remove complicated key saving process and instead

leave the encryption key for wolfBoot_success to erase.
FINAL_SWAP was also stopping the case where the partition was put into testing before the update sector status flags could be erased. now, don't erase the update sector flags. instead put the update partition in IMG_STATE_FINAL_FLAGS state before putting the boot partition in IMG_STATE_TESTING. Then only erase the update sector flags on wolfBoot_update_trigger. under this scheme, the sector flags are intact if the power failed before we could set IMG_STATE_TESTING but are wiped if we do need to swap over after after wolfBoot_success fails to be called

Author: jpbland1

include/encrypt.h

@@ -64,8 +64,6 @@ void aes_set_iv(uint8_t *nonce, uint32_t address);
 #endif /* ENCRYPT_WITH_CHACHA */
 
 /* Internal read/write functions (not exported in the libwolfboot API) */
-int ext_flash_encrypt_write_ex(uintptr_t address,
-    const uint8_t *data, int len, int forcedEnc);
 int ext_flash_encrypt_write(uintptr_t address, const uint8_t *data, int len);
 int ext_flash_decrypt_read(uintptr_t address, uint8_t *data, int len);
 

include/image.h

@@ -616,18 +616,10 @@ static inline int wb_flash_erase(struct wolfBoot_image *img, uint32_t off,
 }
 
 static inline int wb_flash_write(struct wolfBoot_image *img, uint32_t off,
-    const void *data, uint32_t size, int forcedEncrypt)
+    const void *data, uint32_t size)
 {
-    if (PART_IS_EXT(img)) {
-#if defined(EXT_ENCRYPTED) && (defined(__WOLFBOOT) || defined(UNIT_TEST))
-        if (forcedEncrypt == 1)
-            return ext_flash_encrypt_write_ex((uintptr_t)(img->hdr) + off, data,
-                size, forcedEncrypt);
-        else
-#endif
-            return ext_flash_check_write((uintptr_t)(img->hdr) + off, data,
-                size);
-    }
+    if (PART_IS_EXT(img))
+        return ext_flash_check_write((uintptr_t)(img->hdr) + off, data, size);
     else
         return hal_flash_write((uintptr_t)(img->hdr) + off, data, size);
 }
@@ -665,7 +657,7 @@ static inline int wb_flash_write_verify_word(struct wolfBoot_image *img,
 # define PARTN_IS_EXT(x) (0)
 # define wb_flash_erase(im, of, siz) \
     hal_flash_erase(((uintptr_t)(((im)->hdr)) + of), siz)
-# define wb_flash_write(im, of, dat, siz, I) \
+# define wb_flash_write(im, of, dat, siz) \
     hal_flash_write(((uintptr_t)((im)->hdr)) + of, dat, siz)
 
 #endif /* EXT_FLASH */

include/wolfboot/wolfboot.h

@@ -244,15 +244,15 @@ extern "C" {
 #ifndef WOLFBOOT_FLAGS_INVERT
 #define IMG_STATE_NEW       0xFF
 #define IMG_STATE_UPDATING  0x70
-#define IMG_STATE_FINAL_SWAP  0x30
+#define IMG_STATE_FINAL_FLAGS  0x30
 #define IMG_STATE_TESTING   0x10
 #define IMG_STATE_SUCCESS   0x00
 #define FLASH_BYTE_ERASED   0xFF
 #define FLASH_WORD_ERASED   0xFFFFFFFFUL
 #else
 #define IMG_STATE_NEW       0x00
 #define IMG_STATE_UPDATING  0x8F
-#define IMG_STATE_FINAL_SWAP  0xBF
+#define IMG_STATE_FINAL_FLAGS  0xBF
 #define IMG_STATE_TESTING   0xEF
 #define IMG_STATE_SUCCESS   0xFF
 #define FLASH_BYTE_ERASED   0x00
@@ -316,15 +316,9 @@ int wolfBoot_get_diffbase_hdr(uint8_t part, uint8_t **ptr);
 #endif
 
 int wolfBoot_set_encrypt_key(const uint8_t *key, const uint8_t *nonce);
-int wolfBoot_backup_encrypt_key(const uint8_t* key, const uint8_t* nonce);
 int wolfBoot_get_encrypt_key(uint8_t *key, uint8_t *nonce);
 int wolfBoot_erase_encrypt_key(void);
 
