Gitiles
Code Review Sign In
192.168.1.100 / T103 / 1f884588077ad3476b9c91cbb0ee9ee0332bbb68 / . / src / devtools / packer / mt2735 / cryptoSB.py
blob: 1c44a61e4c35c729bf680edb2242c66c0a287d0e [file] [log] [blame]
rjw1f884582022-01-06 17:20:42 +0800[diff] [blame^]1import binascii
2import Crypto.Random.OSRNG.posix as RNG
3from Crypto.Cipher import AES
4from Crypto.Hash import MD5
5from Crypto.Hash import SHA
6from Crypto.Hash import SHA224
7from Crypto.Hash import SHA256
8from Crypto.Hash import SHA384
9from Crypto.Hash import SHA512
10from Crypto.Hash import HMAC
11from Crypto.Util import Counter
12import CryptoPlus
13from CryptoPlus.Cipher import python_AES as CP_python_AES
14import ecdsa
15from ecdsa import SigningKey, VerifyingKey
16from ecdsa.curves import NIST192p, NIST224p, NIST256p, NIST384p, NIST521p
17from ecdsa.util import sigencode_string
18from hashlib import sha1, sha224, sha256, sha384, sha512
19
20#from pycrypto_lib.SelfTest.Signature import test_pkcs1_15_mytest as rsa_mytest
21#from pycrypto_lib.SelfTest.Signature import test_pkcs1_pss_mytest as rsa_pss_mytest
22import test_pkcs1_15_mytest as rsa_mytest
23import test_pkcs1_pss_mytest as rsa_pss_mytest
24
25''' Select ECDSA Curve '''
26__CURVE = 'prime256v1'
27
28AUTH_ECDSA_NISTP256 = 0
29AUTH_ECDSA_NISTP384 = 1
30AUTH_ECDSA_NISTP521 = 2
31AUTH_RSA2048 = 3
32AUTH_RSA3072 = 4
33AUTH_RSA4096 = 5
34
35AUTH_AES_CMAC = 12
36AUTH_HMAC_SHA256 = 13
37
38AUTH_ECDSA_NISTP192 = 10
39AUTH_ECDSA_NISTP224 = 11
40
41
42''' Select ECDSA module '''
43
44''' Select Key Mode '''
45__K_STRING = 0
46__K_PEM = 1
47__K_DER = 2
48
49
50def crypto_pad_to_align(x, align):
51 if(align == 0):
52 return x
53 else:
54 size = len(x)
55 #print("size 0x%x" %size)
56 pad_size = (align - size % align) % align
57 for i in range(0, pad_size, 1):
58 x += b'\x00'
59 #cryptoSB.dump(x)
60 return x
61
62
63# This module is python-ecdsa (warner/python-ecdsa)
64class pythonECDSA:
65 def __init__(self, priv=None, pub=None, curve=None):
66 #print("pure-python ECDSA init")
67 None
68 def sign_string(self, privk, msg, sbc_auth_alg, sbc_auth_alg_hash):
69 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
70 if(sbc_auth_alg_hash == 0):
71 sk = SigningKey.from_string(privk, curve=NIST256p, hashfunc=sha256)
72 signature_str = sk.sign(msg, hashfunc=sha256, sigencode=sigencode_string)
73 elif(sbc_auth_alg_hash == 1):
74 sk = SigningKey.from_string(privk, curve=NIST256p, hashfunc=sha384)
75 signature_str = sk.sign(msg, hashfunc=sha384, sigencode=sigencode_string)
76 elif(sbc_auth_alg_hash == 2):
77 sk = SigningKey.from_string(privk, curve=NIST256p, hashfunc=sha512)
78 signature_str = sk.sign(msg, hashfunc=sha512, sigencode=sigencode_string)
79 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
80 if(sbc_auth_alg_hash == 0):
81 sk = SigningKey.from_string(privk, curve=NIST384p, hashfunc=sha256)
82 signature_str = sk.sign(msg, hashfunc=sha256, sigencode=sigencode_string)
83 elif(sbc_auth_alg_hash == 1):
84 sk = SigningKey.from_string(privk, curve=NIST384p, hashfunc=sha384)
85 signature_str = sk.sign(msg, hashfunc=sha384, sigencode=sigencode_string)
