From 298117ee901853f4925c85c5b2c3998fc3d1788f Mon Sep 17 00:00:00 2001
From: kirbylife <kirbylife@protonmail.com>
Date: Thu, 27 Apr 2023 23:28:12 -0600
Subject: [PATCH] Improve the soft wipe method

---
 Cargo.lock     |  7 -------
 Cargo.toml     |  1 -
 src/main.rs    | 12 +++++-------
 src/storage.rs | 34 +++++++++++++++++-----------------
 tools/menu.py  |  7 +++++--
 5 files changed, 27 insertions(+), 34 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 5472a24..4cef784 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -198,12 +198,6 @@ dependencies = [
  "proc-macro2",
 ]
 
-[[package]]
-name = "randomize"
-version = "3.0.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "88c38c99b51f33c9fcc655252bf02ac8048eb70f35244e4697b0de9c473e940a"
-
 [[package]]
 name = "rtcc"
 version = "0.3.0"
@@ -229,7 +223,6 @@ dependencies = [
  "hmac-sha1-compact",
  "nb 1.1.0",
  "panic-halt",
- "randomize",
  "ufmt 0.2.0",
 ]
 
diff --git a/Cargo.toml b/Cargo.toml
index 5119130..a729059 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -10,7 +10,6 @@ hmac-sha1-compact = { git = "https://github.com/kirbylife/rust-hmac-sha1" }
 panic-halt = "0.2.0"
 embedded-hal = "0.2.7"
 nb = "1.1.0"
-randomize = "3.0.1"
 ufmt = "0.2.0"
 
 [profile.release]
diff --git a/src/main.rs b/src/main.rs
index 446a3a2..a343b59 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -57,10 +57,8 @@ fn main() -> ! {
     let mut display = screen::StnScreen::new(&mut rs, &mut en, &mut d4, &mut d5, &mut d6, &mut d7);
     display.clear();
 
-    let datetime = datetime::Datetime::from_ds3231(&mut rtc);
-
     let mut eeprom = arduino_hal::Eeprom::new(dp.EEPROM);
-    let mut tokens = storage::Tokens::new(&mut eeprom, datetime.unix_epoch());
+    let mut tokens = storage::Tokens::new(&mut eeprom);
 
     let up = pins.d6.into_pull_up_input();
     let mut up_button = button::Button::new(&up, true);
@@ -68,7 +66,7 @@ fn main() -> ! {
     let mut down_button = button::Button::new(&down, true);
 
     up_button.update();
-    if up_button.update() == button::Event::Pressed {
+    if up_button.update() == button::Event::Pressed || tokens.current.is_none() {
         display.write_str("Connected to");
         display.set_cursor(0, 1);
         display.write_str("USB...");
@@ -126,7 +124,8 @@ fn main() -> ! {
                 },
                 SOFT_WIPE_TOKENS => {
                     serial.write(OK).unwrap();
-                    tokens.soft_wipe_all_tokens();
+                    let deleted_tokens = tokens.soft_wipe_all_tokens();
+                    serial.write(deleted_tokens).unwrap();
                     serial.write(OK).unwrap();
                 }
                 HARD_WIPE_TOKENS => {
@@ -140,9 +139,8 @@ fn main() -> ! {
         }
     }
 
-    let mut changed = false;
-    let mut last_index = 100;
     let mut last_time = 0;
+    let mut changed = false;
 
     loop {
         let timestamp = datetime::Datetime::from_ds3231(&mut rtc).unix_epoch();
diff --git a/src/storage.rs b/src/storage.rs
index 57f5f0a..643c72c 100644
--- a/src/storage.rs
+++ b/src/storage.rs
@@ -1,25 +1,23 @@
 use arduino_hal::eeprom::Eeprom;
-use randomize::PCG32;
 
 pub const SECRET_KEY_MAX_LEN: u16 = 32;
 pub const SECRET_KEY_NAME_LEN: u16 = 16;
 pub const SECRET_KEY_FULL_LEN: u16 = SECRET_KEY_MAX_LEN + SECRET_KEY_NAME_LEN;
+pub const ENDL: u8 = 0;
 
 pub struct Tokens<'a> {
     mem: &'a mut Eeprom,
     pub current: Option<u16>,
     capacity: u16,
-    rand: PCG32,
 }
 
 impl<'a> Tokens<'a> {
-    pub fn new(mem: &'a mut Eeprom, rand_seed: u64) -> Self {
+    pub fn new(mem: &'a mut Eeprom) -> Self {
         let capacity = mem.capacity() / SECRET_KEY_FULL_LEN;
 
