TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 59cf5d889cf1ad93598eed083f993a5b7d2296dd^! / . / tools / modules / crypto_conversion_utils.py
commit59cf5d889cf1ad93598eed083f993a5b7d2296dd[log] [tgz]
authorRaef Coles <raef.coles@arm.com>Mon Dec 09 15:41:13 2024 +0000
committerAntonio de Angelis <Antonio.deAngelis@arm.com>Tue Feb 11 21:08:48 2025 +0000
treebcd280f73b0112e05b0d916be43acdf0149e304d
parent211c48e1b21ba34a4583085f8a010964daa61b76 [diff] [blame]
Tools: Add python modules

Add generic python modules to TF-M to support build and image packaging
tools.

* arg_utils provides helpers to deal with argparse arguments
* c_include gets the list of include paths for a file from the
  `compile_commands.json` build database
* c_macro includes a python implementation of (most of) the C
  preprocessor.
* c_struct is a libclang-based evaluator of C datastructures (Including
  enums) which can be used to generate python representations of nested
  C datastructures which rely on complex macro configuration.
* crypto_conversion_utils provides helpers to convert various types of
  crypto keys to different and convert string representations of
  algorithms and hash functions to their python objects
* encrypt_data provides functions to encrypt bytes() objects
* file_loader provides automatic handler functions for various filetypes
  based on their extensions, primarily useful for loading crypto keys
* key_derivation provides a python implementation of HKDF and a
  SP200-108 CMAC KDF, both matching the TF-M/MbedTLS/CC3XX implementation
* sign_data provides functions to perform symmetric and asymmetric
  signatures of bytes() objects
* sign_then_encrypt_data provides combined signing and encryption,
  either via symmetric AEAD modes or a combination of the sign_data and
  encrypt_data modules
* struct_pack provides helper functions for packing bytes objects
  together.

Change-Id: I858dd8ef69c9069ec0a44e4ad3f9a1d70cc5d4da
Signed-off-by: Raef Coles <raef.coles@arm.com>

diff --git a/tools/modules/crypto_conversion_utils.py b/tools/modules/crypto_conversion_utils.py
new file mode 100644
index 0000000..43633ff
--- /dev/null
+++ b/tools/modules/crypto_conversion_utils.py

@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+#-------------------------------------------------------------------------------
+# SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography.hazmat.primitives import hashes
+
+import logging
+logger = logging.getLogger("TF-M")
+
+def convert_curve_define(define_name : str,
+                         define_prefix : str = "",
+                         ) -> ec.EllipticCurve:
+    curve_name = define_name.replace(define_prefix,"").replace("_", "")
+
+    if not hasattr(ec, curve_name):
+        curve_name = "SEC{}R1".format(curve_name)
+
+    return getattr(ec, curve_name)
+
+def convert_hash_define(define_name : str,
+                        define_prefix : str = "",
+                        ) -> hashes.HashAlgorithm:
+    hash_name = define_name.replace(define_prefix,"").replace("_", "")
+    return getattr(hashes, hash_name)