commit 160303c202ade15b8d736094a6d616f63b309153
author Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no> Tue Mar 15 15:41:14 2022 +0100
committer David Brown <davidb@davidb.org> Mon Apr 18 16:31:15 2022 -0600
tree 49285d239847a5c4c42a1fec3a50d39a02cdd7cf
parent ee1b7b9d6ea232ae1d38c2e8ef0e6c612458c43b

imgtool: Added support for providing the signature by 3rd party

The sign command was extended so it now allow to provide the signature
as base64 formatted RAW file using --fix-sig along with the relevant
public key --fix-sig-pubkey.

This patch is added for support the case where the party which produces
the image dose not have access to the signing image key but must request
third party for the signature.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>

scripts/imgtool/main.py

diff --git a/scripts/imgtool/main.py b/scripts/imgtool/main.py
index fc56ee4..f2e246e 100755
--- a/scripts/imgtool/main.py
+++ b/scripts/imgtool/main.py
@@ -22,6 +22,7 @@
 import getpass
 import imgtool.keys as keys
 import sys
+import base64
 from imgtool import image, imgtool_version
 from imgtool.version import decode_version
 from .keys import (
@@ -68,6 +69,10 @@
     'x25519':     gen_x25519,
 }
 
+def load_signature(sigfile):
+    with open(sigfile, 'rb') as f:
+        signature = base64.b64decode(f.read())
+        return signature
 
 def load_key(keyfile):
     # TODO: better handling of invalid pass-phrase
@@ -303,6 +308,11 @@
               default='hash', help='In what format to add the public key to '
               'the image manifest: full key or hash of the key.')
 @click.option('-k', '--key', metavar='filename')
+@click.option('--fix-sig', metavar='filename',
+              help='fixed signature for the image. It will be used instead of'
+              'the signature calculated using the public key')
+@click.option('--fix-sig-pubkey', metavar='filename',
+              help='public key relevant to fixed signature')
 @click.command(help='''Create a signed or unsigned image\n
                INFILE and OUTFILE are parsed as Intel HEX if the params have
                .hex extension, otherwise binary format is used''')
@@ -310,7 +320,8 @@
          pad_header, slot_size, pad, confirm, max_sectors, overwrite_only,
          endian, encrypt_keylen, encrypt, infile, outfile, dependencies,
          load_addr, hex_addr, erased_val, save_enctlv, security_counter,
-         boot_record, custom_tlv, rom_fixed, max_align, clear):
+         boot_record, custom_tlv, rom_fixed, max_align, clear, fix_sig,
+         fix_sig_pubkey):
 
     if confirm:
         # Confirmed but non-padded images don't make much sense, because
@@ -356,8 +367,25 @@
         else:
             custom_tlvs[tag] = value.encode('utf-8')
 
+    # Allow signature calculated externally.
+    raw_signature = load_signature(fix_sig) if fix_sig else None
+
+    baked_signature = None
+    pub_key = None
+
+    if raw_signature is not None:
+        if fix_sig_pubkey is None:
+          raise click.UsageError(
+                'public key of the fixed signature is not specified')
+
+        pub_key = load_key(fix_sig_pubkey)
+
+        baked_signature = {
+            'value' : raw_signature
+        }
+
     img.create(key, public_key_format, enckey, dependencies, boot_record,
-               custom_tlvs, int(encrypt_keylen), clear)
+               custom_tlvs, int(encrypt_keylen), clear, baked_signature, pub_key)
     img.save(outfile, hex_addr)