Improve otp_keystore checks, add explicit TARGET_sim check

Author: gojimmypi

include/otp_keystore.h

@@ -30,10 +30,14 @@
 /* Specific includes for supported targets
  * (needed for OTP_SIZE)
  */
-#ifdef TARGET_stm32h7
+#if defined(TARGET_stm32h7)
     #include "hal/stm32h7.h"
-#elif defined TARGET_stm32h5
+#elif defined(TARGET_stm32h5)
     #include "hal/stm32h5.h"
+#elif defined(TARGET_sim)
+    #include "hal_host_sim_stub.h"
+#else
+    #error "Define a target"
 #endif
 
 #include "keystore.h"
@@ -47,25 +51,35 @@
     #define KEYSTORE_HDR_PACKED
 #endif
 
-struct KEYSTORE_HDR_PACKED wolfBoot_otp_hdr {
-    char keystore_hdr_magic[8];
-    uint16_t item_count;
-    uint16_t flags;
-    uint32_t version;
-};
-
-static const char KEYSTORE_HDR_MAGIC[8] = "WOLFBOOT";
+#if !defined(OTP_SIZE) || (OTP_SIZE <= 0)
+    /* See TARGET_[device] */
+    #error "WRONG OTP SIZE"
+#endif
 
-#define KEYSTORE_MAX_PUBKEYS ((OTP_SIZE - OTP_HDR_SIZE) / SIZEOF_KEYSTORE_SLOT)
+#ifndef SIZEOF_KEYSTORE_SLOT
+    #error "SIZEOF_KEYSTORE_SLOT must be defined"
+#endif
 
-#if (OTP_SIZE == 0)
-#error WRONG OTP SIZE
+#if (OTP_HDR_SIZE >= OTP_SIZE)
+    #error "Bad OTP_HDR_SIZE or OTP_SIZE"
 #endif
 
+#define KEYSTORE_MAX_PUBKEYS ((OTP_SIZE - OTP_HDR_SIZE) / SIZEOF_KEYSTORE_SLOT)
+
 #if (KEYSTORE_MAX_PUBKEYS < 1)
     #error "No space for any keystores in OTP with current algorithm"
 #endif
 
-#endif /* FLASH_OTP_KEYSTORE */ 
+struct KEYSTORE_HDR_PACKED wolfBoot_otp_hdr {
+    char keystore_hdr_magic[8];
+    uint16_t item_count;
+    uint16_t flags;
+    uint32_t version;
+};
+
+/* KEYSTORE_HDR_MAGIC = "WOLFBOOT" exactly 8 bytes, no nul terminator */
+static const char KEYSTORE_HDR_MAGIC[8] = { 'W','O','L','F','B','O','O','T' };
+
+#endif /* FLASH_OTP_KEYSTORE */
 
 #endif /* OTP_KEYSTORE_H */

tools/keytools/otp/hal_host_sim_stub.c

@@ -0,0 +1,66 @@
+/* hal_host_sim_stub.c
+ *
+ * Helper for storing/retrieving Trust Anchor to/from OTP flash
+ *
+ *
+ * Copyright (C) 2025 wolfSSL Inc.
+ *
+ * This file is part of wolfBoot.
+ *
+ * wolfBoot is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfBoot is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* hal_host_stub.c - host-only placeholders for HAL used by otp-keystore-primer */
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+//
+//#ifndef HAL_H
+//#define HAL_H
+///* For host builds, redirect hal.h to our sim stub */
+//#include "hal_host_sim_stub.h"
+//#endif
+
+/* Minimal mirror of what primer expects. If these normally come from hal.h/target.h,
+   define the bare minimum here so the host build can link. */
+#ifndef FLASH_OTP_BASE
+#define FLASH_OTP_BASE 0u
+#endif
+
+void hal_init(void)
+{
+    /* No hardware on host. */
+    fprintf(stderr, "[hal_host_stub] hal_init() called\n");
+}
+
+/* Return 0 on success like many wolfBoot HAL funcs. Adjust signature to match your hal.h. */
+int hal_flash_otp_write(uint32_t flashAddress, const void* data, uint16_t length)
+{
+    (void)flashAddress;
+    (void)data;
+    (void)length;
+    fprintf(stderr, "[hal_host_stub] hal_flash_otp_write(addr=%lu, len=%lu)\n",
+        (unsigned long)flashAddress, length);
+    return 0;
+}
+
+int hal_flash_otp_set_readonly(uint32_t flashAddress, uint16_t length)
+{
+    (void)flashAddress;
+    (void)length;
+    fprintf(stderr, "[hal_host_stub] hal_flash_otp_set_readonly(addr=%lu, len=%lu)\n",
+        (unsigned long)flashAddress, length);
+    return 0;
+}

tools/keytools/otp/hal_host_sim_stub.h

@@ -0,0 +1,45 @@
+/* hal_host_sim_stub.f
+ *
+ * Helper for storing/retrieving Trust Anchor to/from OTP flash
+ *
+ *
+ * Copyright (C) 2025 wolfSSL Inc.
+ *
+ * This file is part of wolfBoot.
+ *
+ * wolfBoot is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfBoot is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef HAL_HOST_SIM_STUB_H
+#define HAL_HOST_SIM_STUB_H
+
+#include <stdint.h>
+
+#ifndef FLASH_OTP_BASE
+    #define FLASH_OTP_BASE 0u
+#endif
+
+#ifndef OTP_SIZE
+    /* Define a generic max OTP size to appease otp_keystore.h */
+    #define OTP_SIZE 4096
+#endif
+
+/* See actual implementation in [WOLFBOOT_ROOT]/hal; Optionally define your own sim stubs: */
+
+void hal_init(void);
+int hal_flash_otp_write(uint32_t flashAddress, const void* data, uint16_t length);
+int hal_flash_otp_set_readonly(uint32_t flashAddress, uint16_t length);
+
+#endif /* HAL_HOST_SIM_STUB_H */