Skip to content

Commit

Permalink
refactor to single return.
Browse files Browse the repository at this point in the history
  • Loading branch information
@philljj
philljj committed Sep 25, 2024
1 parent 1d4602a commit 78f16bb
Showing 1 changed file with 49 additions and 43 deletions.
92 changes: 49 additions & 43 deletions src/image.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -497,67 +497,73 @@ static void wolfBoot_verify_signature(uint8_t key_slot,

if (ret != 0) {
wolfBoot_printf("error: wc_MlDsaKey_Init returned %d\n", ret);
return;
}

/* Set the ML-DSA security level. */
ret = wc_MlDsaKey_SetParams(&ml_dsa, ML_DSA_LEVEL);
if (ret == 0) {
/* Set the ML-DSA security level. */
ret = wc_MlDsaKey_SetParams(&ml_dsa, ML_DSA_LEVEL);

if (ret != 0) {
wolfBoot_printf("error: wc_MlDsaKey_SetParams(%d)" \
" returned %d\n", ML_DSA_LEVEL, ret);
return;
if (ret != 0) {
wolfBoot_printf("error: wc_MlDsaKey_SetParams(%d)" \
" returned %d\n", ML_DSA_LEVEL, ret);
}
}

/* Make sure pub key matches parameters. */
ret = wc_MlDsaKey_GetPubLen(&ml_dsa, &pub_len);

if (ret != 0 || pub_len <= 0) {
wolfBoot_printf("error: wc_MlDsaKey_GetPubLen returned %d\n", ret);
return;
}
if (ret == 0) {
ret = wc_MlDsaKey_GetPubLen(&ml_dsa, &pub_len);

if (pub_len != KEYSTORE_PUBKEY_SIZE_ML_DSA) {
wolfBoot_printf("error: ML-DSA pub key mismatch: got %d bytes " \
"expected %d\n", pub_len, KEYSTORE_PUBKEY_SIZE_ML_DSA);
return;
if (ret != 0 || pub_len <= 0) {
wolfBoot_printf("error: wc_MlDsaKey_GetPubLen returned %d\n", ret);
}
else if (pub_len != KEYSTORE_PUBKEY_SIZE_ML_DSA) {
wolfBoot_printf("error: ML-DSA pub key mismatch: got %d bytes " \
"expected %d\n", pub_len, KEYSTORE_PUBKEY_SIZE_ML_DSA);
ret = -1;
}
}

/* Make sure sig len matches parameters. */
ret = wc_MlDsaKey_GetSigLen(&ml_dsa, &sig_len);

if (ret != 0 || sig_len <= 0) {
wolfBoot_printf("error: wc_MlDsaKey_GetPubLen returned %d\n", ret);
return;
}
if (ret == 0) {
ret = wc_MlDsaKey_GetSigLen(&ml_dsa, &sig_len);

if (sig_len != IMAGE_SIGNATURE_SIZE) {
wolfBoot_printf("error: ML-DSA sig len mismatch: got %d bytes " \
"expected %d\n", sig_len, IMAGE_SIGNATURE_SIZE);
return;
if (ret != 0 || sig_len <= 0) {
wolfBoot_printf("error: wc_MlDsaKey_GetPubLen returned %d\n", ret);
}
else if (sig_len != IMAGE_SIGNATURE_SIZE) {
wolfBoot_printf("error: ML-DSA sig len mismatch: got %d bytes " \
"expected %d\n", sig_len, IMAGE_SIGNATURE_SIZE);
ret = -1;
}
}

/* Now import pub key. */
ret = wc_MlDsaKey_ImportPubRaw(&ml_dsa, pubkey, pub_len);
if (ret == 0) {
/* Now import pub key. */
ret = wc_MlDsaKey_ImportPubRaw(&ml_dsa, pubkey, pub_len);

if (ret != 0) {
wolfBoot_printf("error: wc_MlDsaKey_ImportPubRaw returned: %d\n", ret);
return;
if (ret != 0) {
wolfBoot_printf("error: wc_MlDsaKey_ImportPubRaw returned: %d\n",
ret);
}
}

wolfBoot_printf("info: using ML-DSA security level: %d\n", ML_DSA_LEVEL);
if (ret == 0) {
wolfBoot_printf("info: using ML-DSA security level: %d\n",
ML_DSA_LEVEL);

/* Finally verify signagure. */
ret = wc_MlDsaKey_Verify(&ml_dsa, sig, IMAGE_SIGNATURE_SIZE, img->sha_hash,
WOLFBOOT_SHA_DIGEST_SIZE, &verify_res);
/* Finally verify signagure. */
ret = wc_MlDsaKey_Verify(&ml_dsa, sig, IMAGE_SIGNATURE_SIZE,
img->sha_hash, WOLFBOOT_SHA_DIGEST_SIZE,
&verify_res);

if (ret == 0 && verify_res == 1) {
wolfBoot_printf("info: wc_MlDsaKey_Verify returned OK\n");
wolfBoot_image_confirm_signature_ok(img);
}
else {
wolfBoot_printf("error: wc_MlDsaKey_Verify returned %d, %d\n",
ret, verify_res);
if (ret == 0 && verify_res == 1) {
wolfBoot_printf("info: wc_MlDsaKey_Verify returned OK\n");
wolfBoot_image_confirm_signature_ok(img);
}
else {
wolfBoot_printf("error: wc_MlDsaKey_Verify returned: ret=%d, "
"res=%d\n", ret, verify_res);
}
}

wc_MlDsaKey_Free(&ml_dsa);
Expand Down

0 comments on commit 78f16bb

Please sign in to comment.