Fix ext_LMS / ext_XMSS regressions

include/image.h

@@ -95,10 +95,10 @@ int wolfBot_get_dts_size(void *dts_addr);
         defined (WOLFBOOT_SIGN_PRIMARY_ECC521)
 #define wolfBoot_verify_signature_primary wolfBoot_verify_signature_ecc
 #endif
-#ifdef WOLFBOOT_SIGN_PRIMARY_LMS
+#if defined(WOLFBOOT_SIGN_PRIMARY_LMS) || defined(WOLFBOOT_SIGN_PRIMARY_ext_LMS)
 #define wolfBoot_verify_signature_primary wolfBoot_verify_signature_lms
 #endif
-#ifdef WOLFBOOT_SIGN_PRIMARY_XMSS
+#if defined(WOLFBOOT_SIGN_PRIMARY_XMSS ) || defined(WOLFBOOT_SIGN_PRIMARY_ext_XMSS)
 #define wolfBoot_verify_signature_primary wolfBoot_verify_signature_xmss
 #endif
 #ifdef WOLFBOOT_SIGN_PRIMARY_ML_DSA

include/loader.h

@@ -53,35 +53,6 @@ extern "C" {
 #endif
 
 
-
-#if 0
-#if defined(WOLFBOOT_SIGN_ED25519)
-#   define IMAGE_SIGNATURE_SIZE (64)
-#elif defined(WOLFBOOT_SIGN_ED448)
-#   define IMAGE_SIGNATURE_SIZE (114)
-#elif defined(WOLFBOOT_SIGN_ECC256)
-#   define IMAGE_SIGNATURE_SIZE (64)
-#elif defined(WOLFBOOT_SIGN_ECC384)
-#   define IMAGE_SIGNATURE_SIZE (96)
-#elif defined(WOLFBOOT_SIGN_ECC521)
-#   define IMAGE_SIGNATURE_SIZE (132)
-#elif defined(WOLFBOOT_SIGN_RSA2048)
-#   define IMAGE_SIGNATURE_SIZE (256)
-#elif defined(WOLFBOOT_SIGN_RSA3072)
-#   define IMAGE_SIGNATURE_SIZE (384)
-#elif defined(WOLFBOOT_SIGN_RSA4096)
-#   define IMAGE_SIGNATURE_SIZE (512)
-/* In PQC methods the signature size is a function of
- * the parameters. Therefore IMAGE_SIGNATURE_SIZE is
- * set in options.mk from the .config file. */
-#elif defined(WOLFBOOT_SIGN_LMS)
-#elif defined(WOLFBOOT_SIGN_XMSS)
-#elif defined(WOLFBOOT_SIGN_ML_DSA)
-#elif !defined(WOLFBOOT_NO_SIGN)
-#   error "No public key available for given signing algorithm."
-#endif /* Algorithm selection */
-#endif
-
 void wolfBoot_start(void);
 
 #if defined(ARCH_ARM) && defined(WOLFBOOT_ARMORED)

options.mk

@@ -377,6 +377,7 @@ ifeq ($(SIGN),ext_LMS)
   LMSDIR = lib/hash-sigs
   KEYGEN_OPTIONS+=--lms
   SIGN_OPTIONS+=--lms
+  CFLAGS+=-D"LMS_IMAGE_SIGNATURE_SIZE"=$(IMAGE_SIGNATURE_SIZE)
   WOLFCRYPT_OBJS+= \
     ./$(LMSDIR)/src/hss_verify.o \
     ./$(LMSDIR)/src/hss_verify_inc.o \
@@ -390,10 +391,7 @@ ifeq ($(SIGN),ext_LMS)
     ./$(LMSDIR)/src/endian.o \
     ./$(LMSDIR)/src/hash.o \
     ./$(LMSDIR)/src/sha256.o \
-    ./lib/wolfssl/wolfcrypt/src/ext_lms.o \
-    ./lib/wolfssl/wolfcrypt/src/memory.o \
-    ./lib/wolfssl/wolfcrypt/src/wc_port.o \
-    ./lib/wolfssl/wolfcrypt/src/hash.o
+    ./lib/wolfssl/wolfcrypt/src/ext_lms.o
   CFLAGS+=-D"WOLFBOOT_SIGN_LMS" -D"WOLFSSL_HAVE_LMS" -D"HAVE_LIBLMS" \
     -D"LMS_LEVELS=$(LMS_LEVELS)" -D"LMS_HEIGHT=$(LMS_HEIGHT)" \
     -D"LMS_WINTERNITZ=$(LMS_WINTERNITZ)" -I$(LMSDIR)/src \
@@ -439,6 +437,7 @@ ifeq ($(SIGN),ext_XMSS)
   XMSSDIR = lib/xmss
   KEYGEN_OPTIONS+=--xmss
   SIGN_OPTIONS+=--xmss
+  CFLAGS+=-D"XMSS_IMAGE_SIGNATURE_SIZE"=$(IMAGE_SIGNATURE_SIZE)
   WOLFCRYPT_OBJS+= \
     ./$(XMSSDIR)/params.o \
     ./$(XMSSDIR)/thash.o \
@@ -448,10 +447,7 @@ ifeq ($(SIGN),ext_XMSS)
     ./$(XMSSDIR)/xmss_core_fast.o \
     ./$(XMSSDIR)/xmss_commons.o \
     ./$(XMSSDIR)/utils.o \
-    ./lib/wolfssl/wolfcrypt/src/ext_xmss.o \
-    ./lib/wolfssl/wolfcrypt/src/memory.o \
-    ./lib/wolfssl/wolfcrypt/src/wc_port.o \
-    ./lib/wolfssl/wolfcrypt/src/hash.o
+    ./lib/wolfssl/wolfcrypt/src/ext_xmss.o
   CFLAGS+=-D"WOLFBOOT_SIGN_XMSS" -D"WOLFSSL_HAVE_XMSS" -D"HAVE_LIBXMSS" \
     -DWOLFBOOT_XMSS_PARAMS=\"$(XMSS_PARAMS)\" -I$(XMSSDIR) \
     -D"IMAGE_SIGNATURE_SIZE"=$(IMAGE_SIGNATURE_SIZE) \