diff --git a/scripts/imgtool/keys/x25519.py b/scripts/imgtool/keys/x25519.py index 6c6f60fb..adb68a1a 100644 --- a/scripts/imgtool/keys/x25519.py +++ b/scripts/imgtool/keys/x25519.py @@ -74,8 +74,10 @@ class X25519(X25519Public): return self.key.public_key() def get_private_bytes(self, minimal): - raise X25519UsageError("Operation not supported with {} keys".format( - self.shortname())) + return self.key.private_bytes( + encoding=serialization.Encoding.DER, + format=serialization.PrivateFormat.PKCS8, + encryption_algorithm=serialization.NoEncryption()) def export_private(self, path, passwd=None): """ diff --git a/scripts/imgtool/main.py b/scripts/imgtool/main.py index 47d58118..de9b303d 100755 --- a/scripts/imgtool/main.py +++ b/scripts/imgtool/main.py @@ -22,7 +22,8 @@ import imgtool.keys as keys import sys from imgtool import image, imgtool_version from imgtool.version import decode_version -from .keys import RSAUsageError, ECDSAUsageError, Ed25519UsageError +from .keys import ( + RSAUsageError, ECDSAUsageError, Ed25519UsageError, X25519UsageError) MIN_PYTHON_VERSION = (3, 6) if sys.version_info < MIN_PYTHON_VERSION: @@ -51,13 +52,18 @@ def gen_ed25519(keyfile, passwd): keys.Ed25519.generate().export_private(path=keyfile, passwd=passwd) +def gen_x25519(keyfile, passwd): + keys.X25519.generate().export_private(path=keyfile, passwd=passwd) + + valid_langs = ['c', 'rust'] keygens = { 'rsa-2048': gen_rsa2048, 'rsa-3072': gen_rsa3072, 'ecdsa-p256': gen_ecdsa_p256, 'ecdsa-p224': gen_ecdsa_p224, - 'ed25519': gen_ed25519, + 'ed25519': gen_ed25519, + 'x25519': gen_x25519, } @@ -124,7 +130,8 @@ def getpriv(key, minimal): print("Invalid passphrase") try: key.emit_private(minimal) - except (RSAUsageError, ECDSAUsageError, Ed25519UsageError) as e: + except (RSAUsageError, ECDSAUsageError, Ed25519UsageError, + X25519UsageError) as e: raise click.UsageError(e)