[ARMORED] Improved redundancy of verification

danielinux · danielinux · commit d9713d70b20a · 2026-01-11T14:52:32.000+01:00
diff --git a/include/image.h b/include/image.h
@@ -419,15 +419,27 @@ static void __attribute__((noinline)) wolfBoot_image_clear_signature_ok(
     asm volatile("ldr r2, [%0]" ::"r"(p_res)); \
     asm volatile("cmp r2, #1":::"cc"); \
     asm volatile("bne nope"); \
+    asm volatile("mvn r3, r2":::"r3"); \
+    asm volatile("cmp r3, #0xFFFFFFFE":::"cc"); \
+    asm volatile("bne nope"); \
     asm volatile("ldr r2, [%0]" ::"r"(p_res)); \
     asm volatile("cmp r2, #1":::"cc"); \
     asm volatile("bne nope"); \
+    asm volatile("mvn r3, r2":::"r3"); \
+    asm volatile("cmp r3, #0xFFFFFFFE":::"cc"); \
+    asm volatile("bne nope"); \
     asm volatile("ldr r2, [%0]" ::"r"(p_res)); \
     asm volatile("cmp r2, #1":::"cc"); \
     asm volatile("bne nope"); \
+    asm volatile("mvn r3, r2":::"r3"); \
+    asm volatile("cmp r3, #0xFFFFFFFE":::"cc"); \
+    asm volatile("bne nope"); \
     asm volatile("ldr r2, [%0]" ::"r"(p_res)); \
     asm volatile("cmp r2, #1":::"cc"); \
     asm volatile("bne nope"); \
+    asm volatile("mvn r3, r2":::"r3"); \
+    asm volatile("cmp r3, #0xFFFFFFFE":::"cc"); \
+    asm volatile("bne nope"); \
     /* Confirm that the signature is OK */ \
     wolfBoot_image_confirm_signature_ok(img); \
     asm volatile("nope:"); \
@@ -460,15 +472,27 @@ static void __attribute__((noinline)) wolfBoot_image_clear_signature_ok(
             "ldr r2, [%0]\n" \
             "cmp r2, #1\n" \
             "bne 1f\n" \
+            "mvn r3, r2\n" \
+            "cmp r3, #0xFFFFFFFE\n" \
+            "bne 1f\n" \
             "ldr r2, [%0]\n" \
             "cmp r2, #1\n" \
             "bne 1f\n" \
+            "mvn r3, r2\n" \
+            "cmp r3, #0xFFFFFFFE\n" \
+            "bne 1f\n" \
             "ldr r2, [%0]\n" \
             "cmp r2, #1\n" \
             "bne 1f\n" \
+            "mvn r3, r2\n" \
+            "cmp r3, #0xFFFFFFFE\n" \
+            "bne 1f\n" \
             "ldr r2, [%0]\n" \
             "cmp r2, #1\n" \
             "bne 1f\n" \
+            "mvn r3, r2\n" \
+            "cmp r3, #0xFFFFFFFE\n" \
+            "bne 1f\n" \
             /* Load 'img' into r0 (first argument to the function) */ \
             "mov r0, %1\n" \
             /* Load the function pointer into r3 */ \
@@ -480,7 +504,7 @@ static void __attribute__((noinline)) wolfBoot_image_clear_signature_ok(
             "2:\n" \
             : /* No output operands */ \
             : "r"(p_res), "r"(img), "r"(confirm_func) /* Input operands */ \
-            : "r0", "r2", "lr" /* Clobbered registers */ \
+            : "r0", "r2", "r3", "lr" /* Clobbered registers */ \
         ); \
     } while (0)
 #endif
@@ -507,93 +531,94 @@ static void __attribute__((noinline)) wolfBoot_image_clear_signature_ok(
 #if defined(__GNUC__)
 
