From 92e3297200c32c44053f9edc2fc8fff52d47ec88 Mon Sep 17 00:00:00 2001
From: Vadim Bendebury <vbendeb@chromium.org>
Date: Sat, 31 Aug 2024 20:00:51 -0700
Subject: [PATCH] [opentitantool]: fix hashed SPX signature verification

In case of SPX signing using the PrehashedSha256 domain the image
payload needs to be hashed both before signing and before validating
the signature.

The validation path was not hashing the image which was causing
signature validation failures.

Tested by verifying pure and hashed SPX signing cases.

Change-Id: I055d2c5717b7280d9e5a11a93e54815ad9a707cd
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
---
 sw/host/opentitanlib/src/image/image.rs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/sw/host/opentitanlib/src/image/image.rs b/sw/host/opentitanlib/src/image/image.rs
index be0b728a74dc8..8adb171ca1366 100644
--- a/sw/host/opentitanlib/src/image/image.rs
+++ b/sw/host/opentitanlib/src/image/image.rs
@@ -5,6 +5,7 @@
 use anyhow::{bail, ensure, Result};
 use memoffset::offset_of;
 use sphincsplus::{SphincsPlus, SpxDomain, SpxPublicKey};
+use std::borrow::Cow;
 use std::collections::HashSet;
 use std::convert::TryInto;
 use std::fs::File;
@@ -83,7 +84,11 @@ impl SigverifyParams {
     // Verify the optional SPX+ signature.
     pub fn spx_verify(&self, b: &[u8], domain: SpxDomain) -> Result<()> {
         if let Some(spx) = &self.spx_sig_params {
-            spx.key.verify(domain, &spx.signature, b)?;
+            let msg = match domain {
+                SpxDomain::PreHashedSha256 => Cow::from(sha256::sha256(b).to_le_bytes()),
+                _ => Cow::from(b),
+            };
+            spx.key.verify(domain, &spx.signature, &msg)?;
         } else {
             bail!("No SPX signature found");
         }