diff options
author | David Stevens <stevensd@chromium.org> | 2021-08-25 01:22:24 +0000 |
---|---|---|
committer | David Stevens <stevensd@chromium.org> | 2021-08-25 01:24:10 +0000 |
commit | 1485393c069ed6c4b9419154664e7407e7022c2e (patch) | |
tree | b46e568e7a7d49966adeaacc1d3d7c2633084a85 /board/cr50/fips_cmd.c | |
parent | 5ae1c684271a117539858cb12252959dfe46803c (diff) | |
download | chrome-ec-1485393c069ed6c4b9419154664e7407e7022c2e.tar.gz |
Revert "u2f: refactoring to split command processing and crypto"stabilize-14179.B-cr50_stabstabilize-14178.B-cr50_stab
This reverts commit 5ae1c684271a117539858cb12252959dfe46803c.
Reason for revert: breaks chromeos-ec-headers
BUG=b:197691499
Original change's description:
> u2f: refactoring to split command processing and crypto
>
> Split U2F crypto from U2F command processing by moving all crypto
> code into boards/cr50 (platform hooks).
>
> U2F state management is part of common code and passed to U2F crypto
> as a parameter.
>
> BUG=b:134594373
> TEST=make BOARD=cr50 CRYPTO_TEST=1
> console: u2f_test
> test/tpmtest.py
> FAFT U2F tests pass
>
> Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
> Change-Id: I85442cddb2959bd3102f7f6e6047134ede90951b
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3034852
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Reviewed-by: Andrey Pronin <apronin@chromium.org>
> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Bug: b:134594373
Change-Id: I61a965995fcd53b4e155084f5f351574cb84cd1e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3115930
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: David Stevens <stevensd@chromium.org>
Diffstat (limited to 'board/cr50/fips_cmd.c')
-rw-r--r-- | board/cr50/fips_cmd.c | 90 |
1 files changed, 41 insertions, 49 deletions
diff --git a/board/cr50/fips_cmd.c b/board/cr50/fips_cmd.c index 554b048c25..6642bd3396 100644 --- a/board/cr50/fips_cmd.c +++ b/board/cr50/fips_cmd.c @@ -21,7 +21,7 @@ #include "system.h" #include "task.h" #include "tpm_nvmem_ops.h" -#include "u2f_cmds.h" +#include "u2f_impl.h" /** * Create IRQ handler calling FIPS module's dcrypto_done_interrupt() on @@ -68,46 +68,47 @@ static void fips_print_status(void) } DECLARE_HOOK(HOOK_INIT, fips_print_status, HOOK_PRIO_INIT_PRINT_FIPS_STATUS); -#if defined(CRYPTO_TEST_SETUP) || defined(CR50_DEV) +#ifdef CRYPTO_TEST_SETUP static const uint8_t k_salt = NVMEM_VAR_G2F_SALT; -static void print_u2f_keys_status(void) -{ - struct u2f_state state; - bool load_result; - size_t hmac_len, drbg_len; - - hmac_len = read_tpm_nvmem_size(TPM_HIDDEN_U2F_KEK); - drbg_len = read_tpm_nvmem_size(TPM_HIDDEN_U2F_KH_SALT); - load_result = u2f_load_or_create_state(&state, false); +/* Can't include TPM2 headers, so just define constant locally. */ +#define HR_NV_INDEX (1U << 24) - CPRINTS("U2F HMAC len: %u, U2F Entropy len: %u, U2F load:%u, " - "State DRBG len:%u", hmac_len, - drbg_len, load_result, state.drbg_entropy_size); -} - -static void u2f_keys(void) +/* Wipe old U2F keys. */ +static void u2f_zeroize_non_fips(void) { - CPRINTS("U2F state %x", (uintptr_t)u2f_get_state()); - print_u2f_keys_status(); + const