diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2020-07-29 18:16:20 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-07-30 22:40:03 +0000 |
commit | ca9f95fecec76373fbb26adcc5090dfcce114918 (patch) | |
tree | 42a91115fe9c173f4361516651413b0678c6d7a9 /chip/g/init_chip.h | |
parent | 7db60152e13aea29b04b2f9a1e16abbc89d2010a (diff) | |
download | chrome-ec-ca9f95fecec76373fbb26adcc5090dfcce114918.tar.gz |
fips: prevent turning FIPS on (yet)
Since FIPS-compliant U2F code is not yet ready, make sure that new
devices won't switch to FIPS-approved by default when there are no
U2F keys. This CL puts the logic that checks if the U2F seed exists
and turns FIPS mode on when it doesn't under compile-time switch,
and for now turns this switch off. As a result, FIPS mode is always
off.
BUG=b:138577491
TEST=make BOARD=cr50, then check FIPS mode in CCD
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I33b559c3f348f34115263fd3fedc8b7a2fbeab31
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2328113
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'chip/g/init_chip.h')
0 files changed, 0 insertions, 0 deletions