-#ifdef FLAGS_HOME
-int wolfBoot_flags_home_set_final_swap();
-int wolfBoot_flags_home_get_final_swap();
-#endif
-
 #ifdef __cplusplus
 }
 #endif

lib/wolfTPM

@@ -741,20 +741,16 @@ void RAMFUNCTION wolfBoot_erase_partition(uint8_t part)
 void RAMFUNCTION wolfBoot_update_trigger(void)
 {
     uint8_t st = IMG_STATE_UPDATING;
-#if defined(NVM_FLASH_WRITEONCE) || defined(WOLFBOOT_FLAGS_INVERT)
     uintptr_t lastSector = PART_UPDATE_ENDFLAGS -
         (PART_UPDATE_ENDFLAGS % WOLFBOOT_SECTOR_SIZE);
+#ifdef NVM_FLASH_WRITEONCE
+    uint8_t selSec = 0;
+#endif
 
-#ifndef FLAGS_HOME
     /* if PART_UPDATE_ENDFLAGS stradles a sector, (all non FLAGS_HOME builds)
      * align it to the correct sector */
     if (PART_UPDATE_ENDFLAGS % WOLFBOOT_SECTOR_SIZE == 0)
         lastSector -= WOLFBOOT_SECTOR_SIZE;
-#endif
-#endif
-#ifdef NVM_FLASH_WRITEONCE
-    uint8_t selSec = 0;
-#endif
 
     /* erase the sector flags */
     if (FLAGS_UPDATE_EXT()) {
@@ -767,11 +763,12 @@ void RAMFUNCTION wolfBoot_update_trigger(void)
      * partition based on how many flags are non-erased
      * FLAGS_INVERT needs erased flags because the bin-assemble's fill byte may
      * not match what's in wolfBoot */
-#if defined(NVM_FLASH_WRITEONCE) || defined(WOLFBOOT_FLAGS_INVERT)
     if (FLAGS_UPDATE_EXT()) {
         ext_flash_erase(lastSector, SECTOR_FLAGS_SIZE);
     } else {
-#ifdef NVM_FLASH_WRITEONCE
+#ifndef NVM_FLASH_WRITEONCE
+        hal_flash_erase(lastSector, SECTOR_FLAGS_SIZE);
+#else
         selSec = nvm_select_fresh_sector(PART_UPDATE);
         XMEMCPY(NVM_CACHE,
             (uint8_t*)(lastSector - WOLFBOOT_SECTOR_SIZE * selSec),
@@ -783,11 +780,8 @@ void RAMFUNCTION wolfBoot_update_trigger(void)
         /* erase the previously selected sector */
         hal_flash_erase(lastSector - WOLFBOOT_SECTOR_SIZE * selSec,
             WOLFBOOT_SECTOR_SIZE);
-#elif defined(WOLFBOOT_FLAGS_INVERT)
-        hal_flash_erase(lastSector, SECTOR_FLAGS_SIZE);
 #endif
     }
-#endif
 
     wolfBoot_set_partition_state(PART_UPDATE, st);
 
@@ -812,10 +806,16 @@ void RAMFUNCTION wolfBoot_success(void)
     if (FLAGS_BOOT_EXT()) {
         ext_flash_unlock();
         wolfBoot_set_partition_state(PART_BOOT, st);
+        /* set update so IMG_STATE_FINAL_FLAGS isn't triggering pointless calls
+         * to wolfBoot update */
+        wolfBoot_set_partition_state(PART_UPDATE, st);
         ext_flash_lock();
     } else {
         hal_flash_unlock();
         wolfBoot_set_partition_state(PART_BOOT, st);
+        /* set update so IMG_STATE_FINAL_FLAGS isn't triggering pointless calls
+         * to wolfBoot update */
+        wolfBoot_set_partition_state(PART_UPDATE, st);
         hal_flash_lock();
     }
 #ifdef EXT_ENCRYPTED
@@ -1431,23 +1431,6 @@ int RAMFUNCTION wolfBoot_set_encrypt_key(const uint8_t *key,
     return 0;
 }
 