 #define VERIFY_VERSION_ALLOWED(fb_ok) \
-    /* Stash the registry values */ \
-    asm volatile("push {r4, r5, r6, r7}"); \
-    /* Redundant initialization with 'failure' values */ \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("mov r4, #1":::"r4"); \
-    asm volatile("mov r5, #0":::"r5"); \
-    asm volatile("mov r6, #2":::"r6"); \
-    asm volatile("mov r7, #0":::"r7"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("mov r4, #1":::"r4"); \
-    asm volatile("mov r5, #0":::"r5"); \
-    asm volatile("mov r6, #2":::"r6"); \
-    asm volatile("mov r7, #0":::"r7"); \
-    /* Read the fb_ok flag, jump to end_check  \
-     * if proven fb_ok == 1 */ \
-    asm volatile("mov r0, %0" ::"r"(fb_ok):"r0"); \
-    asm volatile("cmp r0, #1":::"cc"); \
-    asm volatile("bne do_check"); \
-    asm volatile("cmp r0, #1":::"cc"); \
-    asm volatile("bne do_check"); \
-    asm volatile("cmp r0, #1":::"cc"); \
-    asm volatile("bne do_check"); \
-    asm volatile("b end_check"); \
-    /* Do the actual version check: */ \
-    asm volatile("do_check:"); \
-    /* Read update versions to reg r5 and r7 */ \
-    asm volatile("mov r0, #1":::"r0"); \
-    asm volatile("mov r0, #1":::"r0"); \
-    asm volatile("mov r0, #1":::"r0"); \
-    asm volatile("bl wolfBoot_get_image_version"); \
-    asm volatile("mov r5, r0":::"r5"); \
-    asm volatile("mov r5, r0":::"r5"); \
-    asm volatile("mov r5, r0":::"r5"); \
-    asm volatile("mov r0, #1":::"r0"); \
-    asm volatile("mov r0, #1":::"r0"); \
-    asm volatile("mov r0, #1":::"r0"); \
-    asm volatile("bl wolfBoot_get_image_version"); \
-    asm volatile("mov r7, r0":::"r7"); \
-    asm volatile("mov r7, r0":::"r7"); \
-    asm volatile("mov r7, r0":::"r7"); \
-    /* Compare r5 and r7, if not equal, something went very wrong, */ \
-    asm volatile("cmp r5, r7":::"cc"); \
-    asm volatile("bne ."); \
-    asm volatile("cmp r5, r7":::"cc"); \
-    asm volatile("bne .-4"); \
-    asm volatile("cmp r5, r7":::"cc"); \
-    asm volatile("bne .-8"); \
-    asm volatile("cmp r5, r7":::"cc"); \
-    asm volatile("bne .-12"); \
-    /* Read current versions to reg r4 and r6 */ \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("bl wolfBoot_get_image_version"); \
-    asm volatile("mov r4, r0":::"r4"); \
-    asm volatile("mov r4, r0":::"r4"); \
-    asm volatile("mov r4, r0":::"r4"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("bl wolfBoot_get_image_version"); \
-    asm volatile("mov r6, r0":::"r6"); \
-    asm volatile("mov r6, r0":::"r6"); \
-    asm volatile("mov r6, r0":::"r6"); \
-    asm volatile("cmp r4, r6":::"cc"); \
-    asm volatile("bne ."); \
-    asm volatile("cmp r4, r6":::"cc"); \
-    asm volatile("bne .-4"); \
-    asm volatile("cmp r4, r6":::"cc"); \
-    asm volatile("bne .-8"); \
-    asm volatile("cmp r4, r6":::"cc"); \
-    asm volatile("bne .-12"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    asm volatile("mov r0, #0":::"r0"); \
