Add fast onboarding command

This implements `ledgerblue.hostOnboard` from https://github.com/LedgerHQ/blue-loader-python/blob/0.1.41/ledgerblue/hostOnboard.py in ledgerctl. Closes: #12 Co-developed-by: Olivier Hériveaux <[email protected]> Signed-off-by: Nicolas Iooss <[email protected]>
LedgerHQ · Jul 7, 2022 · 7d03c04 · 7d03c04
1 parent 3d06e76
commit 7d03c04
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 0 deletions.
diff --git a/ledgerctl.py b/ledgerctl.py
@@ -1,5 +1,6 @@
 import configparser
 import os
+import re
 import sys
 
 import click
@@ -11,6 +12,7 @@
     LEDGER_HSM_URL,
     CommException,
     LedgerClient,
+    LedgerIns,
     NoLedgerDeviceException,
 )
 from ledgerwallet.crypto.ecc import PrivateKey
@@ -316,5 +318,39 @@ def upgrade_firmware(get_client, firmware_name, firmware_key, url, key):
     client.upgrade_firmware(firmware_name, firmware_key, url, key)
 
 
+@cli.command(
+    help="Perform quick onboarding from command line. Device must be reset and booted in recovery mode (press some buttons during the boot)."  # noqa
+)
+@click.argument("pin")
+@click.argument("words")
+@click.option(
+    "--id", help="Identity number to initialize", default=0, type=click.IntRange(0, 2)
+)
+@click.option("--prefix", help="Derivation prefix")
+@click.option("--passphrase", help="Derivation passphrase")
+@click.pass_obj
+def onboard(connect, pin, passphrase, words, id, prefix):
+    # Check pin argument
+    if not re.match("^[0-9]{4,8}$", pin):
+        raise ValueError("Invalid PIN format")
+
+    data = bytearray()
+    for string in (pin, prefix, passphrase, words):
+        if string:
+            as_bytes = string.encode()
+            data.append(len(as_bytes))
+            data += as_bytes
+        else:
+            data.append(0)
+
+    client = connect()
+    try:
+        client.apdu_exchange(LedgerIns.ONBOARD, data, p1=id)
+    except CommException as e:
+        raise RuntimeError(
+            "Onboarding failed (are you in recovery mode?): {:#x}".format(e.sw)
+        )
+
+
 if __name__ == "__main__":
     cli()
diff --git a/ledgerwallet/client.py b/ledgerwallet/client.py
@@ -41,6 +41,7 @@ class LedgerIns(enum.IntEnum):
     VALIDATE_CERTIFICATE = 0x51
     GET_CERTIFICATE = 0x52
     MUTUAL_AUTHENTICATE = 0x53
+    ONBOARD = 0xD0
     RUN_APP = 0xD8
     # Commands for custom endorsement
     ENDORSE_SET_START = 0xC0