diff options
author | Vincent Palatin <vpalatin@chromium.org> | 2017-06-06 16:22:43 +0200 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-06-13 03:45:15 -0700 |
commit | c4f465185231cd3e0ed92d3c45c18915c2adc6df (patch) | |
tree | be7ad5a01f15daf7c68cfbefd0d5e91e026237b6 /chip/g/dcrypto/app_key.c | |
parent | aa15b8621d62b8926ca4853cdf9c336f0b892db9 (diff) | |
download | chrome-ec-c4f465185231cd3e0ed92d3c45c18915c2adc6df.tar.gz |
cr50: add derivation functions using the key-ladder
Add functions to do key derivation for the U2F code,
using the hardware key-ladder.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=cr50
BUG=b:35545754
TEST=with follow-up CLs, run U2FTest on Eve
Change-Id: I5960fb9baa7ca555423a956fb97ef2bdee82feee
Reviewed-on: https://chromium-review.googlesource.com/525539
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Nagendra Modadugu <ngm@google.com>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Diffstat (limited to 'chip/g/dcrypto/app_key.c')
-rw-r--r-- | chip/g/dcrypto/app_key.c | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/chip/g/dcrypto/app_key.c b/chip/g/dcrypto/app_key.c index b471a4f714..e2b709f3c0 100644 --- a/chip/g/dcrypto/app_key.c +++ b/chip/g/dcrypto/app_key.c @@ -11,7 +11,7 @@ const struct { const char *name; - /* SHA256(name, strlen(name)) */ + /* SHA256(name) */ const uint32_t digest[SHA256_DIGEST_WORDS]; } dcrypto_app_names[] = { { @@ -28,6 +28,27 @@ const struct { 0x5801c4ce, 0x8e7c7654, 0xa2a13c85, 0x875779b6 } }, + { + "U2F_ATTEST", + { + 0xe108bde1, 0xb87820a9, 0x8b4b943a, 0xc7c1dbc4, + 0xa027d3f1, 0x96538c5f, 0x49a07d16, 0xd0c8e1da + } + }, + { + "U2F_ORIGIN", + { + 0xeb4ba9f1, 0x12b0ec6c, 0xd0791cd4, 0x4a1f4e6d, + 0x51e60c00, 0xad84c2c0, 0x38b78b24, 0x1ded57ea + } + }, + { + "U2F_WRAP", + { + 0xa013e112, 0x4cb0134c, 0x1cab1edf, 0xbd741b61, + 0xcd375bcd, 0x8065e8cc, 0xc892ed69, 0x72436c7d + } + }, }; int DCRYPTO_appkey_init(enum dcrypto_appid appid, struct APPKEY_CTX *ctx) @@ -46,3 +67,10 @@ void DCRYPTO_appkey_finish(struct APPKEY_CTX *ctx) always_memset(ctx, 0, sizeof(struct APPKEY_CTX)); GREG32(KEYMGR, AES_WIPE_SECRETS) = 1; } + +int DCRYPTO_appkey_derive(enum dcrypto_appid appid, const uint32_t input[8], + uint32_t output[8]) +{ + return !!dcrypto_ladder_derive(appid, dcrypto_app_names[appid].digest, + input, output); +} |