From 41b72119bc23b942af5d7d1b7a7a704f2ab8aa5b Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 7 Jul 2016 21:11:47 -0400 Subject: Add cryptech_miniterm; tweak cryptech_probe to write environment variables like ssh-agent. --- projects/hsm/cryptech_miniterm | 45 ++++++++++++++++++++++++++++++++++++++++++ projects/hsm/cryptech_probe | 38 ++++++++++++++++++++++++----------- projects/hsm/cryptech_upload | 2 +- 3 files changed, 72 insertions(+), 13 deletions(-) create mode 100755 projects/hsm/cryptech_miniterm diff --git a/projects/hsm/cryptech_miniterm b/projects/hsm/cryptech_miniterm new file mode 100755 index 0000000..b8ea3b1 --- /dev/null +++ b/projects/hsm/cryptech_miniterm @@ -0,0 +1,45 @@ +#!/usr/bin/env python +# +# Copyright (c) 2016, NORDUnet A/S All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# - Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# - Neither the name of the NORDUnet nor the names of its contributors may +# be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS +# IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +# PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +""" +Utility to run PySerial's "miniterm" with default settings suitable +for talking to the Cryptech Alpha's console port. +""" + +import serial.tools.miniterm +import sys +import os + +default_port = os.getenv("CRYPTECH_CTY_CLIENT_SERIAL_DEVICE") +default_baud = os.getenv("CRYPTECH_CTY_CLIENT_SERIAL_SPEED", 921600) + +sys.exit(serial.tools.miniterm.main(default_port = default_port, + default_baudrate = int(default_baud))) + diff --git a/projects/hsm/cryptech_probe b/projects/hsm/cryptech_probe index bc798bc..14dae01 100755 --- a/projects/hsm/cryptech_probe +++ b/projects/hsm/cryptech_probe @@ -30,7 +30,9 @@ """ Utility to probe USB serial port(s) trying to figure out which one(s) -we have plugged in today. +we have plugged in today. stdout is environment variable settings, +suitable for use in bash with "eval `cryptech_probe`"; all other output +goes to stderr. """ import sys @@ -44,9 +46,10 @@ class positive_integer(int): raise ValueError parser = argparse.ArgumentParser(formatter_class = argparse.ArgumentDefaultsHelpFormatter) -parser.add_argument("-v", "--verbose", action = "store_true", help = "blather about what we're doing") -parser.add_argument("--no-cleanup", action = "store_true", help = "don't send cleanup sequences after probing") -parser.add_argument("--read-size", type = positive_integer, help = "size of read buffer", default = 1024) +parser.add_argument("-v", "--verbose", action = "store_true", help = "produce human-readable output") +parser.add_argument("-d", "--debug", action = "store_true", help = "blather about what we're doing") +parser.add_argument("--no-cleanup", action = "store_true", help = "don't send cleanup sequences after probing") +parser.add_argument("--read-buffer-size", type = positive_integer, help = "size of read buffer", default = 1024) args = parser.parse_args() SLIP_END = chr(0300) # Indicates end of SLIP packet @@ -78,8 +81,10 @@ ports = [port for port, desc, hwid in serial.tools.list_ports_posix.comports() if not ports: sys.exit("Couldn't find any likely USB ports") -if args.verbose: - print "Candidate USB ports:", ", ".join(ports) +if args.debug: + sys.stderr.write("Candidate USB ports: {}\n".format(", ".join(ports))) + +env = {} for port in ports: @@ -94,9 +99,9 @@ for port in ports: tty.write(c) time.sleep(0.1) - response = tty.read(args.read_size) - if args.verbose: - print "Received from {}: {!r} ({})".format(port, response, ":".join("{:02x}".format(ord(c)) for c in response)) + response = tty.read(args.read_buffer_size) + if args.debug: + sys.stderr.write("Received from {}: {!r} ({})\n".format(port, response, ":".join("{:02x}".format(ord(c)) for c in response))) # Check whether we got a known console prompt. @@ -115,17 +120,26 @@ for port in ports: except IndexError: is_hsm = False + if is_cty and args.verbose: + sys.stderr.write("{} looks like the Cryptech HSM console port\n".format(port)) + + if is_hsm and args.verbose: + sys.stderr.write("{} looks like the Cryptech HSM RPC port\n".format(port)) + if is_cty: - print "{} looks like the Cryptech HSM console port".format(port) + env.update(CRYPTECH_CTY_CLIENT_SERIAL_DEVICE = port) + if is_hsm: - print "{} looks like the Cryptech HSM RPC port".format(port) + env.update(CRYPTECH_RPC_CLIENT_SERIAL_DEVICE = port) if (is_cty or is_hsm) and not args.no_cleanup: if is_cty: tty.write(Control_U) if is_hsm: tty.write(SLIP_END) - while tty.read(args.read_size): + while tty.read(args.read_buffer_size): pass tty.close() + +sys.stdout.write("export {}\n".format(" ".join("{}='{}'".format(var, env[var]) for var in sorted(env)))) diff --git a/projects/hsm/cryptech_upload b/projects/hsm/cryptech_upload index 8bb6ebb..7590b38 100755 --- a/projects/hsm/cryptech_upload +++ b/projects/hsm/cryptech_upload @@ -57,7 +57,7 @@ def parse_args(): parser.add_argument('-d', '--device', dest='device', - default='/dev/ttyUSB0', + default=os.getenv('CRYPTECH_CTY_CLIENT_SERIAL_DEVICE', '/dev/ttyUSB0'), help='Name of management port USB serial device', ) -- cgit v1.2.3