• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/usr/bin/env python
2#
3# Copyright (c) 2015, Linaro Limited
4# All rights reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions are met:
8#
9# 1. Redistributions of source code must retain the above copyright notice,
10# this list of conditions and the following disclaimer.
11#
12# 2. Redistributions in binary form must reproduce the above copyright notice,
13# this list of conditions and the following disclaimer in the documentation
14# and/or other materials provided with the distribution.
15#
16# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
20# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26# POSSIBILITY OF SUCH DAMAGE.
27#
28
29def get_args():
30	from argparse import ArgumentParser
31
32	parser = ArgumentParser()
33	parser.add_argument('--inf', required=True, help='Name of input file (unsigned TA)')
34	parser.add_argument('--dig', required=True, help='Name of unsigned digest file')
35	parser.add_argument('--sig', required=True, help='Name of signed digest file')
36	parser.add_argument('--out', required=True, help='Name of output file (signed TA)')
37	return parser.parse_args()
38
39def assert_file_exists(fname):
40	import os.path
41
42	if(os.path.isfile(fname)):
43		return True
44	else:
45		raise FileNotFoundError('File ' + fname + ' was not found')
46
47def main():
48	from Crypto.Signature import PKCS1_v1_5
49	from Crypto.Hash import SHA256
50	from Crypto.PublicKey import RSA
51	import struct, base64, os.path, sys
52
53	args = get_args()
54
55	assert_file_exists(args.inf)
56	assert_file_exists(args.dig)
57	assert_file_exists(args.sig)
58
59	# Read input file (unsigned TA)
60	f = open(args.inf, 'rb')
61	img = f.read()
62	f.close()
63
64	h = SHA256.new()
65
66	digest_len = h.digest_size
67	#We plan to use RSA 2048 bit keys so signature is 256 bytes
68	sig_len = 256
69	img_size = len(img)
70
71	magic = 0x4f545348	# SHDR_MAGIC
72	img_type = 0		# SHDR_TA
73	algo = 0x70004830	# TEE_ALG_RSASSA_PKCS1_V1_5_SHA256
74	shdr = struct.pack('<IIIIHH', magic, img_type, img_size, algo, digest_len, sig_len)
75
76	print("Image size is:", img_size)
77	print('Digest Filename:', args.dig)
78	print('Signature Filename:', args.sig)
79
80	# Read unsigned digest file
81	dig_in = open(args.dig, 'r')
82	dig = base64.b64decode(dig_in.read())
83	dig_in.close()
84
85	print("Digest is", dig)
86	print("Digest is", base64.b64encode(dig))
87
88	# Read signed digest file
89	f = open(args.sig, 'r')
90	sig = base64.b64decode(f.read())
91	f.close()
92
93	print("Signature is:", sig)
94
95	# Write signed TA to file
96	f = open(args.out, 'wb')
97	f.write(shdr)
98	f.write(dig)
99	f.write(sig)
100	f.write(img)
101	f.close()
102
103if __name__ == "__main__":
104	main()
105