Cleanups for quote/signed timestamp in H5 sample app.

dgarske · dgarske · commit 167263792934 · 2025-11-06T15:31:58.000-08:00
diff --git a/test-app/app_stm32h5.c b/test-app/app_stm32h5.c
@@ -151,6 +151,7 @@ void extra_led_off(void)
 }
 
 extern int ecdsa_sign_verify(int devId);
+static void print_signature(const TPMT_SIGNATURE* sig);
 
 /* Command line commands */
 static int cmd_help(const char *args);
@@ -194,7 +195,7 @@ struct console_command COMMANDS[] =
     {cmd_success, "success", "confirm a successful update"},
     {cmd_login_pkcs11, "pkcs11", "enable and test crypto calls with PKCS11 in secure mode" },
     {cmd_random, "random", "generate a random number"},
-    {cmd_timestamp, "timestamp", "print the current timestamp"},
+    {cmd_timestamp, "timestamp", "print the current systick/timestamp"},
     {cmd_benchmark, "benchmark", "run the wolfCrypt benchmark"},
     {cmd_test, "test", "run the wolfCrypt test"},
     {cmd_update_xmodem, "update", "update the firmware via XMODEM"},
@@ -204,7 +205,7 @@ struct console_command COMMANDS[] =
 #ifdef WOLFTPM_MFG_IDENTITY
     {cmd_tpm_idevid, "idevid", "show Initial Device Identification (IDevID) certificate"},
     {cmd_tpm_iak, "iak", "show Initial Attestation Identification (IAK) certificate"},
-    {cmd_tpm_signed_timestamp, "signed_timestamp", "TPM IAK signed timestamp attestation report"},
+    {cmd_tpm_signed_timestamp, "signed_time", "TPM IAK signed timestamp attestation report"},
     {cmd_tpm_quote, "quote", "TPM IAK signed PCR(s) attestation report"},
 #endif
 #endif
@@ -894,6 +895,8 @@ static int cmd_tpm_signed_timestamp(const char *args)
         /* a TPM vendor-specific value indicating the version number of the firmware */
         printf("\tFirmware Version (vendor specific): 0x%lX\n",
             (unsigned long)timeAttest.attested.time.firmwareVersion);
+
+        print_signature(&getTime.signature);
     }
 
     if (rc != 0) {
@@ -905,6 +908,29 @@ static int cmd_tpm_signed_timestamp(const char *args)
     return rc;
 }
 
+static void print_signature(const TPMT_SIGNATURE* sig)
+{
+    char algName[24];
+    printf("\tTPM generated %s signature:\n",
+        wolfBoot_tpm2_get_alg_name(sig->sigAlg, algName, sizeof(algName)));
+    printf("\tHash algorithm: %s\n",
+        wolfBoot_tpm2_get_alg_name(sig->signature.any.hashAlg, algName, sizeof(algName)));
+    switch (sig->sigAlg) {
+        case TPM_ALG_ECDSA:
+        case TPM_ALG_ECDAA:
+            printf("\tR size: %d\n", sig->signature.ecdsa.signatureR.size);
+            print_hex(sig->signature.ecdsa.signatureR.buffer, sig->signature.ecdsa.signatureR.size, 0);
+            printf("\tS size: %d\n", sig->signature.ecdsa.signatureS.size);
+            print_hex(sig->signature.ecdsa.signatureS.buffer, sig->signature.ecdsa.signatureS.size, 0);
+            break;
+        case TPM_ALG_RSASSA:
+        case TPM_ALG_RSAPSS:
+            printf("\tSignature size: %d\n", sig->signature.rsassa.sig.size);
+            print_hex(sig->signature.rsassa.sig.buffer, sig->signature.rsassa.sig.size, 0);
+            break;
+    };
+}
+
 static int cmd_tpm_quote(const char *args)
 {
     int rc;
@@ -913,7 +939,6 @@ static int cmd_tpm_quote(const char *args)
     TPMS_ATTEST quoteAttest;
     uint8_t  pcrArray[1];
     uint32_t pcrArraySz = 0;
-    char algName[24];
 
 #ifdef WOLFBOOT_MEASURED_PCR_A
     pcrArray[0] = WOLFBOOT_MEASURED_PCR_A;
@@ -931,33 +956,15 @@ static int cmd_tpm_quote(const char *args)
         rc = wolfBoot_tpm2_parse_attest(&quoteResult.quoted, &quoteAttest);
     }
     if (rc == 0) {
-        TPMT_SIGNATURE* sig = &quoteResult.signature;
         printf("TPM with signature attests (type 0x%x):\n", quoteAttest.type);
-        printf("\tTPM signed %lu count of PCRs\n",
+        printf("\tTPM signed %lu PCRs\n",
             (unsigned long)quoteAttest.attested.quote.pcrSelect.count);
 
         printf("\tPCR digest:\n");
         print_hex(quoteAttest.attested.quote.pcrDigest.buffer,
                   quoteAttest.attested.quote.pcrDigest.size, 0);
 
-        printf("\tTPM generated %s signature:\n",
-            wolfBoot_tpm2_get_alg_name(sig->sigAlg, algName, sizeof(algName)));
-        printf("\tHash algorithm: %s\n",
-            wolfBoot_tpm2_get_alg_name(sig->signature.any.hashAlg, algName, sizeof(algName)));
-        switch (sig->sigAlg) {
-            case TPM_ALG_ECDSA:
-            case TPM_ALG_ECDAA:
-                printf("\tR size: %d\n", sig->signature.ecdsa.signatureR.size);
-                print_hex(sig->signature.ecdsa.signatureR.buffer, sig->signature.ecdsa.signatureR.size, 0);
-                printf("\tS size: %d\n", sig->signature.ecdsa.signatureS.size);
-                print_hex(sig->signature.ecdsa.signatureS.buffer, sig->signature.ecdsa.signatureS.size, 0);
-                break;
-            case TPM_ALG_RSASSA:
-            case TPM_ALG_RSAPSS:
-                printf("\tSignature size: %d\n", sig->signature.rsassa.sig.size);
-                print_hex(sig->signature.rsassa.sig.buffer, sig->signature.rsassa.sig.size, 0);
-                break;
-        };
+        print_signature(&quoteResult.signature);
     }
     else {
         char error[100];
