commit 8101d1fa445eb4c371ebdfb7ac8cfc0c0eeda755
author Fabio Utzig <utzig@apache.org> Thu May 09 15:03:22 2019 -0300
committer Fabio Utzig <utzig@utzig.org> Thu Jun 13 19:21:05 2019 -0300
tree 838b2d94a6f3061770b325a70548d5cafdd1c6cf
parent fc07eab118e673abaa0eb8634848b00c3487d42a

Add ed25519 signing support to imgtool

This adds ed25519 signature support using the "prehash" method. Instead
of using the direct contents of the image and header payloads, a sha256
is generated and signed (SHA256-Ed25519). This allows for compatibility
with already existing tools that use the sha256 hash, like mcumgr, etc.

Signed-off-by: Fabio Utzig <utzig@apache.org>

scripts/imgtool/keys/__init__.py

diff --git a/scripts/imgtool/keys/__init__.py b/scripts/imgtool/keys/__init__.py
index b92f871..1145735 100644
--- a/scripts/imgtool/keys/__init__.py
+++ b/scripts/imgtool/keys/__init__.py
@@ -20,9 +20,11 @@
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey
 from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey, EllipticCurvePublicKey
+from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
 
 from .rsa import RSA, RSAPublic, RSAUsageError, RSA_KEY_SIZES
 from .ecdsa import ECDSA256P1, ECDSA256P1Public, ECDSAUsageError
+from .ed25519 import Ed25519, Ed25519Public, Ed25519UsageError
 
 class PasswordRequired(Exception):
     """Raised to indicate that the key is password protected, but a
@@ -72,5 +74,9 @@
         if pk.key_size != 256:
             raise Exception("Unsupported EC size: " + pk.key_size)
         return ECDSA256P1Public(pk)
+    elif isinstance(pk, Ed25519PrivateKey):
+        return Ed25519(pk)
+    elif isinstance(pk, Ed25519PublicKey):
+        return Ed25519Public(pk)
     else:
         raise Exception("Unknown key type: " + str(type(pk)))