86 elif(sbc_auth_alg_hash == 2):
87 sk = SigningKey.from_string(privk, curve=NIST384p, hashfunc=sha512)
88 signature_str = sk.sign(msg, hashfunc=sha512, sigencode=sigencode_string)
89 elif(sbc_auth_alg == AUTH_ECDSA_NISTP521):
90 if(sbc_auth_alg_hash == 0):
91 sk = SigningKey.from_string(privk, curve=NIST521p, hashfunc=sha256)
92 signature_str = sk.sign(msg, hashfunc=sha256, sigencode=sigencode_string)
93 elif(sbc_auth_alg_hash == 1):
94 sk = SigningKey.from_string(privk, curve=NIST521p, hashfunc=sha384)
95 signature_str = sk.sign(msg, hashfunc=sha384, sigencode=sigencode_string)
96 elif(sbc_auth_alg_hash == 2):
97 sk = SigningKey.from_string(privk, curve=NIST521p, hashfunc=sha512)
98 signature_str = sk.sign(msg, hashfunc=sha512, sigencode=sigencode_string)
99 elif(sbc_auth_alg == AUTH_ECDSA_NISTP192):
100 sk = SigningKey.from_string(privk, curve=NIST192p, hashfunc=sha256)
101 signature_str = sk.sign(msg, hashfunc=sha256, sigencode=sigencode_string)
102 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
103 sk = SigningKey.from_string(privk, curve=NIST224p, hashfunc=sha256)
104 signature_str = sk.sign(msg, hashfunc=sha256, sigencode=sigencode_string)
105 return signature_str
106 def sign_pem(self, privk, msg, sbc_auth_alg):
107 #print(" run sign pem")
108 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
109 sk = SigningKey.from_pem(privk, hashfunc=sha256)
110 signature_pem = sk.sign(msg, hashfunc=sha256)
111
112 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
113 sk = SigningKey.from_pem(privk, hashfunc=sha384)
114 signature_pem = sk.sign(msg, hashfunc=sha384)
115
116 elif(sbc_auth_alg == AUTH_ECDSA_NISTP192):
117 sk = SigningKey.from_pem(privk, hashfunc=sha1)
118 signature_pem = sk.sign(msg, hashfunc=sha1)
119
120 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
121 sk = SigningKey.from_pem(privk, hashfunc=sha224)
122 signature_pem = sk.sign(msg, hashfunc=sha224)
123
124 return signature_pem
125 def sign_der(self, privk, msg, sbc_auth_alg):
126 #print(" run sign der")
127 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
128 sk = SigningKey.from_der(privk, hashfunc=sha256)
129 signature_der = sk.sign(msg, hashfunc=sha256)
130
131 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
132 sk = SigningKey.from_der(privk, hashfunc=sha384)
133 signature_der = sk.sign(msg, hashfunc=sha384)
134
135 elif(sbc_auth_alg == AUTH_ECDSA_NISTP192):
136 sk = SigningKey.from_der(privk, hashfunc=sha1)
137 signature_der = sk.sign(msg, hashfunc=sha1)
138
139 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
140 sk = SigningKey.from_der(privk, hashfunc=sha224)
141 signature_der = sk.sign(msg, hashfunc=sha224)
142
143
144 return signature_der
145 def verify_string(self, pubk, signature_str, msg, sbc_auth_alg):
146 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
147 vk = VerifyingKey.from_string(pubk, curve=NIST256p, hashfunc=sha256)
148 ret = vk.verify(signature_str, msg)
149 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
150 vk = VerifyingKey.from_string(pubk, curve=NIST384p, hashfunc=sha384)
