How do I include CA attributes in pulblic key for "Signed App Images"?
Posted: Thu May 06, 2021 8:55 pm
Hello everyone,
I'm currently working on my bachelor thesis and I want to design a secure ESP infrastructure with signed app images, flash-encryption, etc.
The specification of mine requires signed app images which can be revoked though a certification revocation list. Because of that I created a private prime256v1 key. Following up I created a public key with my root CA key and the private prime256v1 key.
The ESP bootloader needs a binary file of the public key which wouldn't be a problem if I take use of espsecure.py extract_public_key as default, documented in espressif docs: Remote Signing of Images - https://docs.espressif.com/projects/esp ... ot-v1.html
So how would I include CA attributes to the public key if i can only take use of extract_public_key from the private key? Is there any option to directly convert the public key (certicicate) within the CA attributes to a binary file?
Thanks to all
I'm currently working on my bachelor thesis and I want to design a secure ESP infrastructure with signed app images, flash-encryption, etc.
The specification of mine requires signed app images which can be revoked though a certification revocation list. Because of that I created a private prime256v1 key. Following up I created a public key with my root CA key and the private prime256v1 key.
The ESP bootloader needs a binary file of the public key which wouldn't be a problem if I take use of espsecure.py extract_public_key as default, documented in espressif docs: Remote Signing of Images - https://docs.espressif.com/projects/esp ... ot-v1.html
So how would I include CA attributes to the public key if i can only take use of extract_public_key from the private key? Is there any option to directly convert the public key (certicicate) within the CA attributes to a binary file?
Thanks to all