From 186ac885832f9907c37218ce34db98fd95778386 Mon Sep 17 00:00:00 2001
From: Roland Mikhel <roland.mikhel@arm.com>
Date: Thu, 13 Apr 2023 20:43:14 +0200
Subject: [PATCH] bootutil: Fix FIH return type for EC256

For bootutil_verify_sig the declaration expects fih_ret
as the return type not fih_int, this has now been fixed.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: If5943758bebdbf401b1eb387de334fa19a3a7781
---
 boot/bootutil/src/image_ec256.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/boot/bootutil/src/image_ec256.c b/boot/bootutil/src/image_ec256.c
index 4858d9aa..b06c2813 100644
--- a/boot/bootutil/src/image_ec256.c
+++ b/boot/bootutil/src/image_ec256.c
@@ -35,7 +35,7 @@
 #include "bootutil/fault_injection_hardening.h"
 #include "bootutil/crypto/ecdsa_p256.h"
 
-fih_int
+fih_ret
 bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, size_t slen,
                     uint8_t key_id)
 {
@@ -51,11 +51,16 @@ bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, size_t slen,
 
     rc = bootutil_ecdsa_p256_parse_public_key(&ctx, &pubkey, end);
     if (rc) {
-        FIH_SET(fih_rc, FIH_FAILURE);
-        FIH_RET(fih_rc);
+        goto out;
     }
 
-    FIH_CALL(bootutil_ecdsa_p256_verify, fih_rc, &ctx, pubkey, end-pubkey, hash, hlen, sig, slen);
+    rc = bootutil_ecdsa_p256_verify(&ctx, pubkey, end-pubkey, hash, hlen, sig, slen);
+    fih_rc = fih_ret_encode_zero_equality(rc);
+    if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
+        FIH_SET(fih_rc, FIH_FAILURE);
+    }
+
+out:
     bootutil_ecdsa_p256_drop(&ctx);
 
     FIH_RET(fih_rc);