151 ret = vk.verify(signature_str, msg)
152 elif(sbc_auth_alg == AUTH_ECDSA_NISTP192):
153 vk = VerifyingKey.from_string(pubk, curve=NIST192p, hashfunc=sha1)
154 ret = vk.verify(signature_str, msg)
155 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
156 vk = VerifyingKey.from_string(pubk, curve=NIST224p, hashfunc=sha224)
157 ret = vk.verify(signature_str, msg)
158 return ret
159 def verify_pem(self, pubk, signature_pem, msg, sbc_auth_alg):
160 #print(" run verify pem")
161 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
162 vk = VerifyingKey.from_pem(pubk)
163 ret = vk.verify(signature_pem, msg, hashfunc=sha256)
164
165 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
166 vk = VerifyingKey.from_pem(pubk)
167 ret = vk.verify(signature_pem, msg, hashfunc=sha384)
168
169 elif(sbc_auth_alg == AUTH_ECDSA_NISTP192):
170 vk = VerifyingKey.from_pem(pubk)
171 ret = vk.verify(signature_pem, msg, hashfunc=sha1)
172
173 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
174 vk = VerifyingKey.from_pem(pubk)
175 ret = vk.verify(signature_pem, msg, hashfunc=sha224)
176 return ret
177 def verify_der(self, pubk, signature_der, msg, sbc_auth_alg):
178 #print(" run verify der")
179 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
180 vk = VerifyingKey.from_der(pubk)
181 ret = vk.verify(signature_der, msg, hashfunc=sha256)
182
183 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
184 vk = VerifyingKey.from_der(pubk)
185 ret = vk.verify(signature_der, msg, hashfunc=sha384)
186
187 elif(sbc_auth_alg == AUTH_ECDSA_NISTP192):
188 vk = VerifyingKey.from_der(pubk)
189 ret = vk.verify(signature_der, msg, hashfunc=sha1)
190
191 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
192 vk = VerifyingKey.from_der(pubk)
193 ret = vk.verify(signature_der, msg, hashfunc=sha224)
194 return ret
195 def gen_key_string(self, sbc_auth_alg):
196 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
197 sk = SigningKey.generate(curve=NIST256p, hashfunc=sha256)
198 vk = sk.get_verifying_key()
199 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
200 sk = SigningKey.generate(curve=NIST384p, hashfunc=sha384)
201 vk = sk.get_verifying_key()
202 elif(sbc_auth_alg == AUTH_ECDSA_NISTP192):
203 sk = SigningKey.generate(curve=NIST192p, hashfunc=sha1)
204 vk = sk.get_verifying_key()
205 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
206 sk = SigningKey.generate(curve=NIST224p, hashfunc=sha224)
207 vk = sk.get_verifying_key()
208 privk_str = sk.to_string()
209 pubk_str = vk.to_string()
210 return privk_str, pubk_str
211 def gen_key_pem(self, sbc_auth_alg):
212 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
213 sk = SigningKey.generate(curve=NIST256p, hashfunc=sha256)
214 vk = sk.get_verifying_key()
215 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
216 sk = SigningKey.generate(curve=NIST384p, hashfunc=sha384)
217 vk = sk.get_verifying_key()
218 elif(sbc_auth_alg == AUTH_ECDSA_NISTP192):
219 sk = SigningKey.generate(curve=NIST192p, hashfunc=sha1)
220 vk = sk.get_verifying_key()
221 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
