Merge pull request #104 from billphipps/fix_flashunit_program

bigbrett · web-flow · commit c5c6e81934bc · 2025-04-16T11:34:29.000-06:00
Fix flashunit program
diff --git a/port/posix/posix_flash_file.c b/port/posix/posix_flash_file.c
@@ -78,7 +78,8 @@ int posixFlashFile_Init(   void* c,
     }
 
     /* Open the storage backend */
-    rc = open(config->filename, O_RDWR|O_CREAT|O_SYNC, S_IRUSR | S_IWUSR);
+    /* III Recommend to add O_SYNC if realtime data consistency is a concern */
+    rc = open(config->filename, O_RDWR|O_CREAT, S_IRUSR | S_IWUSR);
     if (rc >= 0) {
         /* File is open, setup context */
         memset(context, 0, sizeof(*context));
diff --git a/src/wh_flash_unit.c b/src/wh_flash_unit.c
@@ -217,8 +217,10 @@ int wh_FlashUnit_ProgramBytes(const whFlashCb* cb, void* context,
     }
 
     /* Aligned programming */
-    ret = wh_FlashUnit_Program(cb, context,
+    if(count) {
+        ret = wh_FlashUnit_Program(cb, context,
             offset, count, (whFlashUnit*)data);
+    }
 
     /* Final partial unit */
     if ((ret == 0) && (rem != 0)) {
diff --git a/src/wh_server_crypto.c b/src/wh_server_crypto.c
@@ -452,12 +452,10 @@ int wh_Server_CacheImportCurve25519Key(whServerContext* server,
     uint8_t*       cacheBuf;
     whNvmMetadata* cacheMeta;
     int            ret;
-    /* Max size of a DER encoded curve25519 keypair with SubjectPublicKeyInfo
-     * included. Determined by experiment */
-    const uint16_t MAX_DER_SIZE = 128;
-    uint16_t       keySz        = keySz;
 
-    uint8_t der_buf[MAX_DER_SIZE];
+    /* CURVE25519_MAX_KEY_TO_DER_SZ should be 82 */
+    uint8_t der_buf[CURVE25519_MAX_KEY_TO_DER_SZ];
+    uint16_t       keySz = sizeof(der_buf);
 
 
     if ((server == NULL) || (key == NULL) || (WH_KEYID_ISERASED(keyId)) ||
diff --git a/test/user_settings.h b/test/user_settings.h
@@ -88,6 +88,7 @@ extern "C" {
 
 /** RSA Options */
 /*#define NO_RSA */
+#define RSA_MIN_SIZE 1024
 #define WC_RSA_PSS
 #define WOLFSSL_PSS_LONG_SALT
 #define FP_MAX_BITS 8192
diff --git a/test/wh_test_crypto.c b/test/wh_test_crypto.c
@@ -2285,6 +2285,7 @@ int whTest_CryptoClientConfig(whClientConfig* config)
             i++;
         }
     }
+
 #ifdef WOLFHSM_CFG_DMA
     if (ret == 0) {
         ret = whTestCrypto_MlDsaDmaClient(client, WH_DEV_ID_DMA, rng);
diff --git a/test/wh_test_nvm_flash.c b/test/wh_test_nvm_flash.c
@@ -29,6 +29,7 @@
 #include "wolfhsm/wh_error.h"
 #include "wolfhsm/wh_nvm.h"
 #include "wolfhsm/wh_nvm_flash.h"
+#include "wolfhsm/wh_flash_unit.h"
 
 /* NVM simulator backends to use for testing NVM module */
 #include "wolfhsm/wh_flash_ramsim.h"
@@ -180,6 +181,131 @@ static int destroyObjectWithReadBackCheck(const whNvmCb*     cb,
     return 0;
 }
 
