diff options
author | Rob Austein <sra@hactrn.net> | 2016-09-27 16:11:08 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2016-09-27 16:11:08 -0400 |
commit | f7d1bb71b29d2b1b865f6095b31c2bde486b2516 (patch) | |
tree | aa808a867651b78f8e08d4c0bbf05ce51cf0bafd /projects/hsm | |
parent | 14fbc2167a6d8082e2b549c64e7fa1ebbc64d0fc (diff) |
"keystore erase" now clears entire keystore flash.
Now that we're using more than just the first few sectors of the
keystore flash, we need a command to clear the whole thing.
This is not quite right yet, because it doesn't yet notify libhal's
ks_flash driver that the entire content of the flash has been yanked
out from under it.
In theory, we should be able to erase the entire flash in a single
operation using the bulk erase command command (0xC7), but I couldn't
get that to do anything (no error reported, no visible effect), so,
for now, we erase by sectors.
Diffstat (limited to 'projects/hsm')
-rw-r--r-- | projects/hsm/mgmt-keystore.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c index 3355082..4c1029a 100644 --- a/projects/hsm/mgmt-keystore.c +++ b/projects/hsm/mgmt-keystore.c @@ -237,17 +237,18 @@ static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *ar { int status; - if (argc != 1) { + if (argc != 1 || strcmp(argv[0], "YesIAmSure") != 0) { cli_print(cli, "Syntax: keystore erase YesIAmSure"); return CLI_ERROR; } - if (strcmp(argv[0], "YesIAmSure") != 0) - cli_print(cli, "Keystore NOT erased"); - else if ((status = keystore_erase_sectors(0, 1)) != 1) - cli_print(cli, "Failed erasing keystore: %i", status); + cli_print(cli, "OK, erasing keystore, this might take a while..."); + if ((status = keystore_erase_sectors(0, KEYSTORE_NUM_SECTORS - 1)) != 1) + cli_print(cli, "Failed erasing keystore: %i", status); else - cli_print(cli, "Keystore erased (first two sectors at least)"); + cli_print(cli, "Keystore erased"); + +#warning Should notify libhal/ks_flash that we whacked the keystore return CLI_OK; } |