imgtool: export data vector to be signed
Extend sign/create command so it allows to export image's byte string
which is the substrate for the image signature. The new option is
'--vector-to-sign'. It might takes 'payload' or 'digest'.
The exported data might be used to calculate the signature externally.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
diff --git a/scripts/imgtool/main.py b/scripts/imgtool/main.py
index 920df78..ea95bad 100755
--- a/scripts/imgtool/main.py
+++ b/scripts/imgtool/main.py
@@ -321,6 +321,10 @@
@click.option('--sig-out', metavar='filename',
help='Path to the file to which signature will be written'
'The image signature will be encoded as base64 formatted string')
+@click.option('--vector-to-sign', type=click.Choice(['payload', 'digest']),
+ help='send to OUTFILE the payload or payload''s digest instead of'
+ 'complied image. These data can be used for external image'
+ 'signing')
@click.command(help='''Create a signed or unsigned image\n
INFILE and OUTFILE are parsed as Intel HEX if the params have
.hex extension, otherwise binary format is used''')
@@ -329,7 +333,7 @@
endian, encrypt_keylen, encrypt, infile, outfile, dependencies,
load_addr, hex_addr, erased_val, save_enctlv, security_counter,
boot_record, custom_tlv, rom_fixed, max_align, clear, fix_sig,
- fix_sig_pubkey, sig_out):
+ fix_sig_pubkey, sig_out, vector_to_sign):
if confirm:
# Confirmed but non-padded images don't make much sense, because
@@ -393,7 +397,8 @@
}
img.create(key, public_key_format, enckey, dependencies, boot_record,
- custom_tlvs, int(encrypt_keylen), clear, baked_signature, pub_key)
+ custom_tlvs, int(encrypt_keylen), clear, baked_signature, pub_key,
+ vector_to_sign)
img.save(outfile, hex_addr)
if sig_out is not None: