Add SPDX headers indicating the Apache-2.0 license to the scripts in the
scripts directory. This can be assumed due to the presence of the
Apache-2.0 LICENSE file at the top of the project.
Fixes#930
Signed-off-by: David Brown <david.brown@linaro.org>
The verification code requires a fixed 32-byte salt, which seems is what
the old crypto library did. Use this same value to avoid having to
modify the code.
Signed-off-by: David Brown <david.brown@linaro.org>
Replace RSA code with one using the python 'cryptography' library. This
library is much more complete, and will make adding support for password
protected keys, and separate public keys easier.
There is, however, a significant change brought about by this change:
the private keys are stored in PKCS#8 format, instead of the raw format
that was used previously. This is a more modern format that has a few
advantages, including: supporting stronger password protection, and
allowing the key type to be determined upon read.
This tool will still support reading the old style public keys, but
other tools that use these keys will need to be updated in order to work
with the new format.
This new code has some unit tests to go along with it for some basic
sanity testing of the code.
Signed-off-by: David Brown <david.brown@linaro.org>
David Brown