[Cryptech-Commits] [sw/stm32] branch ksng updated: "keystore erase" now clears entire keystore flash.
git at cryptech.is
git at cryptech.is
Wed Sep 28 20:32:41 UTC 2016
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch ksng
in repository sw/stm32.
The following commit(s) were added to refs/heads/ksng by this push:
new f7d1bb7 "keystore erase" now clears entire keystore flash.
f7d1bb7 is described below
commit f7d1bb71b29d2b1b865f6095b31c2bde486b2516
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Tue Sep 27 16:11:08 2016 -0400
"keystore erase" now clears entire keystore flash.
Now that we're using more than just the first few sectors of the
keystore flash, we need a command to clear the whole thing.
This is not quite right yet, because it doesn't yet notify libhal's
ks_flash driver that the entire content of the flash has been yanked
out from under it.
In theory, we should be able to erase the entire flash in a single
operation using the bulk erase command command (0xC7), but I couldn't
get that to do anything (no error reported, no visible effect), so,
for now, we erase by sectors.
---
projects/cli-test/mgmt-keystore.c | 13 +++++++------
projects/hsm/mgmt-keystore.c | 13 +++++++------
2 files changed, 14 insertions(+), 12 deletions(-)
diff --git a/projects/cli-test/mgmt-keystore.c b/projects/cli-test/mgmt-keystore.c
index 108b447..ec2c96a 100644
--- a/projects/cli-test/mgmt-keystore.c
+++ b/projects/cli-test/mgmt-keystore.c
@@ -281,17 +281,18 @@ static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *ar
{
int status;
- if (argc != 1) {
+ if (argc != 1 || strcmp(argv[0], "YesIAmSure") != 0) {
cli_print(cli, "Syntax: keystore erase YesIAmSure");
return CLI_ERROR;
}
- if (strcmp(argv[0], "YesIAmSure") != 0)
- cli_print(cli, "Keystore NOT erased");
- else if ((status = keystore_erase_sectors(0, 1)) != 1)
- cli_print(cli, "Failed erasing keystore: %i", status);
+ cli_print(cli, "OK, erasing keystore, this might take a while...");
+ if ((status = keystore_erase_sectors(0, KEYSTORE_NUM_SECTORS - 1)) != 1)
+ cli_print(cli, "Failed erasing keystore: %i", status);
else
- cli_print(cli, "Keystore erased (first two sectors at least)");
+ cli_print(cli, "Keystore erased");
+
+#warning Should notify libhal/ks_flash that we whacked the keystore
return CLI_OK;
}
diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c
index 3355082..4c1029a 100644
--- a/projects/hsm/mgmt-keystore.c
+++ b/projects/hsm/mgmt-keystore.c
@@ -237,17 +237,18 @@ static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *ar
{
int status;
- if (argc != 1) {
+ if (argc != 1 || strcmp(argv[0], "YesIAmSure") != 0) {
cli_print(cli, "Syntax: keystore erase YesIAmSure");
return CLI_ERROR;
}
- if (strcmp(argv[0], "YesIAmSure") != 0)
- cli_print(cli, "Keystore NOT erased");
- else if ((status = keystore_erase_sectors(0, 1)) != 1)
- cli_print(cli, "Failed erasing keystore: %i", status);
+ cli_print(cli, "OK, erasing keystore, this might take a while...");
+ if ((status = keystore_erase_sectors(0, KEYSTORE_NUM_SECTORS - 1)) != 1)
+ cli_print(cli, "Failed erasing keystore: %i", status);
else
- cli_print(cli, "Keystore erased (first two sectors at least)");
+ cli_print(cli, "Keystore erased");
+
+#warning Should notify libhal/ks_flash that we whacked the keystore
return CLI_OK;
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Commits
mailing list