From bb1bba2e5ed23e7d4f266b67ef99489244abccbe Mon Sep 17 00:00:00 2001
From: Robert Taylor <taylorr@ualberta.ca>
Date: Fri, 19 Aug 2022 11:17:04 -0600
Subject: [PATCH] Add encryption keys to eeprom

---
 ex2_system/include/bl_eeprom.h |  32 ++++++----
 ex2_system/include/crypto.h    |   2 +-
 ex2_system/include/eeprom.h    |   2 +
 ex2_system/source/bl_eeprom.c  |  64 +++++++++++---------
 ex2_system/source/crypto.c     | 107 ++++++++++++++++++++++++++++++---
 main/main.c                    |  13 ++--
 6 files changed, 164 insertions(+), 56 deletions(-)

diff --git a/ex2_system/include/bl_eeprom.h b/ex2_system/include/bl_eeprom.h
index 3fc8f8b37..d87b165d5 100644
--- a/ex2_system/include/bl_eeprom.h
+++ b/ex2_system/include/bl_eeprom.h
@@ -14,11 +14,13 @@
 #include <F021.h>
 #include "privileged_functions.h"
 #include "eeprom.h"
+#include "crypto.h"
 
 #define APP_STATUS_LEN sizeof(image_info)
 #define GOLD_STATUS_LEN sizeof(image_info)
 #define BOOT_INFO_LEN sizeof(boot_info)
 #define UPDATE_INFO_LEN sizeof(update_info)
+#define KEY_STORE_LEN sizeof(key_store)
 
 #define GOLD_MINIMUM_ADDR 0x00020000
 #define GOLD_DEFAULT_ADDR 0x00020000
@@ -38,19 +40,9 @@ typedef struct __attribute__((packed)) {
     uint16_t crc;
 } image_info;
 
-typedef enum {
-    NONE,
-    UNDEF,
-    DABORT,
-    PREFETCH,
-    REQUESTED
-} SW_RESET_REASON;
+typedef enum { NONE, UNDEF, DABORT, PREFETCH, REQUESTED } SW_RESET_REASON;
 
-typedef enum {
-    BOOTLOADER = 'B',
-    GOLDEN = 'G',
-    APPLICATION = 'A'
-} SYSTEM_TYPE;
+typedef enum { BOOTLOADER = 'B', GOLDEN = 'G', APPLICATION = 'A' } SYSTEM_TYPE;
 
 typedef struct __attribute__((packed)) {
     resetSource_t rstsrc;
@@ -67,11 +59,21 @@ typedef struct __attribute__((packed)) {
 
 typedef struct __attribute__((packed)) {
     char type;
-    uint32_t count; // total number of boot attempts
+    uint32_t count;    // total number of boot attempts
     uint32_t attempts; // total attempts since last failure
     boot_reason reason;
 } boot_info;
 
+typedef struct __attribute__((packed)) {
+    uint32_t key_len;
+    uint8_t key[64];
+} satellite_key_t;
+
+typedef struct __attribute__((packed)) {
+    satellite_key_t hmac_key;
+    satellite_key_t encrypt_key;
+} key_store;
+
 void sw_reset(char reboot_type, SW_RESET_REASON reason);
 
 Fapi_StatusType eeprom_set_app_info(image_info *i);
@@ -90,6 +92,10 @@ Fapi_StatusType eeprom_set_update_info(update_info *u);
 
 Fapi_StatusType eeprom_get_update_info(update_info *u);
 
+Fapi_StatusType eeprom_get_key_store(key_store *k);
+
+Fapi_StatusType eeprom_set_key_store(key_store *k);
+
 bool verify_application();
 
 bool verify_golden();
diff --git a/ex2_system/include/crypto.h b/ex2_system/include/crypto.h
index d78f87d62..ad152b61d 100644
--- a/ex2_system/include/crypto.h
+++ b/ex2_system/include/crypto.h
@@ -27,6 +27,6 @@ typedef enum {
 } CRYPTO_KEY_T;
 
 void get_crypto_key(CRYPTO_KEY_T type, char **key, int *key_len);
-void set_crypto_key(CRYPTO_KEY_T type, char *key, int *key_len);
+void set_crypto_key(CRYPTO_KEY_T type, char *key, int key_len);
 