-    /* Compare the two versions in registries */ \
-    asm volatile("cmp r4, r5":::"cc"); \
-    asm volatile("bge ."); \
-    asm volatile("cmp r6, r7":::"cc"); \
-    asm volatile("bge .-4"); \
-    asm volatile("cmp r4, r5":::"cc"); \
-    asm volatile("bge .-8"); \
-    asm volatile("cmp r6, r7":::"cc"); \
-    asm volatile("bge .-12"); \
-    asm volatile("end_check:"); \
-    /* Restore previously saved registry values */ \
-    asm volatile("pop {r4, r5, r6, r7}":::"r4", "r5", "r6", "r7")
+    asm volatile( \
+        "push {r4, r5, r6, r7}\n" \
+        "mov r0, #0\n" \
+        "mov r4, #1\n" \
+        "mov r5, #0\n" \
+        "mov r6, #2\n" \
+        "mov r7, #0\n" \
+        "mov r0, #0\n" \
+        "mov r4, #1\n" \
+        "mov r5, #0\n" \
+        "mov r6, #2\n" \
+        "mov r7, #0\n" \
+        "mov r0, %0\n" \
+        "mov r4, %0\n" \
+        "cmp r0, #1\n" \
+        "bne do_check\n" \
+        "cmp r4, #1\n" \
+        "bne do_check\n" \
+        "cmp r0, r4\n" \
+        "bne do_check\n" \
+        "cmp r0, #1\n" \
+        "bne do_check\n" \
+        "b end_check\n" \
+        "do_check:\n" \
+        "mov r0, #1\n" \
+        "mov r0, #1\n" \
+        "mov r0, #1\n" \
+        "bl wolfBoot_get_image_version\n" \
+        "mov r5, r0\n" \
+        "mov r5, r0\n" \
+        "mov r5, r0\n" \
+        "mov r0, #1\n" \
+        "mov r0, #1\n" \
+        "mov r0, #1\n" \
+        "bl wolfBoot_get_image_version\n" \
+        "mov r7, r0\n" \
+        "mov r7, r0\n" \
+        "mov r7, r0\n" \
+        "cmp r5, r7\n" \
+        "bne ver_panic\n" \
+        "cmp r5, r7\n" \
+        "bne ver_panic\n" \
+        "cmp r5, r7\n" \
+        "bne ver_panic\n" \
+        "cmp r5, r7\n" \
+        "bne ver_panic\n" \
+        "mov r0, #0\n" \
+        "mov r0, #0\n" \
+        "mov r0, #0\n" \
+        "bl wolfBoot_get_image_version\n" \
+        "mov r4, r0\n" \
+        "mov r4, r0\n" \
+        "mov r4, r0\n" \
+        "mov r0, #0\n" \
+        "mov r0, #0\n" \
+        "mov r0, #0\n" \
+        "bl wolfBoot_get_image_version\n" \
+        "mov r6, r0\n" \
+        "mov r6, r0\n" \
+        "mov r6, r0\n" \
+        "cmp r4, r6\n" \
+        "bne ver_panic\n" \
+        "cmp r4, r6\n" \
+        "bne ver_panic\n" \
+        "cmp r4, r6\n" \
+        "bne ver_panic\n" \
+        "cmp r4, r6\n" \
+        "bne ver_panic\n" \
+        "mov r0, #0\n" \
+        "mov r0, #0\n" \
+        "mov r0, #0\n" \
+        "cmp r4, r5\n" \
+        "bhs ver_panic\n" \
+        "cmp r6, r7\n" \
+        "bhs ver_panic\n" \
+        "cmp r4, r5\n" \
+        "bhs ver_panic\n" \
+        "cmp r6, r7\n" \
+        "bhs ver_panic\n" \
+        "b end_check\n" \
+        "ver_panic:\n" \
+        "b .\n" \
+        "end_check:\n" \
+        "pop {r4, r5, r6, r7}\n" \
+        : \
+        : "r"(fb_ok) \
+        : "r0", "r4", "r5", "r6", "r7", "lr", "cc", "memory" \
+    )
 
