imgtool: ECDSA pad signature
Until we fix the padding problem, pad the ecdsa signatures with zeros to
always be 72 bytes long. Add a 'raw_sign' method so that the unit test
can use the real signature.
Signed-off-by: David Brown <david.brown@linaro.org>
diff --git a/scripts/imgtool/keys/ecdsa.py b/scripts/imgtool/keys/ecdsa.py
index 7066e30..f541d16 100644
--- a/scripts/imgtool/keys/ecdsa.py
+++ b/scripts/imgtool/keys/ecdsa.py
@@ -89,7 +89,14 @@
with open(path, 'wb') as f:
f.write(pem)
- def sign(self, payload):
+ def raw_sign(self, payload):
+ """Return the actual signature"""
return self.key.sign(
data=payload,
signature_algorithm=ec.ECDSA(SHA256()))
+
+ def sign(self, payload):
+ # To make fixed length, pad with one or two zeros.
+ sig = self.raw_sign(payload)
+ sig += b'\000' * (self.sig_len() - len(sig))
+ return sig
diff --git a/scripts/imgtool/keys/ecdsa_test.py b/scripts/imgtool/keys/ecdsa_test.py
index 326d73f..8cb3220 100644
--- a/scripts/imgtool/keys/ecdsa_test.py
+++ b/scripts/imgtool/keys/ecdsa_test.py
@@ -79,7 +79,7 @@
def test_sig(self):
k = ECDSA256P1.generate()
buf = b'This is the message'
- sig = k.sign(buf)
+ sig = k.raw_sign(buf)
# The code doesn't have any verification, so verify this
# manually.