Add abstraction to lms version

Author: aidangarske

examples/firmware/README.md

@@ -107,48 +107,35 @@ KeyGroupId 0x7, FwCounter 1253 (254 same)
 
 ## ST33 Firmware Update
 
-### Firmware Version Requirements
+### Firmware Format Auto-Detection
 
-ST33KTPM firmware update uses a simplified two-state model matching ST's reference implementation:
+ST33KTPM firmware update automatically detects the required format based on TPM firmware version:
 
-- **Legacy firmware (< 512, e.g., 9.257)**: Non-LMS format required
-  - Non-LMS path only
-  - LMS format is rejected
+- **Legacy firmware (< 512, e.g., 9.257)**: Non-LMS format
+  - Manifest size: 177 bytes
   - Generation 1 firmware (ECC-only)
 
-- **Modern firmware (>= 512, e.g., 9.512)**: LMS format required
-  - LMS path only
-  - LMS signature is required (embedded in manifest)
+- **Modern firmware (>= 512, e.g., 9.512)**: LMS format
+  - Manifest size: 2697 bytes (includes embedded LMS signature)
   - Generation 2 firmware (LMS mandatory)
 
-The firmware version is automatically detected by checking `fwVerMinor` from the TPM capabilities. The version threshold is:
-- **512 (0x0200)**: ST policy enforcement threshold - Generation 2 starts here, LMS becomes mandatory
-
-Version breakdown:
-- **9.257 (0x0101)**: Legacy ECC-only firmware (Generation 1)
-- **9.512 (0x0200)**: First modern firmware with LMS mandatory requirement (Generation 2)
-
-This simplified model matches ST's reference implementation behavior, which uses separate tools for Generation 1 (< 512) vs Generation 2 (>= 512) firmware.
+The firmware version is automatically detected from `fwVerMinor` in TPM capabilities. The correct manifest size is determined automatically - no manual format selection is needed.
 
