commit 78135ee6eb6759ea009442d7f9bcec6bbe6934ef
author Roland Mikhel <roland.mikhel@arm.com> Tue Feb 07 14:11:02 2023 +0100
committer Dávid Vincze <david.vincze@arm.com> Wed Apr 26 13:27:44 2023 +0200
tree 62a4a23fdf7ce9b772f712f284db82da47cdc0a1
parent 5704174c126f8757e09588f9b9133f4ad0f6a0c6

imgtool: Add backwards compatibility for ECDSA

Add backwards compatibility to the imgtool to support
the old curve specific TLVs. Currently only ECDSA256 needs this.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I275894ebc713ea8adcaab4198b036c41233b11e8

scripts/imgtool/image.py

diff --git a/scripts/imgtool/image.py b/scripts/imgtool/image.py
index 8da49b9..de8352a 100644
--- a/scripts/imgtool/image.py
+++ b/scripts/imgtool/image.py
@@ -484,10 +484,18 @@
                 else:
                     print(os.path.basename(__file__) + ": sign the digest")
                     sig = key.sign_digest(digest)
-                tlv.add(key.sig_tlv(), sig)
+                # only ecdsa256 has legacy tlv type
+                if use_legacy_tlv and isinstance(key, ecdsa.ECDSA256P1):
+                    tlv.add(key.legacy_sig_tlv(), sig)
+                else:
+                    tlv.add(key.sig_tlv(), sig)
                 self.signature = sig
             elif fixed_sig is not None and key is None:
-                tlv.add(pub_key.sig_tlv(), fixed_sig['value'])
+                if use_legacy_tlv and isinstance(pub_key,
+                                                 ecdsa.ECDSA256P1Public):
+                    tlv.add(pub_key.legacy_sig_tlv(), fixed_sig['value'])
+                else:
+                    tlv.add(pub_key.sig_tlv(), fixed_sig['value'])
                 self.signature = fixed_sig['value']
             else:
                 raise click.UsageError("Can not sign using key and provide fixed-signature at the same time")