Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Note - my commit timestamps are all FUBAR... WSL loses its clock when the machine goes to sleep.
Anyway:
Changes should be pretty straightforward.
Additional file
lib/signature_tools.py
that now handles read_bytes and write_bytes when necessary.signatures are only supported against full bins.
When a full bin is read in (via input_bin) if the last 350 bytes include METADATA:xxxx, they're pulled off and processed, otherwise the bin is read in directly.
When a write is planned (via output_bin), if theres args provided that trigger a signature, it's performed. Otherwise, it's just written directly.
The following is how you actually sign a full bin. Optionally including some notes about the file and a secondary_key to sign it with (if you have your own private key). If you don't provide a secondary key, only the private key in
data/VW_Flash.key
is usedvalidation is simple as well. The following command would read in the input_bin and check the signatures against the public key in data/VW_Flash.pub as well as the secondary_key (if the file contains a dual signature)