 ### Updating the firmware
 
-The `st33_fw_update` tool uses the manifest and firmware data files.
+The `st33_fw_update` tool automatically detects the firmware format.
 
 ```sh
 # Help
 ./st33_fw_update --help
 ST33 Firmware Update Usage:
 	./st33_fw_update (get info)
 	./st33_fw_update --abandon (cancel)
-	./st33_fw_update <firmware.fi> [--lms]
-
-Options:
-      --lms: Use LMS format (2697 byte manifest with embedded signature)
-             Default is non-LMS format (177 byte manifest)
+	./st33_fw_update <firmware.fi>
 
-Note: LMS format requirements:
-      - Firmware < 512: Non-LMS format required (legacy firmware, e.g., 9.257)
-      - Firmware >= 512: LMS format required (modern firmware, e.g., 9.512)
+Firmware format is auto-detected from TPM firmware version:
+      - Firmware < 512: Non-LMS format (177 byte manifest)
+      - Firmware >= 512: LMS format (2697 byte manifest with embedded signature)
 
 # Run without arguments to display the current firmware information
 ./st33_fw_update
@@ -160,17 +147,17 @@ Firmware version details: Major=9, Minor=257, Vendor=0x0
 Hardware: ST33K (legacy firmware, Generation 1)
 Firmware update: Non-LMS format required
 
-# Run with non-LMS firmware file (for legacy firmware < 512)
+# Run with firmware file (format auto-detected from TPM version)
 ./st33_fw_update TPM_ST33KTPM2X_00090200_V1.fi
 ST33 Firmware Update Tool
 	Firmware File: TPM_ST33KTPM2X_00090200_V1.fi
-	Format: Non-LMS (V1)
 TPM2: Caps 0x30000415, Did 0x0003, Vid 0x104a, Rid 0x 1
 TPM2_Startup pass
 Mfg STM (2), Vendor ST33KTPM2X, Fw 9.257 (0x0)
 Firmware version details: Major=9, Minor=257, Vendor=0x0
 Hardware: ST33K (legacy firmware, Generation 1)
 Firmware update: Non-LMS format required
+	Format: Non-LMS (from TPM firmware version)
 Firmware Update:
 	Total file size: 364290 bytes
 	Manifest (blob0): 177 bytes
@@ -179,17 +166,17 @@ Firmware Update:
 Firmware update completed successfully.
 Please reset or power cycle the TPM.
 
-# Run with LMS firmware file (for modern firmware >= 512)
-./st33_fw_update ST33KTPM2X_FAC_00090200_V2.fi --lms
+# Example with LMS firmware (Generation 2 TPM, firmware >= 512)
+./st33_fw_update ST33KTPM2X_FAC_00090200_V2.fi
 ST33 Firmware Update Tool
 	Firmware File: ST33KTPM2X_FAC_00090200_V2.fi
-	Format: LMS (V2)
 TPM2: Caps 0x30000415, Did 0x0003, Vid 0x104a, Rid 0x 3
 TPM2_Startup pass
 Mfg STM (2), Vendor ST33KTPM2X, Fw 9.512 (0x0)
 Firmware version details: Major=9, Minor=512, Vendor=0x0
 Hardware: ST33K (modern firmware, Generation 2)
 Firmware update: LMS format required
+	Format: LMS (from TPM firmware version)
 Firmware Update:
 	Total file size: 360092 bytes
 	Manifest (blob0): 2697 bytes

examples/firmware/st33_fw_update.c

@@ -47,16 +47,9 @@ static void usage(void)
     printf("ST33 Firmware Update Usage:\n");
     printf("\t./st33_fw_update (get info)\n");
     printf("\t./st33_fw_update --abandon (cancel)\n");
-    printf("\t./st33_fw_update <firmware.fi> [--lms]\n");
-    printf("\nOptions:\n");
-    printf("      --lms: Use LMS format (2697 byte manifest with embedded signature)\n");
-    printf("             Default is non-LMS format (177 byte manifest)\n");
-    printf("\nNote: LMS format requirements:\n");
-    printf("      - Firmware < 512: Non-LMS format required (legacy firmware, e.g., 9.257)\n");
-    printf("      - Firmware >= 512: LMS format required (modern firmware, e.g., 9.512)\n");
-    printf("\nFirmware file format:\n");
-    printf("      - Non-LMS (.fi V1): First 177 bytes = manifest, rest = firmware data\n");
-    printf("      - LMS (.fi V2): First 2697 bytes = manifest (with LMS sig), rest = firmware\n");
+    printf("\t./st33_fw_update <firmware.fi>\n");
+    printf("\nFirmware format is auto-detected from the TPM firmware version.\n");
+    printf("Just provide the correct .fi file for your TPM and it will be handled automatically.\n");
 }
 
 typedef struct {
@@ -66,7 +59,6 @@ typedef struct {
     size_t fi_bufSz;
     size_t manifest_bufSz;
     size_t firmware_bufSz;
-    int    use_lms;        /* 1 = LMS format, 0 = non-LMS format */
     int    in_upgrade_mode; /* 1 = continuing from upgrade mode */
 } fw_info_t;
 
@@ -185,11 +177,10 @@ int TPM2_ST33_Firmware_Update(void* userCtx, int argc, char *argv[])
     const char* fi_file = NULL;
     fw_info_t fwinfo;
     int abandon = 0;
-    int lms_state = 0; /* 0=UNSUPPORTED, 1=CAPABLE, 2=REQUIRED */
-    int i;
     size_t blob0_size;
 
     XMEMSET(&fwinfo, 0, sizeof(fwinfo));
+    XMEMSET(&caps, 0, sizeof(caps));
 
     if (argc >= 2) {
         if (XSTRCMP(argv[1], "-?") == 0 ||
@@ -203,19 +194,12 @@ int TPM2_ST33_Firmware_Update(void* userCtx, int argc, char *argv[])
         }
         else {
             fi_file = argv[1];
-            /* Parse optional --lms flag */
-            for (i = 2; i < argc; i++) {
-                if (XSTRCMP(argv[i], "--lms") == 0) {
-                    fwinfo.use_lms = 1;
-                }
-            }
         }
     }
 
     printf("ST33 Firmware Update Tool\n");