         let mut tokens = Tokens {
             mem,
             capacity,
-            rand: PCG32::seed(rand_seed, 1),
             current: None,
         };
         tokens.current = tokens.first();
@@ -30,7 +28,7 @@ impl<'a> Tokens<'a> {
     pub fn search_free(&self) -> Option<u16> {
         for n in 0..self.capacity {
             let index = SECRET_KEY_FULL_LEN * n;
-            if self.mem.read_byte(index) == 255 {
+            if self.mem.read_byte(index) == ENDL {
                 return Some(n);
             }
         }
@@ -41,7 +39,7 @@ impl<'a> Tokens<'a> {
     fn first(&self) -> Option<u16> {
         for n in 0..self.capacity {
             let index = SECRET_KEY_FULL_LEN * n;
-            if self.mem.read_byte(index) != 255 {
+            if self.mem.read_byte(index) != ENDL {
                 return Some(n);
             }
         }
@@ -52,7 +50,7 @@ impl<'a> Tokens<'a> {
         let mut index = self.current.unwrap();
         for _ in 0..self.capacity {
             index = (index + 1) % self.capacity;
-            if self.mem.read_byte(index * SECRET_KEY_FULL_LEN) != 255 {
+            if self.mem.read_byte(index * SECRET_KEY_FULL_LEN) != ENDL {
                 self.current = Some(index);
                 return Some(index);
             }
@@ -97,14 +95,14 @@ impl<'a> Tokens<'a> {
     pub fn delete(&mut self, index: u16) -> Option<u16> {
         // The Arduino's EEPROM memory has a maximum number of write cycles.
         // To keep writes to a minimum, only the first byte of the token name is set to 0
-        // and a byte of the key is randomly chosen to be overwritten with
-        // another random value, so that it's unrecoverable.
-        let index_name = index * SECRET_KEY_FULL_LEN;
-        let index_key = (index * SECRET_KEY_FULL_LEN) + SECRET_KEY_NAME_LEN;
-        let index_key = index_key + (self.rand.next_u32() % SECRET_KEY_MAX_LEN as u32) as u16;
-        let rand_byte = (self.rand.next_u32() % 255) as u8;
-        self.mem.write_byte(index_name, 255);
-        self.mem.write_byte(index_key, rand_byte);
+        // and wipe all the secret key
+        let index_token = index * SECRET_KEY_FULL_LEN;
+        let index_key_start = index_token + SECRET_KEY_NAME_LEN;
+        let index_key_end = index_key_start + SECRET_KEY_MAX_LEN - 1;
+        self.mem.write_byte(index_token, ENDL);
+        for index in index_key_start..index_key_end {
+            self.mem.write_byte(index, ENDL);
+        }
         Some(index)
     }
 
@@ -113,7 +111,7 @@ impl<'a> Tokens<'a> {
 
         for n in 0..self.capacity {
             let index = SECRET_KEY_FULL_LEN * n;
-            if self.mem.read_byte(index) != 255 {
+            if self.mem.read_byte(index) != ENDL {
                 self.delete(index);
                 inc += 1;
             }
@@ -122,6 +120,8 @@ impl<'a> Tokens<'a> {
     }
 
     pub fn hard_wipe_all_tokens(&mut self) {
-        self.mem.erase(0, self.mem.capacity()).unwrap();
+        for index in 0..self.mem.capacity() {
+            self.mem.write_byte(index, ENDL);
+        }
     }
 }
diff --git a/tools/menu.py b/tools/menu.py
index bcddd21..9173021 100644
--- a/tools/menu.py
+++ b/tools/menu.py
@@ -125,21 +125,24 @@ def main(argv: list[str]):
                 print("Error trying to add the token, try again")
             else:
                 print("Token added successfully!")
-        # Wipe tokens
+        # Soft wipe tokens
         elif opt == "4":
             conn.write(SOFT_WIPE_TOKENS)
             sleep(0.1)
             _ = conn.read()
+            deleted_tokens = conn.read()
             resp = conn.read()
             if resp == OK:
-                print("All the tokens wipped successfully!")
+                print(f"{deleted_tokens} tokens wipped successfully!")
             else:
                 print("Error!!")
+        # Hard wipe tokens
         elif opt == "5":
             resp = loop_input("This will erase all the EEPROM, do you want to continue? [Y/N]", ["y", "Y", "n", "N"]).upper()
             if resp == "Y":
                 conn.write(HARD_WIPE_TOKENS)
                 sleep(0.1)
+                _ = conn.read()
                 resp = conn.read()
                 if resp == OK:
                     print("All the Eeprom erased successfully!")