From 61d54a1d1344a5583c9feb7ded161e52f206545d Mon Sep 17 00:00:00 2001
From: Vadim Bendebury <vbendeb@chromium.org>
Date: Sat, 31 Aug 2024 20:00:51 -0700
Subject: [PATCH] [opentitantool]: fix hashed SPX signature verification

In case of SPX signing using the PrehashedSha256 domain the image
payload needs to be hashed both before signing and before validating
the signature.

The validation path was not hashing the image which was causing
signature validation failures.

Tested by verifying pure and hashed SPX signing cases.

Change-Id: I055d2c5717b7280d9e5a11a93e54815ad9a707cd
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
---
 sw/host/opentitanlib/src/image/image.rs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/sw/host/opentitanlib/src/image/image.rs b/sw/host/opentitanlib/src/image/image.rs
index be0b728a74dc8f..9d7ee573777755 100644
--- a/sw/host/opentitanlib/src/image/image.rs
+++ b/sw/host/opentitanlib/src/image/image.rs
@@ -83,7 +83,12 @@ impl SigverifyParams {
     // Verify the optional SPX+ signature.
     pub fn spx_verify(&self, b: &[u8], domain: SpxDomain) -> Result<()> {
         if let Some(spx) = &self.spx_sig_params {
-            spx.key.verify(domain, &spx.signature, b)?;
+            let hash = sha256::sha256(b).to_le_bytes();
+            let msg = match domain {
+                SpxDomain::PreHashedSha256 => hash.as_slice(),
+                _ => b,
+            };
+            spx.key.verify(domain, &spx.signature, msg)?;
         } else {
             bail!("No SPX signature found");
         }