mcu-tools · de-nordic · Nov 19, 2025 · Nov 19, 2025 · Nov 19, 2025
@@ -281,18 +281,15 @@ struct boot_sector_buffer {
 #endif
 };
 
-/* The function is intended for verification of image hash against
- * provided signature.
+/* The function is intended for verification of message hash against
+ * provided signature. If MCUBOOT_SIGN_PURE is enabled the function
+ * expects msg to point to image to verify signature over, and mlen
+ * is image size; otherwise msg is expected  to be pointer to hash of
+ * an image and mlen to length of the hash.
  */
-fih_ret bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig,
+fih_ret bootutil_verify_sig(uint8_t *msg, uint32_t mlen, uint8_t *sig,
                             size_t slen, uint8_t key_id);
 
-/* The function is intended for direct verification of image
- * against provided signature.
- */
-fih_ret bootutil_verify_img(uint8_t *img, uint32_t size,
-                            uint8_t *sig, size_t slen, uint8_t key_id);
-
 fih_ret boot_fih_memequal(const void *s1, const void *s2, size_t n);
 
 const struct flash_area *boot_find_status(const struct boot_loader_state *state,

@@ -83,8 +83,8 @@ bootutil_import_key(uint8_t **cp, uint8_t *end)
  * The function does key import and checks whether signature is
  * of expected length.
  */
-static fih_ret
-bootutil_verify(uint8_t *buf, uint32_t blen,
+fih_ret
+bootutil_verify_sig(uint8_t *msg, uint32_t mlen,
                 uint8_t *sig, size_t slen,
                 uint8_t key_id)
 {
@@ -93,10 +93,18 @@ bootutil_verify(uint8_t *buf, uint32_t blen,
     uint8_t *pubkey;
     uint8_t *end;
 
-    BOOT_LOG_DBG("bootutil_verify: ED25519 key_id %d", (int)key_id);
+    BOOT_LOG_DBG("bootutil_verify_sig: ED25519 key_id %d", (int)key_id);
+
+#if !defined(MCUBOOT_SIGN_PURE)
+    if (mlen != IMAGE_HASH_SIZE) {
+        BOOT_LOG_DBG("bootutil_verify_sig: expected hash len %d, got %d",
+                     IMAGE_HASH_SIZE, mlen);
+        goto out;
+    }
+#endif
 
     if (slen != EDDSA_SIGNATURE_LENGTH) {
-        BOOT_LOG_DBG("bootutil_verify: expected slen %d, got %u",
+        BOOT_LOG_DBG("bootutil_verify_sig: expected slen %d, got %u",
                      EDDSA_SIGNATURE_LENGTH, (unsigned int)slen);
         FIH_SET(fih_rc, FIH_FAILURE);
         goto out;
@@ -108,7 +116,7 @@ bootutil_verify(uint8_t *buf, uint32_t blen,
 #if !defined(MCUBOOT_KEY_IMPORT_BYPASS_ASN)
     rc = bootutil_import_key(&pubkey, end);
     if (rc) {
-        BOOT_LOG_DBG("bootutil_verify: import key failed %d", rc);
+        BOOT_LOG_DBG("bootutil_verify_sig: import key failed %d", rc);
         FIH_SET(fih_rc, FIH_FAILURE);
         goto out;
     }
@@ -118,7 +126,7 @@ bootutil_verify(uint8_t *buf, uint32_t blen,
      * There is no check whether this is the correct key,
      * here, by the algorithm selected.
      */
-    BOOT_LOG_DBG("bootutil_verify: bypass ASN1");
+    BOOT_LOG_DBG("bootutil_verify_sig: bypass ASN1");
     if (*bootutil_keys[key_id].len < NUM_ED25519_BYTES) {
         FIH_SET(fih_rc, FIH_FAILURE);
         goto out;
@@ -127,7 +135,7 @@ bootutil_verify(uint8_t *buf, uint32_t blen,
     pubkey = end - NUM_ED25519_BYTES;
 #endif
 
-    rc = ED25519_verify(buf, blen, sig, pubkey);
+    rc = ED25519_verify(msg, mlen, sig, pubkey);
 
     if (rc == 0) {
         /* if verify returns 0, there was an error. */
@@ -141,51 +149,4 @@ bootutil_verify(uint8_t *buf, uint32_t blen,
     FIH_RET(fih_rc);
 }
 
-/* Hash signature verification function.
- * Verifies hash against provided signature.
- * The function verifies that hash is of expected size and then
- * calls bootutil_verify to do the signature verification.
- */
-fih_ret
-bootutil_verify_sig(uint8_t *hash, uint32_t hlen,
-                    uint8_t *sig, size_t slen,
-                    uint8_t key_id)
-{
-    FIH_DECLARE(fih_rc, FIH_FAILURE);
-
-    BOOT_LOG_DBG("bootutil_verify_sig: ED25519 key_id %d", (int)key_id);
-
-    if (hlen != IMAGE_HASH_SIZE) {
-        BOOT_LOG_DBG("bootutil_verify_sig: expected hlen %d, got %d",
-                     IMAGE_HASH_SIZE, hlen);
-        FIH_SET(fih_rc, FIH_FAILURE);
-        goto out;
-    }
-
-    FIH_CALL(bootutil_verify, fih_rc, hash, IMAGE_HASH_SIZE, sig,
-             slen, key_id);
-
-out:
-    FIH_RET(fih_rc);
-}
-
-/* Image verification function.
- * The function directly calls bootutil_verify to verify signature
- * of image.
- */
-fih_ret
-bootutil_verify_img(uint8_t *img, uint32_t size,
-                    uint8_t *sig, size_t slen,
-                    uint8_t key_id)
-{
-    FIH_DECLARE(fih_rc, FIH_FAILURE);
-
-    BOOT_LOG_DBG("bootutil_verify_img: ED25519 key_id %d", (int)key_id);
-
-    FIH_CALL(bootutil_verify, fih_rc, img, size, sig,
-             slen, key_id);
-
-    FIH_RET(fih_rc);
-}
-
 #endif /* MCUBOOT_SIGN_ED25519 */
@@ -422,7 +422,7 @@ bootutil_img_validate(struct boot_loader_state *state,
              * a device to memory. The pointer is beginning of image in flash,
              * so offset of area, the range is header + image + protected tlvs.
              */
-            FIH_CALL(bootutil_verify_img, valid_signature, (void *)(base + flash_area_get_off(fap)),
+            FIH_CALL(bootutil_verify_sig, valid_signature, (void *)(base + flash_area_get_off(fap)),
                      hdr->ih_hdr_size + hdr->ih_img_size + hdr->ih_protect_tlv_size,
                      buf, len, key_id);
 #endif