arno
/
trezor-firmware
mirror of https://github.com/trezor/trezor-firmware.git
1
0
Fork 0
Code Issues Releases Wiki Activity

style: improve makefile output, format test files

Browse Source
pull/152/head
matejcik 5 years ago
parent 6776ad56d2
commit 9b168daa19
16 changed files with 580 additions and 588 deletions
Show Stats Download Patch File Download Diff File

29
Makefile
Unescape View File

@ -9,22 +9,33 @@ PY_FILES = $(shell find . -type f -name '*.py' | grep -f ./tools/style.py.incl
C_FILES = $(shell find . -type f -name '*.[ch]' | grep -f ./tools/style.c.include | grep -v -f ./tools/style.c.exclude ) C_FILES = $(shell find . -type f -name '*.[ch]' | grep -f ./tools/style.c.include | grep -v -f ./tools/style.c.exclude )
style_check: ## run code style check on application sources and tests style_check: pystyle_check cstyle_check
style: pystyle cstyle
pystyle_check: ## run code style check on application sources and tests
flake8 --version flake8 --version
isort --version | awk '/VERSION/{print $$2}' isort --version | awk '/VERSION/{print $$2}'
black --version black --version
flake8 $(PY_FILES) @echo [FLAKE8]
isort --check-only $(PY_FILES) @flake8 $(PY_FILES)
black --check $(PY_FILES) @echo [ISORT]
@isort --check-only $(PY_FILES)
@echo [BLACK]
@black --check $(PY_FILES)
make -C python style_check make -C python style_check
style: ## apply code style on application sources and tests pystyle: ## apply code style on application sources and tests
isort $(PY_FILES) @echo [ISORT]
black $(PY_FILES) @isort $(PY_FILES)
@echo [BLACK]
@black $(PY_FILES)
make -C python style make -C python style
cstyle_check: ## run code style check on low-level C code cstyle_check: ## run code style check on low-level C code
./tools/clang-format-check $(C_FILES) @echo [CLANG-FORMAT]
@./tools/clang-format-check $(C_FILES)
cstyle: ## apply code style on low-level C code cstyle: ## apply code style on low-level C code
clang-format -i $(C_FILES) @echo [CLANG-FORMAT]
@clang-format -i $(C_FILES)

2
crypto/shamir.c
Unescape View File

@ -36,9 +36,9 @@
* lookup operations, as all proper crypto code must be. * lookup operations, as all proper crypto code must be.
*/ */
#include "shamir.h"
#include <string.h> #include <string.h>
#include "memzero.h" #include "memzero.h"
#include "shamir.h"
static void bitslice(uint32_t r[8], const uint8_t *x, size_t len) { static void bitslice(uint32_t r[8], const uint8_t *x, size_t len) {
size_t bit_idx, arr_idx; size_t bit_idx, arr_idx;

2
python/trezorlib/client.py
Unescape View File

@ -16,8 +16,8 @@
import logging import logging
import sys import sys
from types import SimpleNamespace
import warnings import warnings
from types import SimpleNamespace
from mnemonic import Mnemonic from mnemonic import Mnemonic

54
storage/tests/c/common.c
Unescape View File

@ -23,35 +23,35 @@
#include "common.h" #include "common.h"
void __shutdown(void) void __shutdown(void) {
{ printf("SHUTDOWN\n");
printf("SHUTDOWN\n"); exit(3);
exit(3);
} }
void __fatal_error(const char *expr, const char *msg, const char *file, int line, const char *func) void __fatal_error(const char *expr, const char *msg, const char *file,
{ int line, const char *func) {
printf("\nFATAL ERROR:\n"); printf("\nFATAL ERROR:\n");
if (expr) { if (expr) {
printf("expr: %s\n", expr); printf("expr: %s\n", expr);
} }
if (msg) { if (msg) {
printf("msg : %s\n", msg); printf("msg : %s\n", msg);
} }
if (file) { if (file) {
printf("file: %s:%d\n", file, line); printf("file: %s:%d\n", file, line);
} }
if (func) { if (func) {
printf("func: %s\n", func); printf("func: %s\n", func);
} }
__shutdown(); __shutdown();
} }
void error_shutdown(const char *line1, const char *line2, const char *line3, const char *line4) { void error_shutdown(const char *line1, const char *line2, const char *line3,
// For testing do not treat pin_fails_check_max as a fatal error. const char *line4) {
(void) line1; // For testing do not treat pin_fails_check_max as a fatal error.
(void) line2; (void)line1;
(void) line3; (void)line2;
(void) line4; (void)line3;
return; (void)line4;
return;
} }

11
storage/tests/c/common.h
Unescape View File

@ -22,10 +22,15 @@
#include "secbool.h" #include "secbool.h"
void __fatal_error(const char *expr, const char *msg, const char *file, int line, const char *func); void __fatal_error(const char *expr, const char *msg, const char *file,
void error_shutdown(const char *line1, const char *line2, const char *line3, const char *line4); int line, const char *func);
void error_shutdown(const char *line1, const char *line2, const char *line3,
const char *line4);
#define ensure(expr, msg) (((expr) == sectrue) ? (void)0 : __fatal_error(#expr, msg, __FILE__, __LINE__, __func__)) #define ensure(expr, msg) \
(((expr) == sectrue) \
? (void)0 \
: __fatal_error(#expr, msg, __FILE__, __LINE__, __func__))
#define hal_delay(ms) (void)ms; #define hal_delay(ms) (void)ms;

