Backport 25969 ([opentitantool] Correct the SHA256 hash ordering)#28781
Merged
pamaury merged 2 commits intolowRISC:masterfrom Nov 26, 2025
Merged
Backport 25969 ([opentitantool] Correct the SHA256 hash ordering)#28781pamaury merged 2 commits intolowRISC:masterfrom
pamaury merged 2 commits intolowRISC:masterfrom
Conversation
pamaury
force-pushed
the
backport_25969
branch
from
217bd0e to
f7a5c3d
Compare
pamaury
requested review from
AlexJones0,
engdoreis,
jwnrt and
nbdd0121
and removed request for
a team
pamaury
force-pushed
the
backport_25969
branch
2 times, most recently
from
607c1cf to
4d53336
Compare
Opentitanlib was computing the SHA256 hash and storing it in a fixed-sized bigint. This led to various problems dealing with the endianness of the resulting digest, including emitting digest in "little-endian" order. A SHA256 digest _is not_ an integer; it is a sequence of bytes. 1. Eliminate the bigint representation of the SHA256 digest. Give the digest struct serialization, display and parsing traits to eliminate the need for dealing with conversions for those ues cases. Add `to_vec` and `to_vec_rev` to produce the raw bytes when needed. 2. Add a `--spx-hash-reversal-bug` switch to opentitantool spx commands for cases where firmware erroneously uses a reversed digest. 3. Eliminate the copious digest reversals present in hsmtool. Add a `Sha256HashReversed` input format for cases where firmware erroneously uses a reversed digest. 4. Fix the signing rules to use the reversed format only for keys tied to a firmware implementation with the reversal bug. Signed-off-by: Chris Frantz <[email protected]> (cherry picked from commit 51e6a41)
1. Add tests that check that signatures generated with opentitantool can be verified by hsmtool. 2. Add tests that check that signatures generated with hsmtool can be verified by opentitantool. 3. Verify the correctness of the manifest digest calculcated by opentitantool. Signed-off-by: Chris Frantz <[email protected]> (cherry picked from commit 12467bb)
pamaury
force-pushed
the
backport_25969
branch
from
4d53336 to
3215d92
Compare
jwnrt
approved these changes
Nov 20, 2025
timothytrippel
approved these changes
Nov 24, 2025
moidx
approved these changes
Nov 25, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport #25969
I had to change a little bit how the annotate/serde is handle on the
Sha256Digestbecause it wasn't supported as-is by the serde-annotate used on master. Following @nbdd0121 advice, I move the#[annotate(format = "hexstr")]to the user and added back the#[serde(with = "serde_bytes")]to the field insideSha256Digest.