def rsa2k_sig_gen(key_idx, mod_n, d, h):
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.CryptoApiRequestMsg()
req_spec = req_msg.request.add()
req_spec.api_type = internal_pb2.ASYMAPI_RSA_SIG_GEN
req_spec.rsa_sig_gen.key_idx = key_idx
req_spec.rsa_sig_gen.KeySize = 256
req_spec.rsa_sig_gen.mod_n = mod_n
req_spec.rsa_sig_gen.d = d
req_spec.rsa_sig_gen.h = h
req_spec.rsa_sig_gen.async_en = False
print("Invoking CryptoAPI: RSA 2K Signature Gen")
resp_msg = stub.CryptoApiInvoke(req_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert (0)
resp_spec = resp_msg.response[0]
if resp_spec.api_status == types_pb2.API_STATUS_OK:
return resp_spec.api_status, resp_spec.rsa_sig_gen.s
else:
print("API Failed")
return resp_spec.api_status, 0
def quiesce_stop():
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.EmptyRequest()
req_msg.request.extend([types_pb2.Empty()])
print("Invoking Quiesce API: QuiesceStop")
stub.QuiesceStop(req_msg)
return True
def ecc_point_mul_p256(p, n, a, b, gx, gy, k):
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.CryptoApiRequestMsg()
req_spec = req_msg.request.add()
req_spec.api_type = internal_pb2.ASYMAPI_ECC_POINT_MUL_FP
req_spec.ecc_point_mul_fp.ecc_domain_params.KeySize = 32
req_spec.ecc_point_mul_fp.ecc_domain_params.p = p
req_spec.ecc_point_mul_fp.ecc_domain_params.a = a
req_spec.ecc_point_mul_fp.ecc_domain_params.b = b
req_spec.ecc_point_mul_fp.ecc_domain_params.G.x = gx
req_spec.ecc_point_mul_fp.ecc_domain_params.G.y = gy
req_spec.ecc_point_mul_fp.ecc_domain_params.n = n
req_spec.ecc_point_mul_fp.ecc_point.x = gx
req_spec.ecc_point_mul_fp.ecc_point.y = gy
req_spec.ecc_point_mul_fp.k = k
print("Invoking CryptoAPI: ECC Point Multiplication P-256")
resp_msg = stub.CryptoApiInvoke(req_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert (0)
resp_spec = resp_msg.response[0]
if resp_spec.api_status == types_pb2.API_STATUS_OK:
return resp_spec.api_status, resp_spec.ecc_point_mul_fp.Q.x, \
resp_spec.ecc_point_mul_fp.Q.y
else:
print("API Failed")
return resp_spec.api_status, 0, 0
def rsa2k_decrypt(mod_n, d, cipher_text):
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.CryptoApiRequestMsg()
req_spec = req_msg.request.add()
req_spec.api_type = internal_pb2.ASYMAPI_RSA_DECRYPT
req_spec.rsa_decrypt.KeySize = 256
req_spec.rsa_decrypt.mod_n = mod_n
req_spec.rsa_decrypt.d = d
req_spec.rsa_decrypt.cipher_text = cipher_text
print("Invoking CryptoAPI: RSA 2K Decrypt")
resp_msg = stub.CryptoApiInvoke(req_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert (0)
resp_spec = resp_msg.response[0]
if resp_spec.api_status == types_pb2.API_STATUS_OK:
return resp_spec.api_status, resp_spec.rsa_decrypt.plain_text
else:
print("API Failed")
return resp_spec.api_status, 0
def ecdsa_p256_sig_gen(key_idx, p, n, a, b, gx, gy, da, k, h):
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.CryptoApiRequestMsg()
req_spec = req_msg.request.add()
req_spec.api_type = internal_pb2.ASYMAPI_ECDSA_SIG_GEN_FP
req_spec.ecdsa_sig_gen_fp.key_idx = key_idx
req_spec.ecdsa_sig_gen_fp.ecc_domain_params.KeySize = 32
req_spec.ecdsa_sig_gen_fp.ecc_domain_params.p = p
req_spec.ecdsa_sig_gen_fp.ecc_domain_params.a = a
req_spec.ecdsa_sig_gen_fp.ecc_domain_params.b = b
req_spec.ecdsa_sig_gen_fp.ecc_domain_params.G.x = gx
req_spec.ecdsa_sig_gen_fp.ecc_domain_params.G.y = gy
req_spec.ecdsa_sig_gen_fp.ecc_domain_params.n = n
req_spec.ecdsa_sig_gen_fp.da = da
req_spec.ecdsa_sig_gen_fp.k = k
req_spec.ecdsa_sig_gen_fp.h = h
