fw: Remove pre loaded app auth and status from partition table

2025-05-02 06:06:24 -04:00 · 2025-03-25 15:00:40 +01:00 · 2025-03-25 15:00:40 +01:00 · 715d792d86
commit 715d792d86
parent f590f423a3
4 changed files with 9 additions and 70 deletions
--- a/hw/application_fpga/fw/tk1/main.c
+++ b/hw/application_fpga/fw/tk1/main.c
@ -12,7 +12,6 @@
 #include <tkey/tk1_mem.h>
 #include <tkey/led.h>

-#include "auth_app.h"
 #include "blake2s/blake2s.h"
 #include "partition_table.h"
 #include "preload_app.h"
@ -412,28 +411,6 @@ static int load_flash_app(struct partition_table *part_table,
 	return 0;
 }

-static enum state auth_flash_app(const struct context *ctx, struct partition_table *part_table)
-{
-	if (ctx->flash_slot >= N_PRELOADED_APP) {
-		return FW_STATE_FAIL;
-	}
-
-	if (part_table->pre_app_data[ctx->flash_slot].status == PRE_LOADED_STATUS_PRESENT) {
-		debug_puts("Create auth\n");
-		auth_app_create(&part_table->pre_app_data[ctx->flash_slot].auth);
-		part_table->pre_app_data[ctx->flash_slot].status = PRE_LOADED_STATUS_AUTH;
-		part_table_write(part_table);
-	}
-
-	if (!auth_app_authenticate(&part_table->pre_app_data[ctx->flash_slot].auth)) {
-		debug_puts("!Authenticated\n");
-
-		return FW_STATE_FAIL;
-	}
-
-	return FW_STATE_START;
-}
-
 #if !defined(SIMULATION)
 static uint32_t xorwow(uint32_t state, uint32_t acc)
 {
@ -617,10 +594,6 @@ int main(void)
 			break;

 		case FW_STATE_LOAD_FLASH:
-			// TODO Just lie and say that an app is present but not yet
-			// authenticated.
-			part_table.pre_app_data[ctx.flash_slot].status = PRE_LOADED_STATUS_PRESENT;
-
 			if (load_flash_app(&part_table, ctx.digest, ctx.flash_slot) < 0) {
 				debug_puts("Couldn't load app from flash\n");
 				state = FW_STATE_FAIL;
@ -638,7 +611,7 @@ int main(void)
 			// CDI = hash(uds, hash(app), uss)
 			compute_cdi(ctx.digest, ctx.use_uss, ctx.uss);

-			state = auth_flash_app(&ctx, &part_table);
+			state = FW_STATE_START;
 			break;

 		case FW_STATE_START:
--- a/hw/application_fpga/fw/tk1/partition_table.h
+++ b/hw/application_fpga/fw/tk1/partition_table.h
@ -60,18 +60,12 @@
 /*  - 16 byte authentication digest.	*/
 /**/
 /*- Pre-loaded device app 1		*/
-/*  - 1 byte status.			*/
 /*  - 4 bytes length.			*/
-/*  - 16 bytes random nonce.		*/
-/*  - 16 bytes authentication digest.	*/
 /*  - 32 bytes digest.			*/
 /*  - 64 bytes signature.		*/
 /**/
 /*- Pre-loaded device app 2		*/
-/*  - 1 byte status.			*/
 /*  - 4 bytes length.			*/
-/*  - 16 bytes random nonce.		*/
-/*  - 16 bytes authentication digest.	*/
 /*  - 32 bytes digest.			*/
 /*  - 64 bytes signature.		*/
 /**/
@ -93,9 +87,7 @@ struct management_app_metadata {
 } __attribute__((packed));

 struct pre_loaded_app_metadata {
-	uint8_t status;
 	uint32_t size;
-	struct auth_metadata auth;
 	uint8_t digest[32];
 	uint8_t signature[64];
 } __attribute__((packed));
--- a/hw/application_fpga/fw/tk1/preload_app.c
+++ b/hw/application_fpga/fw/tk1/preload_app.c
@ -18,20 +18,14 @@ static uint32_t slot_to_start_address(uint8_t slot) {
 }

 /* Returns non-zero if the app is valid */
-bool preload_check_valid_app(struct partition_table *part_table,
+bool preload_slot_is_free(struct partition_table *part_table,
 			     uint8_t slot)
 {
 	if (slot >= N_PRELOADED_APP) {
 		return false;
 	}

-	if (part_table->pre_app_data[slot].status == 0x00 &&
-	    part_table->pre_app_data[slot].size == 0) {
-		/*No valid app*/
-		return false;
-	}
-
-	return true;
+	return part_table->pre_app_data[slot].size == 0;
 }

 /* Loads a preloaded app from flash to app RAM */
@ -42,7 +36,7 @@ int preload_load(struct partition_table *part_table, uint8_t from_slot)
 	}

 	/*Check for a valid app in flash	*/
-	if (!preload_check_valid_app(part_table, from_slot)) {
+	if (preload_slot_is_free(part_table, from_slot)) {
 		return -1;
 	}
 	uint8_t *loadaddr = (uint8_t *)TK1_RAM_BASE;
@ -67,7 +61,7 @@ int preload_store(struct partition_table *part_table, uint32_t offset,
 	}

 	/* Check for a valid app in flash, bale out if it already exists */
-	if (preload_check_valid_app(part_table, to_slot)) {
+	if (!preload_slot_is_free(part_table, to_slot)) {
 		return -1;
 	}

@ -99,7 +93,7 @@ int preload_store_finalize(struct partition_table *part_table, size_t app_size,
 	}

 	/* Check for a valid app in flash, bale out if it already exists */
-	if (preload_check_valid_app(part_table, to_slot)) {
+	if (!preload_slot_is_free(part_table, to_slot)) {
 		return -1;
 	}

@ -108,8 +102,6 @@ int preload_store_finalize(struct partition_table *part_table, size_t app_size,
 	}

 	part_table->pre_app_data[to_slot].size = app_size;
-	part_table->pre_app_data[to_slot].status =
-	    PRE_LOADED_STATUS_PRESENT; /* Stored but not yet authenticated */
 	memcpy_s(part_table->pre_app_data[to_slot].digest,
 		sizeof(part_table->pre_app_data[to_slot].digest),
 		app_digest, 32);
@ -122,9 +114,6 @@ int preload_store_finalize(struct partition_table *part_table, size_t app_size,

 	part_table_write(part_table);

-	/* Force a restart to authenticate the stored app */
-	/* TODO: Should this be done by the management app or by firmware? */
-
 	return 0;
 }

@ -140,18 +129,11 @@ int preload_delete(struct partition_table *part_table, uint8_t slot)
 	}

 	/*Check for a valid app in flash	*/
-	if (!preload_check_valid_app(part_table, slot)) {
+	if (preload_slot_is_free(part_table, slot)) {
 		return 0;
 		// TODO: Nothing here, return zero like all is good?
 	}
 	part_table->pre_app_data[slot].size = 0;
-	part_table->pre_app_data[slot].status = 0;
-
-	memset(part_table->pre_app_data[slot].auth.nonce, 0x00,
-	       sizeof(part_table->pre_app_data[slot].auth.nonce));
-
-	memset(part_table->pre_app_data[slot].auth.authentication_digest, 0x00,
-	       sizeof(part_table->pre_app_data[slot].auth.authentication_digest));

 	memset(part_table->pre_app_data[slot].digest, 0,
 	       sizeof(part_table->pre_app_data[slot].digest));