Feature request: option to export "raw" uncompressed ECDSA keys

[JordanYates]

Since this commit, the Trusted-Firmware M project requires the embedded public keys to be in a "raw" (not RFC5840) form.

As far as I can tell, there is currently no way to export a key in this form from imgtool.
It can be hacked into getpub by adding the following (P-384 needs 48 byte integers instead of 32):

    numbers = key._get_public().public_numbers()
    raw_key = b'\x04' + numbers.x.to_bytes(32, 'big') + numbers.y.to_bytes(32, 'big')
    print(','.join([f'0x{b:02x}'  for b in raw_key]))

I've spent some time on trying to add this feature simply, but I'm not sure on the best approach given this is probably quite ECDSA specific.

[de-nordic]

@JordanYates As far as I understand that could be also used with #2089? to further reduce code size?

[JordanYates]

@JordanYates As far as I understand that could be also used with #2089? to further reduce code size?

I have no comment on that, this is purely on the imgtool side (although TF-M probably made the change for the same reason).
It is not currently possible to get the key in a form usable for TF-M with imgtool, which is unfortunate since mcuboot is the primary bootloader.

[github-actions]

This issue has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this issue will automatically be closed in 14 days. Note, that you can always re-open a closed issue at any time.

[JordanYates]

Not stale

[github-actions]

This issue has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this issue will automatically be closed in 14 days. Note, that you can always re-open a closed issue at any time.

[JordanYates]

Not stale