uint32_t u2fobjs[] = { TPM_HIDDEN_U2F_KEK | HR_NV_INDEX, + TPM_HIDDEN_U2F_KH_SALT | HR_NV_INDEX, 0 }; + /* Delete NVMEM_VAR_G2F_SALT. */ + setvar(&k_salt, sizeof(k_salt), NULL, 0); + /* Remove U2F keys and wipe all deleted objects. */ + nvmem_erase_tpm_data_selective(u2fobjs); } -/* Set U2F keys as old. */ -static void fips_set_old_u2f_keys(void) +/* Set U2F keys to old or new version. */ +static void fips_set_u2f_keys(bool active) { - uint8_t random[32]; - - u2f_zeroize_keys(); - - /* Create fake u2f keys old style */ - fips_trng_bytes(random, sizeof(random)); - setvar(&k_salt, sizeof(k_salt), random, sizeof(random)); - - fips_trng_bytes(random, sizeof(random)); - write_tpm_nvmem_hidden(TPM_HIDDEN_U2F_KEK, sizeof(random), random, 1); - fips_trng_bytes(random, sizeof(random)); - write_tpm_nvmem_hidden(TPM_HIDDEN_U2F_KH_SALT, sizeof(random), random, - 1); + if (!active) { + /* Old version. */ + uint8_t random[32]; + /* Create fake u2f keys old style */ + fips_trng_bytes(random, sizeof(random)); + setvar(&k_salt, sizeof(k_salt), random, sizeof(random)); + + fips_trng_bytes(random, sizeof(random)); + write_tpm_nvmem_hidden(TPM_HIDDEN_U2F_KEK, sizeof(random), + random, 1); + fips_trng_bytes(random, sizeof(random)); + write_tpm_nvmem_hidden(TPM_HIDDEN_U2F_KH_SALT, sizeof(random), + random, 1); + } else { + /** + * TODO(sukhomlinov): Implement new key generation after merging + * https://crrev.com/c/3034852 and adding FIPS key gen. + */ + u2f_zeroize_non_fips(); + } + system_reset(EC_RESET_FLAG_SECURITY); } #endif @@ -126,20 +127,11 @@ static int cmd_fips_status(int argc, char **argv) fips_print_test_time(); fips_print_mode(); } -#if defined(CRYPTO_TEST_SETUP) || defined(CR50_DEV) +#ifdef CRYPTO_TEST_SETUP else if (!strncmp(argv[1], "new", 3)) - CPRINTS("u2f update status: %d", u2f_update_keys()); - else if (!strncmp(argv[1], "del", 3)) - CPRINTS("u2f zeroization status: %d", - u2f_zeroize_keys()); + fips_set_u2f_keys(true); /* we can reboot here... */ else if (!strncmp(argv[1], "old", 3)) - fips_set_old_u2f_keys(); - else if (!strncmp(argv[1], "u2f", 3)) - print_u2f_keys_status(); - else if (!strncmp(argv[1], "gen", 3)) - u2f_keys(); -#endif -#ifdef CRYPTO_TEST_SETUP + fips_set_u2f_keys(false); /* we can reboot here... */ else if (!strncmp(argv[1], "trng", 4)) fips_break_cmd = FIPS_BREAK_TRNG; else if (!strncmp(argv[1], "sha", 3)) @@ -152,7 +144,7 @@ static int cmd_fips_status(int argc, char **argv) DECLARE_SAFE_CONSOLE_COMMAND( fips, cmd_fips_status, #ifdef CRYPTO_TEST_SETUP - "[test | new | old | u2f | gen | trng | sha]", + "[test | new | old | trng | sha]", "Report FIPS status, switch U2F key, run tests, simulate errors"); #else "[test]", "Report FIPS status, run tests"); @@ -189,10 +181,10 @@ static enum vendor_cmd_rc fips_cmd(enum vendor_cmd_cc code, void *buf, memcpy(buf, &fips_reverse, sizeof(fips_reverse)); *response_size = sizeof(fips_reverse); break; +#ifdef CRYPTO_TEST_SETUP case FIPS_CMD_ON: - u2f_update_keys(); + fips_set_u2f_keys(true); /* we can reboot here... */ break; -#ifdef CRYPTO_TEST_SETUP case FIPS_CMD_BREAK_TRNG: fips_break_cmd = FIPS_BREAK_TRNG; break; |