+int whTest_Flash(const whFlashCb* fcb, void* fctx, const void* cfg)
+{
+    uint8_t write_bytes[8] = { 0xF0, 0xE1, 0xD2, 0xC3, 0xB4, 0xA5, 0x96, 0x87};
+    uint8_t read_bytes[8] = {0};
+    whFlashUnit write_buffer[4] = {0};
+    whFlashUnit read_buffer[4] = {0};
+
+    uint32_t partition_units = 0;
+
+    WH_TEST_RETURN_ON_FAIL(fcb->Init(fctx, cfg));
+
+    partition_units = wh_FlashUnit_Bytes2Units(fcb->PartitionSize(fctx)) ;
+
+    /* Unlock the first partition */
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_WriteUnlock(fcb, fctx,
+            0, partition_units));
+
+    /* Erase the first partition */
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Erase(fcb, fctx,
+            0, partition_units));
+
+    /* Blank check the first partition */
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_BlankCheck(fcb, fctx,
+            0, partition_units));
+
+    /* Program a few different unit sizes */
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Program(fcb, fctx,
+            0, 1, write_buffer));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Program(fcb, fctx,
+            1, 2, write_buffer));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Program(fcb, fctx,
+            3, 3, write_buffer));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Program(fcb, fctx,
+            6, 4, write_buffer));
+
+    /* Read back and check */
+    memset(read_buffer, 0, sizeof(read_buffer));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Read(fcb, fctx,
+            0, 1, read_buffer));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_buffer, read_buffer,
+               1 * WHFU_BYTES_PER_UNIT));
+    memset(read_buffer, 0, sizeof(read_buffer));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Read(fcb, fctx,
+            1, 2, read_buffer));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_buffer, read_buffer,
+               2 * WHFU_BYTES_PER_UNIT));
+    memset(read_buffer, 0, sizeof(read_buffer));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Read(fcb, fctx,
+            3, 3, read_buffer));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_buffer, read_buffer,
+               3 * WHFU_BYTES_PER_UNIT));
+    memset(read_buffer, 0, sizeof(read_buffer));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Read(fcb, fctx,
+            6, 4, read_buffer));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_buffer, read_buffer,
+               4 * WHFU_BYTES_PER_UNIT));
+
+    /* Program a few different byte sizes */
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ProgramBytes(fcb, fctx,
+                10 * WHFU_BYTES_PER_UNIT, 1, write_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ProgramBytes(fcb, fctx,
+                11 * WHFU_BYTES_PER_UNIT, 2, write_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ProgramBytes(fcb, fctx,
+                12 * WHFU_BYTES_PER_UNIT, 3, write_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ProgramBytes(fcb, fctx,
+                13 * WHFU_BYTES_PER_UNIT, 4, write_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ProgramBytes(fcb, fctx,
+                14 * WHFU_BYTES_PER_UNIT, 5, write_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ProgramBytes(fcb, fctx,
+                15 * WHFU_BYTES_PER_UNIT, 6, write_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ProgramBytes(fcb, fctx,
+                16 * WHFU_BYTES_PER_UNIT, 7, write_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ProgramBytes(fcb, fctx,
+                17 * WHFU_BYTES_PER_UNIT, 8, write_bytes));
+
+    /* Read back and compare */
+    memset(read_bytes, 0, sizeof(read_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ReadBytes(fcb, fctx,
+                10 * WHFU_BYTES_PER_UNIT, 1, read_bytes));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_bytes, read_bytes, 1));
+    memset(read_bytes, 0, sizeof(read_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ReadBytes(fcb, fctx,
+                11 * WHFU_BYTES_PER_UNIT, 2, read_bytes));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_bytes, read_bytes, 2));
+    memset(read_bytes, 0, sizeof(read_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ReadBytes(fcb, fctx,
+                12 * WHFU_BYTES_PER_UNIT, 3, read_bytes));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_bytes, read_bytes, 3));
+    memset(read_bytes, 0, sizeof(read_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ReadBytes(fcb, fctx,
+                13 * WHFU_BYTES_PER_UNIT, 4, read_bytes));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_bytes, read_bytes, 4));
+    memset(read_bytes, 0, sizeof(read_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ReadBytes(fcb, fctx,
+                14 * WHFU_BYTES_PER_UNIT, 5, read_bytes));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_bytes, read_bytes, 5));
+    memset(read_bytes, 0, sizeof(read_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ReadBytes(fcb, fctx,
+                15 * WHFU_BYTES_PER_UNIT, 6, read_bytes));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_bytes, read_bytes, 6));
+    memset(read_bytes, 0, sizeof(read_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ReadBytes(fcb, fctx,
+                16 * WHFU_BYTES_PER_UNIT, 7, read_bytes));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_bytes, read_bytes, 7));
+    memset(read_bytes, 0, sizeof(read_bytes));
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_ReadBytes(fcb, fctx,
+                17 * WHFU_BYTES_PER_UNIT, 8, read_bytes));
+    WH_TEST_RETURN_ON_FAIL(memcmp(write_bytes, read_bytes, 8));
+
+    /* Erase the first partition */
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_Erase(fcb, fctx,
+            0, partition_units));
+
+    /* Blank check the first partition */
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_BlankCheck(fcb, fctx,
+            0, partition_units));
+
+    /* Lock the first partition */
+    WH_TEST_RETURN_ON_FAIL(wh_FlashUnit_WriteLock(fcb, fctx,
+            0, partition_units));
+
+    WH_TEST_RETURN_ON_FAIL(fcb->Cleanup(fctx));
+
+    return 0;
+}
 
