aboutsummaryrefslogtreecommitdiff
path: root/projects/hsm
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2016-09-27 16:11:08 -0400
committerRob Austein <sra@hactrn.net>2016-09-27 16:11:08 -0400
commitf7d1bb71b29d2b1b865f6095b31c2bde486b2516 (patch)
treeaa808a867651b78f8e08d4c0bbf05ce51cf0bafd /projects/hsm
parent14fbc2167a6d8082e2b549c64e7fa1ebbc64d0fc (diff)
"keystore erase" now clears entire keystore flash.
Now that we're using more than just the first few sectors of the keystore flash, we need a command to clear the whole thing. This is not quite right yet, because it doesn't yet notify libhal's ks_flash driver that the entire content of the flash has been yanked out from under it. In theory, we should be able to erase the entire flash in a single operation using the bulk erase command command (0xC7), but I couldn't get that to do anything (no error reported, no visible effect), so, for now, we erase by sectors.
Diffstat (limited to 'projects/hsm')
-rw-r--r--projects/hsm/mgmt-keystore.c13
1 files changed, 7 insertions, 6 deletions
diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c
index 3355082..4c1029a 100644
--- a/projects/hsm/mgmt-keystore.c
+++ b/projects/hsm/mgmt-keystore.c
@@ -237,17 +237,18 @@ static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *ar
{
int status;
- if (argc != 1) {
+ if (argc != 1 || strcmp(argv[0], "YesIAmSure") != 0) {
cli_print(cli, "Syntax: keystore erase YesIAmSure");
return CLI_ERROR;
}
- if (strcmp(argv[0], "YesIAmSure") != 0)
- cli_print(cli, "Keystore NOT erased");
- else if ((status = keystore_erase_sectors(0, 1)) != 1)
- cli_print(cli, "Failed erasing keystore: %i", status);
+ cli_print(cli, "OK, erasing keystore, this might take a while...");
+ if ((status = keystore_erase_sectors(0, KEYSTORE_NUM_SECTORS - 1)) != 1)
+ cli_print(cli, "Failed erasing keystore: %i", status);
else
- cli_print(cli, "Keystore erased (first two sectors at least)");
+ cli_print(cli, "Keystore erased");
+
+#warning Should notify libhal/ks_flash that we whacked the keystore
return CLI_OK;
}