Cleanup configuration

.gitignore

@@ -21,4 +21,5 @@ rebar3.crashdump
 *.tar
 config/dev.config
 dummy.img
+eeprom_*.dat
 .tool-versions

README.md

@@ -7,3 +7,14 @@ Build
 -----
 
     $ rebar3 compile
+
+Development
+-----------
+
+Setup local dev configuration:
+
+    cp config/dev.config.template config/dev.config
+
+Start local shell:
+
+    rebar3 as local shell

config/dev.config.template

@@ -0,0 +1,39 @@
+[
+    {grisp_cryptoauth, [
+        {tls_use_client_certificate, false},
+        {tls_verify, verify_none}
+    ]},
+
+    {grisp_updater, [
+        %{signature_check, true},
+        %{signature_certificates, {priv, grisp_updater, "certificates"}},
+        %{storage, {grisp_updater_filesystem, #{}}},
+        {system, {grisp_updater_dummy, #{device_size => 1140850688}}},
+        %{sources, [{grisp_updater_tarball, #{}}]}
+    ]},
+
+    {grisp_updater, [
+        {system, {grisp_updater_grisp2, #{}}},
+        {sources, [
+            {grisp_updater_tarball, #{}},
+            {grisp_updater_http, #{
+                backend => {grisp_updater_grisp2, #{}}
+            }}
+        ]}
+    ]},
+
+    {kernel, [
+        {logger_level, debug},
+        {logger, [
+            {handler, default, logger_std_h, #{
+                level => info,
+                filter_default => log,
+                config => #{type => standard_io},
+                formatter => {logger_formatter, #{
+                    legacy_header => false,
+                    single_line => true
+                }}
+            }}
+        ]}
+    ]}
+].

config/local.config

@@ -0,0 +1,35 @@
+[
+    {grisp, [
+        {emulation, {grisp2, grisp_emulation}}
+    ]},
+
+    {grisp_cryptoauth, [
+        {tls_use_client_certificate, false},
+        {tls_verify, verify_none}
+    ]},
+
+    {grisp_updater, [
+        {system, {grisp_updater_grisp2, #{}}},
+        {sources, [
+            {grisp_updater_tarball, #{}},
+            {grisp_updater_http, #{
+                backend => {grisp_updater_grisp2, #{}}
+            }}
+        ]}
+    ]},
+
+    {kernel, [
+        {logger_level, debug},
+        {logger, [
+            {handler, default, logger_std_h, #{
+                level => info,
+                filter_default => log,
+                config => #{type => standard_io},
+                formatter => {logger_formatter, #{
+                    legacy_header => false,
+                    single_line => true
+                }}
+            }}
+        ]}
+    ]}
+].

config/dev.config.src → config/sys.config

@@ -1,21 +1,16 @@
 [
-    {grisp_updater_grisp2, [
-        {use_client_certificate, false},
-        {server_certificates, {priv, grisp_updater_grisp2, "certificates"}}
-    ]}
-
     {grisp_updater, [
         {system, {grisp_updater_grisp2, #{}}},
         {sources, [
             {grisp_updater_tarball, #{}},
             {grisp_updater_http, #{
                 backend => {grisp_updater_grisp2, #{}}
             }}
-        ]},
+        ]}
     ]},
 
     {kernel, [
-        {logger_level, info},
+        {logger_level, notice},
         {logger, [
             {handler, default, logger_std_h, #{
                 level => info,
@@ -28,4 +23,4 @@
             }}
         ]}
     ]}
-].
+].

rebar.config

@@ -3,27 +3,31 @@
 {deps, [
     grisp,
     {gun, "1.3.3"},
+    {grisp_cryptoauth, "2.3.1"},
     {grisp_updater, {git, "https://github.com/grisp/grisp_updater.git", {branch, "main"}}}
 ]}.
 
+{relx, [
+    {release, {grisp_updater_grisp2, "0.1.0"}, [grisp_updater_grisp2]}
+]}.
+
 {profiles, [
-    {grisp, [
-        {deps, [
-            {grisp_cryptoauth, "2.3.0"}
-        ]}
-    ]},
     {prod, [
-        {deps, [
-            {grisp_cryptoauth, "2.3.0"}
-        ]}
+        {relx, [{sys_config, "config/sys.config"}]}
     ]},
-    {test, [
+    {dev, [
+        {relx, [{sys_config, "config/dev.config"}]}
+    ]},
+    {local, [
         {deps, [
-            {grisp_emulation, "0.2.0"}
+            {grisp_emulation, "0.2.1"}
+        ]},
+        {overrides, [
+            {add, grisp_cryptoauth, [{erl_opts, [{d, 'EMULATE_CRYPTOAUTH'}]}]}
         ]},
         {shell, [
             {apps, [grisp_emulation, grisp_updater_grisp2]},
-            {config, "config/dev.config"}
+            {config, "config/local.config"}
         ]}
     ]}
 ]}.