164
storage/tests/c/flash.c
Unescape View File

@ -17,113 +17,105 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include <stdlib.h>
#include <assert.h> #include <assert.h>
#include <stdlib.h>
#include <string.h> #include <string.h>
#include "common.h" #include "common.h"
#include "flash.h" #include "flash.h"
static const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1] = { static const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1] = {
[ 0] = 0x08000000, // - 0x08003FFF | 16 KiB [0] = 0x08000000, // - 0x08003FFF | 16 KiB
[ 1] = 0x08004000, // - 0x08007FFF | 16 KiB [1] = 0x08004000, // - 0x08007FFF | 16 KiB
[ 2] = 0x08008000, // - 0x0800BFFF | 16 KiB [2] = 0x08008000, // - 0x0800BFFF | 16 KiB
[ 3] = 0x0800C000, // - 0x0800FFFF | 16 KiB [3] = 0x0800C000, // - 0x0800FFFF | 16 KiB
[ 4] = 0x08010000, // - 0x0801FFFF | 64 KiB [4] = 0x08010000, // - 0x0801FFFF | 64 KiB
[ 5] = 0x08020000, // - 0x0803FFFF | 128 KiB [5] = 0x08020000, // - 0x0803FFFF | 128 KiB
[ 6] = 0x08040000, // - 0x0805FFFF | 128 KiB [6] = 0x08040000, // - 0x0805FFFF | 128 KiB
[ 7] = 0x08060000, // - 0x0807FFFF | 128 KiB [7] = 0x08060000, // - 0x0807FFFF | 128 KiB
[ 8] = 0x08080000, // - 0x0809FFFF | 128 KiB [8] = 0x08080000, // - 0x0809FFFF | 128 KiB
[ 9] = 0x080A0000, // - 0x080BFFFF | 128 KiB [9] = 0x080A0000, // - 0x080BFFFF | 128 KiB
[10] = 0x080C0000, // - 0x080DFFFF | 128 KiB [10] = 0x080C0000, // - 0x080DFFFF | 128 KiB
[11] = 0x080E0000, // - 0x080FFFFF | 128 KiB [11] = 0x080E0000, // - 0x080FFFFF | 128 KiB
[12] = 0x08100000, // - 0x08103FFF | 16 KiB [12] = 0x08100000, // - 0x08103FFF | 16 KiB
[13] = 0x08104000, // - 0x08107FFF | 16 KiB [13] = 0x08104000, // - 0x08107FFF | 16 KiB
[14] = 0x08108000, // - 0x0810BFFF | 16 KiB [14] = 0x08108000, // - 0x0810BFFF | 16 KiB
[15] = 0x0810C000, // - 0x0810FFFF | 16 KiB [15] = 0x0810C000, // - 0x0810FFFF | 16 KiB
[16] = 0x08110000, // - 0x0811FFFF | 64 KiB [16] = 0x08110000, // - 0x0811FFFF | 64 KiB
[17] = 0x08120000, // - 0x0813FFFF | 128 KiB [17] = 0x08120000, // - 0x0813FFFF | 128 KiB
[18] = 0x08140000, // - 0x0815FFFF | 128 KiB [18] = 0x08140000, // - 0x0815FFFF | 128 KiB
[19] = 0x08160000, // - 0x0817FFFF | 128 KiB [19] = 0x08160000, // - 0x0817FFFF | 128 KiB
[20] = 0x08180000, // - 0x0819FFFF | 128 KiB [20] = 0x08180000, // - 0x0819FFFF | 128 KiB
[21] = 0x081A0000, // - 0x081BFFFF | 128 KiB [21] = 0x081A0000, // - 0x081BFFFF | 128 KiB
[22] = 0x081C0000, // - 0x081DFFFF | 128 KiB [22] = 0x081C0000, // - 0x081DFFFF | 128 KiB
[23] = 0x081E0000, // - 0x081FFFFF | 128 KiB [23] = 0x081E0000, // - 0x081FFFFF | 128 KiB
[24] = 0x08200000, // last element - not a valid sector [24] = 0x08200000, // last element - not a valid sector
}; };
const uint32_t FLASH_SIZE = 0x200000; const uint32_t FLASH_SIZE = 0x200000;
uint8_t *FLASH_BUFFER = NULL; uint8_t *FLASH_BUFFER = NULL;
void flash_init(void) void flash_init(void) {
{ assert(FLASH_SIZE ==
assert(FLASH_SIZE == FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT] - FLASH_SECTOR_TABLE[0]); FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT] - FLASH_SECTOR_TABLE[0]);
} }
secbool flash_unlock_write(void) secbool flash_unlock_write(void) { return sectrue; }
{
return sectrue;
}
secbool flash_lock_write(void) secbool flash_lock_write(void) { return sectrue; }
{
return sectrue;
}
const void *flash_get_address(uint8_t sector, uint32_t offset, uint32_t size) const void *flash_get_address(uint8_t sector, uint32_t offset, uint32_t size) {
{ if (sector >= FLASH_SECTOR_COUNT) {
if (sector >= FLASH_SECTOR_COUNT) { return NULL;
return NULL; }
} const uint32_t addr = FLASH_SECTOR_TABLE[sector] + offset;
const uint32_t addr = FLASH_SECTOR_TABLE[sector] + offset; const uint32_t next = FLASH_SECTOR_TABLE[sector + 1];
const uint32_t next = FLASH_SECTOR_TABLE[sector + 1]; if (addr + size > next) {
if (addr + size > next) { return NULL;
return NULL; }
} return FLASH_BUFFER + addr - FLASH_SECTOR_TABLE[0];
return FLASH_BUFFER + addr - FLASH_SECTOR_TABLE[0];
} }
secbool flash_erase_sectors(const uint8_t *sectors, int len, void (*progress)(int pos, int len)) secbool flash_erase_sectors(const uint8_t *sectors, int len,
{ void (*progress)(int pos, int len)) {
if (progress) {
progress(0, len);
}
for (int i = 0; i < len; i++) {
const uint8_t sector = sectors[i];
const uint32_t offset = FLASH_SECTOR_TABLE[sector] - FLASH_SECTOR_TABLE[0];
const uint32_t size =
FLASH_SECTOR_TABLE[sector + 1] - FLASH_SECTOR_TABLE[sector];
memset(FLASH_BUFFER + offset, 0xFF, size);
if (progress) { if (progress) {
progress(0, len); progress(i + 1, len);
} }
for (int i = 0; i < len; i++) { }
const uint8_t sector = sectors[i]; return sectrue;
const uint32_t offset = FLASH_SECTOR_TABLE[sector] - FLASH_SECTOR_TABLE[0];
const uint32_t size = FLASH_SECTOR_TABLE[sector + 1] - FLASH_SECTOR_TABLE[sector];
memset(FLASH_BUFFER + offset, 0xFF, size);
if (progress) {
progress(i + 1, len);
}
}
return sectrue;
} }
secbool flash_write_byte(uint8_t sector, uint32_t offset, uint8_t data) secbool flash_write_byte(uint8_t sector, uint32_t offset, uint8_t data) {
{ uint8_t *flash = (uint8_t *)flash_get_address(sector, offset, 1);
uint8_t *flash = (uint8_t *)flash_get_address(sector, offset, 1); if (!flash) {
if (!flash) { return secfalse;
return secfalse; }
} if ((flash[0] & data) != data) {
if ((flash[0] & data) != data) { return secfalse; // we cannot change zeroes to ones
return secfalse; // we cannot change zeroes to ones }
} flash[0] = data;
flash[0] = data; return sectrue;
return sectrue;
} }
secbool flash_write_word(uint8_t sector, uint32_t offset, uint32_t data) secbool flash_write_word(uint8_t sector, uint32_t offset, uint32_t data) {
{ if (offset % 4) { // we write only at 4-byte boundary
if (offset % 4) { // we write only at 4-byte boundary return secfalse;
return secfalse; }
} uint32_t *flash = (uint32_t *)flash_get_address(sector, offset, sizeof(data));
uint32_t *flash = (uint32_t *)flash_get_address(sector, offset, sizeof(data)); if (!flash) {
if (!flash) { return secfalse;
return secfalse; }
} if ((flash[0] & data) != data) {
if ((flash[0] & data) != data) { return secfalse; // we cannot change zeroes to ones
return secfalse; // we cannot change zeroes to ones }
} flash[0] = data;
flash[0] = data; return sectrue;
return sectrue;
} }

