From 3f11286e2e7e14eb74df1edb278e26371e1e81c9 Mon Sep 17 00:00:00 2001
From: Dominik Ermel <dominik.ermel@nordicsemi.no>
Date: Wed, 17 Jul 2024 14:43:05 +0000
Subject: [PATCH] boot: Remove image_index from boot_encrypt

boot_encrypt required the image_index paired with flash area pointer
to be able to figure out which slot it will operate on.
Since in most calls the slot is known in advance it can be just
passed to the function directly.
The commit replaces both parameters with slot number.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
---
 boot/boot_serial/src/boot_serial_encryption.c |  8 ++++----
 boot/bootutil/include/bootutil/enc_key.h      |  5 ++---
 boot/bootutil/src/encrypted.c                 | 14 +++-----------
 boot/bootutil/src/image_validate.c            |  7 +++++--
 boot/bootutil/src/loader.c                    | 13 ++++++-------
 5 files changed, 20 insertions(+), 27 deletions(-)

diff --git a/boot/boot_serial/src/boot_serial_encryption.c b/boot/boot_serial/src/boot_serial_encryption.c
index cf9040b3..7d3b47c7 100644
--- a/boot/boot_serial/src/boot_serial_encryption.c
+++ b/boot/boot_serial/src/boot_serial_encryption.c
@@ -125,10 +125,11 @@ decrypt_region_inplace(struct boot_loader_state *state,
     size_t blk_off;
     uint16_t idx;
     uint32_t blk_sz;
-    uint8_t image_index;
-
+    int slot = flash_area_id_to_multi_image_slot(BOOT_CURR_IMG(state),
+                                                 flash_area_get_id(fap));
     uint8_t buf[sz] __attribute__((aligned));
     assert(sz <= sizeof buf);
+    assert(slot >= 0);
 
     bytes_copied = 0;
     while (bytes_copied < sz) {
@@ -143,7 +144,6 @@ decrypt_region_inplace(struct boot_loader_state *state,
             return BOOT_EFLASH;
         }
 
-        image_index = BOOT_CURR_IMG(state);
         if (IS_ENCRYPTED(hdr)) {
             blk_sz = chunk_sz;
             idx = 0;
@@ -171,7 +171,7 @@ decrypt_region_inplace(struct boot_loader_state *state,
                     blk_sz = tlv_off - (off + bytes_copied);
                 }
             }
-            boot_encrypt(BOOT_CURR_ENC(state), image_index, flash_area_get_id(fap),
+            boot_encrypt(BOOT_CURR_ENC(state), slot,
                     (off + bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
                     blk_off, &buf[idx]);
         }
diff --git a/boot/bootutil/include/bootutil/enc_key.h b/boot/bootutil/include/bootutil/enc_key.h
index 297381fb..57ac2440 100644
--- a/boot/bootutil/include/bootutil/enc_key.h
+++ b/boot/bootutil/include/bootutil/enc_key.h
@@ -71,9 +71,8 @@ int boot_enc_load(struct enc_key_data *enc_state, int slot,
         struct boot_status *bs);
 bool boot_enc_valid(struct enc_key_data *enc_state, int image_index,
         const struct flash_area *fap);
-void boot_encrypt(struct enc_key_data *enc_state, int image_index,
-        int fa_id, uint32_t off, uint32_t sz,
-        uint32_t blk_off, uint8_t *buf);
+void boot_encrypt(struct enc_key_data *enc_state, int slot,
+        uint32_t off, uint32_t sz, uint32_t blk_off, uint8_t *buf);
 void boot_enc_zeroize(struct enc_key_data *enc_state);
 
 #ifdef __cplusplus
diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
index 08df0fe0..760deef0 100644
--- a/boot/bootutil/src/encrypted.c
+++ b/boot/bootutil/src/encrypted.c
@@ -698,13 +698,11 @@ boot_enc_valid(struct enc_key_data *enc_state, int image_index,
 }
 
 void
-boot_encrypt(struct enc_key_data *enc_state, int image_index,
-        int fa_id, uint32_t off, uint32_t sz,
-        uint32_t blk_off, uint8_t *buf)
+boot_encrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
+             uint32_t sz, uint32_t blk_off, uint8_t *buf)
 {
     struct enc_key_data *enc;
     uint8_t nonce[16];
-    int rc;
 
     /* boot_copy_region will call boot_encrypt with sz = 0 when skipping over
        the TLVs. */
@@ -719,13 +717,7 @@ boot_encrypt(struct enc_key_data *enc_state, int image_index,
     nonce[14] = (uint8_t)(off >> 8);
     nonce[15] = (uint8_t)off;
 
