Extracting calculation of firmware SHA256 value into class FlashSHA256

Author: aentinger

src/ArduinoIoTCloudTCP.cpp

@@ -27,13 +27,9 @@
 #ifdef BOARD_HAS_ECCX08
   #include "tls/BearSSLTrustAnchors.h"
   #include "tls/utility/CryptoUtil.h"
-  #include "tls/utility/SHA256.h"
 #endif
 
-#undef max
-#undef min
-#include <algorithm>
-
+#include "utility/ota/FlashSHA256.h"
 #include "utility/ota/OTAStorage_SNU.h"
 #include "utility/ota/OTAStorage_SFU.h"
 #include "utility/ota/OTAStorage_SSU.h"
@@ -132,75 +128,10 @@ int ArduinoIoTCloudTCP::begin(String brokerAddress, uint16_t brokerPort)
    * because only those erase the complete flash before performing an update.
    * Since the SHA256 firmware image is only required for the cloud servers to
    * perform a version check after the OTA update this is a acceptable trade off.
+   * The bootloader is excluded from the calculation and occupies flash address
+   * range 0 to 0x2000, total flash size of 0x40000 bytes (256 kByte).
    */
-  SHA256 sha256;
-  sha256.begin();
-
-  uint32_t const APP_START_ADDR = 0x2000; /* Start after the bootloader. */
-  #undef FLASH_SIZE
-  uint32_t const FLASH_READ_SIZE = 0x40000 - APP_START_ADDR;
-  uint32_t const FLASH_READ_CHUNK_SIZE = 64;
-
-  uint32_t flash_addr = APP_START_ADDR;
-  for(; flash_addr < FLASH_READ_SIZE; flash_addr += FLASH_READ_CHUNK_SIZE)
-  {
-    /* Read from the MCU's flash. */
-    uint8_t buf[FLASH_READ_CHUNK_SIZE];
-    memcpy(buf, reinterpret_cast<const void *>(flash_addr), FLASH_READ_CHUNK_SIZE);
-
-    /* Check if the next segment is erased, that is if all bytes within
-     * a read segment are 0xFF -> then we've reached the end of the
-     * firmware.
-     */
-    uint8_t buf_2[FLASH_READ_CHUNK_SIZE];
-    memcpy(buf_2, reinterpret_cast<const void *>(flash_addr + FLASH_READ_CHUNK_SIZE), FLASH_READ_CHUNK_SIZE);
-    size_t valid_bytes_in_buf = 0;
-    DBG_VERBOSE("[%X]", flash_addr);
-      char msg[4];
-      for(size_t i=0; i<FLASH_READ_CHUNK_SIZE; i++)
-      {
-        snprintf(msg, 4, "%02X", buf[i]);
-        Serial.print(msg);
-      }
-      Serial.println();
-
-
-    if (std::all_of(buf_2, buf_2+FLASH_READ_CHUNK_SIZE, [](uint8_t const elem) { return (elem == 0xFF); }))
-    {
-      /* Eliminate trailing 0xFF. */
-      for(valid_bytes_in_buf = FLASH_READ_CHUNK_SIZE; valid_bytes_in_buf > 0; valid_bytes_in_buf--) {
-        if (buf[valid_bytes_in_buf-1] != 0xFF)
-          break;
-      }
-      /* Update with the remaining bytes. */
-      DBG_VERBOSE("End of firmware, %d valid bytes in last read segment", valid_bytes_in_buf);
-      sha256.update(buf, valid_bytes_in_buf);
-      break;
-    }
-    else
-    {
-      /* Otherwise update the SHA256 hash. */
-      sha256.update(buf, FLASH_READ_CHUNK_SIZE);
-    }
-  }
-  Serial.println();
-  /* Retrieve the final hash string. */
-  uint8_t sha256_hash[SHA256::HASH_SIZE] = {0};
-  sha256.finalize(sha256_hash);
-  String sha256_str;
-  std::for_each(sha256_hash,
-                sha256_hash + SHA256::HASH_SIZE,
-                [&sha256_str](uint8_t const elem)
-                {
-                  char buf[4];
-                  snprintf(buf, 4, "%02X", elem);
-                  sha256_str += buf;
-                });
-  /* Update the property. */
-  _ota_img_sha256 = sha256_str;
-  /* Do some debug printout. */
-  DBG_VERBOSE("SHA256: %d bytes read", flash_addr);
-  DBG_VERBOSE("SHA256: HASH(%d) = %s", strlen(_ota_img_sha256.c_str()), _ota_img_sha256.c_str());
+  _ota_img_sha256 = FlashSHA256::calc(0x2000, 0x40000 - 0x2000);
 #endif /* OTA_ENABLED */
 
   #ifdef BOARD_HAS_ECCX08
@@ -271,8 +202,6 @@ void ArduinoIoTCloudTCP::update()
     _mqtt_data_request_retransmit = false;
   }
 