7
storage/tests/c/flash.h
Unescape View File

@ -33,8 +33,11 @@ secbool __wur flash_lock_write(void);
const void *flash_get_address(uint8_t sector, uint32_t offset, uint32_t size); const void *flash_get_address(uint8_t sector, uint32_t offset, uint32_t size);
secbool __wur flash_erase_sectors(const uint8_t *sectors, int len, void (*progress)(int pos, int len)); secbool __wur flash_erase_sectors(const uint8_t *sectors, int len,
static inline secbool flash_erase(uint8_t sector) { return flash_erase_sectors(&sector, 1, NULL); } void (*progress)(int pos, int len));
static inline secbool flash_erase(uint8_t sector) {
return flash_erase_sectors(&sector, 1, NULL);
}
secbool __wur flash_write_byte(uint8_t sector, uint32_t offset, uint8_t data); secbool __wur flash_write_byte(uint8_t sector, uint32_t offset, uint8_t data);
secbool __wur flash_write_word(uint8_t sector, uint32_t offset, uint32_t data); secbool __wur flash_write_word(uint8_t sector, uint32_t offset, uint32_t data);

8
storage/tests/c/norcow_config.h
Unescape View File

@ -23,11 +23,13 @@
#include "flash.h" #include "flash.h"
#define NORCOW_SECTOR_COUNT 2 #define NORCOW_SECTOR_COUNT 2
#define NORCOW_SECTOR_SIZE (64*1024) #define NORCOW_SECTOR_SIZE (64 * 1024)
#define NORCOW_SECTORS {4, 16} #define NORCOW_SECTORS \
{ 4, 16 }
/* /*
* The length of the sector header in bytes. The header is preserved between sector erasures. * The length of the sector header in bytes. The header is preserved between
* sector erasures.
*/ */
#if TREZOR_MODEL == 1 #if TREZOR_MODEL == 1
#define NORCOW_HEADER_LEN (0x100) #define NORCOW_HEADER_LEN (0x100)

4
storage/tests/c/secbool.h
Unescape View File

@ -23,11 +23,11 @@
#include <stdint.h> #include <stdint.h>
typedef uint32_t secbool; typedef uint32_t secbool;
#define sectrue 0xAAAAAAAAU #define sectrue 0xAAAAAAAAU
#define secfalse 0x00000000U #define secfalse 0x00000000U
#ifndef __wur #ifndef __wur
#define __wur __attribute__ ((warn_unused_result)) #define __wur __attribute__((warn_unused_result))
#endif #endif
#endif #endif

164
storage/tests/c0/flash.c
Unescape View File

@ -17,114 +17,106 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include <stdlib.h>
#include <assert.h> #include <assert.h>
#include <stdlib.h>
#include <string.h> #include <string.h>
#include "common.h" #include "common.h"
#include "flash.h" #include "flash.h"
static const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1] = { static const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1] = {
[ 0] = 0x08000000, // - 0x08003FFF | 16 KiB [0] = 0x08000000, // - 0x08003FFF | 16 KiB
[ 1] = 0x08004000, // - 0x08007FFF | 16 KiB [1] = 0x08004000, // - 0x08007FFF | 16 KiB
[ 2] = 0x08008000, // - 0x0800BFFF | 16 KiB [2] = 0x08008000, // - 0x0800BFFF | 16 KiB
[ 3] = 0x0800C000, // - 0x0800FFFF | 16 KiB [3] = 0x0800C000, // - 0x0800FFFF | 16 KiB
[ 4] = 0x08010000, // - 0x0801FFFF | 64 KiB [4] = 0x08010000, // - 0x0801FFFF | 64 KiB
[ 5] = 0x08020000, // - 0x0803FFFF | 128 KiB [5] = 0x08020000, // - 0x0803FFFF | 128 KiB
[ 6] = 0x08040000, // - 0x0805FFFF | 128 KiB [6] = 0x08040000, // - 0x0805FFFF | 128 KiB
[ 7] = 0x08060000, // - 0x0807FFFF | 128 KiB [7] = 0x08060000, // - 0x0807FFFF | 128 KiB
[ 8] = 0x08080000, // - 0x0809FFFF | 128 KiB [8] = 0x08080000, // - 0x0809FFFF | 128 KiB
[ 9] = 0x080A0000, // - 0x080BFFFF | 128 KiB [9] = 0x080A0000, // - 0x080BFFFF | 128 KiB
[10] = 0x080C0000, // - 0x080DFFFF | 128 KiB [10] = 0x080C0000, // - 0x080DFFFF | 128 KiB
[11] = 0x080E0000, // - 0x080FFFFF | 128 KiB [11] = 0x080E0000, // - 0x080FFFFF | 128 KiB
[12] = 0x08100000, // - 0x08103FFF | 16 KiB [12] = 0x08100000, // - 0x08103FFF | 16 KiB
[13] = 0x08104000, // - 0x08107FFF | 16 KiB [13] = 0x08104000, // - 0x08107FFF | 16 KiB
[14] = 0x08108000, // - 0x0810BFFF | 16 KiB [14] = 0x08108000, // - 0x0810BFFF | 16 KiB
[15] = 0x0810C000, // - 0x0810FFFF | 16 KiB [15] = 0x0810C000, // - 0x0810FFFF | 16 KiB
[16] = 0x08110000, // - 0x0811FFFF | 64 KiB [16] = 0x08110000, // - 0x0811FFFF | 64 KiB
[17] = 0x08120000, // - 0x0813FFFF | 128 KiB [17] = 0x08120000, // - 0x0813FFFF | 128 KiB
[18] = 0x08140000, // - 0x0815FFFF | 128 KiB [18] = 0x08140000, // - 0x0815FFFF | 128 KiB
