[opentitantool]: fix hashed SPX signature verification

In case of SPX signing using the PrehashedSha256 domain the image payload needs to be hashed both before signing and before validating the signature. The validation path was not hashing the image which was causing signature validation failures. Tested by verifying pure and hashed SPX signing cases. Change-Id: I055d2c5717b7280d9e5a11a93e54815ad9a707cd Signed-off-by: Vadim Bendebury <[email protected]>
lowRISC · Sep 1, 2024 · 61d54a1 · 61d54a1
1 parent ed1c41c
commit 61d54a1
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/sw/host/opentitanlib/src/image/image.rs b/sw/host/opentitanlib/src/image/image.rs
@@ -83,7 +83,12 @@ impl SigverifyParams {
     // Verify the optional SPX+ signature.
     pub fn spx_verify(&self, b: &[u8], domain: SpxDomain) -> Result<()> {
         if let Some(spx) = &self.spx_sig_params {
-            spx.key.verify(domain, &spx.signature, b)?;
+            let hash = sha256::sha256(b).to_le_bytes();
+            let msg = match domain {
+                SpxDomain::PreHashedSha256 => hash.as_slice(),
+                _ => b,
+            };
+            spx.key.verify(domain, &spx.signature, msg)?;
         } else {
             bail!("No SPX signature found");
         }