diff options
author | Tom Hughes <tomhughes@chromium.org> | 2022-09-21 14:08:36 -0700 |
---|---|---|
committer | Tom Hughes <tomhughes@chromium.org> | 2022-09-22 12:59:38 -0700 |
commit | c453fd704268ef72de871b0c5ac7a989de662334 (patch) | |
tree | fcf6ce5810f9ff9e3c8cce434812dd75492269ed /common/fpsensor/fpsensor_crypto.c | |
parent | 6c1587ca70f558b4f96b3f0b18ad8b027d3ba99d (diff) | |
parent | 28712dae9d7ed1e694f7622cc083afa71090d4d5 (diff) | |
download | chrome-ec-c453fd704268ef72de871b0c5ac7a989de662334.tar.gz |
Merge remote-tracking branch cros/main into firmware-fpmcu-dartmonkey-releasefirmware-fpmcu-dartmonkey-release
Generated by: ./util/update_release_branch.py --board dartmonkey --relevant_paths_file
./util/fingerprint-relevant-paths.txt firmware-fpmcu-dartmonkey-release
Relevant changes:
git log --oneline 6c1587ca70..28712dae9d -- board/nocturne_fp
board/dartmonkey common/fpsensor docs/fingerprint driver/fingerprint
util/getversion.sh
ded9307b79 util/getversion.sh: Fix version when not in a git repo
956055e692 board: change Google USB vendor info
71b2ef709d Update license boilerplate text in source code files
33e11afda0 Revert "fpsensor: Build fpsensor source file with C++"
c8d0360723 fpsensor: Build fpsensor source file with C++
bc113abd53 fpsensor: Fix g++ compiler error
150a58a0dc fpsensor: Fix fp_set_sensor_mode return type
b33b5ce85b fpsensor: Remove nested designators for C++ compatibility
2e864b2539 tree-wide: const-ify argv for console commands
56d8b360f9 test: Add test for get ikm failure when seed not set
3a3d6c3690 test: Add test for fpsensor trivial key failure
233e6bbd08 fpsensor_crypto: Abstract calls to hmac_SHA256
0a041b285b docs/fingerprint: Typo correction
c03fab67e2 docs/fingerprint: Fix the path of fputils.py
0b5d4baf5a util/getversion.sh: Fix empty file list handling
6e128fe760 FPMCU dev board environment with Satlab
3eb29b6aa5 builtin: Move ssize_t to sys/types.h
345d62ebd1 docs/fingerprint: Update power numbers for latest dartmonkey release
c25ffdb316 common: Conditionally support printf %l and %i modifiers
9a3c514b45 test: Add a test to check if the debugger is connected
54e603413f Move standard library tests to their own file
43fa6b4bf8 docs/fingerprint: Update power numbers for latest bloonchipper release
25536f9a84 driver/fingerprint/fpc/bep/fpc_sensor_spi.c: Format with clang-format
4face99efd driver/fingerprint/fpc/libfp/fpc_sensor_pal.h: Format with clang-format
738de2b575 trng: Rename rand to trng_rand
14b8270edd docs/fingerprint: Update dragonclaw power numbers
0b268f93d1 driver/fingerprint/fpc/libfp/fpc_private.c: Format with clang-format
f80da163f2 driver/fingerprint/fpc/libfp/fpc_private.h: Format with clang-format
a0751778f4 board/nocturne_fp/ro_workarounds.c: Format with clang-format
5e9c85c9b1 driver/fingerprint/fpc/libfp/fpc_sensor_pal.c: Format with clang-format
c1f9dd3cf8 driver/fingerprint/fpc/libfp/fpc_bio_algorithm.h: Format with clang-format
eb1e1bed8d driver/fingerprint/fpc/libfp/fpc1145_private.h: Format with clang-format
6e7b611821 driver/fingerprint/fpc/bep/fpc_bio_algorithm.h: Format with clang-format
e0589cd5e2 driver/fingerprint/fpc/bep/fpc1035_private.h: Format with clang-format
58f0246dbe board/nocturne_fp/board_ro.c: Format with clang-format
7905e556a0 common/fpsensor/fpsensor_crypto.c: Format with clang-format
21289d170c driver/fingerprint/fpc/bep/fpc1025_private.h: Format with clang-format
98a20f937e common/fpsensor/fpsensor_state.c: Format with clang-format
a2d255d8af common/fpsensor/fpsensor.c: Format with clang-format
84e53a65da board/nocturne_fp/board.h: Format with clang-format
73055eeb3f driver/fingerprint/fpc/bep/fpc_private.c: Format with clang-format
0f7b5cb509 common/fpsensor/fpsensor_private.h: Format with clang-format
1ceade6e65 driver/fingerprint/fpc/bep/fpc_private.h: Format with clang-format
dca9d74321 Revert "trng: Rename rand to trng_rand"
a6b0b3554f trng: Rename rand to trng_rand
28d0b75b70 third_party/boringssl: Remove unused header
BRANCH=None
BUG=b:244387210 b:242720240 b:215613183 b:242720910 b:236386294
BUG=b:234181908 b:244781166 b:234781655 b:234143158 b:234181908
BUG=b:237344361 b:236025198 b:234181908 b:180945056 chromium:1098010
BUG=b:246424843 b:234181908 b:131913998
TEST=`make -j buildall`
TEST=./util/run_device_tests.py --board dartmonkey
Test "aes": PASSED
Test "cec": PASSED
Test "cortexm_fpu": PASSED
Test "crc": PASSED
Test "flash_physical": PASSED
Test "flash_write_protect": PASSED
Test "fpsensor_hw": PASSED
Test "fpsensor_spi_ro": PASSED
Test "fpsensor_spi_rw": PASSED