 #endif /* EX2_SYSTEM_INCLUDE_CRYPTO_H_ */
diff --git a/ex2_system/include/eeprom.h b/ex2_system/include/eeprom.h
index 6be2b996a..9a330e64d 100644
--- a/ex2_system/include/eeprom.h
+++ b/ex2_system/include/eeprom.h
@@ -25,6 +25,8 @@
 
 #define LEOP_INFO_BLOCKNUMBER 4
 
+#define KEY_STORE_BLOCKNUMBER 5
+
 Fapi_StatusType eeprom_write(void *dat, uint8_t block, uint32_t size);
 Fapi_StatusType eeprom_read(void *dat, uint8_t block, uint32_t size);
 
diff --git a/ex2_system/source/bl_eeprom.c b/ex2_system/source/bl_eeprom.c
index 853989f44..576317d39 100644
--- a/ex2_system/source/bl_eeprom.c
+++ b/ex2_system/source/bl_eeprom.c
@@ -19,7 +19,7 @@ void sw_reset(char reboot_type, SW_RESET_REASON reason) {
 
     boot_info info = {0};
     eeprom_get_boot_info(&info);
-    info.reason.swr_reason =  reason;
+    info.reason.swr_reason = reason;
     if (reason == REQUESTED) {
         info.attempts = 0; // Reset counter because this is a request
     }
@@ -35,7 +35,6 @@ void sw_reset(char reboot_type, SW_RESET_REASON reason) {
 Fapi_StatusType eeprom_set_app_info(image_info *i) {
     Fapi_StatusType status = eeprom_write((void *)i, APP_STATUS_BLOCKNUMBER, sizeof(image_info));
     return status;
-
 }
 
 Fapi_StatusType eeprom_get_app_info(image_info *i) {
@@ -46,7 +45,6 @@ Fapi_StatusType eeprom_get_app_info(image_info *i) {
 Fapi_StatusType eeprom_set_golden_info(image_info *i) {
     Fapi_StatusType status = eeprom_write((void *)i, GOLD_STATUS_BLOCKNUMBER, sizeof(image_info));
     return status;
-
 }
 
 Fapi_StatusType eeprom_get_golden_info(image_info *i) {
@@ -74,14 +72,26 @@ Fapi_StatusType eeprom_get_update_info(update_info *u) {
     return status;
 }
 
+Fapi_StatusType eeprom_get_key_store(key_store *k) {
+    Fapi_StatusType status = eeprom_read((void *)k, KEY_STORE_BLOCKNUMBER, KEY_STORE_LEN);
+    return status;
+}
+
+Fapi_StatusType eeprom_set_key_store(key_store *k) {
+    Fapi_StatusType status = eeprom_write((void *)k, KEY_STORE_BLOCKNUMBER, KEY_STORE_LEN);
+    return status;
+}
+
 bool verify_application() {
     image_info app_info = {0};
     eeprom_get_app_info(&app_info);
     if (app_info.exists == EXISTS_FLAG) {
         if (crc16((char *)app_info.addr, app_info.size) == app_info.crc) {
             return true;
-        } else return false;
-    } else return false;
+        } else
+            return false;
+    } else
+        return false;
 }
 
 bool verify_golden() {
@@ -90,30 +100,26 @@ bool verify_golden() {
     if (app_info.exists == EXISTS_FLAG) {
         if (crc16((char *)app_info.addr, app_info.size) == app_info.crc) {
             return true;
-        } else return false;
-    } else return false;
+        } else
+            return false;
+    } else
+        return false;
 }
 
