From abb5d0fab62fc5761f46ad65a7c582db5cfb5e1c Mon Sep 17 00:00:00 2001
From: Benjamin Valentin <benjamin.valentin@ml-pa.com>
Date: Mon, 15 Aug 2022 19:17:03 +0200
Subject: [PATCH] suit: try multiple keys

---
 .../suit_tool/get_pubkey.py                   |  4 +--
 sys/suit/handlers_envelope.c                  | 29 +++++++++++++++----
 2 files changed, 26 insertions(+), 7 deletions(-)

diff --git a/dist/tools/suit/suit-manifest-generator/suit_tool/get_pubkey.py b/dist/tools/suit/suit-manifest-generator/suit_tool/get_pubkey.py
index b9f075bb0b..7289e37503 100644
--- a/dist/tools/suit/suit-manifest-generator/suit_tool/get_pubkey.py
+++ b/dist/tools/suit/suit-manifest-generator/suit_tool/get_pubkey.py
@@ -49,11 +49,11 @@ def to_header(pk):
     if isinstance(pk, ed25519.Ed25519PrivateKey):
         public_bytes = pk.public_key().public_bytes(ks.Encoding.Raw,
                                                       ks.PublicFormat.Raw)
-        public_c_def = ['const uint8_t public_key[] = {'] + textwrap.wrap(
+        public_c_def = ['{'] + textwrap.wrap(
             ', '.join(['{:0=#4x}'.format(x) for x in public_bytes]),
             76
         )
-        return str.encode('\n    '.join(public_c_def) + '\n};\n')
+        return str.encode('\n    '.join(public_c_def) + '\n},\n')
 
 
 OutputFormaters = {
diff --git a/sys/suit/handlers_envelope.c b/sys/suit/handlers_envelope.c
index 4a1df3087d..e63131c866 100644
--- a/sys/suit/handlers_envelope.c
+++ b/sys/suit/handlers_envelope.c
@@ -32,17 +32,18 @@
 #include "suit/handlers.h"
 #include "suit.h"
 
-static int _auth_handler(suit_manifest_t *manifest, int key,
-                         nanocbor_value_t *it)
+static int _verify_with_key(suit_manifest_t *manifest, const nanocbor_value_t *it,
+                            const void *key)
 {
-    (void)key;
     cose_sign_dec_t verify;
     const uint8_t *cose_buf;
     const uint8_t *auth_container;
     size_t auth_container_len;
     size_t cose_len = 0;
+    nanocbor_value_t tmp = *it;
+
     /* It is a list of cose signatures */
-    if (nanocbor_get_bstr(it, &auth_container, &auth_container_len) < 0) {
+    if (nanocbor_get_bstr(&tmp, &auth_container, &auth_container_len) < 0) {
         LOG_INFO("Unable to get auth container\n");
         return SUIT_ERR_INVALID_MANIFEST;
     }
@@ -51,7 +52,7 @@ static int _auth_handler(suit_manifest_t *manifest, int key,
     cose_key_t pkey;
     cose_key_init(&pkey);
     cose_key_set_keys(&pkey, COSE_EC_CURVE_ED25519, COSE_ALGO_EDDSA,
-                      (uint8_t *)public_key, NULL, NULL);
+                      (void *)key, NULL, NULL);
 
     nanocbor_value_t _cont, arr;
     nanocbor_decoder_init(&_cont, auth_container, auth_container_len);
@@ -96,6 +97,7 @@ static int _auth_handler(suit_manifest_t *manifest, int key,
             }
             else {
                 LOG_INFO("Unable to validate signature: %d\n", verification);
+                res = SUIT_ERR_SIGNATURE;
             }
         }
     }
@@ -103,6 +105,23 @@ static int _auth_handler(suit_manifest_t *manifest, int key,
     return res;
 }
 
+static int _auth_handler(suit_manifest_t *manifest, int key,
+                         nanocbor_value_t *it)
+{
+    (void)key;
+
+    int res = 0;
+
+    for (unsigned i = 0; i < ARRAY_SIZE(public_key); ++i) {
+        res = _verify_with_key(manifest, it, public_key[i]);
+        if (res != SUIT_ERR_SIGNATURE) {
+            break;
+        }
+    }
+
+    return res;
+}
+
 static int _manifest_handler(suit_manifest_t *manifest, int key,
                              nanocbor_value_t *it)
 {