 #elif defined(__ICCARM__) && defined(__IAR_SYSTEMS_ICC__)
 
@@ -612,10 +637,25 @@ static void __attribute__((noinline)) wolfBoot_image_clear_signature_ok(
             "mov r6, #2\n" \
             "mov r7, #0\n" \
             "mov r0, %0\n" \
+            "mov r4, %0\n" \
+            "cmp r0, #0\n" \
+            "beq 4f\n" \
             "cmp r0, #1\n" \
-            "bne 1f\n" \
+            "beq 4f\n" \
+            "bkpt 0xE1\n" \
+            "4:\n" \
+            "cmp r4, #0\n" \
+            "beq 5f\n" \
+            "cmp r4, #1\n" \
+            "beq 5f\n" \
+            "bkpt 0xE1\n" \
+            "5:\n" \
             "cmp r0, #1\n" \
             "bne 1f\n" \
+            "cmp r4, #1\n" \
+            "bne 1f\n" \
+            "cmp r0, r4\n" \
+            "bne 1f\n" \
             "cmp r0, #1\n" \
             "bne 1f\n" \
             "b 2f\n" \
@@ -635,13 +675,13 @@ static void __attribute__((noinline)) wolfBoot_image_clear_signature_ok(
             "mov r7, r0\n" \
             "mov r7, r0\n" \
             "cmp r5, r7\n" \
-            "bne .\n" \
+            "bne 3f\n" \
             "cmp r5, r7\n" \
-            "bne .-4\n" \
+            "bne 3f\n" \
             "cmp r5, r7\n" \
-            "bne .-8\n" \
+            "bne 3f\n" \
             "cmp r5, r7\n" \
-            "bne .-12\n" \
+            "bne 3f\n" \
             "mov r0, #0\n" \
             "mov r0, #0\n" \
             "mov r0, #0\n" \
@@ -657,24 +697,27 @@ static void __attribute__((noinline)) wolfBoot_image_clear_signature_ok(
             "mov r6, r0\n" \
             "mov r6, r0\n" \
             "cmp r4, r6\n" \
-            "bne .\n" \
+            "bne 3f\n" \
             "cmp r4, r6\n" \
-            "bne .-4\n" \
+            "bne 3f\n" \
             "cmp r4, r6\n" \
-            "bne .-8\n" \
+            "bne 3f\n" \
             "cmp r4, r6\n" \
-            "bne .-12\n" \
+            "bne 3f\n" \
             "mov r0, #0\n" \
             "mov r0, #0\n" \
             "mov r0, #0\n" \
             "cmp r4, r5\n" \
-            "bge .\n" \
+            "bhs 3f\n" \
             "cmp r6, r7\n" \
-            "bge .-4\n" \
+            "bhs 3f\n" \
             "cmp r4, r5\n" \
-            "bge .-8\n" \
+            "bhs 3f\n" \
             "cmp r6, r7\n" \
-            "bge .-12\n" \
+            "bhs 3f\n" \
+            "b 2f\n" \
+            "3:\n" \
+            "b .\n" \
             "2:\n" \
             "pop {r4, r5, r6, r7}\n" \
             : /* No output operands */ \
diff --git a/src/image.c b/src/image.c
@@ -803,6 +803,26 @@ static void wolfBoot_verify_signature_ml_dsa(uint8_t key_slot,
                                  img->sha_hash, WOLFBOOT_SHA_DIGEST_SIZE,
                                  &verify_res);
 
+    #ifdef WOLFBOOT_ARMORED
+        if (ret == 0) {
+            uint32_t v = (uint32_t)verify_res;
+            uint32_t v_inv = ~v;
+            if ((v == 1U) && (v_inv == 0xFFFFFFFEU) &&
+                (v == (uint32_t)verify_res) &&
+                (v_inv == ~(uint32_t)verify_res)) {
+                wolfBoot_printf("info: wc_MlDsaKey_Verify returned OK\n");
+                wolfBoot_image_confirm_signature_ok(img);
+            }
+            else {
+                wolfBoot_printf("error: wc_MlDsaKey_Verify returned: ret=%d, "
+                                "res=%d\n", ret, verify_res);
+            }
+        }
+        else {
+            wolfBoot_printf("error: wc_MlDsaKey_Verify returned: ret=%d, "
+                            "res=%d\n", ret, verify_res);
+        }
+    #else
         if (ret == 0 && verify_res == 1) {
             wolfBoot_printf("info: wc_MlDsaKey_Verify returned OK\n");
             wolfBoot_image_confirm_signature_ok(img);
@@ -811,6 +831,7 @@ static void wolfBoot_verify_signature_ml_dsa(uint8_t key_slot,
             wolfBoot_printf("error: wc_MlDsaKey_Verify returned: ret=%d, "
                             "res=%d\n", ret, verify_res);
         }
+    #endif
     }
 
     wc_MlDsaKey_Free(&ml_dsa);
@@ -2150,8 +2171,15 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img)
     wolfBoot_verify_signature_primary(key_slot, img, stored_signature);
     (void)stored_signature_size;
 
+#ifdef WOLFBOOT_ARMORED
+#define SIG_OK(imgp) (((imgp)->signature_ok == 1) && \
+                      ((imgp)->not_signature_ok == ~(uint32_t)1))
+#else
+#define SIG_OK(imgp) ((imgp)->signature_ok == 1)
+#endif
+
 #ifdef SIGN_HYBRID
-    if (img->signature_ok == 1) {
+    if (SIG_OK(img)) {
         uint8_t *stored_secondary_signature;
         uint16_t stored_secondary_signature_size;
         /* Invalidate the signature_ok flag */
@@ -2177,10 +2205,18 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img)
         }
     }
 #endif
-    if (img->signature_ok == 1) {
+#ifdef WOLFBOOT_ARMORED
+    if (SIG_OK(img)) {
         return 0;
     }
     return -2;
+#else
+    if (SIG_OK(img)) {
+        return 0;
+    }
+    return -2;
+#endif
+#undef SIG_OK
 }
 #endif
 
diff --git a/src/update_flash.c b/src/update_flash.c
