sign_encrypt.py: Fix typo from 'Unkown' to 'Unknown'

The value of enc_algo_name and flags_name was set to 'Unkown',
should be 'Unknown' instead.

Signed-off-by: Aristo Chen <aristo.chen@canonical.co

sign_encrypt.py: Fix typo from 'Unkown' to 'Unknown'

The value of enc_algo_name and flags_name was set to 'Unkown',
should be 'Unknown' instead.

Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

sign_encrypt.py: fix an error in the verify command with '--enc_key'.

Fix a bug where the verify command requires '--enc_key' option for
encrypted TA, but an error occurs when the option is used.

S

sign_encrypt.py: fix an error in the verify command with '--enc_key'.

Fix a bug where the verify command requires '--enc_key' option for
encrypted TA, but an error occurs when the option is used.

Signed-off-by: Sungmin Han <sungminhan@telechips.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

sign_encrypt.py: fix incorrect tag value output in the display command.

Fix a bug where the display command shows incorrect tag value when the
input is an encrypted TA.

Signed-off-by: Sungmin Han <

sign_encrypt.py: fix incorrect tag value output in the display command.

Fix a bug where the display command shows incorrect tag value when the
input is an encrypted TA.

Signed-off-by: Sungmin Han <sungminhan@telechips.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

sign_encrypt.py: fix typo in stitch usage message

Fix typo in stitch usage message.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@li

sign_encrypt.py: fix typo in stitch usage message

Fix typo in stitch usage message.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

sign_encrypt.py: rename to hash_size and sig_size

Renames digest_len to hash_size and sig_len to sig_size in order to
match the names used in the corresponding C code.

Reviewed-by: Jerome Forissier

sign_encrypt.py: rename to hash_size and sig_size

Renames digest_len to hash_size and sig_len to sig_size in order to
match the names used in the corresponding C code.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

sign_encrypt.py: add subkey support

Adds support to sign TAs using a subkey. Two new commands are added to
help with this:
- sign-subkey: signs a new subkey using either the root key or the keys
fro

sign_encrypt.py: add subkey support

Adds support to sign TAs using a subkey. Two new commands are added to
help with this:
- sign-subkey: signs a new subkey using either the root key or the keys
from another subkey
- subkey-uuid: calculate the UUID of next TA or subkey

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

sign_encrypt.py: add display command

Adds a display command to sign_encrypt.py doing what dump_ta_header.py
used to do. Removes the now redundant script dump_ta_header.py.

Reviewed-by: Jerome Foris

sign_encrypt.py: add display command

Adds a display command to sign_encrypt.py doing what dump_ta_header.py
used to do. Removes the now redundant script dump_ta_header.py.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

sign_encrypt.py: add command func in argument parsing

While parsing the argument assign the function to handle the command for
easier dispatching of the command.

Reviewed-by: Jerome Forissier <jero

sign_encrypt.py: add command func in argument parsing

While parsing the argument assign the function to handle the command for
easier dispatching of the command.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

sign_encrypt.py: refactor with BinaryImage class

Moves manipulations of the TA binary into a BinaryImage class for some
abstraction and better structure of the code for the different
sub-commands.

sign_encrypt.py: refactor with BinaryImage class

Moves manipulations of the TA binary into a BinaryImage class for some
abstraction and better structure of the code for the different
sub-commands.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

sign_encrypt.py: refactor argument parsing

Uses the add_subparsers() method from argparse.ArgumentParser to add
the command instead of adding command and options at the same level.
With this we have

sign_encrypt.py: refactor argument parsing

Uses the add_subparsers() method from argparse.ArgumentParser to add
the command instead of adding command and options at the same level.
With this we have one parser for each command to allow the argparse
module to handle checks for optional and mandatory options. This makes
the argument parsing a bit more modular and easier to extend.

Behavior of the script is supposed to be unchanged with the exception of
printed help and errors since that now relies more on the argparse
module.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

sign_encrypt.py: make logger global

Makes the logger variable global to avoid passing it to all functions
that needs to log something.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Ac

sign_encrypt.py: make logger global

Makes the logger variable global to avoid passing it to all functions
that needs to log something.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

scripts/sign_encrypt.py: Support signing TAs using AWS KMS

This adds support for signing trusted applications (TAs) using
a customer owned AWS KMS asymmetric key.

When the option to --key points to

scripts/sign_encrypt.py: Support signing TAs using AWS KMS

This adds support for signing trusted applications (TAs) using
a customer owned AWS KMS asymmetric key.

When the option to --key points to a valid Amazon Resource Name (ARN),
the signing operation will be delegated to AWS KMS. IAM credentials are
provided via environment variables.

