ledgerhq / blue-loader-python Goto Github PK
View Code? Open in Web Editor NEWPython Loader for all Ledger devices
License: Apache License 2.0
Python Loader for all Ledger devices
License: Apache License 2.0
Hi,
I've tried to use the python command to check if my Ledger is legit (ordered from Ledger directly).
I get this:
Traceback (most recent call last):
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/Library/Python/2.7/site-packages/ledgerblue/checkGenuine.py", line 131, in <module>
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
File "/Library/Python/2.7/site-packages/ledgerblue/checkGenuine.py", line 40, in getDeployedSecretV2
dongle.exchange(apdu)
File "/Library/Python/2.7/site-packages/ledgerblue/comm.py", line 130, in exchange
raise CommException("Invalid status %04x" % sw, sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6484
Is it a concern ?
Hi!
The installation instructions are not clear.
They appear not be in the order they should be executed. Example: the requirements should come first.
And it is not clear whether the installation of secp256k1 and the USB tricks on Linux should be executed on the virtualenv or outside of it.
Also, how to add these rules if rules.d
is a folder?
Hi!
We are developing an app for ledger and we have troubles with the name. This app has a two words name separated by a whitespace. Ledger devices have no problems with whitespaces in its appName
but ledgerblue
has. Quoting the variable doesn't help at all, this is the output of print(sys.argv)
when introducing that quoted variable:
['/home/carlo/.local/lib/python3.10/site-packages/ledgerblue/loadApp.py', ..., '--appName', '"xx', 'network"', ...]
As you can see, the first quote goes with the first part of the name and the second with the second one. Same happens with single quotes.
I am running Linux.
The idea that I came up with is to make --appName
repeteable and to join all the parts after parsing the arguments, using action="append"
in argparse
, but I kinda tricky.
Any ideas?
Thanks for your help!
can u please help me understand what --icon
format I should provide
Hi,
I am trying to load the app boilerplate on a Nano X.
The development environment was setup using the setup-env
script from https://developers.ledger.com/docs/nano-app/quickstart.
When I load the app using make load
, it fails with the following backtrace:
Traceback (most recent call last):
File "/usr/lib/python3.8/runpy.py", line 194, in _run_module_as_main
return _run_code(code, main_globals, None,
File "/usr/lib/python3.8/runpy.py", line 87, in _run_code
exec(code, run_globals)
File "/home/user/.local/lib/python3.8/site-packages/ledgerblue/loadApp.py", line 204, in <module>
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId)
File "/home/user/.local/lib/python3.8/site-packages/ledgerblue/deployed.py", line 115, in getDeployedSecretV2
dongle.exchange(apdu)
File "/home/user/.local/lib/python3.8/site-packages/ledgerblue/comm.py", line 145, in exchange
raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 69d5 (Unknown reason)
I want to load app to nano x , i get the following errors:
python -m ledgerblue.loadApp --appFlags 0x00 --delete --tlv --targetId 0x33000004 --fileName bin/app.hex --appName "Test" --appVersion 0.0.1 --icon 0100000000ffffff00ffffffffffffffffffff73ce3186218463ccc7f887f08ff1cff9ffffffffffff
Traceback (most recent call last):
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"main", fname, loader, pkg_name)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/Users/shangzuo/work/document/ledger/ledger/lib/python2.7/site-packages/ledgerblue/loadApp.py", line 176, in
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId)
File "/Users/shangzuo/work/document/ledger/ledger/lib/python2.7/site-packages/ledgerblue/deployed.py", line 115, in getDeployedSecretV2
dongle.exchange(apdu)
File "/Users/shangzuo/work/document/ledger/ledger/lib/python2.7/site-packages/ledgerblue/comm.py", line 141, in exchange
raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 69d5 (Unknown reason)
the error is the same as the pro issue:
#58
Command:
$ python -m ledgerblue.runApp --targetId 0x31100002 --appName Bitcoin
Trace:
Traceback (most recent call last):
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 174, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/usr/local/lib/python2.7/site-packages/ledgerblue/runApp.py", line 61, in <module>
loader.runApp(args.appName)
File "/usr/local/lib/python2.7/site-packages/ledgerblue/hexLoader.py", line 242, in runApp
self.exchange(self.cla, 0x00, 0x00, 0x00, data)
File "/usr/local/lib/python2.7/site-packages/ledgerblue/hexLoader.py", line 86, in exchange
return self.card.exchange(apdu)
File "/usr/local/lib/python2.7/site-packages/ledgerblue/comm.py", line 130, in exchange
raise CommException("Invalid status %04x" % sw, sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6d00
results appear to be the same regardless of the argument passed to --appName (or whether or not the argument is enclosed in quotes).
