sss/plugin/openssl/scripts/ecc_all.py - a71ch-crypto-support - Git at Google

 #
 # Copyright 2019,2020 NXP
 # SPDX-License-Identifier: Apache-2.0
 #

 """

 Validation of OpenSSL Engine using EC keys


 This example injects keys with different supported EC Curves,
 then showcases ECDH & ECDSA using those keys.

 """

 import argparse
 import sys

 from openssl_util import *

 example_text = '''

 Example invocation::

     python %s
     python %s --connection_data 169.254.0.1:8050
     python %s --connection_data 127.0.0.1:8050 --connection_type jrcpv2
     python %s --connection_data COM3

 ''' % (__file__, __file__, __file__, __file__,)


 def parse_in_args():
     parser = argparse.ArgumentParser(
         description=__doc__,
         epilog=example_text,
         formatter_class=argparse.RawTextHelpFormatter
     )
     parser.add_argument(
         '--connection_type',
         default="t1oi2c",
         help='Supported connection types => ``%s``. Default: ``t1oi2c``' % ("``, ``".join(SUPPORTED_CONNECTION_TYPES)))
     parser.add_argument(
         '--connection_data',
         default="none",
         help='Parameter to connect to SE => eg. ``COM3``, ``127.0.0.1:8050``, ``none``. Default: ``none``')
     parser.add_argument(
         '--subsystem',
         default="se05x",
         help='Supported subsystem => ``se05x``, ``a71ch``. Default: ``se05x``')
     parser.add_argument(
         '--auth_type',
         default="None",
         help='Supported subsystem => ``None``, ``PlatformSCP``, ``UserID``, ``ECKey``, ``AESKey``. Default: ``None``')
     parser.add_argument(
         '--scpkey',
         default="None",
         help='')
     parser.add_argument(
         '--disable_sha1',
         default="False",
         help='Parameter to disable SHA1 => eg. ``True``, ``False``. Default: ``False``')
     parser.add_argument(
         '--fips',
         default="False",
         help='FIPS Testing => eg. ``True``, ``False``. Default: ``False``')

     args = parser.parse_args()

     if args.subsystem not in ["se05x", "a71ch"]:
         parser.print_help(sys.stderr)
         return None

     if args.connection_data.find(':') >= 0:
         port_data = args.connection_data.split(':')
         jrcp_host_name = port_data[0]
         jrcp_port = port_data[1]
         os.environ['JRCP_HOSTNAME'] = jrcp_host_name
         os.environ['JRCP_PORT'] = jrcp_port
         log.info("JRCP_HOSTNAME: %s" % jrcp_host_name)
         log.info("JRCP_PORT: %s" % jrcp_port)
         if args.connection_type == "t1oi2c":
             args.connection_type = "jrcpv1"
     elif args.connection_data.find('COM') >= 0:
         if args.connection_type == "t1oi2c":
             args.connection_type = "vcom"
     elif args.connection_data.find('none') >= 0:
         if args.subsystem == "a71ch":
             args.connection_type = "sci2c"
     else:
         parser.print_help(sys.stderr)
         return None

     if args.connection_type not in ["t1oi2c", "sci2c", "vcom", "jrcpv1", "jrcpv2", "pcsc"]:
         parser.print_help(sys.stderr)
         return None

     return args


 def main():
     args = parse_in_args()
     if args is None:
         return

     if args.subsystem == "a71ch":
         ec_curves = ["prime256v1"]
     else:
         if sys.platform == 'cygwin':
             # OpenSSL on Cygwin and some other OS's like RedHat come with a limited set of Ec curves.
             ec_curves = ["secp224r1", "prime256v1", "secp384r1", "secp521r1", "secp256k1"]
         else:
             if args.fips == 'True':
                 ec_curves = SUPPORTED_EC_KEY_TYPES_FIPS
             else:
                 ec_curves = SUPPORTED_EC_KEY_TYPES

     python_exe = sys.executable

     for ec_curve in ec_curves:
         print(ec_curve)
         run("%s openssl_provisionEC.py --key_type %s --connection_type %s --connection_data %s --subsystem %s --auth_type %s --scpkey %s" %
             (python_exe, ec_curve, args.connection_type, args.connection_data, args.subsystem, args.auth_type, args.scpkey))
         run("%s openssl_Ecdh.py --key_type %s --connection_data %s --disable_sha1 %s" % (python_exe, ec_curve, args.connection_data, args.disable_sha1))
         run("%s openssl_EccSign.py --key_type %s --connection_data %s --disable_sha1 %s" % (python_exe, ec_curve, args.connection_data, args.disable_sha1))

     run("%s openssl_rnd.py --connection_data %s" % (python_exe, args.connection_data))


 if __name__ == '__main__':
     logging.basicConfig(level=logging.DEBUG)
     main()
	#
	# Copyright 2019,2020 NXP
	# SPDX-License-Identifier: Apache-2.0
	#

	"""

	Validation of OpenSSL Engine using EC keys


	This example injects keys with different supported EC Curves,
	then showcases ECDH & ECDSA using those keys.

