diff --git a/IDE/XilinxSDK/.cproject b/IDE/XilinxSDK/.cproject
index 170006ff4..57655bbfe 100644
--- a/IDE/XilinxSDK/.cproject
+++ b/IDE/XilinxSDK/.cproject
@@ -131,7 +131,7 @@
-
+
@@ -267,7 +267,7 @@
-
+
diff --git a/IDE/XilinxSDK/README.md b/IDE/XilinxSDK/README.md
index 297adfe64..2f04420f8 100644
--- a/IDE/XilinxSDK/README.md
+++ b/IDE/XilinxSDK/README.md
@@ -215,6 +215,7 @@ WOLFSSL_XMSS_VERIFY_ONLY
WOLFSSL_XMSS_MAX_HEIGHT=32
WOLFBOOT_SHA_BLOCK_SIZE=4096
IMAGE_SIGNATURE_SIZE=2500
+XMSS_IMAGE_SIGNATURE_SIZE=2500
IMAGE_HEADER_SIZE=5000
```
diff --git a/include/image.h b/include/image.h
index 24960518a..c084aa7fa 100644
--- a/include/image.h
+++ b/include/image.h
@@ -66,6 +66,14 @@ int wolfBot_get_dts_size(void *dts_addr);
# endif
#endif
+#ifndef UNUSEDFUNCTION
+# if defined(__GNUC__) || defined(__CC_ARM)
+# define UNUSEDFUNCTION __attribute__((unused))
+# else
+# define UNUSEDFUNCTION
+# endif
+#endif
+
#ifndef WOLFBOOT_FLAGS_INVERT
#define SECT_FLAG_NEW 0x0F
@@ -79,32 +87,32 @@ int wolfBot_get_dts_size(void *dts_addr);
#define SECT_FLAG_UPDATED 0x0f
#endif
-#ifdef WOLFBOOT_SIGN_PRIMARY_ED25519
+#ifdef WOLFBOOT_SIGN_ED25519
#define wolfBoot_verify_signature_primary wolfBoot_verify_signature_ed25519
#endif
-#ifdef WOLFBOOT_SIGN_PRIMARY_ED448
+#ifdef WOLFBOOT_SIGN_ED448
#define wolfBoot_verify_signature_primary wolfBoot_verify_signature_ed448
#endif
-#if defined (WOLFBOOT_SIGN_PRIMARY_RSA2048) || \
- defined (WOLFBOOT_SIGN_PRIMARY_RSA3072) || \
- defined (WOLFBOOT_SIGN_PRIMARY_RSA4096) || \
- defined (WOLFBOOT_SIGN_PRIMARY_RSA2048ENC) || \
- defined (WOLFBOOT_SIGN_PRIMARY_RSA3072ENC) || \
- defined (WOLFBOOT_SIGN_PRIMARY_RSA4096ENC)
+#if defined (WOLFBOOT_SIGN_RSA2048) || \
+ defined (WOLFBOOT_SIGN_RSA3072) || \
+ defined (WOLFBOOT_SIGN_RSA4096) || \
+ defined (WOLFBOOT_SIGN_RSA2048ENC) || \
+ defined (WOLFBOOT_SIGN_RSA3072ENC) || \
+ defined (WOLFBOOT_SIGN_RSA4096ENC)
#define wolfBoot_verify_signature_primary wolfBoot_verify_signature_rsa
#endif
-#if defined (WOLFBOOT_SIGN_PRIMARY_ECC256) || \
- defined (WOLFBOOT_SIGN_PRIMARY_ECC384) || \
- defined (WOLFBOOT_SIGN_PRIMARY_ECC521)
+#if defined (WOLFBOOT_SIGN_ECC256) || \
+ defined (WOLFBOOT_SIGN_ECC384) || \
+ defined (WOLFBOOT_SIGN_ECC521)
#define wolfBoot_verify_signature_primary wolfBoot_verify_signature_ecc
#endif
-#if defined(WOLFBOOT_SIGN_PRIMARY_LMS) || defined(WOLFBOOT_SIGN_PRIMARY_ext_LMS)
+#if defined(WOLFBOOT_SIGN_LMS) || defined(WOLFBOOT_SIGN_ext_LMS)
#define wolfBoot_verify_signature_primary wolfBoot_verify_signature_lms
#endif
-#if defined(WOLFBOOT_SIGN_PRIMARY_XMSS ) || defined(WOLFBOOT_SIGN_PRIMARY_ext_XMSS)
+#if defined(WOLFBOOT_SIGN_XMSS ) || defined(WOLFBOOT_SIGN_ext_XMSS)
#define wolfBoot_verify_signature_primary wolfBoot_verify_signature_xmss
#endif
-#ifdef WOLFBOOT_SIGN_PRIMARY_ML_DSA
+#ifdef WOLFBOOT_SIGN_ML_DSA
#define wolfBoot_verify_signature_primary wolfBoot_verify_signature_ml_dsa
#endif
@@ -598,12 +606,15 @@ struct wolfBoot_image {
uint8_t not_ext : 1; /* image is no longer external */
};
+
/* do not warn if this is not used */
-static void wolfBoot_image_confirm_signature_ok(struct wolfBoot_image *img)
+static void UNUSEDFUNCTION wolfBoot_image_confirm_signature_ok(
+ struct wolfBoot_image *img)
{
img->signature_ok = 1;
}
-static void wolfBoot_image_clear_signature_ok(struct wolfBoot_image *img)
+static void UNUSEDFUNCTION wolfBoot_image_clear_signature_ok(
+ struct wolfBoot_image *img)
{
img->signature_ok = 0;
}
diff --git a/options.mk b/options.mk
