fw/tools: Change partition checksum to vanilla BLAKE2s

Instead of using 16 byte BLAKE2s with a dummy key, use plain vanilla unkeyed 32 byte BLAKE2s for partition checksum. Co-authored-by: Mikael Ågren <mikael@tillitis.se>
2025-05-06 07:54:59 -04:00 · 2025-04-25 16:36:19 +02:00 · 2025-04-25 16:36:19 +02:00 · 3e8ff9671c
commit 3e8ff9671c
parent 66ea8df1d9
3 changed files with 5 additions and 24 deletions
--- a/hw/application_fpga/fw/tk1/partition_table.c
+++ b/hw/application_fpga/fw/tk1/partition_table.c
@ -27,14 +27,10 @@ static void part_checksum(struct partition_table *part_table,
 {
 	int blake2err = 0;

-	uint8_t key[16] = {
-	    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	};
-
 	assert(part_table != NULL);
 	assert(out_digest != NULL);

-	blake2err = blake2s(out_digest, out_len, key, sizeof(key), part_table,
+	blake2err = blake2s(out_digest, out_len, NULL, 0, part_table,
 			    sizeof(struct partition_table));

 	assert(blake2err == 0);
--- a/hw/application_fpga/fw/tk1/partition_table.h
+++ b/hw/application_fpga/fw/tk1/partition_table.h
@ -46,7 +46,7 @@
 #define SIZE_STORAGE_AREA 0x20000UL // 128KiB
 #define N_STORAGE_AREA 4

-#define PART_CHECKSUM_SIZE 16
+#define PART_CHECKSUM_SIZE 32

 enum part_status {
 	PART_SLOT0_INVALID = 1,
--- a/hw/application_fpga/tools/partition_table/partition_table.go
+++ b/hw/application_fpga/tools/partition_table/partition_table.go
@ -34,7 +34,7 @@ type PartTable struct {

 type PartTableStorage struct {
 	PartTable PartTable
-	Digest    [16]uint8
+	Checksum  [32]byte
 }

 type Flash struct {
@ -85,21 +85,7 @@ func printPartTableStorageCondensed(storage PartTableStorage) {
 		fmt.Printf("                         %x\n", appData.Signature[32:48])
 		fmt.Printf("                         %x\n", appData.Signature[48:])
 	}
-	fmt.Printf("  Digest               : %x\n", storage.Digest)
-}
-
-func calculateStorageDigest(data []byte) []byte {
-	key := [16]byte{}
-
-	hash, err := blake2s.New128(key[:])
-	if err != nil {
-		panic(err)
-	}
-
-	hash.Write(data)
-	digest := hash.Sum([]byte{})
-
-	return digest
+	fmt.Printf("  Digest               : %x\n", storage.Checksum)
 }

 func generatePartTableStorage(outputFilename string, app0Filename string) {
@ -125,8 +111,7 @@ func generatePartTableStorage(outputFilename string, app0Filename string) {
 		panic(err)
 	}

-	digest := calculateStorageDigest(buf[:len])
-	copy(storage.Digest[:], digest)
+	storage.Checksum = blake2s.Sum256(buf[:len])

 	storageFile, err := os.Create(outputFilename)
 	if err != nil {