Commit 7f982b0f authored by David Vincze's avatar David Vincze Committed by Dávid Vincze
Browse files

Revert "imgtool: Add backwards compatibility for ECDSA" 



This reverts commit 78135ee6
as bba5a711483447d7eee2531b65bd1c07c81746c9 made it unnecessary.

Change-Id: Idee755f05c17502599aaa947826e9a7feb08b4a7
Signed-off-by: default avatarDavid Vincze <david.vincze@arm.com>
parent 4395b809

scripts/imgtool/image.py

+3 −12
Original line number Diff line number Diff line
@@ -317,8 +317,7 @@ class Image(): 


    def create(self, key, public_key_format, enckey, dependencies=None,

               sw_type=None, custom_tlvs=None, encrypt_keylen=128, clear=False,

               fixed_sig=None, pub_key=None, vector_to_sign=None,

               use_legacy_tlv=False):

               fixed_sig=None, pub_key=None, vector_to_sign=None):

        self.enckey = enckey



        # Check what hashing algorithm should be used
@@ -483,17 +482,9 @@ class Image(): 
                else:

                    print(os.path.basename(__file__) + ": sign the digest")

                    sig = key.sign_digest(digest)

                # only ecdsa256 has legacy tlv type

                if use_legacy_tlv and isinstance(key, ecdsa.ECDSA256P1):

                    tlv.add(key.legacy_sig_tlv(), sig)

                else:

                tlv.add(key.sig_tlv(), sig)

                self.signature = sig

            elif fixed_sig is not None and key is None:

                if use_legacy_tlv and isinstance(pub_key,

                                                 ecdsa.ECDSA256P1Public):

                    tlv.add(pub_key.legacy_sig_tlv(), fixed_sig['value'])

                else:

                tlv.add(pub_key.sig_tlv(), fixed_sig['value'])

                self.signature = fixed_sig['value']

            else:

scripts/imgtool/main.py

+2 −4
Original line number Diff line number Diff line
@@ -362,8 +362,6 @@ class BasedIntParamType(click.ParamType): 
              help='send to OUTFILE the payload or payload''s digest instead '

              'of complied image. These data can be used for external image '

              'signing')

@click.option('--legacy-ecdsa-tlv', default=False, is_flag=True,

              help='Use the old curve specific ECDSA TLV')

@click.command(help='''Create a signed or unsigned image\n

               INFILE and OUTFILE are parsed as Intel HEX if the params have

               .hex extension, otherwise binary format is used''')
@@ -372,7 +370,7 @@ def sign(key, public_key_format, align, version, pad_sig, header_size, 
         endian, encrypt_keylen, encrypt, infile, outfile, dependencies,

         load_addr, hex_addr, erased_val, save_enctlv, security_counter,

         boot_record, custom_tlv, rom_fixed, max_align, clear, fix_sig,

         fix_sig_pubkey, sig_out, vector_to_sign, legacy_ecdsa_tlv):

         fix_sig_pubkey, sig_out, vector_to_sign):



    if confirm:

        # Confirmed but non-padded images don't make much sense, because
@@ -439,7 +437,7 @@ def sign(key, public_key_format, align, version, pad_sig, header_size, 


    img.create(key, public_key_format, enckey, dependencies, boot_record,

               custom_tlvs, int(encrypt_keylen), clear, baked_signature,

               pub_key, vector_to_sign, legacy_ecdsa_tlv)

               pub_key, vector_to_sign)

    img.save(outfile, hex_addr)



    if sig_out is not None:

CRA Git | Maintained and supported by SUSTech CRA and CCSE