Merge remote-tracking branch cros/main into firmware-fpmcu-dartmonkey-releasefirmware-fpmcu-dartmonkey-release

Generated by: ./util/update_release_branch.py --board dartmonkey --relevant_paths_file
./util/fingerprint-relevant-paths.txt firmware-fpmcu-dartmonkey-release

Relevant changes:

git log --oneline 6c1587ca70..28712dae9d -- board/nocturne_fp
board/dartmonkey common/fpsensor docs/fingerprint driver/fingerprint
util/getversion.sh

ded9307b79 util/getversion.sh: Fix version when not in a git repo
956055e692 board: change Google USB vendor info
71b2ef709d Update license boilerplate text in source code files
33e11afda0 Revert "fpsensor: Build fpsensor source file with C++"
c8d0360723 fpsensor: Build fpsensor source file with C++
bc113abd53 fpsensor: Fix g++ compiler error
150a58a0dc fpsensor: Fix fp_set_sensor_mode return type
b33b5ce85b fpsensor: Remove nested designators for C++ compatibility
2e864b2539 tree-wide: const-ify argv for console commands
56d8b360f9 test: Add test for get ikm failure when seed not set
3a3d6c3690 test: Add test for fpsensor trivial key failure
233e6bbd08 fpsensor_crypto: Abstract calls to hmac_SHA256
0a041b285b docs/fingerprint: Typo correction
c03fab67e2 docs/fingerprint: Fix the path of fputils.py
0b5d4baf5a util/getversion.sh: Fix empty file list handling
6e128fe760 FPMCU dev board environment with Satlab
3eb29b6aa5 builtin: Move ssize_t to sys/types.h
345d62ebd1 docs/fingerprint: Update power numbers for latest dartmonkey release
c25ffdb316 common: Conditionally support printf %l and %i modifiers
9a3c514b45 test: Add a test to check if the debugger is connected
54e603413f Move standard library tests to their own file
43fa6b4bf8 docs/fingerprint: Update power numbers for latest bloonchipper release
25536f9a84 driver/fingerprint/fpc/bep/fpc_sensor_spi.c: Format with clang-format
4face99efd driver/fingerprint/fpc/libfp/fpc_sensor_pal.h: Format with clang-format
738de2b575 trng: Rename rand to trng_rand
14b8270edd docs/fingerprint: Update dragonclaw power numbers
0b268f93d1 driver/fingerprint/fpc/libfp/fpc_private.c: Format with clang-format
f80da163f2 driver/fingerprint/fpc/libfp/fpc_private.h: Format with clang-format
a0751778f4 board/nocturne_fp/ro_workarounds.c: Format with clang-format
5e9c85c9b1 driver/fingerprint/fpc/libfp/fpc_sensor_pal.c: Format with clang-format
c1f9dd3cf8 driver/fingerprint/fpc/libfp/fpc_bio_algorithm.h: Format with clang-format
eb1e1bed8d driver/fingerprint/fpc/libfp/fpc1145_private.h: Format with clang-format
6e7b611821 driver/fingerprint/fpc/bep/fpc_bio_algorithm.h: Format with clang-format
e0589cd5e2 driver/fingerprint/fpc/bep/fpc1035_private.h: Format with clang-format
58f0246dbe board/nocturne_fp/board_ro.c: Format with clang-format
7905e556a0 common/fpsensor/fpsensor_crypto.c: Format with clang-format
21289d170c driver/fingerprint/fpc/bep/fpc1025_private.h: Format with clang-format
98a20f937e common/fpsensor/fpsensor_state.c: Format with clang-format
a2d255d8af common/fpsensor/fpsensor.c: Format with clang-format
84e53a65da board/nocturne_fp/board.h: Format with clang-format
73055eeb3f driver/fingerprint/fpc/bep/fpc_private.c: Format with clang-format
0f7b5cb509 common/fpsensor/fpsensor_private.h: Format with clang-format
1ceade6e65 driver/fingerprint/fpc/bep/fpc_private.h: Format with clang-format
dca9d74321 Revert "trng: Rename rand to trng_rand"
a6b0b3554f trng: Rename rand to trng_rand
28d0b75b70 third_party/boringssl: Remove unused header

BRANCH=None
BUG=b:244387210 b:242720240 b:215613183 b:242720910 b:236386294
BUG=b:234181908 b:244781166 b:234781655 b:234143158 b:234181908
BUG=b:237344361 b:236025198 b:234181908 b:180945056 chromium:1098010
BUG=b:246424843 b:234181908 b:131913998
TEST=`make -j buildall`
TEST=./util/run_device_tests.py --board dartmonkey
     Test "aes": PASSED
     Test "cec": PASSED
     Test "cortexm_fpu": PASSED
     Test "crc": PASSED
     Test "flash_physical": PASSED
     Test "flash_write_protect": PASSED
     Test "fpsensor_hw": PASSED
     Test "fpsensor_spi_ro": PASSED
     Test "fpsensor_spi_rw": PASSED
     Test "fpsensor_uart_ro": PASSED
     Test "fpsensor_uart_rw": PASSED
     Test "mpu_ro": PASSED
     Test "mpu_rw": PASSED
     Test "mutex": PASSED
     Test "pingpong": PASSED
     Test "printf": PASSED
     Test "queue": PASSED
     Test "rollback_region0": PASSED
     Test "rollback_region1": PASSED
     Test "rollback_entropy": PASSED
     Test "rtc": PASSED
     Test "sha256": PASSED
     Test "sha256_unrolled": PASSED
     Test "static_if": PASSED
     Test "stdlib": PASSED
     Test "system_is_locked_wp_on": PASSED
     Test "system_is_locked_wp_off": PASSED
     Test "timer_dos": PASSED
     Test "utils": PASSED
     Test "utils_str": PASSED
     Test "panic_data_dartmonkey_v2.0.2887": PASSED
     Test "panic_data_nocturne_fp_v2.2.64": PASSED
     Test "panic_data_nami_fp_v2.2.144": PASSED
Force-Relevant-Builds: all
Signed-off-by: Tom Hughes <tomhughes@chromium.org>

