Skip to content

Commit

Permalink
Offload verify to TPM.
Browse files Browse the repository at this point in the history
  • Loading branch information
dgarske committed Aug 21, 2023
1 parent 3eeafd7 commit eb80ac5
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions src/image.c
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ static void wolfBoot_verify_signature(uint8_t key_slot,
uint8_t *pubkey = keystore_get_buffer(key_slot);
int pubkey_sz = keystore_get_size(key_slot);
int point_sz = pubkey_sz/2;
#if defined(WOLFBOOT_TPM) && !defined(WOLFBOOT_TPM_KEYSTORE)
#ifdef WOLFBOOT_TPM
WOLFTPM2_KEY tpmKey;
#else
ecc_key ecc;
Expand All @@ -134,7 +134,7 @@ static void wolfBoot_verify_signature(uint8_t key_slot,
return;
}

#if defined(WOLFBOOT_TPM) && !defined(WOLFBOOT_TPM_KEYSTORE)
#ifdef WOLFBOOT_TPM
/* Use TPM for ECC verify */
/* Load public key into TPM */
memset(&tpmKey, 0, sizeof(tpmKey));
Expand Down Expand Up @@ -247,7 +247,7 @@ static int RsaDecodeSignature(uint8_t** pInput, int inputSz)
}
#endif /* !NO_RSA_SIG_ENCODING */

#if defined(WOLFBOOT_TPM) && !defined(WOLFBOOT_TPM_KEYSTORE)
#ifdef WOLFBOOT_TPM
/* RSA PKCSV15 un-padding with RSA_BLOCK_TYPE_1 (public) */
/* UnPad plaintext, set start to *output, return length of plaintext or error */
static int RsaUnPad(const byte *pkcsBlock, int pkcsBlockLen, byte **output)
Expand All @@ -270,7 +270,7 @@ static int RsaUnPad(const byte *pkcsBlock, int pkcsBlockLen, byte **output)
ret = pkcsBlockLen - i;
return ret;
}
#endif /* WOLFBOOT_TPM && WOLFBOOT_TPM_KEYSTORE */
#endif /* WOLFBOOT_TPM */

static void wolfBoot_verify_signature(uint8_t key_slot,
struct wolfBoot_image *img, uint8_t *sig)
Expand All @@ -282,7 +282,7 @@ static void wolfBoot_verify_signature(uint8_t key_slot,
uint8_t *pubkey = keystore_get_buffer(key_slot);
int pubkey_sz = keystore_get_size(key_slot);
word32 inOutIdx = 0;
#if defined(WOLFBOOT_TPM) && !defined(WOLFBOOT_TPM_KEYSTORE)
#ifdef WOLFBOOT_TPM
WOLFTPM2_KEY tpmKey;
const byte *n = NULL, *e = NULL;
word32 nSz = 0, eSz = 0;
Expand All @@ -294,7 +294,7 @@ static void wolfBoot_verify_signature(uint8_t key_slot,
return;
}

#if defined(WOLFBOOT_TPM) && !defined(WOLFBOOT_TPM_KEYSTORE)
#ifdef WOLFBOOT_TPM
/* Extract DER RSA key struct */
memset(&tpmKey, 0, sizeof(tpmKey));
ret = wc_RsaPublicKeyDecode_ex(pubkey, &inOutIdx, pubkey_sz,
Expand Down

0 comments on commit eb80ac5

Please sign in to comment.