g: avoid CERT_28

chip/g has a hardware KI with executing CERT_28 more than 512 times after reset.

Current use of CERT_28 makes little sense so we address the issue with deletion.
While at it, delete a bunch of other useless code in this function.

Ultimately we're left with just pulling bits from TRNG and mixing them with entropy
from the keyladder as mild hedge.

Signed-off-by: mschilder@google.com
BUG=b:127343845
BRANCH=none
TEST=b:127343845
Change-Id: I84218f644aa2508c45101464512019754647f229
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1646533
Tested-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Marius Schilder <mschilder@chromium.org>
Auto-Submit: Marius Schilder <mschilder@chromium.org>

1 files changed, 1 insertions, 19 deletions

diff --git a/chip/g/dcrypto/key_ladder.c b/chip/g/dcrypto/key_ladder.c
index 7aca0ad2b3..77055e4159 100644
--- a/chip/g/dcrypto/key_ladder.c
+++ b/chip/g/dcrypto/key_ladder.c
@@ -238,30 +238,12 @@ int DCRYPTO_ladder_random(void *output)
 {
 	int error = 1;
 	uint32_t tmp[8];
-	int i;
 
 	if (!dcrypto_grab_sha_hw())
 		goto fail;
 
 	rand_bytes(tmp, sizeof(tmp));
-	error = ladder_step(KEYMGR_CERT_28, tmp);
-	if (error)
-		goto fail;
-
-	if (!compute_certs(FRK2_CERTS_PREFIX, ARRAY_SIZE(FRK2_CERTS_PREFIX)))
-		goto fail;
-	/* USR generation requires running the key-ladder till
-	 * the end (version 0), plus one additional iteration.
-	 */
-	for (i = 0; i < MAX_MAJOR_FW_VERSION - 0 + 1; i++)
-		if (ladder_step(KEYMGR_CERT_25, NULL))
-			goto fail;
-	if (i != MAX_MAJOR_FW_VERSION - 0 + 1)
-		goto fail;
-	if (ladder_step(KEYMGR_CERT_34, ISR_SALT))
-		goto fail;
-
-	rand_bytes(tmp, sizeof(tmp));
+	/* Mix TRNG bytes with RSR entropy */
 	error = ladder_step(KEYMGR_CERT_27, tmp);
 	if (!error)
 		ladder_out(output);