Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

imgtool: Fix getpriv error return with private key #1749

Merged
merged 1 commit into from
Jul 24, 2023
Merged

imgtool: Fix getpriv error return with private key #1749

merged 1 commit into from
Jul 24, 2023

Conversation

Roolli
Copy link

@Roolli Roolli commented Jul 18, 2023

Fixes #1746

@davidvincze
Copy link
Collaborator

I've manually tested imgtool's getpriv, getpub, keygen and sign, verify options for both ec-p256 and ec-p384 keys.
The fix looks good to me, it was just a method resolution order issue.

@davidvincze
Copy link
Collaborator

@nordicjm may I ask you to review @Roolli's fix? Thank you.

nordicjm
nordicjm requested changes Jul 20, 2023
View reviewed changes
Copy link
Collaborator

@nordicjm nordicjm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not working.
Old:

imgtool getpub -k enc-ec256-pub.pem 
/* Autogenerated by imgtool.py, do not edit. */
const unsigned char ecdsa_pub_key[] = {
    0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
    0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
    0x42, 0x00, 0x04, 0x8a, 0x44, 0x73, 0x00, 0x94,
    0xc9, 0x80, 0x27, 0x31, 0x0d, 0x23, 0x36, 0x6b,
    0xe9, 0x69, 0x9f, 0xcb, 0xc5, 0x7c, 0xc8, 0x44,
    0x1a, 0x93, 0xe6, 0xee, 0x7d, 0x86, 0xa6, 0xae,
    0x5e, 0x93, 0x72, 0x74, 0xd9, 0xe1, 0x5a, 0x1c,
    0x9b, 0x65, 0x1a, 0x2b, 0x61, 0x41, 0x28, 0x02,
    0x73, 0x84, 0x12, 0x97, 0x3a, 0x2d, 0xa2, 0xa0,
    0x67, 0x77, 0x02, 0xda, 0x67, 0x1a, 0x4b, 0xdd,
    0xd7, 0x71, 0xcc,
};
const unsigned int ecdsa_pub_key_len = 91;

With this:

python ./scripts/imgtool.py getpub -k enc-ec256-pub.pem > 2
Traceback (most recent call last):
  File "/tmp/qq/mcuboot/./scripts/imgtool.py", line 22, in <module>
    main.imgtool()
  File "/usr/lib/python3.11/site-packages/click/core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/site-packages/click/core.py", line 1055, in main
    rv = self.invoke(ctx)
         ^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/site-packages/click/core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/site-packages/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/tmp/qq/mcuboot/scripts/imgtool/main.py", line 144, in getpub
    key.emit_c_public()
  File "/tmp/qq/mcuboot/scripts/imgtool/keys/general.py", line 28, in emit_c_public
    encoded_bytes=self.get_public_bytes(),
                  ^^^^^^^^^^^^^^^^^^^^^^^
  File "/tmp/qq/mcuboot/scripts/imgtool/keys/ecdsa.py", line 37, in get_public_bytes
    return self._get_public().public_bytes(
           ^^^^^^^^^^^^^^^^^^
  File "/tmp/qq/mcuboot/scripts/imgtool/keys/ecdsa.py", line 33, in _get_public
    return self.key.public_key()
           ^^^^^^^^^^^^^^^^^^^
AttributeError: '_EllipticCurvePublicKey' object has no attribute 'public_key'. Did you mean: 'public_bytes'?

@davidvincze
Copy link
Collaborator

Not working. Old:

imgtool getpub -k enc-ec256-pub.pem 
/* Autogenerated by imgtool.py, do not edit. */
const unsigned char ecdsa_pub_key[] = {
    0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
    0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
    0x42, 0x00, 0x04, 0x8a, 0x44, 0x73, 0x00, 0x94,
    0xc9, 0x80, 0x27, 0x31, 0x0d, 0x23, 0x36, 0x6b,
    0xe9, 0x69, 0x9f, 0xcb, 0xc5, 0x7c, 0xc8, 0x44,
    0x1a, 0x93, 0xe6, 0xee, 0x7d, 0x86, 0xa6, 0xae,
    0x5e, 0x93, 0x72, 0x74, 0xd9, 0xe1, 0x5a, 0x1c,
    0x9b, 0x65, 0x1a, 0x2b, 0x61, 0x41, 0x28, 0x02,
    0x73, 0x84, 0x12, 0x97, 0x3a, 0x2d, 0xa2, 0xa0,
    0x67, 0x77, 0x02, 0xda, 0x67, 0x1a, 0x4b, 0xdd,
    0xd7, 0x71, 0xcc,
};
const unsigned int ecdsa_pub_key_len = 91;

With this:

python ./scripts/imgtool.py getpub -k enc-ec256-pub.pem > 2
Traceback (most recent call last):
  File "/tmp/qq/mcuboot/./scripts/imgtool.py", line 22, in <module>
    main.imgtool()
  File "/usr/lib/python3.11/site-packages/click/core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/site-packages/click/core.py", line 1055, in main
    rv = self.invoke(ctx)
         ^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/site-packages/click/core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/site-packages/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/tmp/qq/mcuboot/scripts/imgtool/main.py", line 144, in getpub
    key.emit_c_public()
  File "/tmp/qq/mcuboot/scripts/imgtool/keys/general.py", line 28, in emit_c_public
    encoded_bytes=self.get_public_bytes(),
                  ^^^^^^^^^^^^^^^^^^^^^^^
  File "/tmp/qq/mcuboot/scripts/imgtool/keys/ecdsa.py", line 37, in get_public_bytes
    return self._get_public().public_bytes(
           ^^^^^^^^^^^^^^^^^^
  File "/tmp/qq/mcuboot/scripts/imgtool/keys/ecdsa.py", line 33, in _get_public
    return self.key.public_key()
           ^^^^^^^^^^^^^^^^^^^
AttributeError: '_EllipticCurvePublicKey' object has no attribute 'public_key'. Did you mean: 'public_bytes'?

I haven't tested it with the enc-* keys, only the ones that are used for signing, sorry. @Roolli could you have a look at it, please?

davidvincze
davidvincze requested changes Jul 20, 2023
View reviewed changes
Copy link
Collaborator

@davidvincze davidvincze left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please fix the issue with public key objects.

imgtool: Fix getpriv error return with private key
0a77feb 
This commit fixes a bug with the getpriv command using
ECDSA keys.

Signed-off-by: Roland Mikhel <[email protected]>
Change-Id: I66c1365a855e97199921ac136a18e26988bce508
davidvincze
davidvincze approved these changes Jul 21, 2023
View reviewed changes
Copy link
Collaborator

@davidvincze davidvincze left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the fix.

@davidvincze davidvincze merged commit 018b770 into mcu-tools:main Jul 24, 2023
54 checks passed
@Roolli Roolli deleted the imgtool-getpriv-fix branch July 24, 2023 08:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nordicjm nordicjm nordicjm approved these changes

@davidvincze davidvincze davidvincze approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

imgtool getpriv does not work on enc-ec256-priv.pem file
3 participants
@Roolli @davidvincze @nordicjm