updates
ZSH terminal
Latest python 3
(sorry for the bad software, I'm not in the mood to spendd more time on that kind of stuff, since my basic installations are probably fine)

Traceback (most recent call last): File "/usr/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/usr/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/mathias/ledger/lib/python3.6/site-packages/ledgerblue/checkGenuine.py", line 137, in <module> dongle = getDongle(args.apdu) File "/home/mathias/ledger/lib/python3.6/site-packages/ledgerblue/comm.py", line 226, in getDongle raise CommException("No dongle found") ledgerblue.commException.CommException: Exception : No dongle found

Hi there. I have the ledger nano s and I'm trying to verify the Secure Element by following the steps given on Ledgers web site.

I made sure to install dependencies first with
sudo apt install libudev-dev libusb-1.0-0-dev virtualenv
Then per their instruction installed ledgerblue package with
sudo pip install --no-cache-dir ledgerblue

Now when I run
python2 -m ledgerblue.checkGenuine --targetId 0x31100002

I get the following error
Traceback (most recent call last): File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main "__main__", fname, loader, pkg_name) File "/usr/lib/python2.7/runpy.py", line 72, in _run_code exec code in run_globals File "/usr/local/lib/python2.7/dist-packages/ledgerblue/checkGenuine.py", line 127, in <module> dongle = getDongle(args.apdu) File "/usr/local/lib/python2.7/dist-packages/ledgerblue/comm.py", line 188, in getDongle dev.open_path(hidDevicePath) File "hid.pyx", line 72, in hid.device.open_path IOError: open failed
Note I'm using Ubuntu 16.04.2 LTS. Hopefully this is just some simple fix, like maybe I'm not using the correct version of everything.

Hi!

The installation instructions are not clear.

They appear not be in the order they should be executed. Example: the requirements should come first.

And it is not clear whether the installation of secp256k1 and the USB tricks on Linux should be executed on the virtualenv or outside of it.

Also, how to add these rules if rules.d is a folder?

I'm on MacOS. I got my virtualenv set up, python-loader installed, and the Ledger connected (I did have to use a new USB cable) in bootloader mode. When running the specified command, nothing happens for about 60 seconds, then the command fails and the Ledger Blue shuts off. Here is the log.

(ledger-blue) Chriss-MBP:bluer1 chrisrico$ python -m ledgerblue.runScript --fileName stm32l476_seproxyhal.patch_apdu 
Traceback (most recent call last):
  File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
    exec code in run_globals
  File "/Users/chrisrico/.virtualenvs/ledger-blue/lib/python2.7/site-packages/ledgerblue/runScript.py", line 39, in <module>
    dongle.exchange(bytearray(data))    
  File "/Users/chrisrico/.virtualenvs/ledger-blue/lib/python2.7/site-packages/ledgerblue/comm.py", line 82, in exchange
    result = self.waitImpl.waitFirstResponse(timeout)
  File "/Users/chrisrico/.virtualenvs/ledger-blue/lib/python2.7/site-packages/ledgerblue/comm.py", line 126, in waitFirstResponse
    data = self.device.read(65)
  File "hid.pyx", line 122, in hid.device.read (hid.c:2546)
IOError: read error

Hi, I have recently gotten a Nano X for the purpose of testing my apps on the Nano X, however, when I try to sideload an app which I coded, I keep getting a "Invalid status 69d5 (Unknown reason)". Has the ledgerblue module been updated to support the Nano X yet?

I plug my Ledger Blue device and checkGenuine` with the following command:

$ python -m ledgerblue.checkGenuine --targetId 0x31010004

It returns the following error:

Traceback (most recent call last):
  File "/usr/lib/python2.7/runpy.py", line 162, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
    exec code in run_globals
  File "/usr/local/lib/python2.7/dist-packages/ledgerblue/checkGenuine.py", line 140, in <module>
    secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
  File "/usr/local/lib/python2.7/dist-packages/ledgerblue/checkGenuine.py", line 110, in getDeployedSecretV2
    return ret
UnboundLocalError: local variable 'ret' referenced before assignment

That's due to an indentation error introduced in e834117#diff-a38efbe7c6ced1dae1d585bace6a8da0R110

I'll be fixing this with a PR soon.

