imgtool: image signature export
Extend sign/create command so it now allow to export the image
signature to the file pointed by --sig-out option.
The image signature will be encoded as base64 formatted string.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
diff --git a/scripts/imgtool/main.py b/scripts/imgtool/main.py
index f2e246e..920df78 100755
--- a/scripts/imgtool/main.py
+++ b/scripts/imgtool/main.py
@@ -74,6 +74,11 @@
signature = base64.b64decode(f.read())
return signature
+def save_signature(sigfile, sig):
+ with open(sigfile, 'wb') as f:
+ signature = base64.b64encode(sig)
+ f.write(signature)
+
def load_key(keyfile):
# TODO: better handling of invalid pass-phrase
key = keys.load(keyfile)
@@ -313,6 +318,9 @@
'the signature calculated using the public key')
@click.option('--fix-sig-pubkey', metavar='filename',
help='public key relevant to fixed signature')
+@click.option('--sig-out', metavar='filename',
+ help='Path to the file to which signature will be written'
+ 'The image signature will be encoded as base64 formatted string')
@click.command(help='''Create a signed or unsigned image\n
INFILE and OUTFILE are parsed as Intel HEX if the params have
.hex extension, otherwise binary format is used''')
@@ -321,7 +329,7 @@
endian, encrypt_keylen, encrypt, infile, outfile, dependencies,
load_addr, hex_addr, erased_val, save_enctlv, security_counter,
boot_record, custom_tlv, rom_fixed, max_align, clear, fix_sig,
- fix_sig_pubkey):
+ fix_sig_pubkey, sig_out):
if confirm:
# Confirmed but non-padded images don't make much sense, because
@@ -388,6 +396,10 @@
custom_tlvs, int(encrypt_keylen), clear, baked_signature, pub_key)
img.save(outfile, hex_addr)
+ if sig_out is not None:
+ new_signature = img.get_signature()
+ save_signature(sig_out, new_signature)
+
class AliasesGroup(click.Group):