Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[opentitantool]: fix hashed SPX signature verification #24482

Merged
merged 1 commit into from
Sep 4, 2024
Merged

[opentitantool]: fix hashed SPX signature verification #24482

merged 1 commit into from
Sep 4, 2024

Conversation

vbendeb
Copy link

@vbendeb vbendeb commented Sep 1, 2024

In case of SPX signing using the PrehashedSha256 domain the image payload needs to be hashed both before signing and before validating the signature.

The validation path was not hashing the image which was causing signature validation failures.

Tested by verifying pure and hashed SPX signing cases.

Change-Id: I055d2c5717b7280d9e5a11a93e54815ad9a707cd

@vbendeb vbendeb requested a review from a team as a code owner September 1, 2024 03:15
@vbendeb vbendeb requested review from HU90m, cfrantz and timothytrippel and removed request for a team September 1, 2024 03:15
cfrantz
cfrantz reviewed Sep 3, 2024
View reviewed changes
sw/host/opentitanlib/src/image/image.rs Outdated
@@ -83,7 +83,12 @@ impl SigverifyParams {
// Verify the optional SPX+ signature.
pub fn spx_verify(&self, b: &[u8], domain: SpxDomain) -> Result<()> {
if let Some(spx) = &self.spx_sig_params {
spx.key.verify(domain, &spx.signature, b)?;
let hash = sha256::sha256(b).to_le_bytes();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The hash calculation should be inside the match case for PreHashedSha256.

You probably have to use a Cow (copy-on-write) reference to deal with the difference between the hash result (Vec<u8>) vs. the slice ([u8]):

let msg = match domain {
  PreHashedSha256 => Cow::from(sha256::sha256(b).to_le_bytes()),
  _ => Cow::from(b),
}

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried to create the hash in the match case, but it did not have long enough life time, looks like Cow::from() takes care of this, done.

[opentitantool]: fix hashed SPX signature verification
92e3297 
In case of SPX signing using the PrehashedSha256 domain the image
payload needs to be hashed both before signing and before validating
the signature.

The validation path was not hashing the image which was causing
signature validation failures.

Tested by verifying pure and hashed SPX signing cases.

Change-Id: I055d2c5717b7280d9e5a11a93e54815ad9a707cd
Signed-off-by: Vadim Bendebury <[email protected]>
@timothytrippel timothytrippel merged commit ac13e18 into lowRISC:master Sep 4, 2024
36 checks passed
@timothytrippel timothytrippel added the CherryPick:earlgrey_1.0.0 This PR should be cherry-picked to earlgrey_1.0.0 label Oct 23, 2024
@github-actions GitHub Actions
Copy link

Successfully created backport PR for earlgrey_1.0.0:

@github-actions github-actions bot mentioned this pull request Oct 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timothytrippel timothytrippel timothytrippel approved these changes

@cfrantz cfrantz cfrantz approved these changes

@HU90m HU90m Awaiting requested review from HU90m HU90m is a code owner automatically assigned from lowRISC/ot-rust-reviewers

Assignees
No one assigned
Labels
CherryPick:earlgrey_1.0.0 This PR should be cherry-picked to earlgrey_1.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@vbendeb @cfrantz @timothytrippel