Test "fpsensor_uart_ro": PASSED
Test "fpsensor_uart_rw": PASSED
Test "mpu_ro": PASSED
Test "mpu_rw": PASSED
Test "mutex": PASSED
Test "pingpong": PASSED
Test "printf": PASSED
Test "queue": PASSED
Test "rollback_region0": PASSED
Test "rollback_region1": PASSED
Test "rollback_entropy": PASSED
Test "rtc": PASSED
Test "sha256": PASSED
Test "sha256_unrolled": PASSED
Test "static_if": PASSED
Test "stdlib": PASSED
Test "system_is_locked_wp_on": PASSED
Test "system_is_locked_wp_off": PASSED
Test "timer_dos": PASSED
Test "utils": PASSED
Test "utils_str": PASSED
Test "panic_data_dartmonkey_v2.0.2887": PASSED
Test "panic_data_nocturne_fp_v2.2.64": PASSED
Test "panic_data_nami_fp_v2.2.144": PASSED
Force-Relevant-Builds: all
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: I2c312583a709fedae8fe11d92c22328c3b634bc7
Diffstat (limited to 'common/fpsensor/fpsensor_crypto.c')
-rw-r--r-- | common/fpsensor/fpsensor_crypto.c | 40 |
1 files changed, 23 insertions, 17 deletions
diff --git a/common/fpsensor/fpsensor_crypto.c b/common/fpsensor/fpsensor_crypto.c index 73d7aca681..257042197e 100644 --- a/common/fpsensor/fpsensor_crypto.c +++ b/common/fpsensor/fpsensor_crypto.c @@ -1,4 +1,4 @@ -/* Copyright 2019 The Chromium OS Authors. All rights reserved. +/* Copyright 2019 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ @@ -17,7 +17,7 @@ #error "fpsensor requires AES, AES_GCM and ROLLBACK_SECRET_SIZE" #endif -static int get_ikm(uint8_t *ikm) +test_export_static int get_ikm(uint8_t *ikm) { int ret; @@ -44,6 +44,14 @@ static int get_ikm(uint8_t *ikm) return EC_SUCCESS; } +test_mockable void compute_hmac_sha256(uint8_t *output, const uint8_t *key, + const int key_len, + const uint8_t *message, + const int message_len) +{ + hmac_SHA256(output, key, key_len, message, message_len); +} + static void hkdf_extract(uint8_t *prk, const uint8_t *salt, size_t salt_size, const uint8_t *ikm, size_t ikm_size) { @@ -51,12 +59,12 @@ static void hkdf_extract(uint8_t *prk, const uint8_t *salt, size_t salt_size, * Derive a key with the "extract" step of HKDF * https://tools.ietf.org/html/rfc5869#section-2.2 */ - hmac_SHA256(prk, salt, salt_size, ikm, ikm_size); + compute_hmac_sha256(prk, salt, salt_size, ikm, ikm_size); } static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size, - uint8_t *prk, size_t prk_size, - uint8_t *info, size_t info_size) + uint8_t *prk, size_t prk_size, uint8_t *info, + size_t info_size) { uint8_t key_buf[SHA256_DIGEST_SIZE]; uint8_t message_buf[SHA256_DIGEST_SIZE + 1]; @@ -75,7 +83,7 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size, memcpy(message_buf, info, info_size); /* 1 step, set the counter byte to 1. */ message_buf[info_size] = 0x01; - hmac_SHA256(key_buf, prk, prk_size, message_buf, info_size + 1); + compute_hmac_sha256(key_buf, prk, prk_size, message_buf, info_size + 1); memcpy(out_key, key_buf, out_key_size); always_memset(key_buf, 0, sizeof(key_buf)); @@ -83,8 +91,8 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size, return EC_SUCCESS; } -int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk, - size_t prk_size, const uint8_t *info, size_t info_size) +int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk, size_t prk_size, + const uint8_t *info, size_t info_size) { /* * "Expand" step of HKDF. @@ -123,8 +131,8 @@ int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk, memcpy(info_buffer, T, T_len); memcpy(info_buffer + T_len, info, info_size); info_buffer[T_len + info_size] = count; - hmac_SHA256(T_buffer, prk, prk_size, info_buffer, - T_len + info_size + sizeof(count)); + compute_hmac_sha256(T_buffer, prk, prk_size, info_buffer, + T_len + info_size + sizeof(count)); memcpy(out_key, T_buffer, block_size); T += T_len; @@ -216,11 +224,9 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt) return ret; } -int aes_gcm_encrypt(const uint8_t *key, int key_size, - const uint8_t *plaintext, - uint8_t *ciphertext, int text_size, - const uint8_t *nonce, int nonce_size, - uint8_t *tag, int tag_size) +int aes_gcm_encrypt(const uint8_t *key, int key_size, const uint8_t *plaintext, + uint8_t *ciphertext, int text_size, const uint8_t *nonce, + int nonce_size, uint8_t *tag, int tag_size) { int res; AES_KEY aes_key; @@ -251,8 +257,8 @@ int aes_gcm_encrypt(const uint8_t *key, int key_size, int aes_gcm_decrypt(const uint8_t *key, int key_size, uint8_t *plaintext, const uint8_t *ciphertext, int text_size, - const uint8_t *nonce, int nonce_size, - const uint8_t *tag, int tag_size) + const uint8_t *nonce, int nonce_size, const uint8_t *tag, + int tag_size) { int res; AES_KEY aes_key; |