netifd-morse/dpp-key-recovery: (APP-3496, PR #879) clean up DPP qrcode paths

- only attempt to generate qrcode if dpp_key.pem exists
  - reduce number of code paths:
    - only generate private key in dpp-key-recovery
    - only generate qrcode when morse interface is brought up
      and we definitely have a MAC address (this lets us remove a bunch
      of mac address fallback code which is not useful)
  - some refactoring/simplification to reduce amount of code

This means that this script doesn't change this key later in
the bringup, and the logic is simpler.

It also means we don't _regenerate_ if we've failed
to put it in persistent storage (i.e. the persistent
storage write failed).

Approved-by: Evan Benn
Approved-by: Milad Mohtashamirad

utils/dpp-key-recovery/files/etc/init.d/dpp-key-recovery

@@ -2,69 +2,14 @@
 #
 # Copyright (C) 2021-2023 Morse Micro Pty Ltd. All rights reserved.
 #
-. /lib/netifd/morse/morse_utils.sh
 
+# It's important this happens before netifd sets up any
+# morse interfaces, because the actual svg creation happens
+# when there and /etc/dpp_key.pem must already exist.
 START=11
 
-# update_dpp_private_key compares the recovered dpp_key (if exist) with the one
-# in /etc/dpp_key.pem and will overwrite it if they are different. 
-update_dpp_private_key()
-{
-	local tmp_key_path=$1
-	local etc_key_path=$2
-
-	# /tmp/key exist , /etc/key DOESN'T exist
-	if [ -f "$tmp_key_path" ] && [ ! -f "$etc_key_path" ]; then
-		#copy /tmp/key to /etc/key; return
-		cp $tmp_key_path $etc_key_path
-		return
-	fi
-
-
-	# /tmp/key DOESN'T exist , /etc/key DOESN'T exist
-	if [ ! -f "$tmp_key_path" ] && [ ! -f "$etc_key_path" ]; then
-		#generate a key and save it to /etc/key; return
-		openssl ecparam -genkey -name prime256v1 -noout -out $etc_key_path
-		return
-	fi
-
-
-	# /tmp/key DOESN'T exist , /etc/key exist
-	if [ ! -f "$tmp_key_path" ] && [ -f "$etc_key_path" ]; then
-		return
-	fi
-
-	# /tmp/key exist , /etc/key exist
-	if [ -f "$tmp_key_path" ] && [ -f "$etc_key_path" ]; then
-		#are they different?		
-		local md5sum_tmp_key=$(md5sum $tmp_key_path | awk '{ print $1 }')
-		local md5sum_etc_key=$(md5sum $etc_key_path | awk '{ print $1 }')
-		if [ ! "$md5sum_tmp_key" = "$md5sum_etc_key" ]; then
-			#yes
-			#copy /tmp/key to /etc/key; return
-			cp $tmp_key_path $etc_key_path
-			return
-		else
-			#no
-			return
-		fi
-	fi
-
-}
-
 boot() {
-    /morse/scripts/recover_dpp_key.sh /tmp/dpp_key.pem
-    update_dpp_private_key /tmp/dpp_key.pem /etc/dpp_key.pem
-
-	local halow_mac="$(morse_get_chip_macaddr)"
-	if [ -z "$halow_mac" ]; then
-		local ETH0_MAC_SUFFIX="$(cat /sys/class/net/eth0/address | cut -d: -f4-)"
-		halow_mac="0C:BF:74:$ETH0_MAC_SUFFIX"
-	fi
-
-	if [ -n "$halow_mac" ]; then
-		update_dpp_qrcode /etc/dpp_key.pem "$halow_mac"
-	else
-		logger "Unable to get macaddr of the halow interface. Skipping QR code string generation"
+	if [ ! -e /etc/dpp_key.pem ]; then
+		/morse/scripts/recover_dpp_key.sh /etc/dpp_key.pem
 	fi
 }

utils/dpp-key-recovery/files/morse/scripts/recover_dpp_key.sh

@@ -3,65 +3,28 @@
 # Copyright (C) 2023 MorseMicro
 #
 
-
 dpp_key_tmp_file=$1
 
-get_key_from_persistent_storage()
-{
-    local ubenv_key=
-    [ -f "/sbin/persistent_vars_storage.sh" ] && ubenv_key=$(/sbin/persistent_vars_storage.sh READ dpp_priv_key)
-    echo "$ubenv_key"
-}
+ubenv_key=$(persistent_vars_storage.sh READ dpp_priv_key)
 
-create_persistent_private_key()
-{
-    logger "Generating a new private key and saving it to the persistent storage."    
-    local priv_key=$(openssl ecparam -genkey -name prime256v1 -noout -outform DER | hexdump -e '16/1 "%02x " "\n"'| xxd -r -p | base64 -w 0)
+# logger is not available at START=11, which is when this is
+# used by /etc/init.d/dpp-key-recovery
 
-    /sbin/persistent_vars_storage.sh WRITE dpp_priv_key "$priv_key"
-    
-    echo "$priv_key"
-}
-
-save_private_key_file()
-{
-    echo "-----BEGIN EC PRIVATE KEY-----" > $2
-    echo "$1"                            >> $2
-    echo "-----END EC PRIVATE KEY-----"  >> $2
-}
-
-
-#1-check if the /sbin/persistent_vars_storage.sh scripts exist.
-[ ! -f "/sbin/persistent_vars_storage.sh" ] && exit 0
-
-
-#2-get the private key from uboot_env
-ubenv_key=$(get_key_from_persistent_storage)
-
-#3-is private key empty?
 if [ -z "$ubenv_key" ]; then
-    #23-yes: we don't have dpp private key.
-    logger "DPP private key isn't found in u-boot-env."    
-    ubenv_key=$(create_persistent_private_key)
+    echo "dpp-key-recovery: DPP private key isn't found in persistent storage." > /dev/kmsg
 fi
 
-#create /tmp/dpp_key.pem with the result.
-save_private_key_file $ubenv_key $dpp_key_tmp_file
-
-#is the private key valid?
-if openssl ec -in $dpp_key_tmp_file -check 1>/dev/null 2>/dev/null ; then 
-    #yes: done.
-    exit 0
-else 
-    #no
-    logger "persistent storage contains an incorrect DPP private key." 
-    ubenv_key=$(create_persistent_private_key) 
-    save_private_key_file $ubenv_key $dpp_key_tmp_file
-    exit 0
+if ! openssl ec -in $dpp_key_tmp_file -check 1>/dev/null 2>/dev/null; then
+    echo "dpp-key-recovery: persistent storage contains an incorrect DPP private key." > /dev/kmsg
+    ubenv_key=
 fi
 
+if [ -z "$ubenv_key" ]; then
+    echo "dpp-key-recovery: generating a new private key and saving it to the persistent storage." > /dev/kmsg
+    ubenv_key=$(openssl ecparam -genkey -name prime256v1 -noout -outform DER | base64 -w0)
+    /sbin/persistent_vars_storage.sh WRITE dpp_priv_key "$ubenv_key"
+fi
 
-
-
-
-
+echo "-----BEGIN EC PRIVATE KEY-----" > "$dpp_key_tmp_file"
+echo "$ubenv_key"                     >> "$dpp_key_tmp_file"
+echo "-----END EC PRIVATE KEY-----"  >> "$dpp_key_tmp_file"