diff options
| author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-08-12 15:06:51 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2021-08-13 19:43:43 +0000 |
| commit | 5d24282d7db3854c4a6adf925c75b7573de5617d (patch) | |
| tree | 9210b38f9dd921df1a9ae1e4154ac3cbd7e4a920 /board/cr50/board.h | |
| parent | 2a590e25e8cc41d324abf56894b032ceda028832 (diff) | |
| download | chrome-ec-5d24282d7db3854c4a6adf925c75b7573de5617d.tar.gz | |
cr50: update FIPS initialization logic to match security policy
FIPS security policy was updated to move U2F key management out of scope
as it doesn't add anything from certification standpoint on L1, but
greatly complicates design and requires flash operations to be in the
FIPS module boundary.
This change aligns FIPS initialization flow with security policy:
1) Checking of U2F key type is removed and would be handled during
U2F command processing to choose approved / not-approved key gen.
2) FIPS module is always in approved mode when self-integrity tests,
known-answer tests and TRNG power-up tests succeeds.
3) Implementation of console command and TPM2 command moved out of
FIPS boundary.
BUG=b:134594373
TEST=make BOARD=cr50 [CRYPTO_TEST=1]; console commands
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I03fc8fa450927e4d37e691770e872e7ffa5b628d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3093088
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'board/cr50/board.h')
| -rw-r--r-- | board/cr50/board.h | 23 |
1 files changed, 4 insertions, 19 deletions
diff --git a/board/cr50/board.h b/board/cr50/board.h index 9519306be4..7a73753260 100644 --- a/board/cr50/board.h +++ b/board/cr50/board.h @@ -93,8 +93,10 @@ /* Also use the cr50 as a second factor authentication */ #define CONFIG_U2F -#undef CONFIG_FIPS_RSA2048 -#undef CONFIG_FIPS_SW_HMAC_DRBG +/* Additional FIPS KAT tests. */ +#define CONFIG_FIPS_RSA2048 +#define CONFIG_FIPS_SW_HMAC_DRBG +#define CONFIG_FIPS_AES_CBC_256 /* USB configuration */ #define CONFIG_USB @@ -252,7 +254,6 @@ enum nvmem_vars { NVMEM_VAR_U2F_SALT, NVMEM_VAR_CCD_CONFIG, NVMEM_VAR_G2F_SALT, - NVMEM_VAR_FIPS_CONFIG, NVMEM_VARS_COUNT }; @@ -330,16 +331,6 @@ int board_has_ec_cr50_comm_support(void); int board_id_is_mismatched(void); /* Allow for deep sleep to be enabled on AP shutdown */ int board_deep_sleep_allowed(void); -/* indicates completion of power-up tests earlier */ -bool board_fips_power_up_done(void); - -/** - * Set status of FIPS power-up tests on wake from sleep - * - * @param asserted: 0 power-up tests should run on resume, otherwise can be - * skipped - */ -void board_set_fips_policy_test(bool asserted); void power_button_record(void); @@ -365,12 +356,6 @@ void board_reboot_ec_deferred(int usec_delay); void board_closed_loop_reset(void); int board_wipe_tpm(int reset_required); int board_is_first_factory_boot(void); -int board_fwmp_fips_mode_enabled(void); - -/* set FIPS policy for board in NVRAM (independent of FWMP) */ -void board_set_local_fips_policy(bool asserted); -/* return non zero if FIPS mode enforced in FWMP or NVRAM */ -bool board_fips_enforced(void); int usb_i2c_board_enable(void); void usb_i2c_board_disable(void); |