[19] = 0x08160000, // - 0x0817FFFF | 128 KiB [19] = 0x08160000, // - 0x0817FFFF | 128 KiB
[20] = 0x08180000, // - 0x0819FFFF | 128 KiB [20] = 0x08180000, // - 0x0819FFFF | 128 KiB
[21] = 0x081A0000, // - 0x081BFFFF | 128 KiB [21] = 0x081A0000, // - 0x081BFFFF | 128 KiB
[22] = 0x081C0000, // - 0x081DFFFF | 128 KiB [22] = 0x081C0000, // - 0x081DFFFF | 128 KiB
[23] = 0x081E0000, // - 0x081FFFFF | 128 KiB [23] = 0x081E0000, // - 0x081FFFFF | 128 KiB
[24] = 0x08200000, // last element - not a valid sector [24] = 0x08200000, // last element - not a valid sector
}; };
const uint32_t FLASH_SIZE = 0x200000; const uint32_t FLASH_SIZE = 0x200000;
uint8_t *FLASH_BUFFER = NULL; uint8_t *FLASH_BUFFER = NULL;
void flash_init(void) void flash_init(void) {
{ assert(FLASH_SIZE ==
assert(FLASH_SIZE == FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT] - FLASH_SECTOR_TABLE[0]); FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT] - FLASH_SECTOR_TABLE[0]);
} }
secbool flash_unlock(void) secbool flash_unlock(void) { return sectrue; }
{
return sectrue;
}
secbool flash_lock(void) secbool flash_lock(void) { return sectrue; }
{
return sectrue;
}
const void *flash_get_address(uint8_t sector, uint32_t offset, uint32_t size) const void *flash_get_address(uint8_t sector, uint32_t offset, uint32_t size) {
{ if (sector >= FLASH_SECTOR_COUNT) {
if (sector >= FLASH_SECTOR_COUNT) { return NULL;
return NULL; }
} const uint32_t addr = FLASH_SECTOR_TABLE[sector] + offset;
const uint32_t addr = FLASH_SECTOR_TABLE[sector] + offset; const uint32_t next = FLASH_SECTOR_TABLE[sector + 1];
const uint32_t next = FLASH_SECTOR_TABLE[sector + 1]; if (addr + size > next) {
if (addr + size > next) { return NULL;
return NULL; }
} return FLASH_BUFFER + addr - FLASH_SECTOR_TABLE[0];
return FLASH_BUFFER + addr - FLASH_SECTOR_TABLE[0];
} }
secbool flash_erase_sectors(const uint8_t *sectors, int len, void (*progress)(int pos, int len)) secbool flash_erase_sectors(const uint8_t *sectors, int len,
{ void (*progress)(int pos, int len)) {
if (progress) {
progress(0, len);
}
for (int i = 0; i < len; i++) {
const uint8_t sector = sectors[i];
const uint32_t offset = FLASH_SECTOR_TABLE[sector] - FLASH_SECTOR_TABLE[0];
const uint32_t size =
FLASH_SECTOR_TABLE[sector + 1] - FLASH_SECTOR_TABLE[sector];
memset(FLASH_BUFFER + offset, 0xFF, size);
if (progress) { if (progress) {
progress(0, len); progress(i + 1, len);
} }
for (int i = 0; i < len; i++) { }
const uint8_t sector = sectors[i]; return sectrue;
const uint32_t offset = FLASH_SECTOR_TABLE[sector] - FLASH_SECTOR_TABLE[0];
const uint32_t size = FLASH_SECTOR_TABLE[sector + 1] - FLASH_SECTOR_TABLE[sector];
memset(FLASH_BUFFER + offset, 0xFF, size);
if (progress) {
progress(i + 1, len);
}
}
return sectrue;
} }
secbool flash_write_byte(uint8_t sector, uint32_t offset, uint8_t data) secbool flash_write_byte(uint8_t sector, uint32_t offset, uint8_t data) {
{ uint8_t *flash = (uint8_t *)flash_get_address(sector, offset, 1);
uint8_t *flash = (uint8_t *)flash_get_address(sector, offset, 1); if (!flash) {
if (!flash) { return secfalse;
return secfalse; }
} if ((flash[0] & data) != data) {
if ((flash[0] & data) != data) { return secfalse; // we cannot change zeroes to ones
return secfalse; // we cannot change zeroes to ones }
} flash[0] = data;
flash[0] = data; return sectrue;
return sectrue;
} }
secbool flash_write_word(uint8_t sector, uint32_t offset, uint32_t data) secbool flash_write_word(uint8_t sector, uint32_t offset, uint32_t data) {
{ if (offset % 4) { // we write only at 4-byte boundary
if (offset % 4) { // we write only at 4-byte boundary return secfalse;
return secfalse; }
} uint32_t *flash = (uint32_t *)flash_get_address(sector, offset, sizeof(data));
uint32_t *flash = (uint32_t *)flash_get_address(sector, offset, sizeof(data)); if (!flash) {
if (!flash) { return secfalse;
return secfalse; }
} if ((flash[0] & data) != data) {
if ((flash[0] & data) != data) { return secfalse; // we cannot change zeroes to ones
return secfalse; // we cannot change zeroes to ones }
} flash[0] = data;
flash[0] = data; return sectrue;
return sectrue;
} }

