From 421626cdc49cab03f9b4071ee9e836f8d095aa20 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 11 Sep 2016 16:39:20 -0400 Subject: Explicit initialization of keystore drivers instead of guessing. --- hal_internal.h | 20 ++++++++++++++++++++ ks_flash.c | 29 +++++++++++++---------------- ks_volatile.c | 27 +++++++++++++++++++++------ rpc_server.c | 18 ++++++++++++++++-- 4 files changed, 70 insertions(+), 24 deletions(-) diff --git a/hal_internal.h b/hal_internal.h index cc2d749..5e6b939 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -390,6 +390,10 @@ typedef struct hal_ks hal_ks_t; struct hal_ks_driver { + hal_error_t (*init)(const hal_ks_driver_t * const driver); + + hal_error_t (*shutdown)(const hal_ks_driver_t * const driver); + hal_error_t (*open)(const hal_ks_driver_t * const driver, hal_ks_t **ks); @@ -430,6 +434,22 @@ extern const hal_ks_driver_t hal_ks_volatile_driver[1], hal_ks_token_driver[1]; +static inline hal_error_t hal_ks_init(const hal_ks_driver_t * const driver) +{ + if (driver == NULL || driver->init == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + + return driver->init(driver); +} + +static inline hal_error_t hal_ks_shutdown(const hal_ks_driver_t * const driver) +{ + if (driver == NULL || driver->shutdown == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + + return driver->shutdown(driver); +} + static inline hal_error_t hal_ks_open(const hal_ks_driver_t * const driver, hal_ks_t **ks) { diff --git a/ks_flash.c b/ks_flash.c index a53edcf..c9c37b8 100644 --- a/ks_flash.c +++ b/ks_flash.c @@ -100,13 +100,10 @@ static inline uint32_t _get_key_offset(uint32_t num) return offset; } -static hal_error_t ks_init(void) +static hal_error_t ks_init(const hal_ks_driver_t * const driver) { - if (db.ks.driver == hal_ks_token_driver) - return LIBHAL_OK; - if (db.ks.driver != NULL) - return HAL_ERROR_IMPOSSIBLE; + return HAL_ERROR_KEYSTORE_ACCESS; uint8_t page_buf[KEYSTORE_PAGE_SIZE]; uint32_t idx = 0; /* Current index into db.keys[] */ @@ -188,11 +185,19 @@ static hal_error_t ks_init(void) idx++; } - db.ks.driver = hal_ks_token_driver; + db.ks.driver = driver; return LIBHAL_OK; } +static hal_error_t ks_shutdown(const hal_ks_driver_t * const driver) +{ + if (db.ks.driver != driver) + return HAL_ERROR_KEYSTORE_ACCESS; + memset(&db, 0, sizeof(db)); + return LIBHAL_OK; +} + static hal_error_t _write_data_to_flash(const uint32_t offset, const uint8_t *data, const size_t len) { uint8_t page_buf[KEYSTORE_PAGE_SIZE]; @@ -258,14 +263,9 @@ static hal_error_t _write_db_to_flash(const uint32_t sector_offset) static hal_error_t ks_open(const hal_ks_driver_t * const driver, hal_ks_t **ks) { - hal_error_t err; - if (driver != hal_ks_token_driver || ks == NULL) return HAL_ERROR_BAD_ARGUMENTS; - if ((err = ks_init()) != LIBHAL_OK) - return err; - *ks = &db.ks; return LIBHAL_OK; } @@ -505,6 +505,8 @@ static hal_error_t ks_delete(hal_ks_t *ks, } const hal_ks_driver_t hal_ks_token_driver[1] = {{ + ks_init, + ks_shutdown, ks_open, ks_close, ks_store, @@ -525,11 +527,6 @@ hal_error_t hal_get_pin(const hal_user_t user, if (pin == NULL) return HAL_ERROR_BAD_ARGUMENTS; - hal_error_t err; - - if ((err = ks_init()) != LIBHAL_OK) - return err; - switch (user) { case HAL_USER_WHEEL: *pin = &db.wheel_pin; break; case HAL_USER_SO: *pin = &db.so_pin; break; diff --git a/ks_volatile.c b/ks_volatile.c index c38d568..290c356 100644 --- a/ks_volatile.c +++ b/ks_volatile.c @@ -88,11 +88,7 @@ typedef struct { } ks_t; static db_t volatile_db; - -static ks_t volatile_ks = { - { hal_ks_volatile_driver }, - &volatile_db -}; +static ks_t volatile_ks; static inline ks_t *ks_to_ksv(hal_ks_t *ks) { @@ -128,12 +124,29 @@ static hal_error_t ks_init(db_t *db) return err; } +static hal_error_t ks_volatile_init(const hal_ks_driver_t * const driver) +{ + if (volatile_ks.ks.driver != NULL) + return HAL_ERROR_KEYSTORE_ACCESS; + volatile_ks.ks.driver = driver; + volatile_ks.db = &volatile_db; + return ks_init(volatile_ks.db); +} + +static hal_error_t ks_volatile_shutdown(const hal_ks_driver_t * const driver) +{ + if (volatile_ks.ks.driver != driver) + return HAL_ERROR_KEYSTORE_ACCESS; + memset(&volatile_ks, 0, sizeof(volatile_ks)); + return HAL_OK; +} + static hal_error_t ks_volatile_open(const hal_ks_driver_t * const driver, hal_ks_t **ks) { assert(driver != NULL && ks != NULL); *ks = &volatile_ks.ks; - return ks_init(volatile_ks.db); + return HAL_OK; } static hal_error_t ks_volatile_close(hal_ks_t *ks) @@ -294,6 +307,8 @@ static hal_error_t ks_list(hal_ks_t *ks, } const hal_ks_driver_t hal_ks_volatile_driver[1] = {{ + ks_volatile_init, + ks_volatile_shutdown, ks_volatile_open, ks_volatile_close, ks_store, diff --git a/rpc_server.c b/rpc_server.c index 9397d3e..22e354a 100644 --- a/rpc_server.c +++ b/rpc_server.c @@ -807,12 +807,26 @@ const hal_rpc_pkey_dispatch_t *hal_rpc_pkey_dispatch = &hal_rpc_local_pkey_dispa hal_error_t hal_rpc_server_init(void) { - return hal_rpc_server_transport_init(); + hal_error_t err; + + if ((err = hal_ks_init(hal_ks_volatile_driver)) != HAL_OK || + (err = hal_ks_init(hal_ks_token_driver)) != HAL_OK || + (err = hal_rpc_server_transport_init()) != HAL_OK) + return err; + + return HAL_OK; } hal_error_t hal_rpc_server_close(void) { - return hal_rpc_server_transport_close(); + hal_error_t err; + + if ((err = hal_rpc_server_transport_close()) != HAL_OK || + (err = hal_ks_shutdown(hal_ks_token_driver)) != HAL_OK || + (err = hal_ks_shutdown(hal_ks_volatile_driver)) != HAL_OK) + return err; + + return HAL_OK; } -- cgit v1.2.3