TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_os / cf3d6ac958e5d41cf6118958091facb61630d283 / . / scripts / sign_encrypt.py
blob: 15a14581cebbfe3c0f509a5eca6530d9da63f3e3 [file] [log] [blame]
Rouven Czerwinskibbaeed42019-08-07 20:07:00 +0200[diff] [blame]1#!/usr/bin/env python3
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]2# SPDX-License-Identifier: BSD-2-Clause
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]3#
4# Copyright (c) 2015, 2017, 2019, Linaro Limited
5#
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]6
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]7import sys
8
Jerome Forissier4a477922018-11-14 11:02:49 +0100[diff] [blame]9
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]10algo = {'TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256': 0x70414930,
11 'TEE_ALG_RSASSA_PKCS1_V1_5_SHA256': 0x70004830}
12
13
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]14def uuid_parse(s):
15 from uuid import UUID
16 return UUID(s)
17
18
19def int_parse(str):
20 return int(str, 0)
21
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]22
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]23def get_args(logger):
24 from argparse import ArgumentParser, RawDescriptionHelpFormatter
25 import textwrap
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]26 command_base = ['sign-enc', 'digest', 'stitch']
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]27 command_aliases_digest = ['generate-digest']
28 command_aliases_stitch = ['stitch-ta']
29 command_aliases = command_aliases_digest + command_aliases_stitch
30 command_choices = command_base + command_aliases
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]31
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]32 dat = '[' + ', '.join(command_aliases_digest) + ']'
33 sat = '[' + ', '.join(command_aliases_stitch) + ']'
34
35 parser = ArgumentParser(
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]36 description='Sign and encrypt (optional) a Tusted Application for' +
37 ' OP-TEE.',
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]38 usage='\n %(prog)s command [ arguments ]\n\n'
39
40 ' command:\n' +
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]41 ' sign-enc Generate signed and optionally encrypted loadable' +
42 ' TA image file.\n' +
43 ' Takes arguments --uuid, --ta-version, --in, --out,' +
44 ' --key\n' +
45 ' and --enc-key (optional).\n' +
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]46 ' digest Generate loadable TA binary image digest' +
47 ' for offline\n' +
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]48 ' signing. Takes arguments --uuid, --ta-version,' +
49 ' --in, --key,\n'
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]50 ' --enc-key (optional), --algo (optional) and' +
51 ' --dig.\n' +
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]52 ' stitch Generate loadable signed and encrypted TA binary' +
53 ' image file from\n' +
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]54 ' TA raw image and its signature. Takes' +
55 ' arguments\n' +
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]56 ' --uuid, --in, --key, --enc-key (optional), --out,' +
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]57 ' --algo (optional) and --sig.\n\n' +
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]58 ' %(prog)s --help show available commands and arguments\n\n',
59 formatter_class=RawDescriptionHelpFormatter,
60 epilog=textwrap.dedent('''\
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]61 If no command is given, the script will default to "sign-enc".
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]62
63 command aliases:
64 The command \'digest\' can be aliased by ''' + dat + '''
65 The command \'stitch\' can be aliased by ''' + sat + '\n' + '''
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]66 example offline signing command using OpenSSL for algorithm
67 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]68 base64 -d <UUID>.dig | \\
69 openssl pkeyutl -sign -inkey <KEYFILE>.pem \\
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]70 -pkeyopt digest:sha256 -pkeyopt rsa_padding_mode:pss \\
71 -pkeyopt rsa_pss_saltlen:digest \\
72 -pkeyopt rsa_mgf1_md:sha256 | \\
73 base64 > <UUID>.sig\n
74 example offline signing command using OpenSSL for algorithm
75 TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
76 base64 -d <UUID>.dig | \\
77 openssl pkeyutl -sign -inkey <KEYFILE>.pem \\
78 -pkeyopt digest:sha256 -pkeyopt rsa_padding_mode:pkcs1 | \\
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]79 base64 > <UUID>.sig
80 '''))
81
82 parser.add_argument(
83 'command', choices=command_choices, nargs='?',
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]84 default='sign-enc',
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]85 help='Command, one of [' + ', '.join(command_base) + ']')
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]86 parser.add_argument('--uuid', required=True,
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]87 type=uuid_parse, help='String UUID of the TA')
88 parser.add_argument('--key', required=True,
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]89 help='Name of signing key file (PEM format)')
90 parser.add_argument('--enc-key', required=False,
91 help='Encryption key string')
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]92 parser.add_argument(
Etienne Carriere47844622019-08-12 11:33:24 +0200[diff] [blame]93 '--ta-version', required=False, type=int_parse, default=0,
94 help='TA version stored as a 32-bit unsigned integer and used for\n' +
95 'rollback protection of TA install in the secure database.\n' +
96 'Defaults to 0.')
