diff options
| author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-08-12 17:55:22 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2021-08-16 18:21:47 +0000 |
| commit | 994efaeb57aaa023e38b547ceede69930ed687fc (patch) | |
| tree | 464ba8c9c37dfccb8e7359b83b00618bebf4554a /chip | |
| parent | 5d24282d7db3854c4a6adf925c75b7573de5617d (diff) | |
| download | chrome-ec-994efaeb57aaa023e38b547ceede69930ed687fc.tar.gz | |
cr50: final touches to remove cryptoc dependencystabilize-14163.B-cr50_stab
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects. While just making local copy of cryptoc would
solve an issue, it's suboptimal as prevents from many optimizations and
improvements.
1. Clean-up of #include dependencies on cryptoc
2. Build configuration drops linking with cryptoc for cr50
3. Dcrypto SHA512 code updated to compile and partially tested.
It is about 4x faster on large messages, and about 620 bytes larger.
Added an config option to use Dcrypto version as software, but not
enabled. More testing is needed to make sure it's safe and doesn't
have unintended interactions with RSA and ECDSA Dcrypto code.
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1; tpm_test
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I030b60b75daeec9c8ef079017a73345829bf7f0b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3093093
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'chip')
| -rw-r--r-- | chip/g/build.mk | 4 | ||||
| -rw-r--r-- | chip/g/flash.c | 1 | ||||
| -rw-r--r-- | chip/g/upgrade_fw.c | 1 |
3 files changed, 3 insertions, 3 deletions
diff --git a/chip/g/build.mk b/chip/g/build.mk index 80bc997b59..4d9bd6f7b8 100644 --- a/chip/g/build.mk +++ b/chip/g/build.mk @@ -13,8 +13,11 @@ CPPFLAGS += -I$(abspath .) CPPFLAGS += -I$(abspath ./builtin) CPPFLAGS += -I$(abspath ./chip/$(CHIP)) CPPFLAGS += -I$(INCLUDE_ROOT) +dirs-y += chip/g/dcrypto endif +CPPFLAGS += -I$(realpath ../../third_party/cryptoc/include) + # Required chip modules chip-y = clock.o gpio.o hwtimer.o pre_init.o system.o chip-$(CONFIG_BOARD_ID_SUPPORT) += board_id.o @@ -90,7 +93,6 @@ chip-$(CONFIG_I2C_PERIPH)+= i2cp.o chip-$(CONFIG_LOW_POWER_IDLE)+=idle.o chip-$(CONFIG_FLASH_PHYSICAL) += flash.o -dirs-y += chip/g/dcrypto ifneq ($(CONFIG_CUSTOMIZED_RO),) custom-ro_objs-y = chip/g/clock.o diff --git a/chip/g/flash.c b/chip/g/flash.c index ba0e9459ae..c3b3753e4a 100644 --- a/chip/g/flash.c +++ b/chip/g/flash.c @@ -41,7 +41,6 @@ #include "common.h" #include "board_id.h" #include "console.h" -#include "cryptoc/util.h" #include "extension.h" #include "flash.h" #include "flash_log.h" diff --git a/chip/g/upgrade_fw.c b/chip/g/upgrade_fw.c index 9bbf796f0b..ca1043b22a 100644 --- a/chip/g/upgrade_fw.c +++ b/chip/g/upgrade_fw.c @@ -9,7 +9,6 @@ #include "byteorder.h" #include "compile_time_macros.h" #include "console.h" -#include "cryptoc/sha.h" #include "dcrypto/dcrypto.h" #include "extension.h" #include "flash.h" |