diff options
author | Marius Schilder <mschilder@google.com> | 2019-06-05 13:43:34 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2019-06-27 05:15:40 +0000 |
commit | 1ea6d703c25c7c5cfcb1e8ff6bd42310b6db7226 (patch) | |
tree | 8179af62bad1cfc9eace518d8a5a88586ae5e6b9 /chip | |
parent | 63f4b8c0fee087297286232e51c8e552e31b84fd (diff) | |
download | chrome-ec-1ea6d703c25c7c5cfcb1e8ff6bd42310b6db7226.tar.gz |
g: avoid CERT_28
chip/g has a hardware KI with executing CERT_28 more than 512 times after reset.
Current use of CERT_28 makes little sense so we address the issue with deletion.
While at it, delete a bunch of other useless code in this function.
Ultimately we're left with just pulling bits from TRNG and mixing them with entropy
from the keyladder as mild hedge.
Signed-off-by: mschilder@google.com
BUG=b:127343845
BRANCH=none
TEST=b:127343845
Change-Id: I84218f644aa2508c45101464512019754647f229
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1646533
Tested-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Marius Schilder <mschilder@chromium.org>
Auto-Submit: Marius Schilder <mschilder@chromium.org>
Diffstat (limited to 'chip')
-rw-r--r-- | chip/g/dcrypto/key_ladder.c | 20 |
1 files changed, 1 insertions, 19 deletions
diff --git a/chip/g/dcrypto/key_ladder.c b/chip/g/dcrypto/key_ladder.c index 7aca0ad2b3..77055e4159 100644 --- a/chip/g/dcrypto/key_ladder.c +++ b/chip/g/dcrypto/key_ladder.c @@ -238,30 +238,12 @@ int DCRYPTO_ladder_random(void *output) { int error = 1; uint32_t tmp[8]; - int i; if (!dcrypto_grab_sha_hw()) goto fail; rand_bytes(tmp, sizeof(tmp)); - error = ladder_step(KEYMGR_CERT_28, tmp); - if (error) - goto fail; - - if (!compute_certs(FRK2_CERTS_PREFIX, ARRAY_SIZE(FRK2_CERTS_PREFIX))) - goto fail; - /* USR generation requires running the key-ladder till - * the end (version 0), plus one additional iteration. - */ - for (i = 0; i < MAX_MAJOR_FW_VERSION - 0 + 1; i++) - if (ladder_step(KEYMGR_CERT_25, NULL)) - goto fail; - if (i != MAX_MAJOR_FW_VERSION - 0 + 1) - goto fail; - if (ladder_step(KEYMGR_CERT_34, ISR_SALT)) - goto fail; - - rand_bytes(tmp, sizeof(tmp)); + /* Mix TRNG bytes with RSR entropy */ error = ladder_step(KEYMGR_CERT_27, tmp); if (!error) ladder_out(output); |