From 92fcf933b1cf52ae372d952cff4a7211c45c5ee4 Mon Sep 17 00:00:00 2001
From: Kendall Goto <kendall@level.co>
Date: Wed, 15 Jan 2025 22:05:15 -0800
Subject: [PATCH] scripts: Fix extracted ECDSA signature padding

Ensure that ECDSA key components that are too short are properly
left-padded with 0s.

Signed-off-by: Kendall Goto <kendall@level.co>
---
 scripts/bootloader/asn1parse.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/bootloader/asn1parse.py b/scripts/bootloader/asn1parse.py
index 8a19bc6fd8db..085ed3e082b9 100644
--- a/scripts/bootloader/asn1parse.py
+++ b/scripts/bootloader/asn1parse.py
@@ -29,7 +29,7 @@ def get_ecdsa_signature(der, clength):
     # Disable pylint error as 'input' keyword has specific handling in 'check_output'
     # pylint: disable=unexpected-keyword-arg
     stdout = check_output(['openssl', 'asn1parse', '-inform', 'der'], input=der)
-    sig = b''.join([bytes.fromhex(re.search(r'(?<=\:)([0-9A-F]+)', num)[0]).ljust(clength, b'\0') \
+    sig = b''.join([bytes.fromhex(re.search(r'(?<=\:)([0-9A-F]+)', num)[0]).rjust(clength, b'\0') \
                     for num in re.findall(r'INTEGER *\:[0-9A-F]+', stdout.decode())])
 
     assert len(sig) == 2*clength