Implement SHA256 update file checking

stm-firmware/CMakeLists.txt

@@ -136,8 +136,14 @@ add_custom_command(
     )
 
 set(HEX_PATH "${CMAKE_CURRENT_BINARY_DIR}/${HEXFILE}")
-add_custom_target(update-image ALL DEPENDS ${HEX_PATH})
+add_custom_target(update-image ALL DEPENDS ${HEX_PATH} "${HEX_PATH}.sha")
 add_custom_command(
 	DEPENDS ${ELFFILE}
 	OUTPUT ${HEX_PATH}
-	COMMAND ${CMAKE_OBJCOPY} -O ihex ${ELFFILE} ${HEX_PATH})
+	COMMAND ${CMAKE_OBJCOPY} -O ihex ${ELFFILE} ${HEX_PATH}
+	)
+add_custom_command(
+	DEPENDS ${HEX_PATH}
+	OUTPUT "${HEX_PATH}.sha"
+	COMMAND sha256sum "${HEX_PATH}" | cut -d " " -f 1 > "${HEX_PATH}.sha"
+	)

stm-firmware/updater/ram-code/itoa.c

@@ -79,8 +79,8 @@ uint32_t bytes_to_hex_string(uint8_t *input, uint32_t count, char *output_buffer
 
 	for (idx = 0; idx < count; idx++) {
 		b = input[idx];
-		output_buffer[idx] = num_to_hex_digit(b >> 4, capitalized);
-		output_buffer[idx+1] = num_to_hex_digit(b & 0xF, capitalized);
+		output_buffer[2*idx] = num_to_hex_digit(b >> 4, capitalized);
+		output_buffer[2*idx+1] = num_to_hex_digit(b & 0xF, capitalized);
 	}
 
 	return 0;

stm-firmware/updater/ram-code/main.c

@@ -241,19 +241,47 @@ ret_noact:
 	return ret;
 }
 
+static int read_file_content(const char *fname, char *dest, size_t count)
+{
+	FIL f;
+	FRESULT fres;
+	UINT act_read;
+	int ret = 0;
+
+	fres = f_open(&f, fname, FA_READ);
+	if (fres != FR_OK) {
+		return -1;
+	}
+
+	fres = f_read(&f, dest, (UINT)count, &act_read);
+	if (fres != FR_OK) {
+		ret = -2;
+		goto exit_close_file;
+	}
+
+	ret = (int)act_read;
+
+exit_close_file:
+	(void)f_close(&f);
+	return ret;
+}
+
 int ram_code_main(void)
 {
 	FRESULT fres;
 	int res;
 	enum safety_memory_state safety_mem_state;
 	static char filename[256];
+	static char hash_file_name[256];
 	static char tmp_buff[256];
+	static char sha_string[SIZE_OF_SHA_256_HASH*2+2];
 	uint32_t count;
 	uint32_t update_size;
 	int retries = 3;
 	uint8_t sha_hash[SIZE_OF_SHA_256_HASH];
 
 
+
 	SysTick_Config(168000UL);
 	external_watchdog_disable();
 	__enable_irq();
@@ -289,12 +317,33 @@ int ram_code_main(void)
 	}
 
 	uart_send_string("SHA256: ");
-	bytes_to_hex_string(sha_hash, SIZE_OF_SHA_256_HASH, tmp_buff, false);
-	tmp_buff[SIZE_OF_SHA_256_HASH] = 0;
-	uart_send_string(tmp_buff);
+	bytes_to_hex_string(sha_hash, SIZE_OF_SHA_256_HASH, sha_string, false);
+	sha_string[SIZE_OF_SHA_256_HASH*2] = 0;
+	uart_send_string(sha_string);
 	uart_send_string("\r\n");
 
 
+
+	strncpy(hash_file_name, filename, sizeof(hash_file_name));
+	strcat(hash_file_name, ".sha");
+	res = read_file_content(hash_file_name, tmp_buff, sizeof(tmp_buff)-1);
+	if (res < 0) {
+		uart_send_string("Error reading expected hash. Is the file present?\r\n");
+		ram_code_exit(false);
+	} else if (res >= SIZE_OF_SHA_256_HASH*2) {
+		tmp_buff[res] = 0;
+		uart_send_string("Expected sha: ");
+		uart_send_string(tmp_buff);
+		uart_send_string("\r\n");
+		if (strncmp(sha_string, tmp_buff, SIZE_OF_SHA_256_HASH*2) != 0) {
+			uart_send_string("SHA sums don't match!\r\n");
+			ram_code_exit(false);
+		}
+	} else {
+		uart_send_string("Expected hash has wrong length!\r\n");
+		ram_code_exit(false);
+	}
+
 	uart_send_string("Checking hex file ");
 	uart_send_string(filename);
 	uart_send_string("\r\n");