So for reasons I haven't figured out yet, I am unable to install pycrypto 2.6.1 (which ledgerblue depends on) on Mac OS X 10.13.2 due to being unable to find gmp.h despite it being installed with Homebrew. Its likely because Homebrew changed up paths (I think I recall pkg-config changing behaviors a while back). But in trying to find the issue I went to pycrypto's GitHub and stumbled across pycrypto/pycrypto#238 which seems to imply that pycryptodome is the continuation of pycrypto which is very clearly dead. I mention this issue for you to consider switching since I was at least able to install it.
Hello, I'm trying to check a Nano S on firmware 2.0.0 by running
python3 -m ledgerblue.checkGenuine --targetId 0x31100003
The docs indicate that 0x31100003
is correct for my firmware: https://support.ledger.com/hc/en-us/articles/4404382029329-Check-hardware-integrity?support=true.
I'm getting the following error
Traceback (most recent call last):
File "/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/runpy.py", line 193, in _run_module_as_main
return _run_code(code, main_globals, None,
File "/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/runpy.py", line 86, in _run_code
exec(code, run_globals)
File "/Users/moshe/Library/Python/3.8/lib/python/site-packages/ledgerblue/checkGenuine.py", line 137, in <module>
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
File "/Users/moshe/Library/Python/3.8/lib/python/site-packages/ledgerblue/checkGenuine.py", line 44, in getDeployedSecretV2
dongle.exchange(apdu)
File "/Users/moshe/Library/Python/3.8/lib/python/site-packages/ledgerblue/comm.py", line 145, in exchange
raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6814 (Unknown reason)
When I try checkGenuineRemote
it works.
python3 -m ledgerblue.checkGenuineRemote --targetId 0x31100003
However, the docs indicate the checkGenuineRemote
is the right script for a Nano X, not a Nano S. What's even more confusing is when I run the command listed for the Nano X (which has a different targetId) on my Nano S, it also tells me the device is genuine:
python3 -m ledgerblue.checkGenuineRemote --targetId 0x33000004
What's the right command to use for a Nano S running firmware 2.0.0?
Hi There,
I tried to use this app with the following dependencies:
brew install libtool
brew install libusb
brew install libusb-compat
But it's not able to connect to Ledger Nano X "OSError: open failed". Are there any other dependencies that are needed to use this library?
Hi, after installing and running the software in a virtualenv because of issues with hidapi (I just tried without first, but oh well), I still have problems!
I'll try a sixth restart and installing with a third separate virtualenv - my guess is that i still have something wrong on my side. Here's the stacktrace I get after running python -m ledgerblue.checkGenuine --targetId 0x31100003
on the following hardware:
Ubuntu 18.04 with latest updates
ZSH terminal
Latest python 3
(sorry for the bad software, I'm not in the mood to spendd more time on that kind of stuff, since my basic installations are probably fine)
Traceback (most recent call last): File "/usr/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/usr/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/mathias/ledger/lib/python3.6/site-packages/ledgerblue/checkGenuine.py", line 137, in <module> dongle = getDongle(args.apdu) File "/home/mathias/ledger/lib/python3.6/site-packages/ledgerblue/comm.py", line 226, in getDongle raise CommException("No dongle found") ledgerblue.commException.CommException: Exception : No dongle found
With the recent release of the long awaited Nano X SDK: https://github.com/LedgerHQ/nanox-secure-sdk
It seems it's still impossible to load apps on the Nano X, still getting the same error:
Invalid status 69d5 (Unknown reason)
Would be great to add support for the Nano X.
Thanks!