-    rc = flash_area_id_to_multi_image_slot(image_index, fa_id);
-    if (rc < 0) {
-        assert(0);
-        return;
-    }
-
-    enc = &enc_state[rc];
+    enc = &enc_state[slot];
     assert(enc->valid == 1);
     bootutil_aes_ctr_encrypt(&enc->aes_ctr, nonce, buf, sz, blk_off, buf);
 }
diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
index b4e8b798..239f369f 100644
--- a/boot/bootutil/src/image_validate.c
+++ b/boot/bootutil/src/image_validate.c
@@ -148,10 +148,13 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
 #ifdef MCUBOOT_ENC_IMAGES
         if (MUST_DECRYPT(fap, image_index, hdr)) {
             /* Only payload is encrypted (area between header and TLVs) */
+            int slot = flash_area_id_to_multi_image_slot(image_index,
+                            flash_area_get_id(fap));
+
             if (off >= hdr_size && off < tlv_off) {
                 blk_off = (off - hdr_size) & 0xf;
-                boot_encrypt(enc_state, image_index, flash_area_get_id(fap), off - hdr_size,
-                        blk_sz, blk_off, tmp_buf);
+                boot_encrypt(enc_state, slot, off - hdr_size,
+                             blk_sz, blk_off, tmp_buf);
             }
         }
 #endif
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
index e30a83f1..6a2323e8 100644
--- a/boot/bootutil/src/loader.c
+++ b/boot/bootutil/src/loader.c
@@ -1216,13 +1216,14 @@ boot_copy_region(struct boot_loader_state *state,
     uint32_t off;
     uint32_t tlv_off;
     size_t blk_off;
-    int enc_area_id;
     struct image_header *hdr;
     uint16_t idx;
     uint32_t blk_sz;
     uint8_t image_index;
     bool encrypted_src;
     bool encrypted_dst;
+    /* Assuming the secondary slot is source and needs decryption */
+    int source_slot = 1;
 #endif
 
     TARGET_STATIC uint8_t buf[BUF_SZ] __attribute__((aligned(4)));
@@ -1255,11 +1256,11 @@ boot_copy_region(struct boot_loader_state *state,
             if (encrypted_dst) {
                 /* Need encryption, metadata from the primary slot */
                 hdr = boot_img_hdr(state, BOOT_PRIMARY_SLOT);
-                enc_area_id = FLASH_AREA_IMAGE_PRIMARY(image_index);
+                source_slot = 0;
             } else {
                 /* Need decryption, metadata from the secondary slot */
                 hdr = boot_img_hdr(state, BOOT_SECONDARY_SLOT);
-                enc_area_id = FLASH_AREA_IMAGE_SECONDARY(image_index);
+                source_slot = 1;
             }
 
             if (IS_ENCRYPTED(hdr)) {
@@ -1291,7 +1292,7 @@ boot_copy_region(struct boot_loader_state *state,
                             blk_sz = tlv_off - abs_off;
                         }
                     }
-                    boot_encrypt(BOOT_CURR_ENC(state), image_index, enc_area_id,
+                    boot_encrypt(BOOT_CURR_ENC(state), source_slot,
                             (abs_off + idx) - hdr->ih_hdr_size, blk_sz,
                             blk_off, &buf[idx]);
                 }
@@ -2726,13 +2727,11 @@ boot_decrypt_and_copy_image_to_sram(struct boot_loader_state *state,
     uint32_t chunk_sz;
     uint32_t max_sz = 1024;
     uint16_t idx;
-    uint8_t image_index;
     uint8_t * cur_dst;
     int area_id;
     int rc;
     uint8_t * ram_dst = (void *)(IMAGE_RAM_BASE + img_dst);
 
-    image_index = BOOT_CURR_IMG(state);
     area_id = flash_area_id_from_multi_image_slot(BOOT_CURR_IMG(state), slot);
     rc = flash_area_open(area_id, &fap_src);
     if (rc != 0){
@@ -2774,7 +2773,7 @@ boot_decrypt_and_copy_image_to_sram(struct boot_loader_state *state,
              * Part of the chunk is encrypted payload */
             blk_sz = tlv_off - (bytes_copied);
         }
-        boot_encrypt(BOOT_CURR_ENC(state), image_index, area_id,
+        boot_encrypt(BOOT_CURR_ENC(state), slot,
             (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
             blk_off, cur_dst);