222 sk = SigningKey.generate(curve=NIST224p, hashfunc=sha224)
223 vk = sk.get_verifying_key()
224 privk_pem = sk.to_pem()
225 pubk_pem = vk.to_pem()
226 return privk_pem, pubk_pem
227 def gen_key_der(self, sbc_auth_alg):
228 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
229 sk = SigningKey.generate(curve=NIST256p, hashfunc=sha256)
230 vk = sk.get_verifying_key()
231 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
232 sk = SigningKey.generate(curve=NIST384p, hashfunc=sha384)
233 vk = sk.get_verifying_key()
234 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
235 sk = SigningKey.generate(curve=NIST192p, hashfunc=sha1)
236 vk = sk.get_verifying_key()
237 elif(sbc_auth_alg == AUTH_ECDSA_NISTP224):
238 sk = SigningKey.generate(curve=NIST224p, hashfunc=sha224)
239 vk = sk.get_verifying_key()
240 privk_der = sk.to_der()
241 pubk_der = vk.to_der()
242 return privk_der, pubk_der
243
244class AESCipher:
245 def __init__(self, key, blk_sz):
246 #self.key = md5(key.encode('utf8')).hexdigest()
247 self.key = key
248 self.blk_sz = blk_sz
249 keylen = len(key)
250 if(keylen != blk_sz):
251 print("ERROR: key length fail:")
252 return 0
253
254 def aes_encrypt(self, data):
255 #data = pad(data)
256 #print(":".join("{:02x}".format(ord(e)) for e in data))
257 cryptor = AES.new(self.key, AES.MODE_ECB)
258 return cryptor.encrypt(data)
259
260 def aes_decrypt(self, data):
261 #data = pad(data)
262 #print(":".join("{:02x}".format(ord(e)) for e in data))
263 cryptor = AES.new(self.key, AES.MODE_ECB)
264 return cryptor.decrypt(data)
265
266 def aes_cbc_encrypt(self, data, iv):
267 cryptor = AES.new(self.key, AES.MODE_CBC, iv)
268 return cryptor.encrypt(data)
269
270 def aes_cbc_decrypt(self, data, iv):
271 cryptor = AES.new(self.key, AES.MODE_CBC, iv)
272 return cryptor.decrypt(data)
273
274 def aes_ctr_encrypt_only_counter(self, data, prefix_const, init_counter):
275 #ctr_e = Counter.new(64, prefix = prefix_const)
276 #cryptor = AES.new(self.key, AES.MODE_CTR, counter=lambda: init_counter)
277
278 ctr_e = Counter.new(128, initial_value=long(init_counter.encode('hex'), 16), allow_wraparound=True)
279 cryptor = AES.new(self.key, AES.MODE_CTR, counter=ctr_e)
280
281 return cryptor.encrypt(data)
282
283 def aes_ctr_decrypt_only_counter(self, data, prefix_const, init_counter):
284 #ctr_d = Counter.new(128, prefix = prefix_const)
285 #cryptor = AES.new(self.key, AES.MODE_CTR, counter=lambda: init_counter)
286
287 ctr_d = Counter.new(128, initial_value=long(init_counter.encode('hex'), 16), allow_wraparound=True)
288 cryptor = AES.new(self.key, AES.MODE_CTR, counter=ctr_d)
289 return cryptor.decrypt(data)
290
291 def aes_ctr_encrypt(self, data, prefix_str, initvalue):
292 #print("0x%x" %long(initvalue.encode('hex'), 16))
293 #print(len(prefix_str))
294 nbits = (128 - (len(prefix_str)*8))
295 ctr_e = Counter.new(nbits, prefix = prefix_str, initial_value=long(initvalue.encode('hex'), 16), allow_wraparound=True)
296 cryptor = AES.new(self.key, AES.MODE_CTR, counter=ctr_e)
297
298 return cryptor.encrypt(data)
299
