Avoid to silently overwrite keystore.c

danielinux · danielinux · commit 2082bd003c60 · 2024-07-09T09:28:40.000+02:00
diff --git a/Makefile b/Makefile
@@ -302,6 +302,7 @@ clean:
 	$(Q)rm -f wolfboot.bin wolfboot.elf wolfboot.map test-update.rom wolfboot.hex
 	$(Q)rm -f $(MACHINE_OBJ) $(MAIN_TARGET) $(LSCRIPT)
 	$(Q)rm -f $(OBJS)
+	$(Q)rm -f tools/keytools/otp/otp-keystore-gen
 	$(Q)$(MAKE) -C test-app -s clean
 	$(Q)$(MAKE) -C tools/check_config -s clean
 	$(Q)$(MAKE) -C stage1 -s clean
diff --git a/tools/keytools/keygen.c b/tools/keytools/keygen.c
@@ -764,7 +764,7 @@ static void key_gen_check(const char *kfilename)
     if (!force && (f != NULL)) {
         char reply[40];
         int replySz;
-        printf("** Warning: key file already exist! Are you sure you want to generate a new key and overwrite the existing key? [Type 'Yes']: ");
+        printf("** Warning: key file already exists! Are you sure you want to generate a new key and overwrite the existing key? [Type 'Yes']: ");
         fflush(stdout);
         replySz = scanf("%s", reply);
         printf("Reply is [%s]\n", reply);
@@ -776,6 +776,22 @@ static void key_gen_check(const char *kfilename)
             unlink(kfilename);
         }
     }
+    f = fopen(pubkeyfile, "rb");
+    if (!force && (f != NULL)) {
+        char reply[40];
+        int replySz;
+        printf("** Warning: keystore already exists! Are you sure you want to generate a new key and overwrite the existing key? [Type 'Yes']: ");
+        fflush(stdout);
+        replySz = scanf("%s", reply);
+        printf("Reply is [%s]\n", reply);
+        fclose(f);
+        if (replySz < 0 || strcmp(reply, "Yes") != 0) {
+            printf("Operation aborted by user.");
+            exit(5);
+        } else {
+            unlink(pubkeyfile);
+        }
+    }
 }
 
 static void key_generate(uint32_t ktype, const char *kfilename, uint32_t id_mask)
diff --git a/tools/keytools/otp/Makefile b/tools/keytools/otp/Makefile
@@ -34,8 +34,8 @@ SIZE?=$(CROSS_COMPILE)size
 
 all: otp-keystore-primer.bin otp-keystore-gen
 
-otp-keystore-gen: otp-keystore-gen.c ../../../src/keystore.c
-	gcc -o $@ $^ -I. -I../../../ -I../../../include -DFLASH_OTP_KEYSTORE
+otp-keystore-gen: otp-keystore-gen.c
+	gcc -o $@ otp-keystore-gen.c ../../../src/keystore.c -I. -I../../../ -I../../../include -DFLASH_OTP_KEYSTORE
 
 
 otp-keystore-primer.bin: otp-keystore-primer.elf
diff --git a/tools/keytools/otp/otp-keystore-gen.c b/tools/keytools/otp/otp-keystore-gen.c
@@ -63,6 +63,8 @@ int main(void)
     slot_size = keystore_get_size(0);
     slot_size += KEYSTORE_HDR_SIZE;
     fprintf(stderr, "Slot size: %d\n", slot_size);
+    fprintf(stderr, "Number of slots: %d\n", n_keys);
+    fprintf(stderr, "%s size: %d\n", outfile, slot_size * n_keys + sizeof(struct wolfBoot_otp_hdr));
 
     ofd = open(outfile, O_WRONLY|O_CREAT|O_TRUNC, 0600);
     if (ofd < 0) {