Requires boto3 to work correctly.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Donald Chan <hoiho@amazon.com>

show more ...

scripts/sign_encrypt.py: Support verification of a signed TA

Adds a new option 'verify' to sign_encrypt.py to verify whether a
Trusted Application is signed correctly.

Required arguments: --uuid, -

scripts/sign_encrypt.py: Support verification of a signed TA

Adds a new option 'verify' to sign_encrypt.py to verify whether a
Trusted Application is signed correctly.

Required arguments: --uuid, --in, --key

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Donald Chan <hoiho@amazon.com>

show more ...

scripts/sign_encrypt.py: readability improvements

A few constant values would have been better if replaced with constant
definitions

Signed-off-by: Donald Chan <hoiho@amazon.com>
Reviewed-by: Jerom

scripts/sign_encrypt.py: readability improvements

A few constant values would have been better if replaced with constant
definitions

Signed-off-by: Donald Chan <hoiho@amazon.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

scripts/sign_encrypt.py: add flags for the encryption key type

Allow encryption key type to be overridden from command-line. Defaults
to SHDR_ENC_KEY_DEV_SPECIFIC.

Reviewed-by: Jerome Forissier <je

scripts/sign_encrypt.py: add flags for the encryption key type

Allow encryption key type to be overridden from command-line. Defaults
to SHDR_ENC_KEY_DEV_SPECIFIC.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Donald Chan <hoiho@amazon.com>

show more ...

scripts: migrate away from pycryptodome

Move away from pycryptodome and use pyca/cryptography instead.

pycryptodome has been a little confusing due to other similar packages
(pycrypto, pycryptodome

scripts: migrate away from pycryptodome

Move away from pycryptodome and use pyca/cryptography instead.

pycryptodome has been a little confusing due to other similar packages
(pycrypto, pycryptodomex). pyca/cryptography also allow custom backends
other than OpenSSL, so it will make additional signing backends (AWS,
Azure, GCP) possible in the future (where the private key will be
protected by the cloud service provider rather than in plaintext).

Signed-off-by: Donald Chan <hoiho@lab126.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

scripts: support both pycryptodome and pycryptodomex

Current actual Python library for cryptography is being distributed in
two flavors: pycroptodome and pycroptodomex. They are basically the same
l

scripts: support both pycryptodome and pycryptodomex

Current actual Python library for cryptography is being distributed in
two flavors: pycroptodome and pycroptodomex. They are basically the same
library, but with different import names:

- pycryptodome provides 'Crypto' module and indented to directly replace
old pycrypto library

- pycryptodomex provides 'Cryptodome' module and is intended for old
distributions, where pycrypto is still present

Most of the modern Linux distributions provide both of the libraries, so
there is no difference which one is to use. But some of them (like
Yocto/Poky) provide only one.

This patches makes scripts agnostic to a crypto library flavor being used
by trying to import Cryptodome first and then Crypto if first import fails.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

scripts/sign_encrypt.py: add flags for the signing algorithm

+ Update the sign_encrypt.py so that it can choose the signing algorithm
between PSS and PKCS#1.5.
+ Convert the if/else into a try/exc

scripts/sign_encrypt.py: add flags for the signing algorithm

+ Update the sign_encrypt.py so that it can choose the signing algorithm
between PSS and PKCS#1.5.
+ Convert the if/else into a try/except for the signature check

Signed-off-by: Mingyuan Xiang <mingyuan@oxhainan.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

scripts/sign_encrypt.py: remove pycrypto workaround

Removes workaround for a difference in how the size of a RSA key is
determined in pycrypto compared to pycryptodome.

Reviewed-by: Jerome Forissie

scripts/sign_encrypt.py: remove pycrypto workaround

Removes workaround for a difference in how the size of a RSA key is
determined in pycrypto compared to pycryptodome.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

scripts/sign_encrypt.py: Sign TA using PSS

Switches from the algorithm TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 to
TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256 when signing TAs. Even though there
are no known vulne

scripts/sign_encrypt.py: Sign TA using PSS

Switches from the algorithm TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 to
TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256 when signing TAs. Even though there
are no known vulnerabilities in PCKS#1 RSASSA V1.5 at this date there
has been issues in the past (for instance Bleichenbacher).

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

TA dev kit: add support for TA encryption

Add CFG_ENCRYPT_TA as TA build time configuration option to enable
encryption of TA using encryption key provided via TA_ENC_KEY build
time option. The defa

TA dev kit: add support for TA encryption

Add CFG_ENCRYPT_TA as TA build time configuration option to enable
encryption of TA using encryption key provided via TA_ENC_KEY build
time option. The default value of TA_ENC_KEY is derived from 16 zero
bytes default hardware unique key.

Also rename scripts/sign.py to scripts/sign_encrypt.py to reflect
optional encryption support along with signing of TAs.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...