req_spec.ecdsa_sig_gen_fp.async_en = False
print("Invoking CryptoAPI: ECDSA Signature Generate P-256")
resp_msg = stub.CryptoApiInvoke(req_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert (0)
resp_spec = resp_msg.response[0]
if resp_spec.api_status == types_pb2.API_STATUS_OK:
return resp_spec.api_status, resp_spec.ecdsa_sig_gen_fp.r, \
resp_spec.ecdsa_sig_gen_fp.s
else:
print("API Failed")
return resp_spec.api_status, 0, 0
def ecdsa_p256_sig_verify(p, n, a, b, gx, gy, qx, qy, r, s, h):
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.CryptoApiRequestMsg()
req_spec = req_msg.request.add()
req_spec.api_type = internal_pb2.ASYMAPI_ECDSA_SIG_VERIFY_FP
req_spec.ecdsa_sig_verify_fp.ecc_domain_params.KeySize = 32
req_spec.ecdsa_sig_verify_fp.ecc_domain_params.p = p
req_spec.ecdsa_sig_verify_fp.ecc_domain_params.a = a
req_spec.ecdsa_sig_verify_fp.ecc_domain_params.b = b
req_spec.ecdsa_sig_verify_fp.ecc_domain_params.G.x = gx
req_spec.ecdsa_sig_verify_fp.ecc_domain_params.G.y = gy
req_spec.ecdsa_sig_verify_fp.ecc_domain_params.n = n
req_spec.ecdsa_sig_verify_fp.Q.x = qx
req_spec.ecdsa_sig_verify_fp.Q.y = qy
req_spec.ecdsa_sig_verify_fp.r = r
req_spec.ecdsa_sig_verify_fp.s = s
req_spec.ecdsa_sig_verify_fp.h = h
req_spec.ecdsa_sig_verify_fp.async_en = False
print("Invoking CryptoAPI: ECDSA Signature Verify P-256")
resp_msg = stub.CryptoApiInvoke(req_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert (0)
resp_spec = resp_msg.response[0]
if resp_spec.api_status != types_pb2.API_STATUS_OK:
print("API Failed")
return resp_spec.api_status
def rsa2k_sig_verify(mod_n, e, h, s):
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.CryptoApiRequestMsg()
req_spec = req_msg.request.add()
req_spec.api_type = internal_pb2.ASYMAPI_RSA_SIG_VERIFY
req_spec.rsa_sig_verify.KeySize = 256
req_spec.rsa_sig_verify.mod_n = mod_n
req_spec.rsa_sig_verify.e = e
req_spec.rsa_sig_verify.h = h
req_spec.rsa_sig_verify.s = s
print("Invoking CryptoAPI: RSA 2K Signature Verify")
resp_msg = stub.CryptoApiInvoke(req_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert (0)
resp_spec = resp_msg.response[0]
if resp_spec.api_status == types_pb2.API_STATUS_OK:
return resp_spec.api_status
else:
print("API Failed")
return resp_spec.api_status
def rsa2k_crt_decrypt(key_idx, rsa_p, rsa_q, rsa_dp, rsa_dq, rsa_qinv,
cipher_text):
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.CryptoApiRequestMsg()
req_spec = req_msg.request.add()
req_spec.api_type = internal_pb2.ASYMAPI_RSA_CRT_DECRYPT
req_spec.rsa_crt_decrypt.KeySize = 256
req_spec.rsa_crt_decrypt.key_idx = key_idx
req_spec.rsa_crt_decrypt.p = rsa_p
req_spec.rsa_crt_decrypt.q = rsa_q
req_spec.rsa_crt_decrypt.dp = rsa_dp
req_spec.rsa_crt_decrypt.dq = rsa_dq
req_spec.rsa_crt_decrypt.qinv = rsa_qinv
req_spec.rsa_crt_decrypt.cipher_text = cipher_text
req_spec.rsa_crt_decrypt.async_en = False
print("Invoking CryptoAPI: RSA 2K CRT Decrypt")
resp_msg = stub.CryptoApiInvoke(req_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert (0)
resp_spec = resp_msg.response[0]
if resp_spec.api_status == types_pb2.API_STATUS_OK:
return resp_spec.api_status, resp_spec.rsa_crt_decrypt.plain_text
else:
print("API Failed")
return resp_spec.api_status, 0
def swphv_get_state():
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.SoftwarePhvGetRequestMsg()
req_spec = req_msg.request.add()
req_spec.pipeline = internal_pb2.SOFTWARE_PHV_INGRESS
resp_msg = stub.SoftwarePhvGet(req_msg)
# FIXME: remove this debug message
print("Got swphv response: ")