Change-Id: I2c312583a709fedae8fe11d92c22328c3b634bc7

1 files changed, 23 insertions, 17 deletions

diff --git a/common/fpsensor/fpsensor_crypto.c b/common/fpsensor/fpsensor_crypto.c
index 73d7aca681..257042197e 100644
--- a/common/fpsensor/fpsensor_crypto.c
+++ b/common/fpsensor/fpsensor_crypto.c
@@ -1,4 +1,4 @@
-/* Copyright 2019 The Chromium OS Authors. All rights reserved.
+/* Copyright 2019 The ChromiumOS Authors
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  */
@@ -17,7 +17,7 @@
 #error "fpsensor requires AES, AES_GCM and ROLLBACK_SECRET_SIZE"
 #endif
 
-static int get_ikm(uint8_t *ikm)
+test_export_static int get_ikm(uint8_t *ikm)
 {
 	int ret;
 
@@ -44,6 +44,14 @@ static int get_ikm(uint8_t *ikm)
 	return EC_SUCCESS;
 }
 
+test_mockable void compute_hmac_sha256(uint8_t *output, const uint8_t *key,
+				       const int key_len,
+				       const uint8_t *message,
+				       const int message_len)
+{
+	hmac_SHA256(output, key, key_len, message, message_len);
+}
+
 static void hkdf_extract(uint8_t *prk, const uint8_t *salt, size_t salt_size,
 			 const uint8_t *ikm, size_t ikm_size)
 {
@@ -51,12 +59,12 @@ static void hkdf_extract(uint8_t *prk, const uint8_t *salt, size_t salt_size,
 	 * Derive a key with the "extract" step of HKDF
 	 * https://tools.ietf.org/html/rfc5869#section-2.2
 	 */
-	hmac_SHA256(prk, salt, salt_size, ikm, ikm_size);
+	compute_hmac_sha256(prk, salt, salt_size, ikm, ikm_size);
 }
 
 static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
-				uint8_t *prk, size_t prk_size,
-				uint8_t *info, size_t info_size)
+				uint8_t *prk, size_t prk_size, uint8_t *info,
+				size_t info_size)
 {
 	uint8_t key_buf[SHA256_DIGEST_SIZE];
 	uint8_t message_buf[SHA256_DIGEST_SIZE + 1];
@@ -75,7 +83,7 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
 	memcpy(message_buf, info, info_size);
 	/* 1 step, set the counter byte to 1. */
 	message_buf[info_size] = 0x01;
-	hmac_SHA256(key_buf, prk, prk_size, message_buf, info_size + 1);
+	compute_hmac_sha256(key_buf, prk, prk_size, message_buf, info_size + 1);
 
 	memcpy(out_key, key_buf, out_key_size);
 	always_memset(key_buf, 0, sizeof(key_buf));
@@ -83,8 +91,8 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
 	return EC_SUCCESS;
 }
 
-int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk,
-		size_t prk_size, const uint8_t *info, size_t info_size)
+int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk, size_t prk_size,
+		const uint8_t *info, size_t info_size)
 {
 	/*
 	 * "Expand" step of HKDF.
@@ -123,8 +131,8 @@ int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk,
 		memcpy(info_buffer, T, T_len);
 		memcpy(info_buffer + T_len, info, info_size);
 		info_buffer[T_len + info_size] = count;
-		hmac_SHA256(T_buffer, prk, prk_size, info_buffer,
-			    T_len + info_size + sizeof(count));
+		compute_hmac_sha256(T_buffer, prk, prk_size, info_buffer,
+				    T_len + info_size + sizeof(count));
 		memcpy(out_key, T_buffer, block_size);
 
 		T += T_len;
@@ -216,11 +224,9 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
 	return ret;
 }
 
-int aes_gcm_encrypt(const uint8_t *key, int key_size,
-		    const uint8_t *plaintext,
-		    uint8_t *ciphertext, int text_size,
-		    const uint8_t *nonce, int nonce_size,
-		    uint8_t *tag, int tag_size)
+int aes_gcm_encrypt(const uint8_t *key, int key_size, const uint8_t *plaintext,
+		    uint8_t *ciphertext, int text_size, const uint8_t *nonce,
+		    int nonce_size, uint8_t *tag, int tag_size)
 {
 	int res;
 	AES_KEY aes_key;
@@ -251,8 +257,8 @@ int aes_gcm_encrypt(const uint8_t *key, int key_size,
 
 int aes_gcm_decrypt(const uint8_t *key, int key_size, uint8_t *plaintext,
 		    const uint8_t *ciphertext, int text_size,
-		    const uint8_t *nonce, int nonce_size,
-		    const uint8_t *tag, int tag_size)
+		    const uint8_t *nonce, int nonce_size, const uint8_t *tag,
+		    int tag_size)
 {
 	int res;
 	AES_KEY aes_key;