Add signature verification

Use bytes2native on the digest to successfully verify the signature. Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
author: Joakim Bech <joakim.bech@linaro.org> 2016-07-20 23:18:32 +0200
committer: Joakim Bech <joakim.bech@linaro.org> 2016-08-23 23:40:23 +0200
commit: a144372af8d8e8a7214b55b743dba7fbf6351e99 (patch)
tree: d6b60ab259afc8cd49d3ca41952bc2856943ef11
parent: 6b80ce36422b6eebe9b67bb7bbc483a3d740776a (diff)
2 files changed, 7 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 4f14709..d121251 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -35,6 +35,7 @@ add_executable(ecc_test ${TINYCRYPT-SRC})
 
 set(TCSIGN-SRC source/ecc.c
 	       source/ecc_dh.c
+	       source/ecc_dsa.c
 	       source/sha256.c
 	       source/utils.c
 	       source/main.c)
diff --git a/source/main.c b/source/main.c
index a6db27e..df89579 100644
--- a/source/main.c
+++ b/source/main.c
@@ -398,6 +398,7 @@ uint32_t dfu_init_prevalidate(uint8_t *p_init_data, uint32_t init_data_len)
 	uint8_t digest[NUM_ECC_BYTES];
 	uint32_t r[NUM_ECC_DIGITS];
 	uint32_t s[NUM_ECC_DIGITS];
+	uint32_t tmp[NUM_ECC_DIGITS];
 
 	// In order to support encryption then any init packet decryption function / library
 	// should be called from here or implemented at this location.
@@ -500,6 +501,11 @@ uint32_t dfu_init_prevalidate(uint8_t *p_init_data, uint32_t init_data_len)
 	ecc_bytes2native(s, signature.p_s);
 
 	hash_data(init_data.p_data, digest, init_data.length);
+	ecc_bytes2native(tmp, digest);
+	if (ecdsa_verify(&pub, tmp, r, s) != TC_SUCCESS)
+		perror("Verification failed\n");
+	else
+		printf("Successfully verified the signature!\n");
 
 	return err_code;
 }
author	Joakim Bech <joakim.bech@linaro.org>	2016-07-20 23:18:32 +0200
committer	Joakim Bech <joakim.bech@linaro.org>	2016-08-23 23:40:23 +0200
commit	a144372af8d8e8a7214b55b743dba7fbf6351e99 (patch)
tree	d6b60ab259afc8cd49d3ca41952bc2856943ef11
parent	6b80ce36422b6eebe9b67bb7bbc483a3d740776a (diff)