diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-08-09 17:50:21 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-08-12 20:38:26 +0000 |
commit | 2a590e25e8cc41d324abf56894b032ceda028832 (patch) | |
tree | 906739ca85cbbd9197cec0189d2c6b7b1f1a14d8 /board/cr50/tpm2/ecc.c | |
parent | 7ddbd2a9eab0dc54897d6b5bb8ee1d4b3be1fe27 (diff) | |
download | chrome-ec-2a590e25e8cc41d324abf56894b032ceda028832.tar.gz |
cr50: drop cryptoc for p256 implementationstabilize-14151.B-cr50_stab
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects. While just making local copy of cryptoc would
solve an issue, it's suboptimal as prevents from many optimizations and
improvements.
Removed redundant functions (dcrypto_p256_pick and dcrypto_p256_rand).
Another improvement is separation of platform independent code in p256.c
to support better host-side unit tests. For this purpose added fast
random number generator using LFSR to replace use of TRNG for blinding
and wiping secrets where security strength is not required.
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
in console: dcrypto_ecdsa
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I9bfd13b8006ddca55508635962be4502a56532b5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3087833
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'board/cr50/tpm2/ecc.c')
-rw-r--r-- | board/cr50/tpm2/ecc.c | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/board/cr50/tpm2/ecc.c b/board/cr50/tpm2/ecc.c index 5607aaff87..a8263b643e 100644 --- a/board/cr50/tpm2/ecc.c +++ b/board/cr50/tpm2/ecc.c @@ -13,9 +13,6 @@ #include "util.h" #include "dcrypto.h" -#include "cryptoc/p256.h" -#include "cryptoc/p256_ecdsa.h" - static void reverse_tpm2b(TPM2B *b) { reverse(b->buffer, b->size); |