{"id":30178368,"url":"https://github.com/sysgrok/espsign","last_synced_at":"2025-12-12T09:17:49.490Z","repository":{"id":266658355,"uuid":"898904172","full_name":"sysgrok/espsign","owner":"sysgrok","description":null,"archived":false,"fork":false,"pushed_at":"2025-02-23T06:43:28.000Z","size":50,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-07-31T19:39:46.245Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sysgrok.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-12-05T09:00:34.000Z","updated_at":"2025-07-31T11:44:14.000Z","dependencies_parsed_at":"2024-12-28T20:23:18.361Z","dependency_job_id":"61a644ea-806c-4d1f-afe0-b3af70a2bd1e","html_url":"https://github.com/sysgrok/espsign","commit_stats":null,"previous_names":["ivmarkov/espsign","sysgrok/espsign"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/sysgrok/espsign","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sysgrok%2Fespsign","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sysgrok%2Fespsign/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sysgrok%2Fespsign/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sysgrok%2Fespsign/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sysgrok","download_url":"https://codeload.github.com/sysgrok/espsign/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sysgrok%2Fespsign/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270005591,"owners_count":24510939,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-12T02:00:09.011Z","response_time":80,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-08-12T05:20:38.276Z","updated_at":"2025-12-12T09:17:49.467Z","avatar_url":"https://github.com/sysgrok.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# espsign\n\nA utility for signing ESP32 firmware images for ESP RSA Secure Boot V2\n\n[![CI](https://github.com/ivmarkov/espsign/actions/workflows/ci.yml/badge.svg)](https://github.com/ivmarkov/espsign/actions/workflows/ci.yml)\n[![crates.io](https://img.shields.io/crates/v/espsign.svg)](https://crates.io/crates/espsign)\n[![Matrix](https://img.shields.io/matrix/esp-rs:matrix.org?label=join%20matrix\u0026color=BEC5C9\u0026logo=matrix)](https://matrix.to/#/#esp-rs:matrix.org)\n\n## Highlights\n\n* Pure-Rust\n* `no_std` (but needs `alloc`) **library interface** for:\n  * Signing\n  * Verifying\n  * Generating key SHA-256 E-FUSE signature\n* Command line interface\n\n## Examples\n\n### Command line\n\nInstall the command line utility\n\n```sh\ncargo install --force --git https://github.com/ivmarkov/espsign\n```\n\nGenerate a new PEM signing key in file `foo`:\n\n```sh\nespsign gen-key foo\n```\n\nGenerate a new password-protected with `pass` PEM signing key in file `foo`, and with E-FUSE SHA-256 hash in file `hash`:\n\n```sh\nespsign gen-key -p pass -s hash foo\n```\n\nSign an app image `firmware` using a pre-generated PEM signing key from file `foo`\n\n```sh\nespsign sign -k foo firmware-padded firmware-signed\n```\n\n\u003e NOTE: App image should first be padded to 64K alignment with e.g. [esptools](https://github.com/ivmarkov/esptools):\n\n```sh\nesptools tool --chip esp32s3 elf2image --version 2 --secure-pad-v2 --output firmware-padded firmware\n```\n\nVerify a signed app image `firmware-signed`\n\n```sh\nespsign verify firmware-signed\n```\n\n### Library\n\nVerify an image. [Other examples](examples).\n\n```rust\nuse std::fs::File;\nuse std::path::PathBuf;\n\nuse log::info;\n\nuse espsign::{AsyncIo, ImageType, SBV2RsaSignatureBlock};\n\n/// Verify that `image` is properly signed\nfn main() {\n    let image = PathBuf::from(\"/home/foo/factory-app-signed\");\n\n    let mut buf = [0; 65536];\n\n    info!(\"Verifying image `{}`...\", image.display());\n\n    embassy_futures::block_on(SBV2RsaSignatureBlock::load_and_verify(\n        \u0026mut buf,\n        AsyncIo::new(File::open(image).unwrap()),\n        ImageType::App,\n    ))\n    .unwrap();\n\n    info!(\"Image verified successfully\");\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsysgrok%2Fespsign","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsysgrok%2Fespsign","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsysgrok%2Fespsign/lists"}