Initially my idea was to use ECDSA for signature verification and AES-KW for key-encryption. However, I could not find any support by the imgtool, because the --encrypt option requires a public key as argument.
Therefore, I tried to switch to RSA-OAEP for key-encryption by using a private RSA key. Surprisingly, when I tried to sign my image with the ECC key (provided in --key option), and use a RSA private key for key-encryption (provided in --encrypt option), I get the following error:
"Error: Signing and encryption must use the same type of key"
This is not according to the documentation, where nothing is mentioned about this restriction. Is this desired? If so, why? Is there a workaround?
Initially my idea was to use ECDSA for signature verification and AES-KW for key-encryption. However, I could not find any support by the imgtool, because the --encrypt option requires a public key as argument.
Therefore, I tried to switch to RSA-OAEP for key-encryption by using a private RSA key. Surprisingly, when I tried to sign my image with the ECC key (provided in --key option), and use a RSA private key for key-encryption (provided in --encrypt option), I get the following error:
"Error: Signing and encryption must use the same type of key"
This is not according to the documentation, where nothing is mentioned about this restriction. Is this desired? If so, why? Is there a workaround?