You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by cc...@apache.org on 2019/10/24 16:45:20 UTC
[mynewt-artifact] 04/06: sec: Make GenerateSig() return a Sig object
This is an automated email from the ASF dual-hosted git repository.
ccollins pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-artifact.git
commit 6a0584f127bada7da36ac3f526139d899e39b0ec
Author: Christopher Collins <cc...@apache.org>
AuthorDate: Wed Oct 23 14:58:05 2019 -0700
sec: Make GenerateSig() return a Sig object
Before this commit, this function returned a []byte slice containing the
raw signature. Now the function returns a Sig object (which also
contains the sig type and key hash).
---
image/create.go | 47 +++++++++++++++++++++++++++++++++++++----------
1 file changed, 37 insertions(+), 10 deletions(-)
diff --git a/image/create.go b/image/create.go
index c51cfe6..0ee3bb9 100644
--- a/image/create.go
+++ b/image/create.go
@@ -197,16 +197,43 @@ func GenerateSigEd25519(key sec.PrivSignKey, hash []byte) ([]byte, error) {
return sig, nil
}
-func GenerateSig(key sec.PrivSignKey, hash []byte) ([]byte, error) {
- key.AssertValid()
+func GenerateSig(key sec.PrivSignKey, hash []byte) (sec.Sig, error) {
+ pub := key.PubKey()
+ typ, err := pub.SigType()
+ if err != nil {
+ return sec.Sig{}, err
+ }
- if key.Rsa != nil {
- return GenerateSigRsa(key, hash)
- } else if key.Ec != nil {
- return GenerateSigEc(key, hash)
- } else {
- return GenerateSigEd25519(key, hash)
+ var data []byte
+
+ switch typ {
+ case sec.SIG_TYPE_RSA2048, sec.SIG_TYPE_RSA3072:
+ data, err = GenerateSigRsa(key, hash)
+
+ case sec.SIG_TYPE_ECDSA224, sec.SIG_TYPE_ECDSA256:
+ data, err = GenerateSigEc(key, hash)
+
+ case sec.SIG_TYPE_ED25519:
+ data, err = GenerateSigEd25519(key, hash)
+
+ default:
+ err = errors.Errorf("unknown sig type: %v", typ)
}
+
+ if err != nil {
+ return sec.Sig{}, err
+ }
+
+ keyHash, err := pub.Hash()
+ if err != nil {
+ return sec.Sig{}, err
+ }
+
+ return sec.Sig{
+ Type: typ,
+ KeyHash: keyHash,
+ Data: data,
+ }, nil
}
func BuildKeyHashTlv(keyBytes []byte) ImageTlv {
@@ -243,9 +270,9 @@ func BuildSigTlvs(keys []sec.PrivSignKey, hash []byte) ([]ImageTlv, error) {
tlv = ImageTlv{
Header: ImageTlvHdr{
Type: sigTlvType(key),
- Len: uint16(len(sig)),
+ Len: uint16(len(sig.Data)),
},
- Data: sig,
+ Data: sig.Data,
}
tlvs = append(tlvs, tlv)
}