cr50: update AES-CMAC implementation

Cr50 doesn't use CMAC, it is not even compiled, however during internal
review potential issues with branching on key values were spotted.

1) Fix key expansion to be constant time
2) Switch to enum dcrypto_result
3) Test commands updated to be compatible with FIPS build (use .rodata)
4) Clean up computed tag on stack during verification

BUG=None
TEST=make BOARD=cr50 CRYPTO_TEST=1 CMAC_TEST=1
in ccd: test_cmac 1 2 3 4
test_cmac_ver 1 2 3 4

Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Iff9b84dd8fb2baed9152f1ee5c40ef8e4198edd3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3194972
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>

1 files changed, 4 insertions, 1 deletions

diff --git a/board/cr50/build.mk b/board/cr50/build.mk
index f644a2c892..3f1c40f9c6 100644
--- a/board/cr50/build.mk
+++ b/board/cr50/build.mk
@@ -24,7 +24,7 @@ ifeq ($(BOARD_MK_INCLUDED_ONCE),)
 # command line.
 ENV_VARS := CR50_DEV CRYPTO_TEST H1_RED_BOARD U2F_TEST RND_TEST DRBG_TEST\
 	    ECDSA_TEST DCRYPTO_TEST P256_BIN_TEST SHA1_TEST SHA256_TEST\
-	    HMAC_SHA256_TEST
+	    HMAC_SHA256_TEST CMAC_TEST
 
 ifneq ($(CRYPTO_TEST),)
 CPPFLAGS += -DCRYPTO_TEST_SETUP
@@ -114,6 +114,9 @@ fips-${CONFIG_DCRYPTO_BOARD} += dcrypto/dcrypto_p256.o
 fips-${CONFIG_DCRYPTO_BOARD} += dcrypto/compare.o
 fips-${CONFIG_DCRYPTO_BOARD} += dcrypto/dcrypto_runtime.o
 ifneq ($(CRYPTO_TEST),)
+ifneq ($(CMAC_TEST),)
+fips-${CONFIG_DCRYPTO_BOARD} += dcrypto/aes_cmac.o
+endif
 fips-${CONFIG_DCRYPTO_BOARD} += dcrypto/gcm.o
 fips-${CONFIG_DCRYPTO_BOARD} += dcrypto/hkdf.o
 endif