When doing
$python -m ledgerblue.checkGenuine --targetId 0x31100003
Got the error:
Traceback (most recent call last):
File "/anaconda3/lib/python3.6/runpy.py", line 183, in _run_module_as_main
mod_name, mod_spec, code = _get_module_details(mod_name, _Error)
File "/anaconda3/lib/python3.6/runpy.py", line 153, in _get_module_details
code = loader.get_code(mod_name)
File "", line 781, in get_code
File "", line 741, in source_to_code
File "", line 219, in _call_with_frames_removed
File "/anaconda3/lib/python3.6/site-packages/ledgerblue/checkGenuine.py", line 110
return ret
^
TabError: inconsistent use of tabs and spaces in indentation
Readme specifies to use python 2.7 however it wont install ledgerblue
I used python 3.5 to install but having issues when installing the icon on the blue-app-btc
which python should be used?
when trying to do checkGenuine, I receive this:
$ python -m ledgerblue.checkGenuine --targetId 0x31100002
Traceback (most recent call last):
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/Users/geoff/src/ledger/ledger/lib/python2.7/site-packages/ledgerblue/checkGenuine.py", line 129, in <module>
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
File "/Users/geoff/src/ledger/ledger/lib/python2.7/site-packages/ledgerblue/checkGenuine.py", line 40, in getDeployedSecretV2
dongle.exchange(apdu)
File "/Users/geoff/src/ledger/ledger/lib/python2.7/site-packages/ledgerblue/comm.py", line 130, in exchange
raise CommException("Invalid status %04x" % sw, sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6a84
I'm on MacOS. I got my virtualenv set up, python-loader installed, and the Ledger connected (I did have to use a new USB cable) in bootloader mode. When running the specified command, nothing happens for about 60 seconds, then the command fails and the Ledger Blue shuts off. Here is the log.
(ledger-blue) Chriss-MBP:bluer1 chrisrico$ python -m ledgerblue.runScript --fileName stm32l476_seproxyhal.patch_apdu
Traceback (most recent call last):
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/Users/chrisrico/.virtualenvs/ledger-blue/lib/python2.7/site-packages/ledgerblue/runScript.py", line 39, in <module>
dongle.exchange(bytearray(data))
File "/Users/chrisrico/.virtualenvs/ledger-blue/lib/python2.7/site-packages/ledgerblue/comm.py", line 82, in exchange
result = self.waitImpl.waitFirstResponse(timeout)
File "/Users/chrisrico/.virtualenvs/ledger-blue/lib/python2.7/site-packages/ledgerblue/comm.py", line 126, in waitFirstResponse
data = self.device.read(65)
File "hid.pyx", line 122, in hid.device.read (hid.c:2546)
IOError: read error
After following the instructions found here (under step 2): https://ledger.groovehq.com/knowledge_base/topics/how-to-verify-the-security-integrity-of-my-nano-s
I get the following failure.
(Windows 10 - python 3.5.4 - ledger nano s - secure element 1.3.1 - mcu 1.0)
PS C:\Users\Jesse\Documents\GitHub> python -m ledgerblue.checkGenuine --targetId 0x31100002
Traceback (most recent call last):
File "C:\Anaconda3\lib\runpy.py", line 193, in _run_module_as_main
"main", mod_spec)
File "C:\Anaconda3\lib\runpy.py", line 85, in _run_code
exec(code, run_globals)
File "C:\Anaconda3\lib\site-packages\ledgerblue\checkGenuine.py", line 135, in
data = loader.encryptAES(data)
File "C:\Anaconda3\lib\site-packages\ledgerblue\hexLoader.py", line 95, in encryptAES
encryptedData = cipher.encrypt(str(paddedData))
File "C:\Anaconda3\lib\site-packages\Crypto\Cipher\blockalgo.py", line 244, in encrypt
return self._cipher.encrypt(plaintext)
ValueError: Input strings must be a multiple of 16 in length
Hi,
I am using WSL (Windows SubSystem for Linux), and it always complains "no dongle found", please could you advice how to fix this?