300 def aes_ctr_decrypt(self, data, prefix_str, initvalue):
301 nbits = (128 - (len(prefix_str)*8))
302 ctr_d = Counter.new(nbits, prefix = prefix_str, initial_value=long(initvalue.encode('hex'), 16), allow_wraparound=True)
303 cryptor = AES.new(self.key, AES.MODE_CTR, counter=ctr_d)
304
305 return cryptor.decrypt(data)
306
307
308def strip_key(key):
309 #src_key = key.lstrip("x").rstrip("L")
310 src_key = key[2:].rstrip("L")
311 key_byte = binascii.a2b_hex(src_key)
312 return key_byte
313
314def my_a2b_hex(key):
315 key_byte = binascii.a2b_hex(key)
316 return key_byte
317
318def my_img_enc(data, key, iv, img_enc_alg, align=None):
319 #dump(data)
320
321 #align
322 bin = crypto_pad_to_align(data, align)
323
324 if(img_enc_alg == 0):
325 # AES 128 ECB
326 aes = AESCipher(key, 16)
327 encmsg = aes.aes_encrypt(bin)
328 #print("AES 128 ECB image result:")
329 #dump(encmsg)
330 elif(img_enc_alg == 1):
331 # AES 128 CBC
332 aes = AESCipher(key, 16)
333 encmsg = aes.aes_cbc_encrypt(bin, iv)
334 #print("AES 128 CBC image result:")
335 #dump(encmsg)
336 elif(img_enc_alg == 2):
337 # AES 256 ECB
338 aes = AESCipher(key, 32)
339 encmsg = aes.aes_encrypt(bin)
340 #print("AES 256 ECB image result:")
341 #dump(encmsg)
342 elif(img_enc_alg == 3):
343 # AES 256 CBC
344 aes = AESCipher(key, 32)
345 encmsg = aes.aes_cbc_encrypt(bin, iv)
346 #print("AES 256 CBC image result:")
347 #dump(encmsg)
348
349 return encmsg
350
351# dump str to bytes
352def dump(data):
353 for i in range(0, len(data)):
354 print ("0x%02x,"%ord(data[i])),
355 if(((i+1)%16) == 0):
356 print("")
357
358class HASH:
359 def __init__(self):
360 #print("//class HASH init")
361 None
362
363 def hash_sha1(self, data):
364 #print("SHA1:")
365 hash = SHA.new()
366 hash.update(data)
367 digest = hash.digest()
368 return digest
369 def hash_sha224(self, data):
370 #print("SHA224:")
371 hash = SHA224.new()
372 hash.update(data)
373 digest = hash.digest()
374 return digest
375 def hash_sha256(self, data):
376 #print("SHA256:")
377 hash = SHA256.new()
378 hash.update(data)
379 digest = hash.digest()
380 return digest
381 def hash_sha384(self, data):
382 #print("SHA384:")
383 hash = SHA384.new()
384 hash.update(data)
385 digest = hash.digest()
386 return digest
387
388 def hash_sha512(self, data):
389 #print("SHA512:")
390 hash = SHA512.new()
391 hash.update(data)
392 digest = hash.digest()
393 return digest
394 def hash_md5(self, data):
395 #print("MD5:")
396 hash = MD5.new()
397 hash.update(data)
398 digest = hash.digest()
399 return digest
400
401'''
402def sb_hash(data, sbc_auth_alg):
403 #print("run my_hash:")
404
405 #myhash = HASH()
406
407 if((sbc_auth_alg == 1) or (sbc_auth_alg == 5) ):
408 sbhash = HASH()
409 digest = sbhash.hash_sha384(data)
410 return digest
411 elif(sbc_auth_alg == 0) or (sbc_auth_alg == 2) or (sbc_auth_alg == 3) or (sbc_auth_alg == 4):
412 sbhash = HASH()
413 digest = sbhash.hash_sha256(data)
414 return digest
415 elif((sbc_auth_alg == 6)):
416 sbhash = HASH()
417 digest = sbhash.hash_sha512(data)
418 return digest
419 else:
420 print("ERROR: run sb_hash fail")
421'''