print(resp_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert (0)
resp_status = resp_msg.response[0].status
return resp_status
def crypto_hash_api_invoke(hashtype, generate, key, key_len, data, data_len, digest, digest_len):
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.CryptoApiRequestMsg()
req_spec = req_msg.request.add()
if generate:
req_spec.api_type = internal_pb2.SYMMAPI_HASH_GENERATE
req_spec.hash_generate.hashtype = hashtype
req_spec.hash_generate.key = str.encode(key)
req_spec.hash_generate.key_len = key_len
req_spec.hash_generate.data = str.encode(data)
req_spec.hash_generate.data_len = data_len
req_spec.hash_generate.digest_len = digest_len
print("Invoking CryptoAPI: %s-generate" % \
internal_pb2.CryptoApiHashType.Name(hashtype))
else:
req_spec.api_type = internal_pb2.SYMMAPI_HASH_VERIFY
req_spec.hash_verify.hashtype = hashtype
req_spec.hash_verify.key = str.encode(key)
req_spec.hash_verify.key_len = key_len
req_spec.hash_verify.data = str.encode(data)
req_spec.hash_verify.data_len = data_len
req_spec.hash_verify.digest = digest
req_spec.hash_verify.digest_len = digest_len
print("Invoking CryptoAPI: %s-verify" % \
internal_pb2.CryptoApiHashType.Name(hashtype))
resp_msg = stub.CryptoApiInvoke(req_msg)
num_resp_specs = len(resp_msg.response)
if num_resp_specs != 1:
assert(0)
resp_spec = resp_msg.response[0]
if resp_spec.api_status != types_pb2.API_STATUS_OK:
print ("API Failed")
return resp_spec.api_status, 0
if generate:
return resp_spec.api_status, resp_spec.hash_generate.digest
else:
return resp_spec.api_status, req_spec.hash_verify.digest
def GetTlsCbs(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.TlsCbGetRequestMsg,
stub.TlsCbGet)
return
def GetDscrAolObjectState(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.DescrAolRequestMsg,
stub.DescrAolGet)
return
def UpdateCryptoKeys(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.CryptoKeyUpdateRequestMsg,
stub.CryptoKeyUpdate)
return
def UpdateCryptoCerts(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.CryptoApiRequestMsg,
stub.CryptoApiInvoke)
def GetCryptoAsymKey(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.CryptoApiRequestMsg,
stub.CryptoApiInvoke)
return
def SetRingMeta(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.WRingRequestMsg,
stub.WRingSetMeta)
return
def GetRingEntries(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.WRingGetEntriesRequestMsg,
stub.WRingGetEntries)
return
def GetBarcoRingEntries(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.BarcoGetReqDescrEntryRequestMsg,
stub.BarcoGetReqDescrEntry)
return
def ConfigureTlsCbs(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.TlsCbRequestMsg,
stub.TlsCbCreate)
return
def swphv_inject():
stub = internal_pb2.InternalStub(halapi.HalChannel)
req_msg = internal_pb2.SoftwarePhvInjectMsg()
req_spec = req_msg.request.add()
req_spec.pipeline = internal_pb2.SOFTWARE_PHV_INGRESS
resp_msg = stub.SoftwarePhvInject(req_msg)
def GetBarcoRingMeta(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__get(objlist, internal_pb2.BarcoGetRingMetaRequestMsg,
stub.BarcoGetRingMeta)
return
def quience_msg_send():
stub = internal_pb2.InternalStub(halapi.HalChannel)
print("Invoking QuiesceMsgSnd API")
req = types_pb2.Empty()
stub.QuiesceMsgSnd(req)
return
def UpdateProxycCbs(objlist):
if not IsConfigAllowed(objlist): return
stub = internal_pb2.InternalStub(HalChannel)
__config(objlist, internal_pb2.InternalRequestMsg,
stub.ProxycCbUpdate)
return