python3 -m ledgerblue.loadApp --targetId 0x31100003 --fileName bin\app.hex --icon 0100000000ffffff0000000000fc000c0f3814c822103f101120092005400340018001800000000000 --curve secp256k1 --path "44'/195'" --apdu --appName "Tron" --appVersion "VERSION_NUMBER" --appFlags 0x40 --delete --dataSize 145311 --tlv
Traceback (most recent call last):
File "/usr/lib/python3.8/runpy.py", line 194, in _run_module_as_main
return _run_code(code, main_globals, None,
File "/usr/lib/python3.8/runpy.py", line 87, in _run_code
exec(code, run_globals)
File "/usr/local/lib/python3.8/dist-packages/ledgerblue/loadApp.py", line 199, in <module>
dongle = getDongle(args.apdu)
File "/usr/local/lib/python3.8/dist-packages/ledgerblue/comm.py", line 240, in getDongle
raise CommException("No dongle found")
ledgerblue.commException.CommException: Exception : No dongle found
Python input (setupCustomCA) :
python -m ledgerblue.setupCustomCA --targetId 0x31100003 --name backpacker69 --public 04300986d41d30de87eea1c33b8783f6ddb9c26df5278818a464b3fd2ba5026df16510628fb8ada3033fc605ebf409070b408fa49423c2b1f543fa542e098947a2 --apdu
APDU output:
`
`
Python input (loadApp) :
python -m ledgerblue.loadApp --curve secp256k1 --tlv --targetId 0x31100003 --delete --fileName C:/Users/Jwilly/app.hex --appName "Peercoin" --appVersion 1.2.5 --icon 0100000000ffffff00ffffffffffffffff0fff0ffc0ff88ff80ff11ff21ffa7ffeffffffffffffffff -- appFlags 0x50 --dep Bitcoin --signature 304502205ddf68949eb3856193be284bbd080d5f63582f009ab437ee5f65c8af96dfd588022100abba7ea6f6fcc466b1ef1a752238c3394f638f6e78f7503af26abd9cea075e1c --apdu
APDU output:
`
`
Hi, I have recently gotten a Nano X for the purpose of testing my apps on the Nano X, however, when I try to sideload an app which I coded, I keep getting a "Invalid status 69d5 (Unknown reason)". Has the ledgerblue module been updated to support the Nano X yet?
So i have generated a new key pair with genCAPair
and load it with setupCustomCA
. All good. I generate a signature for the app with
loadApp --offline --signApp --signPrivateKey
with the private key returned from genCAPair
.
After this i try to load the app with loadApp
. It works and loads if i do not specify anything for the --signature
flag. It loads and gives the expected not genuine warning. However if i attempt to provide the app signature with the --signature
flag, the load fails and returns an error of "Invalid Status 6986".
However, if i sign and load the app in one step with
loadApp --signApp --signPrivateKey
it will sign it and load it and no error is returned and the not genuine warning is no longer present.
So to summarise, I can get the desired behaviour of loading a signed application on a custom CA by specifying
loadApp --signApp --signPrivateKey
but i get an invalid status error 6986 if i attempt to load a signature generated in a seperate step with
loadApp --offline --signApp --signPrivateKey <private_key>
loadApp --signature <app_signature>
Will this be available for pthon3? In Fedora 35 Silverblue I don't find python2-setuptools which are needed for pkg_resources.
followed the instructions on ubuntu 20.04...
Traceback (most recent call last):
File "/usr/lib/python3.8/runpy.py", line 193, in _run_module_as_main
return _run_code(code, main_globals, None,
File "/usr/lib/python3.8/runpy.py", line 86, in _run_code
exec(code, run_globals)
File "/home/developer/Tools/ledger/blue-loader-python/ledgerblue/loadApp.py", line 296, in <module>
loader.createAppNoInstallParams(args.appFlags, appLength, args.appName, args.icon, path, None, None, string_to_bytes(args.appVersion))
File "/home/developer/Tools/ledger/blue-loader-python/ledgerblue/hexLoader.py", line 45, in string_to_bytes
return bytes(x, 'ascii')
TypeError: encoding without a string argument
pip show ledgerblue
Name: ledgerblue
Version: 0.1.32
Summary: Python library to communicate with Ledger Blue/Nano S
Home-page: https://github.com/LedgerHQ/blue-loader-python
Author: Ledger
Author-email: [email protected]
License: UNKNOWN
Location: /home/developer/Tools/ledger/blue-loader-python/ledger/lib/python3.8/site-packages
Requires: hidapi, ecpy, python-u2flib-host, protobuf, pycryptodomex, pillow, future, websocket-client
Required-by:
here's my setup;
python --version
Python 3.8.2
python -m ledgerblue.loadApp --targetId 0x31100004 --apdu --fileName app.hex --appName Hello --appFlags 0x00 --icon ""
Trying to do integrity check of Ledger nano s plus using guide https://support.ledger.com/hc/en-us/articles/4404382029329-Check-hardware-integrity?support=true, since using ledger live app doesn't do check before you put private keys in the device
Command failes
$ python3 -m ledgerblue.checkGenuineRemote --targetId 0x33000004
Traceback (most recent call last):
File "<frozen runpy>", line 198, in _run_module_as_main
File "<frozen runpy>", line 88, in _run_code
File "/usr/local/lib/python3.11/site-packages/ledgerblue/checkGenuineRemote.py", line 79, in <module>
result = json.loads(ws.recv())
^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 388, in recv
opcode, data = self.recv_data()
^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 416, in recv_data
opcode, frame = self.recv_data_frame(control_frame)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 437, in recv_data_frame
frame = self.recv_frame()
^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 478, in recv_frame
return self.frame_buffer.recv_frame()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/websocket/_abnf.py", line 363, in recv_frame
self.recv_header()
File "/usr/local/lib/python3.11/site-packages/websocket/_abnf.py", line 319, in recv_header
header = self.recv_strict(2)
^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/websocket/_abnf.py", line 398, in recv_strict
bytes_ = self.recv(min(16384, shortage))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/websocket/_core.py", line 563, in _recv
return recv(self.sock, bufsize)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/websocket/_socket.py", line 129, in recv
raise WebSocketConnectionClosedException("Connection to remote host was lost.")
