Skip to content

Commit

Permalink
Fix provisioner
Browse files Browse the repository at this point in the history
  • Loading branch information
@robin-nitrokey
robin-nitrokey committed Oct 14, 2024
1 parent 0edcc19 commit 79636e1
Showing 1 changed file with 23 additions and 24 deletions.
47 changes: 23 additions & 24 deletions components/provisioner-app/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ generate_macros!();

use core::convert::TryFrom;
use heapless::Vec;
use littlefs2::path::PathBuf;
use littlefs2::{path, path::{Path, PathBuf}};
use trussed::{
client,
key::{Flags, Key, Kind as KeyKind},
Expand Down Expand Up @@ -92,15 +92,15 @@ pub enum Error {

type Uuid = [u8; 16];

const FILENAME_T1_PUBLIC: &[u8] = b"/attn/pub/00";
const FILENAME_T1_PUBLIC: &Path = path!("/attn/pub/00");

const FILENAME_P256_SECRET: &[u8] = b"/attn/sec/01";
const FILENAME_ED255_SECRET: &[u8] = b"/attn/sec/02";
const FILENAME_X255_SECRET: &[u8] = b"/attn/sec/03";
const FILENAME_P256_SECRET: &Path = path!("/attn/sec/01");
const FILENAME_ED255_SECRET: &Path = path!("/attn/sec/02");
const FILENAME_X255_SECRET: &Path = path!("/attn/sec/03");

const FILENAME_P256_CERT: &[u8] = b"/attn/x5c/01";
const FILENAME_ED255_CERT: &[u8] = b"/attn/x5c/02";
const FILENAME_X255_CERT: &[u8] = b"/attn/x5c/03";
const FILENAME_P256_CERT: &Path = path!("/attn/x5c/01");
const FILENAME_ED255_CERT: &Path = path!("/attn/x5c/02");
const FILENAME_X255_CERT: &Path = path!("/attn/x5c/03");

enum SelectedBuffer {
Filename,
Expand Down Expand Up @@ -180,7 +180,7 @@ where
Instruction::WriteFile => {
if self.buffer_file_contents.is_empty() || self.buffer_filename.is_empty() {
Err(Error::IncorrectDataParameter)
} else {
} else if let Ok(buffer_path) = PathBuf::try_from(self.buffer_filename.as_slice()) {
// self.buffer_filename.push(0);
let _filename =
unsafe { core::str::from_utf8_unchecked(self.buffer_filename.as_slice()) };
Expand All @@ -194,7 +194,7 @@ where
let res = store::store(
self.store,
trussed::types::Location::Internal,
&PathBuf::from(self.buffer_filename.as_slice()),
&buffer_path,
&self.buffer_file_contents,
);
self.buffer_file_contents.clear();
Expand All @@ -206,6 +206,8 @@ where
info!("wrote file");
Ok(())
}
} else {
Err(Error::IncorrectDataParameter)
}
}
Instruction::GenerateP256Key => {
Expand Down Expand Up @@ -239,13 +241,13 @@ where
store::store(
self.store,
trussed::types::Location::Internal,
&PathBuf::from(FILENAME_P256_SECRET),
FILENAME_P256_SECRET,
&serialized_bytes,
)
.map_err(|_| Error::NotEnoughMemory)?;
info!(
"stored to {}",
core::str::from_utf8(FILENAME_P256_SECRET).unwrap()
FILENAME_P256_SECRET.as_str()
);

reply
Expand All @@ -272,7 +274,7 @@ where
store::store(
self.store,
trussed::types::Location::Internal,
&PathBuf::from(FILENAME_ED255_SECRET),
FILENAME_ED255_SECRET,
&serialized_bytes,
)
.map_err(|_| Error::NotEnoughMemory)?;
Expand Down Expand Up @@ -301,7 +303,7 @@ where
store::store(
self.store,
trussed::types::Location::Internal,
&PathBuf::from(FILENAME_X255_SECRET),
FILENAME_X255_SECRET,
&serialized_bytes,
)
.map_err(|_| Error::NotEnoughMemory)?;
Expand All @@ -313,50 +315,47 @@ where
Ok(())
}
Instruction::SaveP256AttestationCertificate => {
let secret_path = PathBuf::from(FILENAME_P256_SECRET);
if !secret_path.exists(self.store.ifs()) || data.len() < 100 {
if !self.store.ifs().exists(FILENAME_P256_SECRET) || data.len() < 100 {
// Assuming certs will always be >100 bytes
Err(Error::IncorrectDataParameter)
} else {
info!("saving P256 CERT, {} bytes", data.len());
store::store(
self.store,
trussed::types::Location::Internal,
&PathBuf::from(FILENAME_P256_CERT),
FILENAME_P256_CERT,
data,
)
.map_err(|_| Error::NotEnoughMemory)?;
Ok(())
}
}
Instruction::SaveEd255AttestationCertificate => {
let secret_path = PathBuf::from(FILENAME_ED255_SECRET);
if !secret_path.exists(self.store.ifs()) || data.len() < 100 {
if !self.store.ifs().exists(FILENAME_ED255_SECRET) || data.len() < 100 {
// Assuming certs will always be >100 bytes
Err(Error::IncorrectDataParameter)
} else {
info!("saving ED25519 CERT, {} bytes", data.len());
store::store(
self.store,
trussed::types::Location::Internal,
&PathBuf::from(FILENAME_ED255_CERT),
FILENAME_ED255_CERT,
data,
)
.map_err(|_| Error::NotEnoughMemory)?;
Ok(())
}
}
Instruction::SaveX255AttestationCertificate => {
let secret_path = PathBuf::from(FILENAME_X255_SECRET);
if !secret_path.exists(self.store.ifs()) || data.len() < 100 {
if !self.store.ifs().exists(FILENAME_X255_SECRET) || data.len() < 100 {
// Assuming certs will always be >100 bytes
Err(Error::IncorrectDataParameter)
} else {
info!("saving X25519 CERT, {} bytes", data.len());
store::store(
self.store,
trussed::types::Location::Internal,
&PathBuf::from(FILENAME_X255_CERT),
FILENAME_X255_CERT,
data,
)
.map_err(|_| Error::NotEnoughMemory)?;
Expand All @@ -379,7 +378,7 @@ where
store::store(
self.store,
trussed::types::Location::Internal,
&PathBuf::from(FILENAME_T1_PUBLIC),
FILENAME_T1_PUBLIC,
&serialized_key,
)
.map_err(|_| Error::NotEnoughMemory)
Expand Down

0 comments on commit 79636e1

Please sign in to comment.