TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 4878c27c82d03b36c46c34ef45e0173730ff72ad^! / . / scripts / imgtool / keys / ecdsa.py
commit4878c27c82d03b36c46c34ef45e0173730ff72ad[log] [tgz]
authorDavid Brown <david.brown@linaro.org>Tue Mar 10 16:23:56 2020 -0600
committerDavid Brown <davidb@davidb.org>Wed Mar 18 09:05:21 2020 -0600
tree5214342c4acf37eee1f28b32e9df60abc44108e9
parenta4c586421a29d62dd3d7e1e33890d7dbbb83ede3 [diff] [blame]
imgtool: Remove default padding of ECDSA sigs

Since commit:

    commit a36082664ecc6b62ceea10aa617c546491c3093d
    Author: David Brown <david.brown@linaro.org>
    Date:   Thu Dec 12 15:35:31 2019 -0700

        ecdsa: Allow ECDSA signatures to be actual length

MCUboot no longer requires ECDSA signatures to be padded to a fixed
length.  This change makes imgtool, by default, also no longer add this
padding to images.  There is an option `--pad-sig` that can be given to
the sign command to re-instate this padding.  This flag will be needed
to make images that will work with older (pre 1.5.0) versions of
MCUboot.

Signed-off-by: David Brown <david.brown@linaro.org>

diff --git a/scripts/imgtool/keys/ecdsa.py b/scripts/imgtool/keys/ecdsa.py
index 1fe805e..81aa321 100644
--- a/scripts/imgtool/keys/ecdsa.py
+++ b/scripts/imgtool/keys/ecdsa.py

@@ -52,12 +52,17 @@
         return "ECDSA256"
 
     def sig_len(self):
-        # The DER encoding depends on the high bit, and can be
-        # anywhere from 70 to 72 bytes.  Because we have to fill in
-        # the length field before computing the signature, however,
-        # we'll give the largest, and the sig checking code will allow
-        # for it to be up to two bytes larger than the actual
-        # signature.
+        # Early versions of MCUboot (< v1.5.0) required ECDSA
+        # signatures to be padded to 72 bytes.  Because the DER
+        # encoding is done with signed integers, the size of the
+        # signature will vary depending on whether the high bit is set
+        # in each value.  This padding was done in a
+        # not-easily-reversible way (by just adding zeros).
+        #
+        # The signing code no longer requires this padding, and newer
+        # versions of MCUboot don't require it.  But, continue to
+        # return the total length so that the padding can be done if
+        # requested.
         return 72
 
     def verify(self, signature, payload):
@@ -78,6 +83,7 @@
     def __init__(self, key):
         """key should be an instance of EllipticCurvePrivateKey"""
         self.key = key
+        self.pad_sig = False
 
     @staticmethod
     def generate():
@@ -142,7 +148,10 @@
                 signature_algorithm=ec.ECDSA(SHA256()))
 
     def sign(self, payload):
-        # To make fixed length, pad with one or two zeros.
         sig = self.raw_sign(payload)
-        sig += b'\000' * (self.sig_len() - len(sig))
-        return sig
+        if self.pad_sig:
+            # To make fixed length, pad with one or two zeros.
+            sig += b'\000' * (self.sig_len() - len(sig))
+            return sig
+        else:
+            return sig