From 78f16bb59ddea288bdb145a5111b87a214e05a18 Mon Sep 17 00:00:00 2001 From: jordan Date: Wed, 25 Sep 2024 10:23:10 -0500 Subject: [PATCH] refactor to single return. --- src/image.c | 92 ++++++++++++++++++++++++++++------------------------- 1 file changed, 49 insertions(+), 43 deletions(-) diff --git a/src/image.c b/src/image.c index 2b327b2f3..fa354d980 100644 --- a/src/image.c +++ b/src/image.c @@ -497,67 +497,73 @@ static void wolfBoot_verify_signature(uint8_t key_slot, if (ret != 0) { wolfBoot_printf("error: wc_MlDsaKey_Init returned %d\n", ret); - return; } - /* Set the ML-DSA security level. */ - ret = wc_MlDsaKey_SetParams(&ml_dsa, ML_DSA_LEVEL); + if (ret == 0) { + /* Set the ML-DSA security level. */ + ret = wc_MlDsaKey_SetParams(&ml_dsa, ML_DSA_LEVEL); - if (ret != 0) { - wolfBoot_printf("error: wc_MlDsaKey_SetParams(%d)" \ - " returned %d\n", ML_DSA_LEVEL, ret); - return; + if (ret != 0) { + wolfBoot_printf("error: wc_MlDsaKey_SetParams(%d)" \ + " returned %d\n", ML_DSA_LEVEL, ret); + } } /* Make sure pub key matches parameters. */ - ret = wc_MlDsaKey_GetPubLen(&ml_dsa, &pub_len); - - if (ret != 0 || pub_len <= 0) { - wolfBoot_printf("error: wc_MlDsaKey_GetPubLen returned %d\n", ret); - return; - } + if (ret == 0) { + ret = wc_MlDsaKey_GetPubLen(&ml_dsa, &pub_len); - if (pub_len != KEYSTORE_PUBKEY_SIZE_ML_DSA) { - wolfBoot_printf("error: ML-DSA pub key mismatch: got %d bytes " \ - "expected %d\n", pub_len, KEYSTORE_PUBKEY_SIZE_ML_DSA); - return; + if (ret != 0 || pub_len <= 0) { + wolfBoot_printf("error: wc_MlDsaKey_GetPubLen returned %d\n", ret); + } + else if (pub_len != KEYSTORE_PUBKEY_SIZE_ML_DSA) { + wolfBoot_printf("error: ML-DSA pub key mismatch: got %d bytes " \ + "expected %d\n", pub_len, KEYSTORE_PUBKEY_SIZE_ML_DSA); + ret = -1; + } } /* Make sure sig len matches parameters. */ - ret = wc_MlDsaKey_GetSigLen(&ml_dsa, &sig_len); - - if (ret != 0 || sig_len <= 0) { - wolfBoot_printf("error: wc_MlDsaKey_GetPubLen returned %d\n", ret); - return; - } + if (ret == 0) { + ret = wc_MlDsaKey_GetSigLen(&ml_dsa, &sig_len); - if (sig_len != IMAGE_SIGNATURE_SIZE) { - wolfBoot_printf("error: ML-DSA sig len mismatch: got %d bytes " \ - "expected %d\n", sig_len, IMAGE_SIGNATURE_SIZE); - return; + if (ret != 0 || sig_len <= 0) { + wolfBoot_printf("error: wc_MlDsaKey_GetPubLen returned %d\n", ret); + } + else if (sig_len != IMAGE_SIGNATURE_SIZE) { + wolfBoot_printf("error: ML-DSA sig len mismatch: got %d bytes " \ + "expected %d\n", sig_len, IMAGE_SIGNATURE_SIZE); + ret = -1; + } } - /* Now import pub key. */ - ret = wc_MlDsaKey_ImportPubRaw(&ml_dsa, pubkey, pub_len); + if (ret == 0) { + /* Now import pub key. */ + ret = wc_MlDsaKey_ImportPubRaw(&ml_dsa, pubkey, pub_len); - if (ret != 0) { - wolfBoot_printf("error: wc_MlDsaKey_ImportPubRaw returned: %d\n", ret); - return; + if (ret != 0) { + wolfBoot_printf("error: wc_MlDsaKey_ImportPubRaw returned: %d\n", + ret); + } } - wolfBoot_printf("info: using ML-DSA security level: %d\n", ML_DSA_LEVEL); + if (ret == 0) { + wolfBoot_printf("info: using ML-DSA security level: %d\n", + ML_DSA_LEVEL); - /* Finally verify signagure. */ - ret = wc_MlDsaKey_Verify(&ml_dsa, sig, IMAGE_SIGNATURE_SIZE, img->sha_hash, - WOLFBOOT_SHA_DIGEST_SIZE, &verify_res); + /* Finally verify signagure. */ + ret = wc_MlDsaKey_Verify(&ml_dsa, sig, IMAGE_SIGNATURE_SIZE, + img->sha_hash, WOLFBOOT_SHA_DIGEST_SIZE, + &verify_res); - if (ret == 0 && verify_res == 1) { - wolfBoot_printf("info: wc_MlDsaKey_Verify returned OK\n"); - wolfBoot_image_confirm_signature_ok(img); - } - else { - wolfBoot_printf("error: wc_MlDsaKey_Verify returned %d, %d\n", - ret, verify_res); + if (ret == 0 && verify_res == 1) { + wolfBoot_printf("info: wc_MlDsaKey_Verify returned OK\n"); + wolfBoot_image_confirm_signature_ok(img); + } + else { + wolfBoot_printf("error: wc_MlDsaKey_Verify returned: ret=%d, " + "res=%d\n", ret, verify_res); + } } wc_MlDsaKey_Free(&ml_dsa);