diff options
| author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-09-29 15:02:49 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2021-10-05 19:08:53 +0000 |
| commit | 9cd80daff9f6d9df08311a790a79632ab647a162 (patch) | |
| tree | f454c7c3b3e8b47f0dd7327fc7be7e9f9dd2181d /board/cr50/dcrypto/fips.c | |
| parent | d64c8e2803a570aa3181fe67f2fb0f3241789de1 (diff) | |
| download | chrome-ec-9cd80daff9f6d9df08311a790a79632ab647a162.tar.gz | |
cr50: Update AES public APIsfactory-ambassador-14265.B-cr50_stab
To support FIPS mode we need to block access to crypto in case of
errors.
1) Added check for FIPS errors into DCRYPTO_aes_init()
2) Return codes updated to enum dcrypto_result
3) Call sites updated to check for return codes
BUG=b:197893750
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Id614cc346fe22537e9208196bf1322221a253b0c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3194985
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'board/cr50/dcrypto/fips.c')
| -rw-r--r-- | board/cr50/dcrypto/fips.c | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/board/cr50/dcrypto/fips.c b/board/cr50/dcrypto/fips.c index 9fdad94df7..7e70146522 100644 --- a/board/cr50/dcrypto/fips.c +++ b/board/cr50/dcrypto/fips.c @@ -482,6 +482,7 @@ static bool fips_aes256_kat(void) uint8_t enc[AES_BLOCK_LEN]; uint8_t dec[AES_BLOCK_LEN]; uint8_t iv[AES_BLOCK_LEN]; + enum dcrypto_result result; static const uint8_t kat_aes128_k[AES256_BLOCK_CIPHER_KEY_SIZE] = { 0x65, 0x74, 0x61, 0x6f, 0x6e, 0x72, 0x69, 0x73, @@ -500,16 +501,21 @@ static bool fips_aes256_kat(void) }; memset(iv, 0, sizeof(iv)); - DCRYPTO_aes_init(kat_aes128_k, 256, iv, CIPHER_MODE_CBC, ENCRYPT_MODE); - DCRYPTO_aes_block(kat_aes128_msg, enc); - if (memcmp(enc, ans_aes128, AES_BLOCK_LEN)) - return false; + /* Use internal function as we are not yet in FIPS mode. */ + result = dcrypto_aes_init(kat_aes128_k, 256, iv, CIPHER_MODE_CBC, + ENCRYPT_MODE); + result |= DCRYPTO_aes_block(kat_aes128_msg, enc); + result |= DCRYPTO_equals(enc, ans_aes128, AES_BLOCK_LEN); + + if (fips_break_cmd == FIPS_BREAK_AES256) + enc[1] ^= 1; - DCRYPTO_aes_init(kat_aes128_k, 256, iv, CIPHER_MODE_CBC, DECRYPT_MODE); - DCRYPTO_aes_block(enc, dec); + result |= dcrypto_aes_init(kat_aes128_k, 256, iv, CIPHER_MODE_CBC, + DECRYPT_MODE); + result |= DCRYPTO_aes_block(enc, dec); + result |= DCRYPTO_equals(kat_aes128_msg, dec, AES_BLOCK_LEN); - return !(fips_break_cmd == FIPS_BREAK_AES256) && - (memcmp(kat_aes128_msg, dec, AES_BLOCK_LEN) == 0); + return result == DCRYPTO_OK; } #endif |