7
storage/tests/c0/flash.h
Unescape View File

@ -33,8 +33,11 @@ secbool __wur flash_lock(void);
const void *flash_get_address(uint8_t sector, uint32_t offset, uint32_t size); const void *flash_get_address(uint8_t sector, uint32_t offset, uint32_t size);
secbool __wur flash_erase_sectors(const uint8_t *sectors, int len, void (*progress)(int pos, int len)); secbool __wur flash_erase_sectors(const uint8_t *sectors, int len,
static inline secbool flash_erase_sector(uint8_t sector) { return flash_erase_sectors(&sector, 1, NULL); } void (*progress)(int pos, int len));
static inline secbool flash_erase_sector(uint8_t sector) {
return flash_erase_sectors(&sector, 1, NULL);
}
secbool __wur flash_write_byte(uint8_t sector, uint32_t offset, uint8_t data); secbool __wur flash_write_byte(uint8_t sector, uint32_t offset, uint8_t data);
secbool __wur flash_write_word(uint8_t sector, uint32_t offset, uint32_t data); secbool __wur flash_write_word(uint8_t sector, uint32_t offset, uint32_t data);

384
storage/tests/c0/norcow.c
Unescape View File

@ -19,13 +19,13 @@
#include <string.h> #include <string.h>
#include "norcow.h"
#include "flash.h"
#include "common.h" #include "common.h"
#include "flash.h"
#include "norcow.h"
// NRCW = 4e524357 // NRCW = 4e524357
#define NORCOW_MAGIC ((uint32_t)0x5743524e) #define NORCOW_MAGIC ((uint32_t)0x5743524e)
#define NORCOW_MAGIC_LEN (sizeof(uint32_t)) #define NORCOW_MAGIC_LEN (sizeof(uint32_t))
static const uint8_t norcow_sectors[NORCOW_SECTOR_COUNT] = NORCOW_SECTORS; static const uint8_t norcow_sectors[NORCOW_SECTOR_COUNT] = NORCOW_SECTORS;
static uint8_t norcow_active_sector = 0; static uint8_t norcow_active_sector = 0;
@ -35,50 +35,48 @@ static uint32_t norcow_active_offset = NORCOW_MAGIC_LEN;
* Returns pointer to sector, starting with offset * Returns pointer to sector, starting with offset
* Fails when there is not enough space for data of given size * Fails when there is not enough space for data of given size
*/ */
static const void *norcow_ptr(uint8_t sector, uint32_t offset, uint32_t size) static const void *norcow_ptr(uint8_t sector, uint32_t offset, uint32_t size) {
{ ensure(sectrue * (sector <= NORCOW_SECTOR_COUNT), "invalid sector");
ensure(sectrue * (sector <= NORCOW_SECTOR_COUNT), "invalid sector"); return flash_get_address(norcow_sectors[sector], offset, size);
return flash_get_address(norcow_sectors[sector], offset, size);
} }
/* /*
* Writes data to given sector, starting from offset * Writes data to given sector, starting from offset
*/ */
static secbool norcow_write(uint8_t sector, uint32_t offset, uint32_t prefix, const uint8_t *data, uint16_t len) static secbool norcow_write(uint8_t sector, uint32_t offset, uint32_t prefix,
{ const uint8_t *data, uint16_t len) {
if (sector >= NORCOW_SECTOR_COUNT) { if (sector >= NORCOW_SECTOR_COUNT) {
return secfalse; return secfalse;
} }
ensure(flash_unlock(), NULL); ensure(flash_unlock(), NULL);
// write prefix // write prefix
ensure(flash_write_word(norcow_sectors[sector], offset, prefix), NULL); ensure(flash_write_word(norcow_sectors[sector], offset, prefix), NULL);
if (len > 0) { if (len > 0) {
offset += sizeof(uint32_t); offset += sizeof(uint32_t);
// write data // write data
for (uint16_t i = 0; i < len; i++, offset++) { for (uint16_t i = 0; i < len; i++, offset++) {
ensure(flash_write_byte(norcow_sectors[sector], offset, data[i]), NULL); ensure(flash_write_byte(norcow_sectors[sector], offset, data[i]), NULL);
} }
// pad with zeroes // pad with zeroes
for (; offset % 4; offset++) { for (; offset % 4; offset++) {
ensure(flash_write_byte(norcow_sectors[sector], offset, 0x00), NULL); ensure(flash_write_byte(norcow_sectors[sector], offset, 0x00), NULL);
}
} }
ensure(flash_lock(), NULL); }
return sectrue; ensure(flash_lock(), NULL);
return sectrue;
} }
/* /*
* Erases sector (and sets a magic) * Erases sector (and sets a magic)
*/ */
static void norcow_erase(uint8_t sector, secbool set_magic) static void norcow_erase(uint8_t sector, secbool set_magic) {
{ ensure(sectrue * (sector <= NORCOW_SECTOR_COUNT), "invalid sector");
ensure(sectrue * (sector <= NORCOW_SECTOR_COUNT), "invalid sector"); ensure(flash_erase_sector(norcow_sectors[sector]), "erase failed");
ensure(flash_erase_sector(norcow_sectors[sector]), "erase failed"); if (sectrue == set_magic) {
if (sectrue == set_magic) { ensure(norcow_write(sector, 0, NORCOW_MAGIC, NULL, 0), "set magic failed");
ensure(norcow_write(sector, 0, NORCOW_MAGIC, NULL, 0), "set magic failed"); }
}
} }
#define ALIGN4(X) (X) = ((X) + 3) & ~3 #define ALIGN4(X) (X) = ((X) + 3) & ~3
@ -86,220 +84,220 @@ static void norcow_erase(uint8_t sector, secbool set_magic)
/* /*
* Reads one item starting from offset * Reads one item starting from offset
*/ */
static secbool read_item(uint8_t sector, uint32_t offset, uint16_t *key, const void **val, uint16_t *len, uint32_t *pos) static secbool read_item(uint8_t sector, uint32_t offset, uint16_t *key,
{ const void **val, uint16_t *len, uint32_t *pos) {
*pos = offset; *pos = offset;
const void *k = norcow_ptr(sector, *pos, 2); const void *k = norcow_ptr(sector, *pos, 2);
if (k == NULL) return secfalse; if (k == NULL) return secfalse;
*pos += 2; *pos += 2;
memcpy(key, k, sizeof(uint16_t)); memcpy(key, k, sizeof(uint16_t));
if (*key == 0xFFFF) { if (*key == 0xFFFF) {
return secfalse; return secfalse;
} }
const void *l = norcow_ptr(sector, *pos, 2); const void *l = norcow_ptr(sector, *pos, 2);
if (l == NULL) return secfalse; if (l == NULL) return secfalse;
*pos += 2; *pos += 2;
memcpy(len, l, sizeof(uint16_t)); memcpy(len, l, sizeof(uint16_t));
*val = norcow_ptr(sector, *pos, *len); *val = norcow_ptr(sector, *pos, *len);
if (*val == NULL) return secfalse; if (*val == NULL) return secfalse;
*pos += *len; *pos += *len;
ALIGN4(*pos); ALIGN4(*pos);
return sectrue; return sectrue;
} }
/* /*
* Writes one item starting from offset * Writes one item starting from offset
*/ */
static secbool write_item(uint8_t sector, uint32_t offset, uint16_t key, const void *val, uint16_t len, uint32_t *pos) static secbool write_item(uint8_t sector, uint32_t offset, uint16_t key,
{ const void *val, uint16_t len, uint32_t *pos) {
uint32_t prefix = (len << 16) | key; uint32_t prefix = (len << 16) | key;
*pos = offset + sizeof(uint32_t) + len; *pos = offset + sizeof(uint32_t) + len;
ALIGN4(*pos); ALIGN4(*pos);
return norcow_write(sector, offset, prefix, val, len); return norcow_write(sector, offset, prefix, val, len);
} }
/* /*
* Finds item in given sector * Finds item in given sector
*/ */
static secbool find_item(uint8_t sector, uint16_t key, const void **val, uint16_t *len) static secbool find_item(uint8_t sector, uint16_t key, const void **val,
{ uint16_t *len) {
*val = 0; *val = 0;
*len = 0; *len = 0;
uint32_t offset = NORCOW_MAGIC_LEN; uint32_t offset = NORCOW_MAGIC_LEN;
for (;;) { for (;;) {
uint16_t k, l; uint16_t k, l;
const void *v; const void *v;
uint32_t pos; uint32_t pos;
if (sectrue != read_item(sector, offset, &k, &v, &l, &pos)) { if (sectrue != read_item(sector, offset, &k, &v, &l, &pos)) {
break; break;
}
if (key == k) {
*val = v;
