diff options
author | Vadim Bendebury <vbendeb@chromium.org> | 2019-05-15 08:56:47 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2019-05-24 15:09:48 -0700 |
commit | 58e31f4788e369028f960e2fd39b435f1a1c4687 (patch) | |
tree | a08c25ed3316f1c590ba1f73ea189224c85c844f /chip | |
parent | 60021c7225b3d247113b4c60e056d0cc01ad50ad (diff) | |
download | chrome-ec-58e31f4788e369028f960e2fd39b435f1a1c4687.tar.gz |
nvmem: make page header checksums different between prod and dev
When moving an H1 between prod and dev Cr50 images, it is important to
quickly determine that the NVMEM contents are not retrievable. The
first object verified by the initialization routine is the page
header, but since SHA value is used for integrity verification, it
does not change despite the fact that the mode (and encryption keys as
a result) changed.
Using encrypted header value for integrity verification guarantees
that when transition between prod and dev modes happen the
initialization function discovers it right away and reinitializes
NVMEM instead of trying to interpret corrupted objects.
The host/dcrypto stub used for unit tests and fuzzing needs to be
modified to ensure that page headers read from uninitialized flash do
not look valid (where encrypted value of 0xffffffff is 0xffffffff).
BRANCH=cr50, cr50-mp
BUG=b:129710256
TEST=make buildall -j successd, as well as migration of a Chrome OS
device from legacy to new nvmem layout.
Change-Id: I613513cc67b14f553d2760919d6058f8dbed6e41
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1615423
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Diffstat (limited to 'chip')
-rw-r--r-- | chip/host/dcrypto/app_cipher.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/chip/host/dcrypto/app_cipher.c b/chip/host/dcrypto/app_cipher.c index 69d54a41b1..ab52484753 100644 --- a/chip/host/dcrypto/app_cipher.c +++ b/chip/host/dcrypto/app_cipher.c @@ -26,8 +26,19 @@ void app_compute_hash(uint8_t *p_buf, size_t num_bytes, int app_cipher(const void *salt_p, void *out_p, const void *in_p, size_t size) { - /* See README.md for while this is a passthrough. */ - memcpy(out_p, in_p, size); + /* See README.md for why this is not a real encryption.. */ + size_t i; + const uint8_t *src; + const uint8_t *salt; + uint8_t *dst; + + src = in_p; + salt = salt_p; + dst = out_p; + + for (i = 0; i < size; i++) + dst[i] = src[i] ^ salt[i & 7]; + return 1; } |