-  //DBG_VERBOSE("SHA256: HASH(%d) = %s", strlen(_ota_img_sha256.c_str()), _ota_img_sha256.c_str());
-
   // MTTQClient connected!, poll() used to retrieve data from MQTT broker
   _mqttClient.poll();
 

src/utility/ota/FlashSHA256.cpp

@@ -0,0 +1,109 @@
+/*
+   This file is part of ArduinoIoTCloud.
+
+   Copyright 2020 ARDUINO SA (http://www.arduino.cc/)
+
+   This software is released under the GNU General Public License version 3,
+   which covers the main part of arduino-cli.
+   The terms of this license can be found at:
+   https://www.gnu.org/licenses/gpl-3.0.en.html
+
+   You can be released from the requirements of the above licenses by purchasing
+   a commercial license. Buying such a license is mandatory if you want to modify or
+   otherwise use the software for commercial activities involving the Arduino
+   software without disclosing the source code of your own applications. To purchase
+   a commercial license, send an email to [email protected].
+*/
+
+/******************************************************************************
+ * INCLUDE
+ ******************************************************************************/
+
+#include <AIoTC_Config.h>
+#if OTA_ENABLED
+
+#include "FlashSHA256.h"
+
+#include "../../tls/utility/SHA256.h"
+
+#include <Arduino_DebugUtils.h>
+
+#undef max
+#undef min
+#include <algorithm>
+
+/******************************************************************************
+ * PUBLIC MEMBER FUNCTIONS
+ ******************************************************************************/
+
+String FlashSHA256::calc(uint32_t const start_addr, uint32_t const max_flash_size)
+{
+  SHA256  sha256;
+  uint8_t chunk     [FLASH_READ_CHUNK_SIZE],
+          next_chunk[FLASH_READ_CHUNK_SIZE];
+
+  sha256.begin();
+
+  /* Read the first two chunks of flash. */
+  uint32_t flash_addr = start_addr;  
+  memcpy(chunk, reinterpret_cast<const void *>(flash_addr), FLASH_READ_CHUNK_SIZE);
+  flash_addr += FLASH_READ_CHUNK_SIZE;
+
+  for(; flash_addr < max_flash_size; flash_addr += FLASH_READ_CHUNK_SIZE)
+  {
+    /* Read the next chunk of memory. */
+    memcpy(next_chunk, reinterpret_cast<const void *>(flash_addr), FLASH_READ_CHUNK_SIZE);
+
+    /* Check if the next segment is erased, that is if all bytes within
+     * a read segment are 0xFF -> then we've reached the end of the firmware.
+     */
+    bool const next_chunk_is_erased_flash = std::all_of(next_chunk,
+                                                        next_chunk+FLASH_READ_CHUNK_SIZE,
+                                                        [](uint8_t const elem) { return (elem == 0xFF); });
+    /* Determine how many bytes at the end of the current chunk are
+     * already set to 0xFF and therefore erased/non-written flash
+     * memory.
+     */
+    if (next_chunk_is_erased_flash)
+    {
+      /* Eliminate trailing 0xFF. */
+      size_t valid_bytes_in_chunk = 0;
+      for(valid_bytes_in_chunk = FLASH_READ_CHUNK_SIZE; valid_bytes_in_chunk > 0; valid_bytes_in_chunk--)
+      {
+        if (chunk[valid_bytes_in_chunk-1] != 0xFF)
+          break;
+      }
+      DBG_VERBOSE("FlashSHA256::calc: end of firmware, %d valid bytes in last read chunk", valid_bytes_in_chunk);
+      /* Update with the remaining bytes. */
+      sha256.update(chunk, valid_bytes_in_chunk);
+      break;
+    }
+
+    /* We've read a normal segment with the next segment not containing
+     * any erased elements, just update the SHA256 hash calcultion.
+     */
+    sha256.update(chunk, FLASH_READ_CHUNK_SIZE);
+
+    /* Copy next_chunk to chunk. */
+    memcpy(chunk, next_chunk, FLASH_READ_CHUNK_SIZE);
+  }
+
+  /* Retrieve the final hash string. */
+  uint8_t sha256_hash[SHA256::HASH_SIZE] = {0};
+  sha256.finalize(sha256_hash);
+  String sha256_str;
+  std::for_each(sha256_hash,
+                sha256_hash + SHA256::HASH_SIZE,
+                [&sha256_str](uint8_t const elem)
+                {
+                  char buf[4];
+                  snprintf(buf, 4, "%02X", elem);
+                  sha256_str += buf;
+                });
+  /* Do some debug printout. */
+  DBG_VERBOSE("SHA256: %d bytes read", flash_addr);
+  DBG_VERBOSE("SHA256: HASH(%d) = %s", strlen(sha256_str.c_str()), sha256_str.c_str());
+  return sha256_str;
+}
+
+#endif /* OTA_ENABLED */

src/utility/ota/FlashSHA256.h

@@ -0,0 +1,51 @@
+/*
+   This file is part of ArduinoIoTCloud.
+
+   Copyright 2020 ARDUINO SA (http://www.arduino.cc/)
+
+   This software is released under the GNU General Public License version 3,
+   which covers the main part of arduino-cli.
+   The terms of this license can be found at:
+   https://www.gnu.org/licenses/gpl-3.0.en.html
+
+   You can be released from the requirements of the above licenses by purchasing
+   a commercial license. Buying such a license is mandatory if you want to modify or
+   otherwise use the software for commercial activities involving the Arduino
+   software without disclosing the source code of your own applications. To purchase
+   a commercial license, send an email to [email protected].
+*/
+
+#ifndef ARDUINO_OTA_FLASH_SHA256_H_
+#define ARDUINO_OTA_FLASH_SHA256_H_
+
+/******************************************************************************
+ * INCLUDE
+ ******************************************************************************/
+
+#include <AIoTC_Config.h>
+#if OTA_ENABLED
+
+#include <Arduino.h>
+
+/******************************************************************************
+ * CLASS DECLARATION
+ ******************************************************************************/
+
+class FlashSHA256
+{
+public:
+
+   static String calc(uint32_t const start_addr, uint32_t const max_flash_size);
+
+private:
+
+  FlashSHA256() { }
+  FlashSHA256(FlashSHA256 const &) { }
+
+  static constexpr uint32_t FLASH_READ_CHUNK_SIZE = 64;
+
+};
+
+#endif /* OTA_ENABLED */
+
+#endif /* ARDUINO_OTA_FLASH_SHA256_H_ */