def _decode_encryption_parameters_blob(self, encryption_params_blob,
private_key):
encryption_params_blob = self.extract_encryption_parameters(
encryption_params_blob)[1]
tmp_config_file_path = utility_functions.store_data_to_temp_file(
encryption_params_blob)
encryption_params_parser = CoreConfig(auto_gen_ssd_xml_config,
tmp_config_file_path).root
encrypted_image_encryption_key_base64 = encryption_params_parser.MD_SIGN[
0].IEK_ENC_INFO[0].IEK_CIPHER_VALUE
encrypted_image_encryption_key = binascii.a2b_base64(
encrypted_image_encryption_key_base64)
if self.iek_enc_algo == IEK_ENC_ALGO_RSA_2048:
image_encryption_key = crypto_functions.decrypt_with_private_der_key(
encrypted_image_encryption_key, private_key)
else:
image_encryption_iv_base64 = encryption_params_parser.MD_SIGN[
0].IEK_ENC_INFO[0].IEK_ENC_IV
image_encryption_iv_bin = binascii.a2b_base64(
image_encryption_iv_base64)
image_encryption_iv_hex = binascii.hexlify(image_encryption_iv_bin)
image_encryption_key = crypto_functions.cbc_decrypt_binary(
encrypted_image_encryption_key, binascii.hexlify(private_key),
image_encryption_iv_hex)
image_encryption_iv_base64 = encryption_params_parser.MD_SIGN[
0].IMG_ENC_INFO[0].IMG_ENC_IV
image_encryption_iv = binascii.a2b_base64(image_encryption_iv_base64)
return image_encryption_key, image_encryption_iv
def decrypt_segment(self, encrypted_binary_segment, segment_num):
'''
'''
computed_segment_iv = compute_segment_iv(segment_num, self.encryption_parameters.get_image_encryption_iv())
if len(encrypted_binary_segment)%16 == 0:
decrypted_segment = crypto_functions.cbc_decrypt_binary(encrypted_binary_segment, binascii.hexlify(self.encryption_parameters.get_image_encryption_key()), binascii.hexlify(computed_segment_iv))
else:
decrypted_segment = crypto_functions.cbc_cts_decrypt_binary(encrypted_binary_segment, binascii.hexlify(self.encryption_parameters.get_image_encryption_key()), binascii.hexlify(computed_segment_iv))
return decrypted_segment
def decrypt_segment(self, encrypted_binary_segment, segment_num):
computed_segment_iv = compute_segment_iv(segment_num, self.encryption_parameters.get_image_encryption_iv())
ct_buf_len=len(encrypted_binary_segment)
# how much data are we going to encrypt
data_to_dec_len = ct_buf_len - (ct_buf_len % 16)
data_to_dec=encrypted_binary_segment[:data_to_dec_len]
decrypted_segment = crypto_functions.cbc_decrypt_binary(data_to_dec, binascii.hexlify(self.encryption_parameters.get_image_encryption_key()), binascii.hexlify(computed_segment_iv))
decrypted_segment+=encrypted_binary_segment[data_to_dec_len:]
return decrypted_segment
def decrypt_segment(self, encrypted_binary_segment, segment_num):
computed_segment_iv = compute_segment_iv_ssd(
segment_num, self.encryption_parameters.get_image_encryption_iv())
ct_buf_len = len(encrypted_binary_segment)
# how much data are we going to encrypt
data_to_dec_len = ct_buf_len - (ct_buf_len % 16)
data_to_dec = encrypted_binary_segment[:data_to_dec_len]
decrypted_segment = crypto_functions.cbc_decrypt_binary(
data_to_dec,
binascii.hexlify(
self.encryption_parameters.get_image_encryption_key()),
binascii.hexlify(computed_segment_iv))
decrypted_segment += encrypted_binary_segment[data_to_dec_len:]
return decrypted_segment
def _decode_encryption_parameters_blob(self, encryption_params_blob, private_key):
encryption_params_blob=self.extract_encryption_parameters(encryption_params_blob)[1]
tmp_config_file_path = utility_functions.store_data_to_temp_file(encryption_params_blob)
encryption_params_parser = CoreConfig(auto_gen_ssd_xml_config, tmp_config_file_path).root
encrypted_image_encryption_key_base64=encryption_params_parser.MD_SIGN[0].IEK_ENC_INFO[0].IEK_CIPHER_VALUE
encrypted_image_encryption_key=binascii.a2b_base64(encrypted_image_encryption_key_base64)
if self.iek_enc_algo==IEK_ENC_ALGO_RSA_2048:
image_encryption_key=crypto_functions.decrypt_with_private_der_key(encrypted_image_encryption_key, private_key)
else:
image_encryption_iv_base64=encryption_params_parser.MD_SIGN[0].IEK_ENC_INFO[0].IEK_ENC_IV
image_encryption_iv_bin=binascii.a2b_base64(image_encryption_iv_base64)
image_encryption_iv_hex=binascii.hexlify(image_encryption_iv_bin)
image_encryption_key=crypto_functions.cbc_decrypt_binary(encrypted_image_encryption_key, binascii.hexlify(private_key), image_encryption_iv_hex)
image_encryption_iv_base64=encryption_params_parser.MD_SIGN[0].IMG_ENC_INFO[0].IMG_ENC_IV
image_encryption_iv=binascii.a2b_base64(image_encryption_iv_base64)
return image_encryption_key, image_encryption_iv
def decrypt_segment(self, encrypted_binary_segment, segment_num):
'''
'''
computed_segment_iv = compute_segment_iv_uie_1_0(
segment_num, self.encryption_parameters.get_image_encryption_iv())
if len(encrypted_binary_segment) % 16 == 0:
decrypted_segment = crypto_functions.cbc_decrypt_binary(
encrypted_binary_segment,
binascii.hexlify(
self.encryption_parameters.get_image_encryption_key()),
binascii.hexlify(computed_segment_iv))
else:
decrypted_segment = crypto_functions.cbc_cts_decrypt_binary(
encrypted_binary_segment,
binascii.hexlify(
self.encryption_parameters.get_image_encryption_key()),
binascii.hexlify(computed_segment_iv))
return decrypted_segment