 int whTest_NvmFlashCfg(whNvmFlashConfig* cfg)
 {
@@ -350,6 +476,8 @@ int whTest_NvmFlash_RamSim(void)
         .erasedByte = (uint8_t)0,
     }};
 
+    WH_TEST_RETURN_ON_FAIL(whTest_Flash(myCb, myHalFlashCtx, myHalFlashCfg));
+
     /* NVM Configuration using PosixSim HAL Flash */
     whNvmFlashConfig myNvmCfg = {
         .cb      = myCb,
@@ -375,6 +503,8 @@ int whTest_NvmFlash_PosixFileSim(void)
           .erased_byte    = (~(uint8_t)0),
     }};
 
+    WH_TEST_RETURN_ON_FAIL(whTest_Flash(myCb, myHalFlashContext,
+            myHalFlashConfig));
 
     /* NVM Configuration using PosixSim HAL Flash */
     whNvmFlashConfig myNvmCfg = {
@@ -383,7 +513,6 @@ int whTest_NvmFlash_PosixFileSim(void)
         .config  = myHalFlashConfig,
     };
 
-
     WH_TEST_ASSERT(0 == whTest_NvmFlashCfg(&myNvmCfg));
 
     /* Remove the configured file on success*/
diff --git a/test/wh_test_nvm_flash.h b/test/wh_test_nvm_flash.h
@@ -32,6 +32,13 @@
  */
 int whTest_NvmFlash(void);
 
+/*
+ * Runs low-level flash tests on a custom NVM flash configuration. Useful to
+ * test your FLASH HAL implementation. This will erase the first partition.
+ * Returns 0 on success, and a non-zero error code on failure
+ */
+int whTest_FlashCfg(const whFlashCb* fcb, void* fctx, const void* cfg);
+
 /*
  * Runs NVM flash tests on a custom NVM flash configuration. Useful to test your
  * NVM HAL implementation
diff --git a/wolfhsm/wh_error.h b/wolfhsm/wh_error.h
@@ -32,39 +32,37 @@ enum WH_ERROR_ENUM {
     WH_ERROR_OK             = 0,    /* Success, no error. */
 
     /* General errors */
-    WH_ERROR_BADARGS        = -400, /* No side effects. Fix args. */
-    WH_ERROR_NOTREADY       = -401, /* Retry function. */
-    WH_ERROR_ABORTED        = -402, /* Function has fatally failed. Cleanup. */
-    WH_ERROR_CANCEL         = -403, /* Operation was canceled */
-    WH_ERROR_CANCEL_LATE    = -404, /* Cancel was processed too late */
-    WH_ERROR_CERT_VERIFY    = -405, /* Certificate verification failed */
-    WH_ERROR_BUFFER_SIZE    = -406, /* Generic buffer size mismatch. Buffer
+    WH_ERROR_BADARGS        = -2000, /* No side effects. Fix args. */
+    WH_ERROR_NOTREADY       = -2001, /* Retry function. */
+    WH_ERROR_ABORTED        = -2002, /* Function has fatally failed. Cleanup. */
+    WH_ERROR_CANCEL         = -2003, /* Operation was canceled */
+    WH_ERROR_CANCEL_LATE    = -2004, /* Cancel was processed too late */
+    WH_ERROR_CERT_VERIFY    = -2005, /* Certificate verification failed */
+    WH_ERROR_BUFFER_SIZE    = -2006, /* Generic buffer size mismatch. Buffer
                                       * length is not what was expected */
+    WH_ERROR_NOHANDLER      = -2007, /* No customcb handler registered */
 