websocket._exceptions.WebSocketConnectionClosedException: Connection to remote host was lost.
As documented here:
https://ledger.readthedocs.io/en/latest/userspace/debugging.html
I swear this used to work, but now I get
ledgerblue.commException.CommException: Exception : Invalid status 6984 (Unknown reason)
when trying to load either the updater or the firmware.
When running loadApp, it fails on installing to Ledger Nano S running firmware 1.55.
Command:
python -m ledgerblue.loadApp --appFlags 0x40 --apdu --tlv --targetId 0x31100004 --delete --fileName app.hex --appName "Ravencoin" --appVersion 1.3.2 --dataSize 0x00000000 --icon 0100000000ffffff00ffffffffffff1ffc0ff80fe107c0078003f003f807f81ffc3ffcfffcffffffff
Error:
sha256.update(struct.pack('>I', targetId) + bytes(targetVersion, 'utf-8')) TypeError: encoding without a string
argument``
I don't see any examples of setting the --targetVersion parameter. It seems to work for most people without? Not sure what's going on here.
Hi, I tried to install the package through pip but I got the error about extra_require
.
Here is my command.
pip install setuptools==67.0.0 && pip install --no-cache-dir .
Here is the error.
error in ledgerblue setup command: 'extras_require' must be a dictionary whose values are strings or lists of strings containing valid project/version requirement specifiers.
I think it's because the setuptools package (version >=67.0.0) is not allowed package specifications that don't comply with PEP440 and 1.6.12-4build1
for python-pyscard
in setup.py doesn't comply with PEP440.
setup.py
extras_require = {
'smartcard': [ 'python-pyscard>=1.6.12-4build1' ]
},
also, I can't find this package and this version in PyPI. I guess it's this one (https://pypi.org/project/pyscard/).
Is it possible to update it to the correct package and version?
please let me know if you want me to open PR or have any other solution without downgrading setuptools version.
I'm trying to load one of the sample apps to a brand new Ledger Blue (Firmware: MCU 3.4-hw15, SE: 2.1.1). I've tried using both --targetId 0x31000002
and --targetId 0x31000004
and neither one works.
With 0x31000002, I get "Target ID does not support SCP V2", and with 0x31000004 I get "Invalid status 6484". Is there a different targetId I should be using? If so, where should I have found that information?
I plug my Ledger Blue device and checkGenuine` with the following command:
$ python -m ledgerblue.checkGenuine --targetId 0x31010004
It returns the following error:
Traceback (most recent call last):
File "/usr/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/usr/local/lib/python2.7/dist-packages/ledgerblue/checkGenuine.py", line 140, in <module>
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
File "/usr/local/lib/python2.7/dist-packages/ledgerblue/checkGenuine.py", line 110, in getDeployedSecretV2
return ret
UnboundLocalError: local variable 'ret' referenced before assignment
That's due to an indentation error introduced in e834117#diff-a38efbe7c6ced1dae1d585bace6a8da0R110
I'll be fixing this with a PR soon.
Using ledgerblue in coordination with various Ethereum tools (e.g. https://github.com/ethereum/web3.py/blob/master/setup.py#L27) is problematic as pycryptodome has replaced pycrypto in most modern tool dependency trees. As pycryptodome is largely a drop-in replacement for pycrypto, updating this dependency would solve a significant amount of headache.