*len = l;
}
offset = pos;
} }
return sectrue * (*val != NULL); if (key == k) {
*val = v;
*len = l;
}
offset = pos;
}
return sectrue * (*val != NULL);
} }
/* /*
* Finds first unused offset in given sector * Finds first unused offset in given sector
*/ */
static uint32_t find_free_offset(uint8_t sector) static uint32_t find_free_offset(uint8_t sector) {
{ uint32_t offset = NORCOW_MAGIC_LEN;
uint32_t offset = NORCOW_MAGIC_LEN; for (;;) {
for (;;) { uint16_t key, len;
uint16_t key, len; const void *val;
const void *val; uint32_t pos;
uint32_t pos; if (sectrue != read_item(sector, offset, &key, &val, &len, &pos)) {
if (sectrue != read_item(sector, offset, &key, &val, &len, &pos)) { break;
break;
}
offset = pos;
} }
return offset; offset = pos;
}
return offset;
} }
/* /*
* Compacts active sector and sets new active sector * Compacts active sector and sets new active sector
*/ */
static void compact() static void compact() {
{ uint8_t norcow_next_sector = (norcow_active_sector + 1) % NORCOW_SECTOR_COUNT;
uint8_t norcow_next_sector = (norcow_active_sector + 1) % NORCOW_SECTOR_COUNT; norcow_erase(norcow_next_sector, sectrue);
norcow_erase(norcow_next_sector, sectrue);
uint32_t offset = NORCOW_MAGIC_LEN, offsetw = NORCOW_MAGIC_LEN;
for (;;) { uint32_t offset = NORCOW_MAGIC_LEN, offsetw = NORCOW_MAGIC_LEN;
// read item
uint16_t k, l;
const void *v;
uint32_t pos;
secbool r = read_item(norcow_active_sector, offset, &k, &v, &l, &pos);
if (sectrue != r) {
break;
}
offset = pos;
// check if not already saved for (;;) {
const void *v2; // read item
uint16_t l2; uint16_t k, l;
r = find_item(norcow_next_sector, k, &v2, &l2); const void *v;
if (sectrue == r) { uint32_t pos;
continue; secbool r = read_item(norcow_active_sector, offset, &k, &v, &l, &pos);
} if (sectrue != r) {
break;
}
offset = pos;
// scan for latest instance // check if not already saved
uint32_t offsetr = offset; const void *v2;
for (;;) { uint16_t l2;
uint16_t k2; r = find_item(norcow_next_sector, k, &v2, &l2);
uint32_t posr; if (sectrue == r) {
r = read_item(norcow_active_sector, offsetr, &k2, &v2, &l2, &posr); continue;
if (sectrue != r) { }
break;
}
if (k == k2) {
v = v2;
l = l2;
}
offsetr = posr;
}
// copy the last item // scan for latest instance
uint32_t posw; uint32_t offsetr = offset;
ensure(write_item(norcow_next_sector, offsetw, k, v, l, &posw), "compaction write failed"); for (;;) {
offsetw = posw; uint16_t k2;
uint32_t posr;
r = read_item(norcow_active_sector, offsetr, &k2, &v2, &l2, &posr);
if (sectrue != r) {
break;
}
if (k == k2) {
v = v2;
l = l2;
}
offsetr = posr;
} }
norcow_erase(norcow_active_sector, secfalse); // copy the last item
norcow_active_sector = norcow_next_sector; uint32_t posw;
norcow_active_offset = find_free_offset(norcow_active_sector); ensure(write_item(norcow_next_sector, offsetw, k, v, l, &posw),
"compaction write failed");
offsetw = posw;
}
norcow_erase(norcow_active_sector, secfalse);
norcow_active_sector = norcow_next_sector;
norcow_active_offset = find_free_offset(norcow_active_sector);
} }
/* /*
* Initializes storage * Initializes storage
*/ */
void norcow_init(void) void norcow_init(void) {
{ flash_init();
flash_init(); secbool found = secfalse;
secbool found = secfalse; // detect active sector - starts with magic
// detect active sector - starts with magic for (uint8_t i = 0; i < NORCOW_SECTOR_COUNT; i++) {
for (uint8_t i = 0; i < NORCOW_SECTOR_COUNT; i++) { const uint32_t *magic = norcow_ptr(i, 0, NORCOW_MAGIC_LEN);
const uint32_t *magic = norcow_ptr(i, 0, NORCOW_MAGIC_LEN); if (magic != NULL && *magic == NORCOW_MAGIC) {
if (magic != NULL && *magic == NORCOW_MAGIC) { found = sectrue;
found = sectrue; norcow_active_sector = i;
norcow_active_sector = i; break;
break;
}
}
// no active sectors found - let's erase
if (sectrue == found) {
norcow_active_offset = find_free_offset(norcow_active_sector);
} else {
norcow_wipe();
} }
}
// no active sectors found - let's erase
if (sectrue == found) {
norcow_active_offset = find_free_offset(norcow_active_sector);
} else {
norcow_wipe();
}
} }
/* /*
* Wipe the storage * Wipe the storage
*/ */
void norcow_wipe(void) void norcow_wipe(void) {
{ norcow_erase(0, sectrue);
norcow_erase(0, sectrue); for (uint8_t i = 1; i < NORCOW_SECTOR_COUNT; i++) {
for (uint8_t i = 1; i < NORCOW_SECTOR_COUNT; i++) { norcow_erase(i, secfalse);
norcow_erase(i, secfalse); }
} norcow_active_sector = 0;
norcow_active_sector = 0; norcow_active_offset = NORCOW_MAGIC_LEN;
norcow_active_offset = NORCOW_MAGIC_LEN;
} }
/* /*
* Looks for the given key, returns status of the operation * Looks for the given key, returns status of the operation
*/ */
secbool norcow_get(uint16_t key, const void **val, uint16_t *len) secbool norcow_get(uint16_t key, const void **val, uint16_t *len) {
{ return find_item(norcow_active_sector, key, val, len);
return find_item(norcow_active_sector, key, val, len);
} }
/* /*
* Sets the given key, returns status of the operation * Sets the given key, returns status of the operation
*/ */
secbool norcow_set(uint16_t key, const void *val, uint16_t len) secbool norcow_set(uint16_t key, const void *val, uint16_t len) {
{ // check whether there is enough free space
// check whether there is enough free space // and compact if full
// and compact if full if (norcow_active_offset + sizeof(uint32_t) + len > NORCOW_SECTOR_SIZE) {
if (norcow_active_offset + sizeof(uint32_t) + len > NORCOW_SECTOR_SIZE) { compact();
compact(); }
} // write item
// write item uint32_t pos;
uint32_t pos; secbool r = write_item(norcow_active_sector, norcow_active_offset, key, val,
secbool r = write_item(norcow_active_sector, norcow_active_offset, key, val, len, &pos); len, &pos);
if (sectrue == r) { if (sectrue == r) {
norcow_active_offset = pos; norcow_active_offset = pos;
} }
return r; return r;
} }
/* /*
* Update a word in flash at the given pointer. The pointer must point * Update a word in flash at the given pointer. The pointer must point
* into the NORCOW area. * into the NORCOW area.
*/ */
secbool norcow_update(uint16_t key, uint16_t offset, uint32_t value) secbool norcow_update(uint16_t key, uint16_t offset, uint32_t value) {
{ const void *ptr;
const void *ptr; uint16_t len;
uint16_t len; if (sectrue != find_item(norcow_active_sector, key, &ptr, &len)) {
if (sectrue != find_item(norcow_active_sector, key, &ptr, &len)) { return secfalse;
return secfalse; }
} if ((offset & 3) != 0 || offset >= len) {
if ((offset & 3) != 0 || offset >= len) { return secfalse;
return secfalse; }
} uint32_t sector_offset =
uint32_t sector_offset = (const uint8_t*) ptr - (const uint8_t *)norcow_ptr(norcow_active_sector, 0, NORCOW_SECTOR_SIZE) + offset; (const uint8_t *)ptr -
ensure(flash_unlock(), NULL); (const uint8_t *)norcow_ptr(norcow_active_sector, 0, NORCOW_SECTOR_SIZE) +
ensure(flash_write_word(norcow_sectors[norcow_active_sector], sector_offset, value), NULL); offset;
ensure(flash_lock(), NULL); ensure(flash_unlock(), NULL);
return sectrue; ensure(flash_write_word(norcow_sectors[norcow_active_sector], sector_offset,
value),
NULL);
ensure(flash_lock(), NULL);
return sectrue;
} }