-int RAMFUNCTION wolfBoot_backup_encrypt_key(const uint8_t* key,
-    const uint8_t* nonce)
-{
-#ifndef MMU
-    uint32_t magic[2] = {WOLFBOOT_MAGIC, WOLFBOOT_MAGIC_TRAIL};
-
-    hal_flash_write(WOLFBOOT_PARTITION_BOOT_ADDRESS, key,
-        ENCRYPT_KEY_SIZE);
-    hal_flash_write(WOLFBOOT_PARTITION_BOOT_ADDRESS +
-        ENCRYPT_KEY_SIZE, nonce, ENCRYPT_NONCE_SIZE);
-    /* write magic so we know we finished in case of a powerfail */
-    hal_flash_write(WOLFBOOT_PARTITION_BOOT_ADDRESS +
-        ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE, (uint8_t*)magic, sizeof(magic));
-#endif
-    return 0;
-}
-
 #ifndef UNIT_TEST
 /**
  * @brief Get the encryption key.
@@ -1463,39 +1446,21 @@ int RAMFUNCTION wolfBoot_backup_encrypt_key(const uint8_t* key,
  */
 int RAMFUNCTION wolfBoot_get_encrypt_key(uint8_t *k, uint8_t *nonce)
 {
-    int ret = 0;
 #if defined(MMU)
     XMEMCPY(k, ENCRYPT_KEY, ENCRYPT_KEY_SIZE);
     XMEMCPY(nonce, ENCRYPT_KEY + ENCRYPT_KEY_SIZE, ENCRYPT_NONCE_SIZE);
 #else
-    uint8_t* mem;
-    uint32_t magic[2];
-
-    /* see if we've backed up the key, this will only matter for final swap */
-    XMEMCPY(magic, (uint8_t*)WOLFBOOT_PARTITION_BOOT_ADDRESS +
-        ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE, sizeof(magic));
-
-    if (magic[0] == WOLFBOOT_MAGIC && magic[1] == WOLFBOOT_MAGIC_TRAIL) {
-        mem = (uint8_t*)WOLFBOOT_PARTITION_BOOT_ADDRESS;
-        /* not a failure but finalize needs to know that it's safe to erase and
-         * write the key to the normal spot */
-        ret = 1;
-    }
-    else {
-        mem = (uint8_t *)(ENCRYPT_TMP_SECRET_OFFSET +
-            WOLFBOOT_PARTITION_BOOT_ADDRESS);
-
-#ifdef NVM_FLASH_WRITEONCE
-        int sel_sec = 0;
-        sel_sec = nvm_select_fresh_sector(PART_BOOT);
-        mem -= (sel_sec * WOLFBOOT_SECTOR_SIZE);
-#endif
-    }
-
+    uint8_t *mem = (uint8_t *)(ENCRYPT_TMP_SECRET_OFFSET +
+        WOLFBOOT_PARTITION_BOOT_ADDRESS);
+    int sel_sec = 0;
+    #ifdef NVM_FLASH_WRITEONCE
+    sel_sec = nvm_select_fresh_sector(PART_BOOT);
+    mem -= (sel_sec * WOLFBOOT_SECTOR_SIZE);
+    #endif
     XMEMCPY(k, mem, ENCRYPT_KEY_SIZE);
     XMEMCPY(nonce, mem + ENCRYPT_KEY_SIZE, ENCRYPT_NONCE_SIZE);
 #endif
-    return ret;
+    return 0;
 }
 #endif
 /**
@@ -1539,12 +1504,16 @@ int RAMFUNCTION chacha_init(void)
 #if defined(MMU) || defined(UNIT_TEST)
     uint8_t *key = ENCRYPT_KEY;
 #else
-    uint8_t key[ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE];
-    wolfBoot_get_encrypt_key(key, key + ENCRYPT_KEY_SIZE);
+    uint8_t *key = (uint8_t *)(WOLFBOOT_PARTITION_BOOT_ADDRESS +
+        ENCRYPT_TMP_SECRET_OFFSET);
 #endif
     uint8_t ff[ENCRYPT_KEY_SIZE];
     uint8_t* stored_nonce;
 
+#ifdef NVM_FLASH_WRITEONCE
+    key -= WOLFBOOT_SECTOR_SIZE * nvm_select_fresh_sector(PART_BOOT);
+#endif
+
     stored_nonce = key + ENCRYPT_KEY_SIZE;
 