I'm attempting to verify my new Ledger Nano S per https://ledger.zendesk.com/hc/en-us/articles/115005321449-How-to-verify-the-security-integrity-of-my-Nano-S- on Mac OS X 10.13.2 and after getting past the pycrypto issue in #22 I am still unable to verify it. Here's the output:
$ python -m ledgerblue.checkGenuine --targetId 0x31100002 1 ↵
Traceback (most recent call last):
File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/Users/cardoe/work/blue-loader-python/ledgerblue/checkGenuine.py", line 127, in <module>
dongle = getDongle(args.apdu)
File "/Users/cardoe/work/blue-loader-python/ledgerblue/comm.py", line 212, in getDongle
raise CommException("No dongle found")
ledgerblue.commException.CommException: Exception : No dongle found
Is there anything new required to use the scripts with a Ledger Nano X?
Running:
python -m ledgerblue.checkGenuine --targetId 0x33000004
Results in:
> python -m ledgerblue.checkGenuine --targetId 0x33000004
Traceback (most recent call last):
File "C:\Python27\lib\runpy.py", line 174, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "C:\Python27\lib\runpy.py", line 72, in _run_code
exec code in run_globals
File "C:\dev\ledger\blue-loader-python\ledgerblue\checkGenuine.py", line 140, in <module>
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
File "C:\dev\ledger\blue-loader-python\ledgerblue\checkGenuine.py", line 58, in getDeployedSecretV2
dongle.exchange(apdu)
File "ledgerblue\comm.py", line 135, in exchange
raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 69d5 (Unknown reason)
The same thing with a Ledger Nano S:
python -m ledgerblue.checkGenuine --targetId 0x31100004
Results in (I have loaded a custom CA so that message is expected):
> python -m ledgerblue.checkGenuine --targetId 0x31100004
WARNING : Product is genuine but has a Custom CA loaded
SE Version 1.5.5
MCU Version 1.7
MCU Hash 2013fe17e06cf2f710d33328aa46d1053f8fadd48dcaeca2c5512dd79e2158d5
OS: MacOS Sierra 10.12.5
device: Ledger Nano S
firmware: 1.4.1
Script: Any
Python: Either 2.7 or 3 - same results.
command: python -m ledgerblue.checkGenuine --targetId 0x31100003
Version: 0.1.17
(commit 01ac90675898c14c5d2b1cef379cfdcc5774fe4f
- ie. non pip version)
trace (for checkGenuine.py - but replace for any script):
Traceback (most recent call last):
File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/Users/tadhgriordan/Documents/blue-loader-python/ledgerblue/checkGenuine.py", line 137, in <module>
dongle = getDongle(args.apdu)
File "/Users/tadhgriordan/Documents/blue-loader-python/ledgerblue/comm.py", line 221, in getDongle
raise CommException("No dongle found")
ledgerblue.commException.CommException: Exception : No dongle found
Ledger is recognised by my machine for all Apps, Ledger Manager, MyEtherWallet etc.
running system_profiler SPUSBDataType
:
Nano S:
Product ID: 0x0001
Vendor ID: 0x2c97
Version: 2.00
Serial Number: 0001
Speed: Up to 12 Mb/sec
Manufacturer: Ledger
Location ID: 0x14400000 / 8
Current Available (mA): 500
Current Required (mA): 100
Extra Operating Current (mA): 0
I have another Nano S on 1.3 which works as normal.
Was meaning to run a hardware integrity test on my Nano S Plus, instead I get an exception
Running Python 3.10.2
using virtualenv in MacOS and libtool 2.4.7
installed via brew
python3 -m ledgerblue.checkGenuine --targetId 0x33100004
Traceback (most recent call last):
File "/usr/local/Cellar/[email protected]/3.10.2/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", line 196, in _run_module_as_main
return _run_code(code, main_globals, None,
File "/usr/local/Cellar/[email protected]/3.10.2/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", line 86, in _run_code
exec(code, run_globals)
File "/usr/local/lib/python3.10/site-packages/ledgerblue/checkGenuine.py", line 137, in <module>
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
File "/usr/local/lib/python3.10/site-packages/ledgerblue/checkGenuine.py", line 44, in getDeployedSecretV2
dongle.exchange(apdu)
File "/usr/local/lib/python3.10/site-packages/ledgerblue/comm.py", line 145, in exchange
raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6d06 (Unknown reason)
When loading an application on the ledger, I am seeing the following error:
Traceback (most recent call last):
File "/usr/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/usr/local/lib/python2.7/dist-packages/ledgerblue/loadApp.py", line 174, in <module>
loader.createApp(args.appFlags, appLength, args.appName, icon, path, None, None, args.appVersion)
File "/usr/local/lib/python2.7/dist-packages/ledgerblue/hexLoader.py", line 163, in createApp
data = self.encryptAES(data)
File "/usr/local/lib/python2.7/dist-packages/ledgerblue/hexLoader.py", line 95, in encryptAES
encryptedData = cipher.encrypt(paddedData)
File "/usr/lib/python2.7/dist-packages/Crypto/Cipher/blockalgo.py", line 244, in encrypt
return self._cipher.encrypt(plaintext)
TypeError: argument must be string or read-only buffer, not bytearray
make: *** [load] Error 1
This appears to be due to the change to hexLoader.py
here ed1e3a4 for Python 3 compatibility, which unfortunately does not with python 2.7.x.