What does that mean? Is my ledger compromised?

We have observed a lot of flakiness with connecting to the Ledger on Mac OS, specifically in this code from the ledgereth library which bottoms out here in ledgerblue.

We found that when the Ethereum app is opened on the Ledger device, another HID entry shows up on the Mac. It is identical to the original HID entry except that usage_page is 61904 instead of 65440. The order of hid.enumerate() is not deterministic, so sometimes you get the original, good device, and sometimes you get the second, bad device. Hence the flakiness.

I'm not knowledgeable about the HID spec but I was wondering if changing the or condition in this line to an and condition would be appropriate. It would fix our problem at least because it would enforce that the device has a usage page of 65440, which would exclude the second, bad device.

I think it would be a good idea to mention in the installation instructions that this libudev-dev is systemd-devel now on modern systems. I am using Fedora and it took me some time to figure out why the linker was always complaining about missing -ludev.

When doing
$python -m ledgerblue.checkGenuine --targetId 0x31100003

Got the error:

Traceback (most recent call last):
File "/anaconda3/lib/python3.6/runpy.py", line 183, in _run_module_as_main
mod_name, mod_spec, code = _get_module_details(mod_name, _Error)
File "/anaconda3/lib/python3.6/runpy.py", line 153, in _get_module_details
code = loader.get_code(mod_name)
File "", line 781, in get_code
File "", line 741, in source_to_code
File "", line 219, in _call_with_frames_removed
File "/anaconda3/lib/python3.6/site-packages/ledgerblue/checkGenuine.py", line 110
return ret
^
TabError: inconsistent use of tabs and spaces in indentation

After following the instructions found here (under step 2): https://ledger.groovehq.com/knowledge_base/topics/how-to-verify-the-security-integrity-of-my-nano-s

I get the following failure.

(Windows 10 - python 3.5.4 - ledger nano s - secure element 1.3.1 - mcu 1.0)

PS C:\Users\Jesse\Documents\GitHub> python -m ledgerblue.checkGenuine --targetId 0x31100002
Traceback (most recent call last):
File "C:\Anaconda3\lib\runpy.py", line 193, in _run_module_as_main
"main", mod_spec)
File "C:\Anaconda3\lib\runpy.py", line 85, in _run_code
exec(code, run_globals)
File "C:\Anaconda3\lib\site-packages\ledgerblue\checkGenuine.py", line 135, in
data = loader.encryptAES(data)
File "C:\Anaconda3\lib\site-packages\ledgerblue\hexLoader.py", line 95, in encryptAES
encryptedData = cipher.encrypt(str(paddedData))
File "C:\Anaconda3\lib\site-packages\Crypto\Cipher\blockalgo.py", line 244, in encrypt
return self._cipher.encrypt(plaintext)
ValueError: Input strings must be a multiple of 16 in length

So i have generated a new key pair with genCAPair and load it with setupCustomCA. All good. I generate a signature for the app with
loadApp --offline --signApp --signPrivateKey with the private key returned from genCAPair.

After this i try to load the app with loadApp. It works and loads if i do not specify anything for the --signature flag. It loads and gives the expected not genuine warning. However if i attempt to provide the app signature with the --signature flag, the load fails and returns an error of "Invalid Status 6986".

However, if i sign and load the app in one step with
loadApp --signApp --signPrivateKey
it will sign it and load it and no error is returned and the not genuine warning is no longer present.

So to summarise, I can get the desired behaviour of loading a signed application on a custom CA by specifying
loadApp --signApp --signPrivateKey
but i get an invalid status error 6986 if i attempt to load a signature generated in a seperate step with
loadApp --offline --signApp --signPrivateKey <private_key>
loadApp --signature <app_signature>