422def sb_hash(data, sbc_auth_alg_hash):
423 #print("run my_hash:")
424
425 #myhash = HASH()
426
427 if(sbc_auth_alg_hash == 0):
428 sbhash = HASH()
429 digest = sbhash.hash_sha256(data)
430 return digest
431 elif(sbc_auth_alg_hash == 1):
432 sbhash = HASH()
433 digest = sbhash.hash_sha384(data)
434 return digest
435 elif(sbc_auth_alg_hash == 2):
436 sbhash = HASH()
437 digest = sbhash.hash_sha512(data)
438 return digest
439 else:
440 print("ERROR: run sb_hash fail")
441
442
443def hmac_sha256(key, bdata):
444
445 b = HMAC.new(key, digestmod=SHA256)
446 b.update(bdata)
447 digest = b.digest()
448 #digest = b.hexdigest()
449 #dump(digest)
450
451 return digest
452
453def aescmac(key, msg):
454 #print("AES CMAC: ")
455 cipher = CP_python_AES.new(key, CP_python_AES.MODE_CMAC)
456 out = cipher.encrypt(msg)
457
458 #outhex = cipher.encrypt(msg).encode('hex')
459 #out = outhex.decode('hex')
460 return out
461
462def ecdsa_sign_nistp256_string(privk, msg, sbc_auth_alg_hash):
463 ecdsa = pythonECDSA()
464 signature = ecdsa.sign_string(privk, msg, AUTH_ECDSA_NISTP256, sbc_auth_alg_hash)
465
466 return signature
467
468def ecdsa_sign_nistp256_pem(privk, msg):
469 ecdsa = pythonECDSA()
470 signature = ecdsa.sign_pem(privk, msg, AUTH_ECDSA_NISTP256)
471 return signature
472
473def ecdsa_sign_nistp256_der(privk, msg):
474 ecdsa = pythonECDSA()
475 signature = ecdsa.sign_der(privk, msg, AUTH_ECDSA_NISTP256)
476
477 return signature
478
479def ecdsa_sign_nistp384_string(privk, msg, sbc_auth_alg_hash):
480 ecdsa = pythonECDSA()
481 signature = ecdsa.sign_string(privk, msg, AUTH_ECDSA_NISTP384, sbc_auth_alg_hash)
482 return signature
483
484def ecdsa_sign_nistp384_pem(privk, msg):
485 ecdsa = pythonECDSA()
486 signature = ecdsa.sign_pem(privk, msg, AUTH_ECDSA_NISTP384)
487
488 return signature
489
490def ecdsa_sign_nistp384_der(privk, msg):
491 ecdsa = pythonECDSA()
492 signature = ecdsa.sign_der(privk, msg, AUTH_ECDSA_NISTP384)
493
494 return signature
495
496def ecdsa_sign_nistp521_string(privk, msg, sbc_auth_alg_hash):
497 ecdsa = pythonECDSA()
498 signature = ecdsa.sign_string(privk, msg, AUTH_ECDSA_NISTP521, sbc_auth_alg_hash)
499 return signature
500
501def pubkey_string(pubk, sbc_auth_alg):
502 sk = VerifyingKey.from_pem(pubk)
503 return sk.to_string()
504def privkey_string(privk, sbc_auth_alg):
505 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
506 sk = SigningKey.from_pem(privk, hashfunc=sha256)
507 return sk.to_string()
508 else:
509 sk = SigningKey.from_pem(privk, hashfunc=sha384)
510 return sk.to_string()
511
512def sb_sign(privk, pubk, msg, sbc_auth_alg, sbc_auth_alg_hash, rsa_parse, sbc_rsa_pad_sel, key_mode=__K_STRING):
513 print("Start sb_sign:")
514
515 if(sbc_auth_alg == AUTH_ECDSA_NISTP256):
516 #pyelliptic ECDSA NIST p256
517 if(key_mode == __K_STRING):
518 signature = ecdsa_sign_nistp256_string(privk, msg, sbc_auth_alg_hash)
519 #another use
520 #ecdsa = pythonECDSA()
521 #signature = ecdsa.sign_string(privk, msg, AUTH_ECDSA_NISTP256)
522
523 elif(key_mode == __K_PEM):
524 signature = ecdsa_sign_nistp256_pem(privk, msg)
