imgtool: Fix x25519 TLV HMAC tag

HMAC-SHA512 has been incorrectly fed only 32 bytes of password.

Signed-off-by: Dominik Ermel <[email protected]>

Author: de-nordic

scripts/imgtool/image.py

@@ -445,7 +445,7 @@ def ecies_hkdf(self, enckey, plainkey, hmac_sha_alg):
             newpk = X25519PrivateKey.generate()
             shared = newpk.exchange(enckey._get_public())
         derived_key = HKDF(
-            algorithm=hmac_sha_alg, length=48, salt=None,
+            algorithm=hmac_sha_alg, length=16 + hmac_sha_alg.digest_size, salt=None,
             info=b'MCUBoot_ECIES_v1', backend=default_backend()).derive(shared)
         encryptor = Cipher(algorithms.AES(derived_key[:16]),
                            modes.CTR(bytes([0] * 16)),