     if (fi_file != NULL) {
         printf("\tFirmware File: %s\n", fi_file);
-        printf("\tFormat: %s\n", fwinfo.use_lms ? "LMS (V2)" : "Non-LMS (V1)");
     }
 
     rc = wolfTPM2_Init(&dev, TPM2_IoCb, userCtx);
@@ -271,15 +255,6 @@ int TPM2_ST33_Firmware_Update(void* userCtx, int argc, char *argv[])
         goto exit;
     }
 
-    /* Two-state model: < 512 requires non-LMS (legacy firmware, e.g., 9.257),
-     * >= 512 requires LMS (modern firmware, LMS required, e.g., 9.512) */
-    if (caps.fwVerMinor < 512) {
-        lms_state = 0;  /* Non-LMS path only (legacy firmware, Generation 1) */
-    }
-    else {
-        lms_state = 1;  /* LMS path only (modern firmware, LMS required, Generation 2) */
-    }
-
     if (abandon) {
         printf("Firmware Update Abandon:\n");
         rc = wolfTPM2_FirmwareUpgradeCancel(&dev);
@@ -299,39 +274,49 @@ int TPM2_ST33_Firmware_Update(void* userCtx, int argc, char *argv[])
         goto exit;
     }
 
-    /* Handle LMS signature requirements (skip check in upgrade mode) */
-    if (!fwinfo.in_upgrade_mode) {
-        if (lms_state == 0) {
-            /* Legacy firmware (< 512): reject LMS format */
-            if (fwinfo.use_lms) {
-                printf("\nError: LMS format specified but firmware "
-                       "version < 512 requires non-LMS.\n");
-                printf("This device (fwVerMinor < 512) must use "
-                       "non-LMS firmware format.\n");
-                rc = BAD_FUNC_ARG;
-                goto exit;
+load_firmware:
+    /* Determine blob0 (manifest) size based on firmware version.
+     * In upgrade mode (caps not available), auto-detect from file size. */
+    if (fwinfo.in_upgrade_mode) {
+        /* In upgrade mode, we don't have caps. Load file first to detect format. */
+        rc = loadFile(fi_file, &fwinfo.fi_buf, &fwinfo.fi_bufSz);
+        if (rc != 0) {
+            printf("Failed to load firmware file: %s\n", fi_file);
+            goto exit;
+        }
+        /* Auto-detect format from file size: LMS files are larger due to
+         * 2697 byte manifest vs 177 byte manifest */
+        if (fwinfo.fi_bufSz > ST33_BLOB0_SIZE_LMS + 1000) {
+            /* File large enough to potentially be LMS format.
+             * Check if blob header at LMS offset looks valid. */
+            if (fwinfo.fi_buf[ST33_BLOB0_SIZE_LMS] != 0 &&
+                fwinfo.fi_buf[ST33_BLOB0_SIZE_LMS] != 0xFF) {
+                blob0_size = ST33_BLOB0_SIZE_LMS;
+                printf("\tFormat: LMS (auto-detected from file)\n");
+            }
+            else {
+                blob0_size = ST33_BLOB0_SIZE_NON_LMS;
+                printf("\tFormat: Non-LMS (auto-detected from file)\n");
             }
         }
         else {
-            /* Modern firmware (>= 512): require LMS format */
-            if (!fwinfo.use_lms) {
-                printf("\nError: Firmware version >= 512 requires LMS format.\n");
-                printf("Please use --lms option with LMS firmware file.\n");
-                rc = BAD_FUNC_ARG;
-                goto exit;
-            }
+            blob0_size = ST33_BLOB0_SIZE_NON_LMS;
+            printf("\tFormat: Non-LMS (auto-detected from file)\n");
         }
     }
-
-load_firmware:
-    /* Determine blob0 (manifest) size based on format */
-    blob0_size = fwinfo.use_lms ? ST33_BLOB0_SIZE_LMS : ST33_BLOB0_SIZE_NON_LMS;
-
-    /* Load the complete .fi file */
-    rc = loadFile(fi_file, &fwinfo.fi_buf, &fwinfo.fi_bufSz);
-    if (rc != 0) {
-        printf("Failed to load firmware file: %s\n", fi_file);
-        goto exit;
+    else {
+        /* Normal mode: determine format from firmware version */
+        blob0_size = (caps.fwVerMinor >= 512) ?
+            ST33_BLOB0_SIZE_LMS : ST33_BLOB0_SIZE_NON_LMS;
+        printf("\tFormat: %s (from TPM firmware version)\n",
+            (caps.fwVerMinor >= 512) ? "LMS" : "Non-LMS");
+
+        /* Load the complete .fi file */
+        rc = loadFile(fi_file, &fwinfo.fi_buf, &fwinfo.fi_bufSz);
+        if (rc != 0) {
+            printf("Failed to load firmware file: %s\n", fi_file);
+            goto exit;
+        }
     }
 
     /* Validate file size */
@@ -358,15 +343,8 @@ int TPM2_ST33_Firmware_Update(void* userCtx, int argc, char *argv[])
         printf("Sending firmware data (TPM already in upgrade mode)...\n");
         rc = TPM2_ST33_SendFirmwareData(&fwinfo);
     }
-    else if (fwinfo.use_lms) {
-        /* LMS path - manifest contains embedded LMS signature */
-        rc = wolfTPM2_FirmwareUpgradeWithLMS(&dev,
-            fwinfo.manifest_buf, (uint32_t)fwinfo.manifest_bufSz,
-            TPM2_ST33_FwData_Cb, &fwinfo,
-            fwinfo.manifest_buf, (uint32_t)fwinfo.manifest_bufSz);
-    }
     else {
-        /* Non-LMS path */
+        /* Normal mode - use unified API which auto-detects format from manifest size */
         rc = wolfTPM2_FirmwareUpgrade(&dev,
             fwinfo.manifest_buf, (uint32_t)fwinfo.manifest_bufSz,
             TPM2_ST33_FwData_Cb, &fwinfo);