97 parser.add_argument(
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]98 '--sig', required=False, dest='sigf',
99 help='Name of signature input file, defaults to <UUID>.sig')
100 parser.add_argument(
101 '--dig', required=False, dest='digf',
102 help='Name of digest output file, defaults to <UUID>.dig')
103 parser.add_argument(
Etienne Carriere9d8dd732019-08-12 16:15:42 +0200[diff] [blame]104 '--in', required=True, dest='inf',
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]105 help='Name of application input file, defaults to <UUID>.stripped.elf')
106 parser.add_argument(
107 '--out', required=False, dest='outf',
108 help='Name of application output file, defaults to <UUID>.ta')
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]109 parser.add_argument('--algo', required=False, choices=list(algo.keys()),
110 default='TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256',
111 help='The hash and signature algorithm, ' +
112 'defaults to TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256. ' +
113 'Allowed values are: ' +
114 ', '.join(list(algo.keys())), metavar='')
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]115
116 parsed = parser.parse_args()
117
118 # Check parameter combinations
119
120 if parsed.digf is None and \
121 parsed.outf is not None and \
122 parsed.command in ['digest'] + command_aliases_digest:
123 logger.error('A digest was requested, but argument --out was given.' +
124 ' Did you mean:\n ' +
125 parser.prog+' --dig ' + parsed.outf + ' ...')
126 sys.exit(1)
127
128 if parsed.digf is not None \
129 and parsed.outf is not None \
130 and parsed.command in ['digest'] + command_aliases_digest:
131 logger.warn('A digest was requested, but arguments --dig and ' +
132 '--out were given.\n' +
133 ' --out will be ignored.')
134
135 # Set defaults for optional arguments.
136
137 if parsed.sigf is None:
138 parsed.sigf = str(parsed.uuid)+'.sig'
139 if parsed.digf is None:
140 parsed.digf = str(parsed.uuid)+'.dig'
141 if parsed.inf is None:
142 parsed.inf = str(parsed.uuid)+'.stripped.elf'
143 if parsed.outf is None:
144 parsed.outf = str(parsed.uuid)+'.ta'
145
146 return parsed
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]147
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]148
149def main():
Jens Wiklanderababd722019-11-25 16:00:51 +0100[diff] [blame]150 from Cryptodome.Signature import pss
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]151 from Cryptodome.Signature import pkcs1_15
Jens Wiklanderababd722019-11-25 16:00:51 +0100[diff] [blame]152 from Cryptodome.Hash import SHA256
153 from Cryptodome.PublicKey import RSA
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]154 import base64
155 import logging
156 import os
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]157 import struct
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]158
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]159 logging.basicConfig()
160 logger = logging.getLogger(os.path.basename(__file__))
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]161
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]162 args = get_args(logger)
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]163
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]164 with open(args.key, 'rb') as f:
165 key = RSA.importKey(f.read())
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]166
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]167 with open(args.inf, 'rb') as f:
168 img = f.read()
169
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]170 h = SHA256.new()
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]171
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]172 digest_len = h.digest_size
Jens Wiklander9579e402019-11-26 11:15:48 +0100[diff] [blame]173 sig_len = key.size_in_bytes()
Volodymyr Babchuk90ad2452019-08-21 21:00:32 +0300[diff] [blame]174
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]175 img_size = len(img)
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]176
Etienne Carriere47844622019-08-12 11:33:24 +0200[diff] [blame]177 hdr_version = args.ta_version # struct shdr_bootstrap_ta::ta_version
178
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]179 magic = 0x4f545348 # SHDR_MAGIC
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]180 if args.enc_key:
181 img_type = 2 # SHDR_ENCRYPTED_TA
182 else:
183 img_type = 1 # SHDR_BOOTSTRAP_TA
Etienne Carriere47844622019-08-12 11:33:24 +0200[diff] [blame]184
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]185 shdr = struct.pack('<IIIIHH',
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]186 magic, img_type, img_size, algo[args.algo],
187 digest_len, sig_len)
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]188 shdr_uuid = args.uuid.bytes