index 73da75430..2fa6dfd0d 100644
--- a/options.mk
+++ b/options.mk
@@ -478,7 +478,7 @@ ifeq ($(SIGN),ML_DSA)
ifneq ($(HASH),SHA3)
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/sha3.o
endif
-
+
ifeq ($(WOLFBOOT_SMALL_STACK),1)
$(error WOLFBOOT_SMALL_STACK with ML-DSA not supported yet)
else
@@ -540,8 +540,6 @@ ifneq ($(SIGN_SECONDARY),)
endif
-CFLAGS+=-DWOLFBOOT_SIGN_PRIMARY_$(SIGN)
-
ifeq ($(RAM_CODE),1)
CFLAGS+= -D"RAM_CODE"
endif
diff --git a/src/image.c b/src/image.c
index 329b55126..e1723ed4b 100644
--- a/src/image.c
+++ b/src/image.c
@@ -1260,6 +1260,7 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img)
*
*/
wolfBoot_verify_signature_primary(key_slot, img, stored_signature);
+ (void)stored_signature_size;
if (img->signature_ok == 1)
#ifdef SIGN_HYBRID
{
diff --git a/tools/keytools/sign.c b/tools/keytools/sign.c
index 00141f562..ff492aa05 100644
--- a/tools/keytools/sign.c
+++ b/tools/keytools/sign.c
@@ -490,7 +490,7 @@ static int load_key_rsa(int sign_type, uint32_t rsa_keysz, uint32_t rsa_pubkeysz
CMD.sign = sign_type;
CMD.signature_sz = keySzOut;
}
- printf("Found RSA%d key\n", keySzOut);
+ printf("Found RSA%d key\n", keySzOut*8);
}
}
return ret;
diff --git a/tools/unit-tests/unit-image.c b/tools/unit-tests/unit-image.c
index 41a2d69bc..679686540 100644
--- a/tools/unit-tests/unit-image.c
+++ b/tools/unit-tests/unit-image.c
@@ -43,7 +43,7 @@
#define ENCRYPT_KEY "123456789abcdef0123456789abcdef0123456789abcdef"
#define KEYSTORE_PUBKEY_SIZE KEYSTORE_PUBKEY_SIZE_ECC256
-#define WOLFBOOT_SIGN_PRIMARY_ECC256
+#define WOLFBOOT_SIGN_ECC256
#include
#include
@@ -267,7 +267,7 @@ int wc_ecc_import_unsigned(ecc_key* key, const byte* qx, const byte* qy,
{
if (ecc_import_fail)
return -1;
-
+
key->type = ECC_PUBLICKEY;
return 0;
}
@@ -285,7 +285,7 @@ START_TEST(test_verify_signature)
{
uint8_t pubkey[32];
struct wolfBoot_image test_img;
-
+
test_img.part = PART_UPDATE;
test_img.fw_size = test_img_len;
test_img.fw_base = 0;
@@ -455,7 +455,7 @@ START_TEST(test_verify_authenticity)
find_header_mocked = 1;
ret = wolfBoot_verify_authenticity(&test_img);
ck_assert_int_eq(ret, -1);
-
+
/* Wrong pubkey */
find_header_mocked = 0;
hdr_cpy_done = 0;
@@ -463,7 +463,7 @@ START_TEST(test_verify_authenticity)
test_img_len);
ret = wolfBoot_verify_authenticity(&test_img);
ck_assert_int_lt(ret, 0);
-
+
/* Wrong signature */
find_header_mocked = 0;
find_header_fail = 0;
@@ -539,7 +539,7 @@ START_TEST(test_open_image)
ck_assert_ptr_eq(img.hdr, (void *)WOLFBOOT_PARTITION_SWAP_ADDRESS);
ck_assert_ptr_eq(img.hdr, img.fw_base);
ck_assert_uint_eq(img.fw_size, WOLFBOOT_SECTOR_SIZE);
-
+
/* Valid image */
hdr_cpy_done = 0;
ext_flash_write(0, test_img_v200000000_signed_bin,
@@ -574,17 +574,17 @@ Suite *wolfboot_suite(void)
tcase_set_timeout(tcase_headers, 20);
tcase_add_test(tcase_headers, test_headers);
suite_add_tcase(s, tcase_headers);
-
+
TCase* tcase_verify_authenticity = tcase_create("verify_authenticity");
tcase_set_timeout(tcase_verify_authenticity, 20);
tcase_add_test(tcase_verify_authenticity, test_verify_authenticity);
suite_add_tcase(s, tcase_verify_authenticity);
-
+
TCase* tcase_verify_integrity = tcase_create("verify_integrity");
tcase_set_timeout(tcase_verify_integrity, 20);
tcase_add_test(tcase_verify_integrity, test_verify_integrity);
suite_add_tcase(s, tcase_verify_integrity);
-
+
TCase* tcase_open_image = tcase_create("open_image");
tcase_set_timeout(tcase_open_image, 20);
tcase_add_test(tcase_open_image, test_open_image);