[opentitantool]: fix hashed SPX signature verification

In case of SPX signing using the PrehashedSha256 domain the image payload needs to be hashed both before signing and before validating the signature. The validation path was not hashing the image which was causing signature validation failures. Tested by verifying pure and hashed SPX signing cases. Change-Id: I055d2c5717b7280d9e5a11a93e54815ad9a707cd Signed-off-by: Vadim Bendebury <[email protected]>
lowRISC · Sep 3, 2024 · 92e3297 · 92e3297
1 parent 4cc9edc
commit 92e3297
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/sw/host/opentitanlib/src/image/image.rs b/sw/host/opentitanlib/src/image/image.rs
@@ -5,6 +5,7 @@
 use anyhow::{bail, ensure, Result};
 use memoffset::offset_of;
 use sphincsplus::{SphincsPlus, SpxDomain, SpxPublicKey};
+use std::borrow::Cow;
 use std::collections::HashSet;
 use std::convert::TryInto;
 use std::fs::File;
@@ -83,7 +84,11 @@ impl SigverifyParams {
     // Verify the optional SPX+ signature.
     pub fn spx_verify(&self, b: &[u8], domain: SpxDomain) -> Result<()> {
         if let Some(spx) = &self.spx_sig_params {
-            spx.key.verify(domain, &spx.signature, b)?;
+            let msg = match domain {
+                SpxDomain::PreHashedSha256 => Cow::from(sha256::sha256(b).to_le_bytes()),
+                _ => Cow::from(b),
+            };
+            spx.key.verify(domain, &spx.signature, &msg)?;
         } else {
             bail!("No SPX signature found");
         }