525
526 elif(key_mode == __K_DER):
527 signature = ecdsa_sign_nistp256_der(privk, msg)
528 return signature
529
530 elif(sbc_auth_alg == AUTH_ECDSA_NISTP384):
531 #pyelliptic ECDSA_NIST_p384
532 if(key_mode == __K_STRING):
533 signature = ecdsa_sign_nistp384_string(privk, msg, sbc_auth_alg_hash)
534
535 elif(key_mode == __K_PEM):
536 signature = ecdsa_sign_nistp384_pem(privk, msg)
537
538 elif(key_mode == __K_DER):
539 signature = ecdsa_sign_nistp384_der(privk, msg)
540
541 return signature
542
543 elif(sbc_auth_alg == AUTH_ECDSA_NISTP521):
544 #pyelliptic ECDSA_NIST_p521
545 if(key_mode == __K_STRING):
546 signature = ecdsa_sign_nistp521_string(privk, msg, sbc_auth_alg_hash)
547 return signature
548 elif(sbc_auth_alg == AUTH_RSA2048):
549 if(sbc_rsa_pad_sel == 0):
550 print("auth rsa2048 pkcs1_v15 padding")
551 myrsa = rsa_mytest.sbc_rsa_sign1_mytest(rsa_parse, msg)
552 print("mytest rsa pkcs1_15 sign:")
553 signature = myrsa.sbc_rsa_sign1_json()
554 print("mytest rsa pkcs1_15 verify:")
555 myrsa.sbc_rsa_verify1()
556 elif(sbc_rsa_pad_sel == 1):
557 print("auth rsa2048 pkcs1_pss padding")
558 myrsa = rsa_pss_mytest.testSign1_mytest(rsa_parse, msg)
559 print("mytest rsa pkcs1_pss sign:")
560 signature = myrsa.sbc_rsa_sign1_json()
561 print("mytest rsa pkcs1_pss verify:")
562 myrsa.verify1_mytest()
563 else:
564 print("ERROR: padding selection fail")
565 return signature
566
567 elif(sbc_auth_alg == AUTH_RSA3072):
568 if(sbc_rsa_pad_sel == 0):
569 print("auth rsa3072 pkcs1_v15 padding")
570 myrsa = rsa_mytest.sbc_rsa_sign1_mytest(rsa_parse, msg)
571 print("mytest rsa pkcs1_15 sign:")
572 signature = myrsa.sbc_rsa_sign1_json()
573 print("mytest rsa pkcs1_15 verify:")
574 myrsa.sbc_rsa_verify1()
575 elif(sbc_rsa_pad_sel == 1):
576 print("auth rsa3072 pkcs1_pss padding")
577 myrsa = rsa_pss_mytest.testSign1_mytest(rsa_parse, msg)
578 print("mytest rsa pkcs1_pss sign:")
579 signature = myrsa.sbc_rsa_sign1_json()
580 print("mytest rsa pkcs1_pss verify:")
581 myrsa.verify1_mytest()
582 else:
583 print("ERROR: padding selection fail")
584 return signature
585
586 elif(sbc_auth_alg == AUTH_RSA4096):
587 if(sbc_rsa_pad_sel == 0):
588 print("auth rsa4096 pkcs1_v15 padding")
589 myrsa = rsa_mytest.sbc_rsa_sign1_mytest(rsa_parse, msg)
590 print("mytest rsa pkcs1_15 sign:")
591 signature = myrsa.sbc_rsa_sign1_json()
592 print("mytest rsa pkcs1_15 verify:")
593 myrsa.sbc_rsa_verify1()
594 elif(sbc_rsa_pad_sel == 1):
595 print("auth rsa4096 pkcs1_pss padding")
596 myrsa = rsa_pss_mytest.testSign1_mytest(rsa_parse, msg)
597 print("mytest rsa pkcs1_pss sign:")
598 signature = myrsa.sbc_rsa_sign1_json()
599 print("mytest rsa pkcs1_pss verify:")
600 myrsa.verify1_mytest()
601 else:
602 print("ERROR: padding selection fail")
603 return signature
604
605 elif(sbc_auth_alg == AUTH_AES_CMAC):
606 #AES128_CMAC
607 signature = aescmac(privk, msg)
608 return signature
609 elif(sbc_auth_alg == AUTH_HMAC_SHA256):
610 #HMAC-SHA256
611 signature = hmac_sha256(privk, msg)
612 return signature
613 else:
614 print("ERROR: wrong authentication algorithm!!")
615