diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2022-01-28 19:57:45 -0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2022-01-31 23:21:40 +0000 |
commit | ff49166b382db46f31b8bf1be12196439bc90d02 (patch) | |
tree | 80fd99dfc52e8d98f732731a2405062fe9155d56 /board/cr50/dcrypto/fips.h | |
parent | 12d62b7996952bb8108af286e312481cecad02a1 (diff) | |
download | chrome-ec-ff49166b382db46f31b8bf1be12196439bc90d02.tar.gz |
cr50: update FIPS module based on operational testing findingsstabilize-14498.B-cr50_stabstabilize-14496.B-cr50_stabfirmware-brya-14505.B-cr50_stabfirmware-brya-14505.71.B-cr50_stab
1. ECDSA pair-wise consistency test failure wasn't updating FIPS status.
Added new failure bit FIPS_FATAL_ECDSA_PWCT.
2. ECDSA KAT was only simulating error in verify, but not in sign.
Split 'fips ecdsa' into 'fips ecver' and 'fips ecsign'.
3. Added a way to introduce self-integrity error by not updating FIPS
module digest with 'FIPS_BREAK=1' during build.
4. Added reporting of FIPS module digest.
BUG=b:134594373
TEST=make CRYPTO_TEST=1;
in ccd test:
fips pwct; tpm_test.py should fail; fips should print error.
-
fips ecver; fips test reports ECDSA error
fips ecsign; fips test reports ECDSA error
-
FIPS module digest is printed
-
FIPS_BREAK=1 make CRYPTO_TEST=1 produce build with zero digest
reporint FIPS self-integrity error.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ib0a92c118f07a76e4b52eaf9b011ff4f73a02c61
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3425998
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'board/cr50/dcrypto/fips.h')
-rw-r--r-- | board/cr50/dcrypto/fips.h | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/board/cr50/dcrypto/fips.h b/board/cr50/dcrypto/fips.h index cfd39bb1fc..ca1fd689f0 100644 --- a/board/cr50/dcrypto/fips.h +++ b/board/cr50/dcrypto/fips.h @@ -37,14 +37,10 @@ enum fips_status { #endif FIPS_FATAL_SELF_INTEGRITY = 1 << 10, FIPS_FATAL_BN_MATH = 1 << 11, + FIPS_FATAL_ECDSA_PWCT = 1 << 12, FIPS_FATAL_OTHER = 1 << 15, -/* For CRYPTO_TEST ignore self-integrity errors. */ -#ifdef CRYPTO_TEST_SETUP - FIPS_ERROR_MASK = 0xffff & ~FIPS_FATAL_SELF_INTEGRITY, -#else FIPS_ERROR_MASK = 0xffff, -#endif FIPS_RFU_MASK = 0x7fff0000 }; @@ -56,13 +52,14 @@ enum fips_break { FIPS_BREAK_SHA256 = 2, FIPS_BREAK_HMAC_SHA256 = 3, FIPS_BREAK_HMAC_DRBG = 4, - FIPS_BREAK_ECDSA = 5, - FIPS_BREAK_ECDSA_PWCT = 6, + FIPS_BREAK_ECDSA_VER = 5, + FIPS_BREAK_ECDSA_SIGN = 6, + FIPS_BREAK_ECDSA_PWCT = 7, #ifdef CONFIG_FIPS_AES_CBC_256 - FIPS_BREAK_AES256 = 7, + FIPS_BREAK_AES256 = 8, #endif #ifdef CONFIG_FIPS_RSA2048 - FIPS_BREAK_RSA2048 = 8, + FIPS_BREAK_RSA2048 = 9, #endif }; @@ -82,15 +79,16 @@ enum fips_cmd { FIPS_CMD_BREAK_SHA256 = 4, FIPS_CMD_BREAK_HMAC_SHA256 = 5, FIPS_CMD_BREAK_HMAC_DRBG = 6, - FIPS_CMD_BREAK_ECDSA = 7, - FIPS_CMD_BREAK_ECDSA_PWCT = 8, + FIPS_CMD_BREAK_ECDSA_VER = 7, + FIPS_CMD_BREAK_ECDSA_SIGN = 8, + FIPS_CMD_BREAK_ECDSA_PWCT = 9, #ifdef CONFIG_FIPS_AES_CBC_256 - FIPS_CMD_BREAK_AES256 = 9, + FIPS_CMD_BREAK_AES256 = 10, #endif #ifdef CONFIG_FIPS_RSA2048 - FIPS_CMD_BREAK_RSA2048 = 10, + FIPS_CMD_BREAK_RSA2048 = 11, #endif - FIPS_CMD_NO_BREAK = 11 + FIPS_CMD_NO_BREAK = 12 }; /* These symbols defined in core/cortex-m/ec.lds.S. */ |