	"""

	import argparse
	import sys

	from openssl_util import *

	example_text = '''

	Example invocation::

	python %s
	python %s --connection_data 169.254.0.1:8050
	python %s --connection_data 127.0.0.1:8050 --connection_type jrcpv2
	python %s --connection_data COM3

	''' % (__file__, __file__, __file__, __file__,)


	def parse_in_args():
	parser = argparse.ArgumentParser(
	description=__doc__,
	epilog=example_text,
	formatter_class=argparse.RawTextHelpFormatter
	)
	parser.add_argument(
	'--connection_type',
	default="t1oi2c",
	help='Supported connection types => ``%s``. Default: ``t1oi2c``' % ("``, ``".join(SUPPORTED_CONNECTION_TYPES)))
	parser.add_argument(
	'--connection_data',
	default="none",
	help='Parameter to connect to SE => eg. ``COM3``, ``127.0.0.1:8050``, ``none``. Default: ``none``')
	parser.add_argument(
	'--subsystem',
	default="se05x",
	help='Supported subsystem => ``se05x``, ``a71ch``. Default: ``se05x``')
	parser.add_argument(
	'--auth_type',
	default="None",
	help='Supported subsystem => ``None``, ``PlatformSCP``, ``UserID``, ``ECKey``, ``AESKey``. Default: ``None``')
	parser.add_argument(
	'--scpkey',
	default="None",
	help='')
	parser.add_argument(
	'--disable_sha1',
	default="False",
	help='Parameter to disable SHA1 => eg. ``True``, ``False``. Default: ``False``')
	parser.add_argument(
	'--fips',
	default="False",
	help='FIPS Testing => eg. ``True``, ``False``. Default: ``False``')

	args = parser.parse_args()

	if args.subsystem not in ["se05x", "a71ch"]:
	parser.print_help(sys.stderr)
	return None

	if args.connection_data.find(':') >= 0:
	port_data = args.connection_data.split(':')
	jrcp_host_name = port_data[0]
	jrcp_port = port_data[1]
	os.environ['JRCP_HOSTNAME'] = jrcp_host_name
	os.environ['JRCP_PORT'] = jrcp_port
	log.info("JRCP_HOSTNAME: %s" % jrcp_host_name)
	log.info("JRCP_PORT: %s" % jrcp_port)
	if args.connection_type == "t1oi2c":
	args.connection_type = "jrcpv1"
	elif args.connection_data.find('COM') >= 0:
	if args.connection_type == "t1oi2c":
	args.connection_type = "vcom"
	elif args.connection_data.find('none') >= 0:
	if args.subsystem == "a71ch":
	args.connection_type = "sci2c"
	else:
	parser.print_help(sys.stderr)
	return None

	if args.connection_type not in ["t1oi2c", "sci2c", "vcom", "jrcpv1", "jrcpv2", "pcsc"]:
	parser.print_help(sys.stderr)
	return None

	return args


	def main():
	args = parse_in_args()
	if args is None:
	return

	if args.subsystem == "a71ch":
	ec_curves = ["prime256v1"]
	else:
	if sys.platform == 'cygwin':
	# OpenSSL on Cygwin and some other OS's like RedHat come with a limited set of Ec curves.
	ec_curves = ["secp224r1", "prime256v1", "secp384r1", "secp521r1", "secp256k1"]
	else:
	if args.fips == 'True':
	ec_curves = SUPPORTED_EC_KEY_TYPES_FIPS
	else:
	ec_curves = SUPPORTED_EC_KEY_TYPES

	python_exe = sys.executable

	for ec_curve in ec_curves:
	print(ec_curve)
	run("%s openssl_provisionEC.py --key_type %s --connection_type %s --connection_data %s --subsystem %s --auth_type %s --scpkey %s" %
	(python_exe, ec_curve, args.connection_type, args.connection_data, args.subsystem, args.auth_type, args.scpkey))
	run("%s openssl_Ecdh.py --key_type %s --connection_data %s --disable_sha1 %s" % (python_exe, ec_curve, args.connection_data, args.disable_sha1))
	run("%s openssl_EccSign.py --key_type %s --connection_data %s --disable_sha1 %s" % (python_exe, ec_curve, args.connection_data, args.disable_sha1))

	run("%s openssl_rnd.py --connection_data %s" % (python_exe, args.connection_data))


	if __name__ == '__main__':
	logging.basicConfig(level=logging.DEBUG)
	main()