mcuboot icon indicating copy to clipboard operation
mcuboot copied to clipboard

Published 20 hours ago verified publisher icon mcu-tools

imgtool: Add --pure switch to allow calculating signatures over entire images

Open de-nordic opened this issue 1 year ago • 2 comments

The PR adds --pure switch to imgtool that allows to run ED25519 over entire image calculating the PureEdDSA signature.

The imgtool will add SIG_PURE TLV as indicator that whatever signature is used is calculated directly over image. The PR also provides different output for signature verification, where there is signature reported on verification, rather than digest ~~as digest is no longer available~~, but will provide digest if key is not provided during verification.

Depends on https://github.com/mcu-tools/mcuboot/pull/2029 -- that reserves the SIG_PURE in MCUboot code Based on https://github.com/mcu-tools/mcuboot/pull/2048

de-nordic avatar Sep 13 '24 15:09 de-nordic

May be interesting for you @taltenbach

de-nordic avatar Sep 13 '24 15:09 de-nordic

@de-nordic I would merge that. Any obstacles?

nvlsianpu avatar Oct 16 '24 12:10 nvlsianpu

@de-nordic Should we proceed with this patch?

nvlsianpu avatar Nov 28 '24 17:11 nvlsianpu

@d3zd3z can you review?

nordicjm avatar Dec 04 '24 12:12 nordicjm