Version 0.1.15 works correctly and as intended.
I have tried to install app-ethereum
that was successful.
Then I tried to install it using the debug mode.
The install failed.
I am not able to reinstall it again as it seems the app storage is full (tried with blue-loader and ledger live)
Looking at USB debug I am getting
Warning: cannot query manufacturer for VID=0x2c97 PID=0x1011: Result too large
Any way to wipe the storage without whipping the enclave so that I don't have to do the setup again?
Hello
Trying to run this command:
python3 -m ledgerblue.loadApp \
--targetId 0x31100004 \
--fileName bin/"app".hex \
--appFlags 0x00 \
--appName "RSK Sign" \
--appVersion 4 \
--icon `cat icon.hex` \
--apiLevel 1 \
--path ""
Getting
Generated random root public key : b'044bee7960dc1a4597d4510a4179214650f1f8f1c8fd3de859cc98939524bc239dc5f16d3f81a8862652ad5a5e32333cf2b00be650066957a04356f96d76fec42b'
Using test master key b'044bee7960dc1a4597d4510a4179214650f1f8f1c8fd3de859cc98939524bc239dc5f16d3f81a8862652ad5a5e32333cf2b00be650066957a04356f96d76fec42b'
Using ephemeral key b'0434a0ad668c6553f5c1dc0915c347e1494ca6f6b29fdc7eae04f8bfff79027b47d63e655781db6d3edb165d0058b33bf7e6f4193ad644b4673525e1ff8b4ae663'
Broken certificate chain - loading from user key
Traceback (most recent call last):
File "/Users/bitch/.pyenv/versions/3.7.16/lib/python3.7/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/Users/bitch/.pyenv/versions/3.7.16/lib/python3.7/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/Users/bitch/PycharmProjects/rsk-powhsm/ledger/test/venv/lib/python3.7/site-packages/ledgerblue/loadApp.py", line 268, in <module>
loader.createAppNoInstallParams(args.appFlags, appLength, args.appName, args.icon, path, None, None, string_to_bytes(args.appVersion))
File "/Users/bitch/PycharmProjects/rsk-powhsm/ledger/test/venv/lib/python3.7/site-packages/ledgerblue/hexLoader.py", line 364, in createAppNoInstallParams
self.exchange(self.cla, 0x00, 0x00, 0x00, data)
File "/Users/bitch/PycharmProjects/rsk-powhsm/ledger/test/venv/lib/python3.7/site-packages/ledgerblue/hexLoader.py", line 207, in exchange
return self.scpUnwrap(bytes(self.card.exchange(apdu)))
File "/Users/bitch/PycharmProjects/rsk-powhsm/ledger/test/venv/lib/python3.7/site-packages/ledgerblue/comm.py", line 157, in exchange
raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6512 (Unknown reason)
ledgerblue version ledgerblue==0.1.48
Device
Product is genuine
SE Version 2.1.0
MCU Version 1.1
MCU Hash 04302e3131
Does anyone know what that could potentially be? It goes through the secret negotiation and then drops in createAppNoInstallParams
. Is is some sort of incompatibility or am I passing bad args?
Running on Mac OS
Thank you in advance!
We have observed a lot of flakiness with connecting to the Ledger on Mac OS, specifically in this code from the ledgereth library which bottoms out here in ledgerblue.