-unsigned short crc16( char *ptr, int count)
-{
-   uint16_t crc;
-   char i;
-   crc = 0;
-   while (--count >= 0)
-   {
-      crc = crc ^  ( ((int)*ptr)  << 8  ) ;
-      ptr=ptr+1;
-      i = 8;
-      do
-      {
-         if (crc & 0x8000)
-            crc = (crc << 1) ^ 0x1021;
-         else
-            crc = crc << 1;
-      } while(--i);
-   }
-   return (crc);
+unsigned short crc16(char *ptr, int count) {
+    uint16_t crc;
+    char i;
+    crc = 0;
+    while (--count >= 0) {
+        crc = crc ^ (((int)*ptr) << 8);
+        ptr = ptr + 1;
+        i = 8;
+        do {
+            if (crc & 0x8000)
+                crc = (crc << 1) ^ 0x1021;
+            else
+                crc = crc << 1;
+        } while (--i);
+    }
+    return (crc);
 }
-
-
-
diff --git a/ex2_system/source/crypto.c b/ex2_system/source/crypto.c
index c25eef9d9..4d3b86470 100644
--- a/ex2_system/source/crypto.c
+++ b/ex2_system/source/crypto.c
@@ -19,23 +19,112 @@
  */
 
 #include "crypto.h"
+#include "bl_eeprom.h"
+#include <stdbool.h>
 
-#define KEY_TEST_MODE
+#define KEY_TEST_MODE 1
+#define KEY_SET_MODE 0
+#define KEY_LEN 64
 
+#if KEY_TEST_MODE
+const char test_key[] =
+    "6e477331cd51d63d6492fa969a3acfc75fc26370446465a339fe380c096193fa1fc7d866f17ec1bce02b9b5f955c9df41bdd26927891c"
+    "d4c8c877913138bd6ca27bb05167462c2e028b0afeb372cd23720278f48715f065fd7bab587d6e0e7a86d904580aa6ad1f771f9d651e6"
+    "934f361d2816187d934ad87691f977bd5b964fc8e6ed4debbc32f0144e03bb6c94982ea801fa5d2efdd381836fd63a28bebf1f877efdf"
+    "0e12f7063d13de186ecf1bf295cd64c65ab7b74893578b3fde314cfcabc4946ffec142faab6019aedfd2cfc723ae51c3771a45b2004ab"
+    "77865261e91e763c76b271086f069f4598b25ed8567ef72b4a554046b395d4815bf7974d2962";
+#endif
+
+#if KEY_SET_MODE
+#include <stdio.h>
+#endif
+
+void set_keys_from_keyfile() {
+#if KEY_SET_MODE
+    FILE *fh = fopen("hmacKey.dat", "rb");
+    FILE *fx = fopen("encryptKey.dat", "rb");
+
+    char hmac_key[KEY_LEN] = {0};
+    fread(&hmac_key, KEY_LEN, 1, fh);
+    set_crypto_key(HMAC_KEY, (char *)&hmac_key, KEY_LEN);
+
+    char encrypt_key[KEY_LEN] = {0};
+    fread(&encrypt_key, KEY_LEN, 1, fx);
+    set_crypto_key(ENCRYPT_KEY, (char *)&encrypt_key, KEY_LEN);
 