5
storage/tests/c0/norcow_config.h
Unescape View File

@ -23,7 +23,8 @@
#include "flash.h" #include "flash.h"
#define NORCOW_SECTOR_COUNT 2 #define NORCOW_SECTOR_COUNT 2
#define NORCOW_SECTOR_SIZE (64*1024) #define NORCOW_SECTOR_SIZE (64 * 1024)
#define NORCOW_SECTORS {4, 16} #define NORCOW_SECTORS \
{ 4, 16 }
#endif #endif

4
storage/tests/c0/secbool.h
Unescape View File

@ -23,11 +23,11 @@
#include <stdint.h> #include <stdint.h>
typedef uint32_t secbool; typedef uint32_t secbool;
#define sectrue 0xAAAAAAAAU #define sectrue 0xAAAAAAAAU
#define secfalse 0x00000000U #define secfalse 0x00000000U
#ifndef __wur #ifndef __wur
#define __wur __attribute__ ((warn_unused_result)) #define __wur __attribute__((warn_unused_result))
#endif #endif
#endif #endif

321
storage/tests/c0/storage.c
Unescape View File

@ -40,199 +40,184 @@ static secbool initialized = secfalse;
static secbool unlocked = secfalse; static secbool unlocked = secfalse;
static PIN_UI_WAIT_CALLBACK ui_callback = NULL; static PIN_UI_WAIT_CALLBACK ui_callback = NULL;
void storage_init(PIN_UI_WAIT_CALLBACK callback) void storage_init(PIN_UI_WAIT_CALLBACK callback) {
{ initialized = secfalse;
initialized = secfalse; unlocked = secfalse;
unlocked = secfalse; norcow_init();
norcow_init(); initialized = sectrue;
initialized = sectrue; ui_callback = callback;
ui_callback = callback;
} }
static secbool pin_fails_reset(uint16_t ofs) static secbool pin_fails_reset(uint16_t ofs) {
{ return norcow_update(PIN_FAIL_KEY, ofs, 0);
return norcow_update(PIN_FAIL_KEY, ofs, 0);
} }
static secbool pin_fails_increase(const uint32_t *ptr, uint16_t ofs) static secbool pin_fails_increase(const uint32_t *ptr, uint16_t ofs) {
{ uint32_t ctr = *ptr;
uint32_t ctr = *ptr; ctr = ctr << 1;
ctr = ctr << 1;
if (sectrue != norcow_update(PIN_FAIL_KEY, ofs, ctr)) { if (sectrue != norcow_update(PIN_FAIL_KEY, ofs, ctr)) {
return secfalse; return secfalse;
} }
uint32_t check = *ptr; uint32_t check = *ptr;
if (ctr != check) { if (ctr != check) {
return secfalse; return secfalse;
} }
return sectrue; return sectrue;
} }
static void pin_fails_check_max(uint32_t ctr) static void pin_fails_check_max(uint32_t ctr) {
{ if (~ctr >= (1 << PIN_MAX_TRIES)) {
if (~ctr >= (1 << PIN_MAX_TRIES)) { norcow_wipe();
norcow_wipe(); ensure(secfalse, "pin_fails_check_max");
ensure(secfalse, "pin_fails_check_max"); }
}
} }
static secbool pin_cmp(const uint32_t pin) static secbool pin_cmp(const uint32_t pin) {
{ const void *spin = NULL;
const void *spin = NULL; uint16_t spinlen = 0;
uint16_t spinlen = 0; norcow_get(PIN_KEY, &spin, &spinlen);
norcow_get(PIN_KEY, &spin, &spinlen); if (NULL != spin && spinlen == sizeof(uint32_t)) {
if (NULL != spin && spinlen == sizeof(uint32_t)) { return sectrue * (pin == *(const uint32_t *)spin);
return sectrue * (pin == *(const uint32_t*)spin); } else {
} else { return sectrue * (1 == pin);
return sectrue * (1 == pin); }
}
} }
static secbool pin_get_fails(const uint32_t **pinfail, uint32_t *pofs) static secbool pin_get_fails(const uint32_t **pinfail, uint32_t *pofs) {
{ const void *vpinfail;
const void *vpinfail; uint16_t pinfaillen;
uint16_t pinfaillen; unsigned int ofs;
unsigned int ofs; // The PIN_FAIL_KEY points to an area of words, initialized to
// The PIN_FAIL_KEY points to an area of words, initialized to // 0xffffffff (meaning no pin failures). The first non-zero word
// 0xffffffff (meaning no pin failures). The first non-zero word // in this area is the current pin failure counter. If PIN_FAIL_KEY
// in this area is the current pin failure counter. If PIN_FAIL_KEY // has no configuration or is empty, the pin failure counter is 0.
// has no configuration or is empty, the pin failure counter is 0. // We rely on the fact that flash allows to clear bits and we clear one
// We rely on the fact that flash allows to clear bits and we clear one // bit to indicate pin failure. On success, the word is set to 0,
// bit to indicate pin failure. On success, the word is set to 0, // indicating that the next word is the pin failure counter.
// indicating that the next word is the pin failure counter.
// Find the current pin failure counter
// Find the current pin failure counter if (secfalse != norcow_get(PIN_FAIL_KEY, &vpinfail, &pinfaillen)) {
if (secfalse != norcow_get(PIN_FAIL_KEY, &vpinfail, &pinfaillen)) {
*pinfail = vpinfail;
for (ofs = 0; ofs < pinfaillen / sizeof(uint32_t); ofs++) {
if (((const uint32_t *) vpinfail)[ofs]) {
*pinfail = vpinfail;
*pofs = ofs;
return sectrue;
}
}
}
// No pin failure section, or all entries used -> create a new one.
uint32_t pinarea[PIN_FAIL_SECTOR_SIZE];
memset(pinarea, 0xff, sizeof(pinarea));
if (sectrue != norcow_set(PIN_FAIL_KEY, pinarea, sizeof(pinarea))) {
return secfalse;
}
if (sectrue != norcow_get(PIN_FAIL_KEY, &vpinfail, &pinfaillen)) {
return secfalse;
}
*pinfail = vpinfail; *pinfail = vpinfail;
*pofs = 0; for (ofs = 0; ofs < pinfaillen / sizeof(uint32_t); ofs++) {
return sectrue; if (((const uint32_t *)vpinfail)[ofs]) {
*pinfail = vpinfail;
*pofs = ofs;
return sectrue;
}
}
}
// No pin failure section, or all entries used -> create a new one.
uint32_t pinarea[PIN_FAIL_SECTOR_SIZE];
memset(pinarea, 0xff, sizeof(pinarea));
if (sectrue != norcow_set(PIN_FAIL_KEY, pinarea, sizeof(pinarea))) {
return secfalse;
}
if (sectrue != norcow_get(PIN_FAIL_KEY, &vpinfail, &pinfaillen)) {
return secfalse;
}
*pinfail = vpinfail;
*pofs = 0;
return sectrue;
} }
secbool storage_check_pin(const uint32_t pin) secbool storage_check_pin(const uint32_t pin) {
