Checking if TKey is running an App about tillitis-key1 HOT 3 CLOSED

In https://github.com/tillitis/tillitis-key1-apps we decided to probe for firmware and have running apps checking framing protocol header for incoming commands to DST_FW and replying NOK. Not great, but at least a workaround for now.

Closing.

from tillitis-key1.

It would be interesting to know exactly what you send to the firmware which "bricks" it, making app-loading impossible. But I think I can see ways of this happening.

Our usual procedure in the host programs is that they either assume the TKey-app they want to talk to is running, and talk away. This is the simple case.

But tkey-ssh-agent is more clever, and tries to probe for firmware by doing GetNameVersion with a read timeout. If it gets a response, then firmware is running and it proceeds to load its signer-app. If it times out, then some app is assumed to be running, so it tries GetNameVersion towards the app (which signer-app implements) and if it the signer-app is indeed running, then go ahead and talk to it. If it times out, some other TKey-app is probably running and the TKey currently needs to be removed and plugged in again to put it back in firmware mode.

We're considering to add watchdog which can be used to allow firmware and app to reset themselves to a known state if it doesn't receive enough bytes for a cmd etc. This should be usable to avoid lock-ups. #72

from tillitis-key1.

Oh, and to specifically answer your question. No you cannot in the general case find out if an app is running, because the app can implement any protocol of choice. So you can try to talk to firmware with timeout, and this should fail if an app is running. But it would also fail if you're talking to the wrong serial port/tty. And the app could as well implement the firmware protocol, impersonating the firmware.

Protocol guidelines could be introduced, where TKey app developers agree to implement a certain command in the same way, or to ignore a certain firmware command.

from tillitis-key1.