rebar.lock

@@ -1,9 +1,8 @@
 {"1.2.0",
 [{<<"cowlib">>,{pkg,<<"cowlib">>,<<"2.7.3">>},1},
- {<<"grisp">>,{pkg,<<"grisp">>,<<"2.5.0">>},0},
  {<<"grisp_updater">>,
   {git,"https://github.com/grisp/grisp_updater.git",
-       {ref,"166deb0e097da0295182037f21542d3227d6314f"}},
+       {ref,"2f3a3b08c23325286a8ce3463ed4798756dba535"}},
   0},
  {<<"gun">>,{pkg,<<"gun">>,<<"1.3.3">>},0},
  {<<"mapz">>,{pkg,<<"mapz">>,<<"2.4.0">>},1},
@@ -16,14 +15,12 @@
 [
 {pkg_hash,[
  {<<"cowlib">>, <<"A7FFCD0917E6D50B4D5FB28E9E2085A0CEB3C97DEA310505F7460FF5ED764CE9">>},
- {<<"grisp">>, <<"DBC40DDA075F9ED7A68B112AFBC7C2B122EB5CE2DDF4C029E952B3D7492EA90B">>},
  {<<"gun">>, <<"CF8B51BEB36C22B9C8DF1921E3F2BC4D2B1F68B49AD4FBC64E91875AA14E16B4">>},
  {<<"mapz">>, <<"77A8E38B69BAB16C5D3EBD44E6C619F8AF1F1598B0CAAE301D266605A0865756">>},
  {<<"quickrand">>, <<"D2BD76676A446E6A058D678444B7FDA1387B813710D1AF6D6E29BB92186C8820">>},
  {<<"uuid">>, <<"77C3E3EE1E1701A2856CE945846D7CEB71931C60633A305D0B0FEAE03B2B3B5C">>}]},
 {pkg_hash_ext,[
  {<<"cowlib">>, <<"1E1A3D176D52DAEBBECBBCDFD27C27726076567905C2A9D7398C54DA9D225761">>},
- {<<"grisp">>, <<"EC298EB0B26598B6D843A342AE7498801FDF46625D9E58AF6D73C7F5C3C15391">>},
  {<<"gun">>, <<"3106CE167F9C9723F849E4FB54EA4A4D814E3996AE243A1C828B256E749041E0">>},
  {<<"mapz">>, <<"4B68DF5CF0522E0D6545DF7B681BC052865CDB78405AD4CC9C55FE45EE7B25BE">>},
  {<<"quickrand">>, <<"B8ACBF89A224BC217C3070CA8BEBC6EB236DBE7F9767993B274084EA044D35F0">>},

src/grisp_updater_grisp2.app.src

@@ -1,17 +1,17 @@
-{application, grisp_updater_grisp2,
- [{description, "GRiSP Software Update for GRiSP2 boards"},
-  {vsn, "0.1.0"},
-  {registered, []},
-  {applications,
-   [kernel,
-    stdlib,
-    grisp,
-    grisp_cryptoauth,
-    grisp_updater
-   ]},
-  {env,[]},
-  {modules, []},
+{application, grisp_updater_grisp2, [
+    {description, "GRiSP Software Update for GRiSP2 boards"},
+    {vsn, "0.1.0"},
+    {registered, []},
+    {applications, [
+        kernel,
+        stdlib,
+        grisp,
+        grisp_cryptoauth,
+        grisp_updater
+    ]},
+    {env,[]},
+    {modules, []},
 
-  {licenses, ["Apache 2.0"]},
-  {links, []}
+    {licenses, ["Apache 2.0"]},
+    {links, []}
  ]}.

src/grisp_updater_grisp2.erl

@@ -7,6 +7,7 @@
 %--- Includes ------------------------------------------------------------------
 
 -include_lib("kernel/include/logger.hrl").
+-include_lib("grisp/include/grisp.hrl").
 -include_lib("grisp_updater/include/grisp_updater.hrl").
 
 
@@ -38,24 +39,17 @@
 
 -record(http_state, {
     ltrim_regex :: re:mp(),
-    rtrim_regex :: re:mp(),
-    tls_transport_opts = [] :: ssl:tls_client_option()
+    rtrim_regex :: re:mp()
 }).
 