We found that when the Ethereum app is opened on the Ledger device, another HID entry shows up on the Mac. It is identical to the original HID entry except that usage_page
is 61904 instead of 65440. The order of hid.enumerate()
is not deterministic, so sometimes you get the original, good device, and sometimes you get the second, bad device. Hence the flakiness.
I'm not knowledgeable about the HID spec but I was wondering if changing the or
condition in this line to an and
condition would be appropriate. It would fix our problem at least because it would enforce that the device has a usage page of 65440, which would exclude the second, bad device.
Hi there. I have the ledger nano s and I'm trying to verify the Secure Element by following the steps given on Ledgers web site.
I made sure to install dependencies first with
sudo apt install libudev-dev libusb-1.0-0-dev virtualenv
Then per their instruction installed ledgerblue package with
sudo pip install --no-cache-dir ledgerblue
Now when I run
python2 -m ledgerblue.checkGenuine --targetId 0x31100002
I get the following error
Traceback (most recent call last): File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main "__main__", fname, loader, pkg_name) File "/usr/lib/python2.7/runpy.py", line 72, in _run_code exec code in run_globals File "/usr/local/lib/python2.7/dist-packages/ledgerblue/checkGenuine.py", line 127, in <module> dongle = getDongle(args.apdu) File "/usr/local/lib/python2.7/dist-packages/ledgerblue/comm.py", line 188, in getDongle dev.open_path(hidDevicePath) File "hid.pyx", line 72, in hid.device.open_path IOError: open failed
Note I'm using Ubuntu 16.04.2 LTS. Hopefully this is just some simple fix, like maybe I'm not using the correct version of everything.
OS: MacOS Sierra 10.12.6
device: Ledger Nano S
firmware: 1.4.1
Script(s): loadApp
Python: 3.6.4 (virtualenv)
command (from blue-app-btc root):
python -m ledgerblue.loadApp --appFlags 0x50 --curve secp256k1 --targetId 0x31100003 --fileName bin/app.hex --appName "Bitcoin" --path ""
Version: 0.1.17 (commit ab58917 - ie. non pip version)
trace:
Traceback (most recent call last):
File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/Users/tadhgriordan/.virtualenvs/ledger/lib/python3.6/site-packages/ledgerblue-0.1.17-py3.6.egg/ledgerblue/loadApp.py", line 248, in <module>
loader.createAppNoInstallParams(args.appFlags, appLength, args.appName, args.icon, path, None, None, args.appVersion)
File "/Users/tadhgriordan/.virtualenvs/ledger/lib/python3.6/site-packages/ledgerblue-0.1.17-py3.6.egg/ledgerblue/hexLoader.py", line 344, in createAppNoInstallParams
self.exchange(self.cla, 0x00, 0x00, 0x00, data)
File "/Users/tadhgriordan/.virtualenvs/ledger/lib/python3.6/site-packages/ledgerblue-0.1.17-py3.6.egg/ledgerblue/hexLoader.py", line 194, in exchange
return self.scpUnwrap(bytes(self.card.exchange(apdu)))
File "/Users/tadhgriordan/.virtualenvs/ledger/lib/python3.6/site-packages/ledgerblue-0.1.17-py3.6.egg/ledgerblue/comm.py", line 129, in exchange
raise CommException("Invalid status %04x (%s)" % (sw, possibleCause), sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6700 (Unknown reason)
status 6700
is incorrect length
.
secp256r1 and prime256r1 are two different curves and prime256r1 cannot be just renamed into secp256r1. Nevertheless, the curve prime256r1 has been removed and thus it is no longer possible to use ledgerblue with the PSD.
What does that mean? Is my ledger compromised?
I think it would be a good idea to mention in the installation instructions that this libudev-dev is systemd-devel now on modern systems. I am using Fedora and it took me some time to figure out why the linker was always complaining about missing -ludev.
What does Invalid status 6d00
mean? Is there something wrong with my nano?
| => python3 -m ledgerblue.checkGenuine --targetId 0x31100002
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ledgerblue/checkGenuine.py", line 129, in <module>
secret = getDeployedSecretV2(dongle, bytearray.fromhex(args.rootPrivateKey), args.targetId, args.issuerKey)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ledgerblue/checkGenuine.py", line 40, in getDeployedSecretV2
dongle.exchange(apdu)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ledgerblue/comm.py", line 130, in exchange
raise CommException("Invalid status %04x" % sw, sw, response)
ledgerblue.commException.CommException: Exception : Invalid status 6d00
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.