-#ifdef KEY_TEST_MODE
-const char test_key[] = "6e477331cd51d63d6492fa969a3acfc75fc26370446465a339fe380c096193fa1fc7d866f17ec1bce02b9b5f955c9df41bdd26927891cd4c8c877913138bd6ca27bb05167462c2e028b0afeb372cd23720278f48715f065fd7bab587d6e0e7a86d904580aa6ad1f771f9d651e6934f361d2816187d934ad87691f977bd5b964fc8e6ed4debbc32f0144e03bb6c94982ea801fa5d2efdd381836fd63a28bebf1f877efdf0e12f7063d13de186ecf1bf295cd64c65ab7b74893578b3fde314cfcabc4946ffec142faab6019aedfd2cfc723ae51c3771a45b2004ab77865261e91e763c76b271086f069f4598b25ed8567ef72b4a554046b395d4815bf7974d2962";
+    fclose(fh);
+    fclose(fx);
 #endif
+    return;
+}
+
+static key_store keys = {0};
+static bool keys_initialized = false;
+
+void init_keys() {
+    eeprom_get_key_store(&keys);
+    keys_initialized = true;
+}
+
+void set_hmac_key(char *key, int key_len) {
+    if (key_len != KEY_LEN) {
+        return; // This can silently return since it is intended to run with supervision
+    }
+    eeprom_get_key_store(&keys);
+    memcpy(&keys.hmac_key.key, key, key_len);
+    keys.hmac_key.key_len = key_len;
+    eeprom_set_key_store(&keys);
+}
+
+void get_hmac_key(char **hmac_key, int *key_len) {
+    if (keys_initialized == false) {
+        init_keys();
+    }
+    *hmac_key = (char *)&keys.hmac_key.key;
+    *key_len = (int)keys.hmac_key.key_len;
+}
+
+void set_xtea_key(char *key, int key_len) {
+    if (key_len != KEY_LEN) {
+        return; // This can silently return since it is intended to run with supervision
+    }
+    eeprom_get_key_store(&keys);
+    memcpy(&keys.encrypt_key.key, key, key_len);
+    keys.encrypt_key.key_len = key_len;
+    eeprom_set_key_store(&keys);
+}
+
+void get_xtea_key(char **xtea_key, int *key_len) {
+    if (keys_initialized == false) {
+        init_keys();
+    }
+    *xtea_key = (char *)&keys.encrypt_key.key;
+    *key_len = (int)keys.encrypt_key.key_len;
+}
 
 void get_crypto_key(CRYPTO_KEY_T type, char **key, int *key_len) {
     (void)type; // Same key for test mode
 
-#ifdef KEY_TEST_MODE
-    *key = &test_key;
-    *key_len = strlen(test_key);
+#if KEY_TEST_MODE
+    *key = (char *)&test_key;
+    *key_len = (int)strlen(test_key);
+#else
+    if (type == ENCRYPT_KEY) {
+        get_xtea_key(key, key_len);
+    } else if (type == HMAC_KEY) {
+        get_hmac_key(key, key_len);
+    }
+#endif
+}
+
+void set_crypto_key(CRYPTO_KEY_T type, char *key, int key_len) {
+#if KEY_TEST_MODE
+    return;
 #else
-    *key = 0;
-    *key_len = 0;
+    if (type == ENCRYPT_KEY) {
+        set_xtea_key(key, key_len);
+    } else if (type == HMAC_KEY) {
+        set_hmac_key(key, key_len);
+    }
 #endif
 }
-void set_crypto_key(CRYPTO_KEY_T type, char *key, int *key_len);
diff --git a/main/main.c b/main/main.c
index fd8a3f943..f045e04ad 100644
--- a/main/main.c
+++ b/main/main.c
@@ -69,6 +69,7 @@
 #include <csp/interfaces/csp_if_sdr.h>
 #include "printf.h"
 #include "csp/crypto/csp_hmac.h"
+#include "csp/crypto/csp_xtea.h"
 #include "crypto.h"
 #include "csp_debug_wrapper.h"
 
@@ -311,10 +312,14 @@ static void init_csp() {
     if (init_csp_interface() != SATR_OK) {
         exit(SATR_ERROR);
     }
-    char *test_key;
-    int key_len;
-    get_crypto_key(HMAC_KEY, &test_key, &key_len);
-    csp_hmac_set_key(test_key, key_len);
+    char *hmac_key;
+    int hmac_len;
+    get_crypto_key(HMAC_KEY, &hmac_key, &hmac_len);
+    csp_hmac_set_key(hmac_key, hmac_len);
+    char *xtea_key;
+    int xtea_len;
+    get_crypto_key(ENCRYPT_KEY, &xtea_key, &xtea_len);
+    csp_xtea_set_key(xtea_key, xtea_len);
     return;
 }