 
 %--- Behaviour grisp_updater_source Callback -----------------------------------
 
 system_init(_Opts) ->
     ?LOG_INFO("Initializing GRiSP2 update system interface", []),
-    % TODO: Uses current working directory to figure out the current
-    % booted system, should be changed to use the device tree.
     #{bootstate := #{active_system := Active, update_system := Update}} =
         grisp_barebox:get_all(),
-    Current = case file:get_cwd() of
-        {ok, "/media/mmcsd-0-0"} -> 0;
-        {ok, "/media/mmcsd-0-1"} -> 1;
-        {ok, "/media/mmcsd-1-" ++ _} -> removable
-    end,
+    Current = current_system(),
     {ok, #sys_state{
         current = Current,
         active = Active,
@@ -119,18 +113,19 @@ system_terminate(_State, _Reason) ->
 
 %--- Behaviour grisp_updater_http Callback -------------------------------------
 
-http_init(Opts) ->
-    {ok, #http_state{
-        tls_transport_opts = prepare_tls_options(Opts)
-    }}.
+http_init(_Opts) ->
+    {ok, #http_state{}}.
 
 http_connection_options(State, Url) ->
     case uri_string:parse(Url) of
         #{scheme := <<"https">>, host := Host} = Parts ->
             Hostname = unicode:characters_to_list(Host),
             Port = maps:get(port, Parts, 443),
-            Opts = tls_options(State, Host),
-            {ok, Hostname, Port, Opts, State};
+            GunOpts = #{
+                transport => tls,
+                transport_opts => grisp_cryptoauth_tls:options(Hostname)
+            },
+            {ok, Hostname, Port, GunOpts, State};
         #{scheme := <<"http">>, host := Host} = Parts ->
             Hostname = unicode:characters_to_list(Host),
             Port = maps:get(port, Parts, 80),
@@ -142,66 +137,12 @@ http_connection_options(State, Url) ->
 
 %--- Internal Functions --------------------------------------------------------
 
-config_bool(Key, Default) ->
-    case application:get_env(grisp_updater_grisp2, Key) of
-        undefined -> Default;
-        {ok, Value} when is_boolean(Value) -> Value
-    end.
-
-config_directory(Key) ->
-    Dir  = case application:get_env(grisp_updater_grisp2, Key) of
-        undefined -> error;
-        {ok, Path} when is_binary(Path) -> binary_to_list(Path);
-        {ok, Path} when is_list(Path) -> Path;
-        {ok, {priv, AppName, SubPath}} when is_binary(SubPath) ->
-            case code:priv_dir(AppName) of
-                {error, bad_name} -> error({bad_config, Key});
-                 Base -> filename:join(Base, binary_to_list(SubPath))
-            end;
-        {ok, {priv, AppName, SubPath}} when is_list(SubPath) ->
-            case code:priv_dir(AppName) of
-                {error, bad_name} -> error({bad_config, Key});
-                 Base -> filename:join(Base, SubPath)
-            end
-    end,
-    case filelib:is_dir(Dir) of
-        true -> Dir;
-        false -> error({directory_not_found, Dir})
-    end.
-
-load_cert(Path) ->
-    {ok, PEM} = file:read_file(Path),
-    [{'Certificate', DER, not_encrypted}] = public_key:pem_decode(PEM),
-    DER.
-
-prepare_tls_options(_Opts) ->
-    {CACerts, VerifyMode} = case config_directory(server_certificates) of
-        error -> {[], verify_none};
-        CertDir ->
-            {[load_cert(filename:join(CertDir, F))
-              || F <- filelib:wildcard("*.crt", CertDir)], verify_peer}
-    end,
-    case config_bool(use_client_certificate, false) of
-        false ->
-            [{verify, VerifyMode}, {cacerts, CACerts}];
-        true ->
-            %TODO: Should figure out the client CA certitifcate of ask grisp_cryptoauth
-            CryptoAuthPriv = code:priv_dir(grisp_cryptoauth),
-            IntermediaryCA = load_cert(filename:join(CryptoAuthPriv, "grisp2_ca.pem")),
-            RootCA = load_cert(filename:join(CryptoAuthPriv, "stritzinger_root.pem")),
-            [
-                {verify, VerifyMode},
-                {cacerts, [RootCA | CACerts]},
-                {cert, [grisp_cryptoauth:read_cert(primary, der), IntermediaryCA]},
-                {key, #{algorithm => ecdsa, sign_fun => {grisp_cryptoauth, sign_fun}}}
-            ]
+current_system() ->
+    % TODO: Uses current working directory to figure out the current
+    % booted system, should be changed to use the device tree.
+    case {?IS_EMULATED, file:get_cwd()} of
+        {true, _} -> 0;
+        {false, {ok, "/media/mmcsd-0-0"}} -> 0;
+        {false, {ok, "/media/mmcsd-0-1"}} -> 1;
+        {false, {ok, "/media/mmcsd-1-" ++ _}} -> removable
     end.
-
-tls_options(#http_state{tls_transport_opts = TransOpts}, Host) ->
-    #{
-        transport => tls,
-        transport_opts => [
-            {server_name_indication, unicode:characters_to_list(Host)}
-            | TransOpts
-        ]
-    }.