     XMEMSET(&chacha, 0, sizeof(chacha));
@@ -1581,13 +1550,17 @@ int aes_init(void)
 #if defined(MMU) || defined(UNIT_TEST)
     uint8_t *key = ENCRYPT_KEY;
 #else
-    uint8_t key[ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE];
-    wolfBoot_get_encrypt_key(key, key + ENCRYPT_KEY_SIZE);
+    uint8_t *key = (uint8_t *)(WOLFBOOT_PARTITION_BOOT_ADDRESS +
+        ENCRYPT_TMP_SECRET_OFFSET);
 #endif
     uint8_t ff[ENCRYPT_KEY_SIZE];
     uint8_t iv_buf[ENCRYPT_NONCE_SIZE];
     uint8_t* stored_nonce;
 
+#ifdef NVM_FLASH_WRITEONCE
+    key -= WOLFBOOT_SECTOR_SIZE * nvm_select_fresh_sector(PART_BOOT);
+#endif
+
     stored_nonce = key + ENCRYPT_KEY_SIZE;
 
     XMEMSET(&aes_enc, 0, sizeof(aes_enc));
@@ -1703,8 +1676,8 @@ static uint8_t RAMFUNCTION part_address(uintptr_t a)
  *
  *  @return int 0 if successful, -1 on failure.
  */
-int RAMFUNCTION ext_flash_encrypt_write_ex(uintptr_t address,
-    const uint8_t *data, int len, int forcedEnc)
+int RAMFUNCTION ext_flash_encrypt_write(uintptr_t address, const uint8_t *data,
+    int len)
 {
     uint8_t block[ENCRYPT_BLOCK_SIZE];
     uint8_t enc_block[ENCRYPT_BLOCK_SIZE];
@@ -1739,9 +1712,7 @@ int RAMFUNCTION ext_flash_encrypt_write_ex(uintptr_t address,
             break;
         case PART_SWAP:
             /* data is coming from update and is already encrypted */
-            if (forcedEnc == 0)
-                return ext_flash_write(address, data, len);
-            break;
+            return ext_flash_write(address, data, len);
         default:
             return -1;
     }
@@ -1772,22 +1743,6 @@ int RAMFUNCTION ext_flash_encrypt_write_ex(uintptr_t address,
     return ext_flash_write(address, ENCRYPT_CACHE, step);
 }
 
-/**
- * @brief Write encrypted data to an external flash.
- *
- * This function calls ext_flash_encrypt_write_ex with forced encryption off
- *
- * @param address The address in the external flash to write the data to.
- * @param data Pointer to the data buffer to be written.
- * @param len The length of the data to be written.
- *
- *  @return int 0 if successful, -1 on failure.
- */
-int RAMFUNCTION ext_flash_encrypt_write(uintptr_t address, const uint8_t *data, int len)
-{
-    return ext_flash_encrypt_write_ex(address, data, len, 0);
-}
-
 /**
  * @brief Read and decrypt data from an external flash.
  *
@@ -1934,39 +1889,3 @@ int wolfBoot_ram_decrypt(uint8_t *src, uint8_t *dst)
 }
 #endif /* MMU */
 #endif /* EXT_ENCRYPTED */
-
-#ifdef FLAGS_HOME
-/* we need to write a marker to update since the boot and update flags are all
- * in the same sector so write magic to the first sector of boot */
-int wolfBoot_flags_home_set_final_swap()
-{
-/* EXT_ENCRYPTED uses the first sector to store the key and magic, don't
- * overwrite it */
-#ifndef EXT_ENCRYPTED
-    uint32_t magic[2] = {WOLFBOOT_MAGIC, WOLFBOOT_MAGIC_TRAIL};
-    uintptr_t addr = (uintptr_t)WOLFBOOT_PARTITION_BOOT_ADDRESS;
-
-    hal_flash_write(addr, (uint8_t*)magic, sizeof(magic));
-#endif /* !EXT_ENCRYPTED */
-
-    return 0;
-}
-
-int wolfBoot_flags_home_get_final_swap()
-{
-    uint32_t magic[2];
-    uintptr_t addr = (uintptr_t)WOLFBOOT_PARTITION_BOOT_ADDRESS;
-
-/* if encryption is on magic will be after the key and nonce */
-#ifdef EXT_ENCRYPTED
-    addr += ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE;
-#endif
-
-    XMEMCPY((uint8_t*)magic, (uint8_t*)addr, sizeof(magic));
-
-    if (magic[0] == WOLFBOOT_MAGIC && magic[1] == WOLFBOOT_MAGIC_TRAIL)
-        return 1;
-
-    return 0;
-}
-#endif /* FLAGS_HOME */