{ const uint32_t *pinfail = NULL;
const uint32_t *pinfail = NULL; uint32_t ofs;
uint32_t ofs; uint32_t ctr;
uint32_t ctr;
// Get the pin failure counter
// Get the pin failure counter if (pin_get_fails(&pinfail, &ofs) != sectrue) {
if (pin_get_fails(&pinfail, &ofs) != sectrue) { return secfalse;
return secfalse; }
}
// Read current failure counter
// Read current failure counter ctr = pinfail[ofs];
ctr = pinfail[ofs]; // Wipe storage if too many failures
// Wipe storage if too many failures pin_fails_check_max(ctr);
pin_fails_check_max(ctr);
// Sleep for ~ctr seconds before checking the PIN.
// Sleep for ~ctr seconds before checking the PIN. uint32_t progress;
uint32_t progress; for (uint32_t wait = ~ctr; wait > 0; wait--) {
for (uint32_t wait = ~ctr; wait > 0; wait--) { for (int i = 0; i < 10; i++) {
for (int i = 0; i < 10; i++) { if (ui_callback) {
if (ui_callback) { if ((~ctr) > 1000000) { // precise enough
if ((~ctr) > 1000000) { // precise enough progress = (~ctr - wait) / ((~ctr) / 1000);
progress = (~ctr - wait) / ((~ctr) / 1000); } else {
} else { progress = ((~ctr - wait) * 10 + i) * 100 / (~ctr);
progress = ((~ctr - wait) * 10 + i) * 100 / (~ctr);
}
ui_callback(wait, progress);
}
hal_delay(100);
} }
} ui_callback(wait, progress);
// Show last frame if we were waiting }
if ((~ctr > 0) && ui_callback) { hal_delay(100);
ui_callback(0, 1000); }
} }
// Show last frame if we were waiting
// First, we increase PIN fail counter in storage, even before checking the if ((~ctr > 0) && ui_callback) {
// PIN. If the PIN is correct, we reset the counter afterwards. If not, we ui_callback(0, 1000);
// check if this is the last allowed attempt. }
if (sectrue != pin_fails_increase(pinfail + ofs, ofs * sizeof(uint32_t))) {
return secfalse; // First, we increase PIN fail counter in storage, even before checking the
} // PIN. If the PIN is correct, we reset the counter afterwards. If not, we
if (sectrue != pin_cmp(pin)) { // check if this is the last allowed attempt.
// Wipe storage if too many failures if (sectrue != pin_fails_increase(pinfail + ofs, ofs * sizeof(uint32_t))) {
pin_fails_check_max(ctr << 1); return secfalse;
return secfalse; }
} if (sectrue != pin_cmp(pin)) {
// Finally set the counter to 0 to indicate success. // Wipe storage if too many failures
return pin_fails_reset(ofs * sizeof(uint32_t)); pin_fails_check_max(ctr << 1);
return secfalse;
}
// Finally set the counter to 0 to indicate success.
return pin_fails_reset(ofs * sizeof(uint32_t));
} }
secbool storage_unlock(const uint32_t pin) secbool storage_unlock(const uint32_t pin) {
{ unlocked = secfalse;
unlocked = secfalse; if (sectrue == initialized && sectrue == storage_check_pin(pin)) {
if (sectrue == initialized && sectrue == storage_check_pin(pin)) { unlocked = sectrue;
unlocked = sectrue; }
} return unlocked;
return unlocked;
} }
secbool storage_get(const uint16_t key, const void **val, uint16_t *len) secbool storage_get(const uint16_t key, const void **val, uint16_t *len) {
{ const uint8_t app = key >> 8;
const uint8_t app = key >> 8; // APP == 0 is reserved for PIN related values
// APP == 0 is reserved for PIN related values if (sectrue != initialized || app == 0) {
if (sectrue != initialized || app == 0) { return secfalse;
return secfalse; }
} // top bit of APP set indicates the value can be read from unlocked device
// top bit of APP set indicates the value can be read from unlocked device if (sectrue != unlocked && ((app & 0x80) == 0)) {
if (sectrue != unlocked && ((app & 0x80) == 0)) { return secfalse;
return secfalse; }
} return norcow_get(key, val, len);
return norcow_get(key, val, len);
} }
secbool storage_set(const uint16_t key, const void *val, uint16_t len) secbool storage_set(const uint16_t key, const void *val, uint16_t len) {
{ const uint8_t app = key >> 8;
const uint8_t app = key >> 8; // APP == 0 is reserved for PIN related values
// APP == 0 is reserved for PIN related values if (sectrue != initialized || sectrue != unlocked || app == 0) {
if (sectrue != initialized || sectrue != unlocked || app == 0) { return secfalse;
return secfalse; }
} return norcow_set(key, val, len);
return norcow_set(key, val, len);
} }
secbool storage_has_pin(void) secbool storage_has_pin(void) {
{ if (sectrue != initialized) {
if (sectrue != initialized) { return secfalse;
return secfalse; }
} return sectrue == pin_cmp(1) ? secfalse : sectrue;
return sectrue == pin_cmp(1) ? secfalse : sectrue;
} }
secbool storage_change_pin(const uint32_t oldpin, const uint32_t newpin) secbool storage_change_pin(const uint32_t oldpin, const uint32_t newpin) {
{ if (sectrue != initialized || sectrue != unlocked) {
if (sectrue != initialized || sectrue != unlocked) { return secfalse;
return secfalse; }
} if (sectrue != storage_check_pin(oldpin)) {
if (sectrue != storage_check_pin(oldpin)) { return secfalse;
return secfalse; }
} return norcow_set(PIN_KEY, &newpin, sizeof(uint32_t));
return norcow_set(PIN_KEY, &newpin, sizeof(uint32_t));
} }
void storage_wipe(void) void storage_wipe(void) { norcow_wipe(); }
{
norcow_wipe();
}

2
storage/tests/c0/storage.h
Unescape View File

@ -20,8 +20,8 @@
#ifndef __STORAGE_H__ #ifndef __STORAGE_H__
#define __STORAGE_H__ #define __STORAGE_H__
#include <stdint.h>
#include <stddef.h> #include <stddef.h>
#include <stdint.h>
#include "secbool.h" #include "secbool.h"
typedef void (*PIN_UI_WAIT_CALLBACK)(uint32_t wait, uint32_t progress); typedef void (*PIN_UI_WAIT_CALLBACK)(uint32_t wait, uint32_t progress);

Write Preview
Loading…
Cancel
Save