TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / dde178dbc83619b1b3d9f6e246c6bc27395b05cf^! / . / scripts / imgtool / main.py
commitdde178dbc83619b1b3d9f6e246c6bc27395b05cf[log] [tgz]
authorDavid Vincze <david.vincze@linaro.org>Thu Mar 26 20:06:01 2020 +0100
committerDavid Brown <davidb@davidb.org>Tue Apr 07 09:20:13 2020 -0600
tree69812bd357e7ba2e42643d7dd39eb8224befa3ad
parent9560d773712e33c637f9e0afe49d1a4b097e7ce6 [diff] [blame]
imgtool: Add --public-key-format option to imgtool

The --public-key-format option can be used to distinguish where
the public key is stored for image authentication. It can be embedded
in MCUboot or by selecting 'full' it can be in the image manifest.

The source of this change:
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1579

Change-Id: If658dff8147cfce2f27bfc0209ecf0d6d9cb2a73
Signed-off-by: David Vincze <david.vincze@linaro.org>

diff --git a/scripts/imgtool/main.py b/scripts/imgtool/main.py
index fa15200..47d5811 100755
--- a/scripts/imgtool/main.py
+++ b/scripts/imgtool/main.py

@@ -265,14 +265,17 @@
 @click.option('-v', '--version', callback=validate_version,  required=True)
 @click.option('--align', type=click.Choice(['1', '2', '4', '8']),
               required=True)
+@click.option('--public-key-format', type=click.Choice(['hash', 'full']),
+              default='hash', help='In what format to add the public key to '
+              'the image manifest: full key or hash of the key.')
 @click.option('-k', '--key', metavar='filename')
 @click.command(help='''Create a signed or unsigned image\n
                INFILE and OUTFILE are parsed as Intel HEX if the params have
                .hex extension, otherwise binary format is used''')
-def sign(key, align, version, pad_sig, header_size, pad_header, slot_size, pad, confirm,
-         max_sectors, overwrite_only, endian, encrypt, infile, outfile,
-         dependencies, load_addr, hex_addr, erased_val, save_enctlv,
-         security_counter, boot_record):
+def sign(key, public_key_format, align, version, pad_sig, header_size,
+         pad_header, slot_size, pad, confirm, max_sectors, overwrite_only,
+         endian, encrypt, infile, outfile, dependencies, load_addr, hex_addr,
+         erased_val, save_enctlv, security_counter, boot_record):
     img = image.Image(version=decode_version(version), header_size=header_size,
                       pad_header=pad_header, pad=pad, confirm=confirm,
                       align=int(align), slot_size=slot_size,
@@ -295,7 +298,7 @@
     if pad_sig and hasattr(key, 'pad_sig'):
         key.pad_sig = True
 
-    img.create(key, enckey, dependencies, boot_record)
+    img.create(key, public_key_format, enckey, dependencies, boot_record)
     img.save(outfile, hex_addr)