Skip to content

Commit 3760174

Browse files
jan2642jan2642
committed
sign.py: add a parameter to generate only the signature header
By providing the -H command line parameter, the .sig will only contain the header + signature and not the actual payload. This scheme is used by the nfz.db e.g.
1 parent b3d4ef4 commit 3760174

File tree

1 file changed

+10
-3
lines changed

1 file changed

+10
-3
lines changed

scripts/sign.py

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,7 @@ class ImageChunk(LittleEndianStructure):
9797
('addr', c_ulonglong), #16
9898
('reserved', c_ulonglong)] #24 end is 32
9999

100-
def sign(filename, name, chunk_id, version, encrypt):
100+
def sign(filename, name, chunk_id, version, encrypt, separate_header):
101101

102102
ver = re.search('^v(\d+).(\d+).(\d+).(\d+)$', version)
103103
if ver == None:
@@ -107,6 +107,10 @@ def sign(filename, name, chunk_id, version, encrypt):
107107
if not chunk_id:
108108
chunk_id = name
109109

110+
if encrypt and separate_header:
111+
print('ERROR: Creating a separate signature AND encrypt the file is currently not supported')
112+
return -1
113+
110114
image_file = open(filename, "rb")
111115
image_data = image_file.read()
112116
image_file.close()
@@ -178,7 +182,9 @@ def sign(filename, name, chunk_id, version, encrypt):
178182
output_file.write(header)
179183
output_file.write(chunk)
180184
output_file.write(signer.sign(digest))
181-
output_file.write(encrypted_data)
185+
186+
if not separate_header:
187+
output_file.write(encrypted_data)
182188

183189
output_file.close()
184190

@@ -189,8 +195,9 @@ def sign(filename, name, chunk_id, version, encrypt):
189195
parser.add_argument('-c', '--chunk', help='Name of the chunk. If omitted, <name> will be used.')
190196
parser.add_argument('-v', '--version', required=True, help='Version string in the form "vAA.BB.CC.DD"')
191197
parser.add_argument('-e', '--encrypt', default=False, action='store_true', help='Encrypt the file')
198+
parser.add_argument('-H', '--header', default=False, action='store_true', help='Only create the signature header')
192199
args = parser.parse_args()
193200

194-
sign(args.file, args.name, args.chunk, args.version, args.encrypt)
201+
sign(args.file, args.name, args.chunk, args.version, args.encrypt, args.header)
195202

196203
# vim: expandtab:ts=4:sw=4

0 commit comments

Comments
 (0)