Revert "[rom_ext] Use Ibex for RSA sigverify"

This reverts commit 21975f2. On the `master` branch, the `rsa_verify` function has already eliminated the OTBN code. Signed-off-by: James Wainwright <[email protected]>
lowRISC · May 21, 2024 · 7b4204f · 7b4204f
1 parent 50d0c44
commit 7b4204f
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 36 deletions.
diff --git a/sw/device/silicon_creator/lib/sigverify/rsa_verify.c b/sw/device/silicon_creator/lib/sigverify/rsa_verify.c
@@ -166,20 +166,5 @@ rom_error_t sigverify_rsa_verify(const sigverify_rsa_buffer_t *signature,
   return sigverify_encoded_message_check(&enc_msg, act_digest, flash_exec);
 }
 
-rom_error_t sigverify_rsa_verify_ibex(const sigverify_rsa_buffer_t *signature,
-                                      const sigverify_rsa_key_t *key,
-                                      const hmac_digest_t *act_digest,
-                                      lifecycle_state_t lc_state,
-                                      uint32_t *flash_exec) {
-  sigverify_rsa_buffer_t enc_msg;
-  rom_error_t error = sigverify_mod_exp_ibex(key, signature, &enc_msg);
-  if (launder32(error) != kErrorOk) {
-    *flash_exec ^= UINT32_MAX;
-    return error;
-  }
-  HARDENED_CHECK_EQ(error, kErrorOk);
-  return sigverify_encoded_message_check(&enc_msg, act_digest, flash_exec);
-}
-
 // Extern declarations for the inline functions in the header.
 extern uint32_t sigverify_rsa_success_to_ok(uint32_t v);
diff --git a/sw/device/silicon_creator/lib/sigverify/rsa_verify.h b/sw/device/silicon_creator/lib/sigverify/rsa_verify.h
@@ -42,25 +42,6 @@ rom_error_t sigverify_rsa_verify(const sigverify_rsa_buffer_t *signature,
                                  lifecycle_state_t lc_state,
                                  uint32_t *flash_exec);
 
-/**
- * Verifies an RSASSA-PKCS1-v1_5 signature.
- *
- * This function uses the Ibex software implementation only.
- *
- * @param signature Signature to be verified.
- * @param key Signer's RSA public key.
- * @param act_digest Actual digest of the message being verified.
- * @param lc_state Life cycle state of the device.
- * @param[out] flash_exec Value to write to the flash_ctrl EXEC register.
- * @return Result of the operation.
- */
-OT_WARN_UNUSED_RESULT
-rom_error_t sigverify_rsa_verify_ibex(const sigverify_rsa_buffer_t *signature,
-                                      const sigverify_rsa_key_t *key,
-                                      const hmac_digest_t *act_digest,
-                                      lifecycle_state_t lc_state,
-                                      uint32_t *flash_exec);
-
 /**
  * Transforms `kSigverifyRsaSuccess` into `kErrorOk`.
  *

diff --git a/sw/device/silicon_creator/rom_ext/rom_ext.c b/sw/device/silicon_creator/rom_ext/rom_ext.c
@@ -259,8 +259,8 @@ static rom_error_t rom_ext_verify(const manifest_t *manifest,
   memcpy(&boot_measurements.bl0, &act_digest, sizeof(boot_measurements.bl0));
 
   uint32_t flash_exec = 0;
-  return sigverify_rsa_verify_ibex(&manifest->rsa_signature, key, &act_digest,
-                                   lc_state, &flash_exec);
+  return sigverify_rsa_verify(&manifest->rsa_signature, key, &act_digest,
+                              lc_state, &flash_exec);
 }
 
 /**