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]189 shdr_version = struct.pack('<I', hdr_version)
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]190
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]191 if args.enc_key:
192 from Cryptodome.Cipher import AES
193 cipher = AES.new(bytearray.fromhex(args.enc_key), AES.MODE_GCM)
194 ciphertext, tag = cipher.encrypt_and_digest(img)
195
196 enc_algo = 0x40000810 # TEE_ALG_AES_GCM
197 flags = 0 # SHDR_ENC_KEY_DEV_SPECIFIC
198 ehdr = struct.pack('<IIHH',
199 enc_algo, flags, len(cipher.nonce), len(tag))
200
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]201 h.update(shdr)
202 h.update(shdr_uuid)
203 h.update(shdr_version)
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]204 if args.enc_key:
205 h.update(ehdr)
206 h.update(cipher.nonce)
207 h.update(tag)
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]208 h.update(img)
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]209 img_digest = h.digest()
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]210
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]211 def write_image_with_signature(sig):
212 with open(args.outf, 'wb') as f:
213 f.write(shdr)
214 f.write(img_digest)
215 f.write(sig)
216 f.write(shdr_uuid)
217 f.write(shdr_version)
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]218 if args.enc_key:
219 f.write(ehdr)
220 f.write(cipher.nonce)
221 f.write(tag)
222 f.write(ciphertext)
223 else:
224 f.write(img)
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]225
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]226 def sign_encrypt_ta():
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]227 if not key.has_private():
228 logger.error('Provided key cannot be used for signing, ' +
229 'please use offline-signing mode.')
Markus S. Wamser6ff2e3f2019-08-02 14:48:46 +0200[diff] [blame]230 sys.exit(1)
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]231 else:
Jens Wiklanderababd722019-11-25 16:00:51 +0100[diff] [blame]232 signer = pss.new(key)
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]233 sig = signer.sign(h)
Volodymyr Babchuk90ad2452019-08-21 21:00:32 +0300[diff] [blame]234 if len(sig) != sig_len:
235 raise Exception(("Actual signature length is not equal to ",
236 "the computed one: {} != {}").
237 format(len(sig), sig_len))
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]238 write_image_with_signature(sig)
239 logger.info('Successfully signed application.')
240
241 def generate_digest():
242 with open(args.digf, 'wb+') as digfile:
243 digfile.write(base64.b64encode(img_digest))
244
245 def stitch_ta():
246 try:
247 with open(args.sigf, 'r') as sigfile:
248 sig = base64.b64decode(sigfile.read())
249 except IOError:
Markus S. Wamser6ff2e3f2019-08-02 14:48:46 +0200[diff] [blame]250 if not os.path.exists(args.digf):
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]251 generate_digest()
252 logger.error('No signature file found. Please sign\n %s\n' +
253 'offline and place the signature at \n %s\n' +
254 'or pass a different location ' +
255 'using the --sig argument.\n',
256 args.digf, args.sigf)
Markus S. Wamser6ff2e3f2019-08-02 14:48:46 +0200[diff] [blame]257 sys.exit(1)
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]258 else:
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]259 if args.algo == 'TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256':
260 verifier = pss.new(key)
261 elif args.algo == 'TEE_ALG_RSASSA_PKCS1_V1_5_SHA256':
262 verifier = pkcs1_15.new(key)
263 try:
264 verifier.verify(h, sig)
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]265 write_image_with_signature(sig)
266 logger.info('Successfully applied signature.')
Mingyuan Xiangcf3d6ac2020-09-17 19:01:02 +0800[diff] [blame^]267 except ValueError:
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]268 logger.error('Verification failed, ignoring given signature.')
Markus S. Wamser6ff2e3f2019-08-02 14:48:46 +0200[diff] [blame]269 sys.exit(1)
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]270
Markus S. Wamser6ff2e3f2019-08-02 14:48:46 +0200[diff] [blame]271 # dispatch command
272 {
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]273 'sign-enc': sign_encrypt_ta,
Markus S. Wamser1cdd95a2019-04-30 12:03:12 +0200[diff] [blame]274 'digest': generate_digest,
275 'generate-digest': generate_digest,
276 'stitch': stitch_ta,
277 'stitch-ta': stitch_ta
Sumit Garg2de17fd2019-10-23 12:47:24 +0530[diff] [blame]278 }.get(args.command, 'sign_encrypt_ta')()
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]279
Jens Wiklanderbc420742015-05-05 14:59:15 +0200[diff] [blame]280
281if __name__ == "__main__":
Jens Wiklandercd5cf432017-11-28 16:59:15 +0100[diff] [blame]282 main()