fpsensor: add TPM seed to Input Key Material

Make the encryption key also depend on data held by the TPM. Append that
seed to the anti-rollback IKM and feed that to HKDF-Extract when
deriving the encryption key.
The seed must be set once, and can't be overwritten.

Bump the template format version to 3, since it's not compatible with
previously enrolled templates.

Also add the corresponding command to ectool (fpseed).

BRANCH=nocturne
BUG=b:117909326
TEST=upload templates without having set a seed -> fails as expected
TEST=enroll finger without having set a seed -> fails as expected
TEST=set a seed twice -> 2nd time fails as expected
TEST=set seed, enroll finger -> success.
TEST=upload templates after having set the seed -> success.
TEST=set a different seed, upload templates -> fails as expected
TEST=reboot EC, reset original seed, upload templates -> success
TEST=load templates enrolled with format version=2 -> fails as expected

Change-Id: I64fd99f9d317d1fcab4a58a679be64cf8a425b00
Signed-off-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1309050
Reviewed-by: Adam Langley <agl@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1557840
Tested-by: Yong Hong <yhong@google.com>
Commit-Queue: Yong Hong <yhong@google.com>

2 files changed, 40 insertions, 1 deletions

diff --git a/include/ec_commands.h b/include/ec_commands.h
index 62f2661d19..fa7a80f1a0 100644
--- a/include/ec_commands.h
+++ b/include/ec_commands.h
@@ -5057,10 +5057,11 @@ struct __ec_align4 ec_response_fp_info {
 #define FP_CONTEXT_USERID_WORDS (32 / sizeof(uint32_t))
 #define FP_CONTEXT_TAG_BYTES 16
 #define FP_CONTEXT_SALT_BYTES 16
+#define FP_CONTEXT_TPM_BYTES 32
 
 struct ec_fp_template_encryption_metadata {
 	/*
-	 * Version of the structure format (N=1).
+	 * Version of the structure format (N=3).
 	 */
 	uint16_t struct_version;
 	/* Reserved bytes, set to 0. */
@@ -5120,6 +5121,18 @@ struct __ec_align2 ec_response_fp_stats {
 	int8_t template_matched;
 };
 
+#define EC_CMD_FP_SEED 0x0408
+struct __ec_align4 ec_params_fp_seed {
+	/*
+	 * Version of the structure format (N=3).
+	 */
+	uint16_t struct_version;
+	/* Reserved bytes, set to 0. */
+	uint16_t reserved;
+	/* Seed from the TPM. */
+	uint8_t seed[FP_CONTEXT_TPM_BYTES];
+};
+
 /*****************************************************************************/
 /* Touchpad MCU commands: range 0x0500-0x05FF */
 
diff --git a/util/ectool.c b/util/ectool.c
index b39be1279d..696e431330 100644
--- a/util/ectool.c
+++ b/util/ectool.c
@@ -134,6 +134,8 @@ const char help_str[] =
 	"      Prints information about the Fingerprint sensor\n"
 	"  fpmode [capture|deepsleep|fingerdown|fingerup]\n"
 	"      Configure/Read the fingerprint sensor current mode\n"
+	"  fpseed\n"
+	"      Sets the value of the TPM seed.\n"
 	"  fpstats\n"
 	"      Prints timing statisitcs relating to capture and matching\n"
 	"  fptemplate [<infile>|<index 0..2>]\n"
@@ -1463,6 +1465,29 @@ int cmd_fp_mode(int argc, char *argv[])
 	return 0;
 }
 
+int cmd_fp_seed(int argc, char *argv[])
+{
+	struct ec_params_fp_seed p;
+	const char *seed = argv[1];
+	int rv;
+
+	if (argc == 1) {
+		printf("Missing seed argument.\n");
+		return 1;
+	}
+	if (strlen(seed) != FP_CONTEXT_TPM_BYTES) {
+		printf("Invalid seed '%s' is %zd bytes long instead of %d.\n",
+		       seed, strlen(seed), FP_CONTEXT_TPM_BYTES);
+		return 1;
+	}
+	printf("Setting seed '%s'\n", seed);
+	p.struct_version = 3;
+	memcpy(p.seed, seed, FP_CONTEXT_TPM_BYTES);
+
+	rv = ec_command(EC_CMD_FP_SEED, 0, &p, sizeof(p), NULL, 0);
+	return rv;
+}
+
 int cmd_fp_stats(int argc, char *argv[])
 {
 	struct ec_response_fp_stats r;
@@ -8340,6 +8365,7 @@ const struct command commands[] = {
 	{"fpframe", cmd_fp_frame},
 	{"fpinfo", cmd_fp_info},
 	{"fpmode", cmd_fp_mode},
+	{"fpseed", cmd_fp_seed},
 	{"fpstats", cmd_fp_stats},
 	{"fptemplate", cmd_fp_template},
 	{"gpioget", cmd_gpio_get},