     /* NVM-specific status returns */
-    WH_ERROR_LOCKED         = -410, /* Unlock and retry if necessary */
-    WH_ERROR_ACCESS         = -411, /* Update access and retry */
-    WH_ERROR_NOTVERIFIED    = -412, /* Backing store does not match */
-    WH_ERROR_NOTBLANK       = -413, /* Area is no blank */
-    WH_ERROR_NOTFOUND       = -414, /* Matching object not found */
-    WH_ERROR_NOSPACE        = -415, /* No available space */
-
-    /* Custom-callback status returns */
-    WH_ERROR_NOHANDLER     = -420, /* No handler registered for action */
+    WH_ERROR_LOCKED         = -2100, /* Unlock and retry if necessary */
+    WH_ERROR_ACCESS         = -2101, /* Update access and retry */
+    WH_ERROR_NOTVERIFIED    = -2102, /* Backing store does not match */
+    WH_ERROR_NOTBLANK       = -2103, /* Area is no blank */
+    WH_ERROR_NOTFOUND       = -2104, /* Matching object not found */
+    WH_ERROR_NOSPACE        = -2105, /* No available space */
 
     /* SHE-specific error codes */
-    WH_SHE_ERC_SEQUENCE_ERROR = -500,
-    WH_SHE_ERC_KEY_NOT_AVAILABLE = -501,
-    WH_SHE_ERC_KEY_INVALID = -502,
-    WH_SHE_ERC_KEY_EMPTY = -503,
-    WH_SHE_ERC_NO_SECURE_BOOT = -504,
-    WH_SHE_ERC_WRITE_PROTECTED = -505,
-    WH_SHE_ERC_KEY_UPDATE_ERROR = -506,
-    WH_SHE_ERC_RNG_SEED = -507,
-    WH_SHE_ERC_NO_DEBUGGING = -508,
-    WH_SHE_ERC_BUSY = -509,
-    WH_SHE_ERC_MEMORY_FAILURE = -510,
-    WH_SHE_ERC_GENERAL_ERROR = -511,
+    WH_SHE_ERC_SEQUENCE_ERROR       = -2200,
+    WH_SHE_ERC_KEY_NOT_AVAILABLE    = -2201,
+    WH_SHE_ERC_KEY_INVALID          = -2202,
+    WH_SHE_ERC_KEY_EMPTY            = -2203,
+    WH_SHE_ERC_NO_SECURE_BOOT       = -2204,
+    WH_SHE_ERC_WRITE_PROTECTED      = -2205,
+    WH_SHE_ERC_KEY_UPDATE_ERROR     = -2206,
+    WH_SHE_ERC_RNG_SEED             = -2207,
+    WH_SHE_ERC_NO_DEBUGGING         = -2208,
+    WH_SHE_ERC_BUSY                 = -2209,
+    WH_SHE_ERC_MEMORY_FAILURE       = -2210,
+    WH_SHE_ERC_GENERAL_ERROR        = -2211,
 };
 
 #define WH_SHE_ERC_NO_ERROR WH_ERROR_OK
diff --git a/wolfhsm/wh_flash.h b/wolfhsm/wh_flash.h

Original file line number	Diff line number	Diff line change
`@@ -78,7 +78,8 @@ int posixFlashFile_Init( void* c,`
`78`	`78`	`}`
`79`	`79`
`80`	`80`	`/* Open the storage backend */`
`81`		`- rc = open(config->filename, O_RDWR\|O_CREAT\|O_SYNC, S_IRUSR \| S_IWUSR);`
	`81`	`+ /* III Recommend to add O_SYNC if realtime data consistency is a concern */`
	`82`	`+ rc = open(config->filename, O_RDWR\|O_CREAT, S_IRUSR \| S_IWUSR);`
`82`	`83`	`if (rc >= 0) {`
`83`	`84`	`/* File is open, setup context */`
`84`	`85`	`memset(context, 0, sizeof(*context));`
Original file line number	Diff line number	Diff line change
`@@ -2285,6 +2285,7 @@ int whTest_CryptoClientConfig(whClientConfig* config)`
`2285`	`2285`	`i++;`
`2286`	`2286`	`}`
`2287`	`2287`	`}`
	`2288`	`+`
`2288`	`2289`	`#ifdef WOLFHSM_CFG_DMA`
`2289`	`2290`	`if (ret == 0) {`
`2290`	`2291`	`ret = whTestCrypto_MlDsaDmaClient(client, WH_DEV_ID_DMA, rng);`