diff options
author | Yicheng Li <yichengli@chromium.org> | 2019-07-25 12:04:10 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2019-10-04 05:53:51 +0000 |
commit | 2ee2d6fe8711f51343bb08e0fde599c2643c93e6 (patch) | |
tree | 0589990a8d1d7224a62aa08a27d87efb2506e936 /common/fpsensor | |
parent | bfaac2c2e9f55018edda489a1e04678685897b51 (diff) | |
download | chrome-ec-2ee2d6fe8711f51343bb08e0fde599c2643c93e6.tar.gz |
fpsensor: Prepare positive match salt.
On enrollment success, generate random positive match salt. This will
be used in the derivation of positive match secret.
BRANCH=nocturne
BUG=chromium:927095
TEST=make -j buildall
TEST=tested enrollment, matching, deletion and multifinger on DUT
nocturne.
Change-Id: I4ad55a0221c4aa1f6e3cc56b66c2165ad9455ba0
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1719385
Reviewed-by: Nicolas Norvez <norvez@chromium.org>
Diffstat (limited to 'common/fpsensor')
-rw-r--r-- | common/fpsensor/fpsensor.c | 9 | ||||
-rw-r--r-- | common/fpsensor/fpsensor_state.c | 5 |
2 files changed, 12 insertions, 2 deletions
diff --git a/common/fpsensor/fpsensor.c b/common/fpsensor/fpsensor.c index 5574a625fb..707ed1feab 100644 --- a/common/fpsensor/fpsensor.c +++ b/common/fpsensor/fpsensor.c @@ -109,10 +109,15 @@ static uint32_t fp_process_enroll(void) templ_dirty |= BIT(templ_valid); if (percent == 100) { res = fp_enrollment_finish(fp_template[templ_valid]); - if (res) + if (res) { res = EC_MKBP_FP_ERR_ENROLL_INTERNAL; - else + } else { + init_trng(); + rand_bytes(fp_positive_match_salt[templ_valid], + FP_POSITIVE_MATCH_SALT_BYTES); + exit_trng(); templ_valid++; + } sensor_mode &= ~FP_MODE_ENROLL_SESSION; enroll_session &= ~FP_MODE_ENROLL_SESSION; } diff --git a/common/fpsensor/fpsensor_state.c b/common/fpsensor/fpsensor_state.c index f7890f9cdc..7618dbd859 100644 --- a/common/fpsensor/fpsensor_state.c +++ b/common/fpsensor/fpsensor_state.c @@ -27,6 +27,9 @@ uint8_t fp_template[FP_MAX_FINGER_COUNT][FP_ALGORITHM_TEMPLATE_SIZE] */ uint8_t fp_enc_buffer[FP_ALGORITHM_ENCRYPTED_TEMPLATE_SIZE] FP_TEMPLATE_SECTION; +/* Salt used in derivation of positive match secret. */ +uint8_t fp_positive_match_salt + [FP_MAX_FINGER_COUNT][FP_POSITIVE_MATCH_SALT_BYTES]; /* Number of used templates */ uint32_t templ_valid; /* Bitmap of the templates with local modifications */ @@ -53,6 +56,8 @@ void fp_task_simulate(void) void fp_clear_finger_context(int idx) { always_memset(fp_template[idx], 0, sizeof(fp_template[0])); + always_memset(fp_positive_match_salt[idx], 0, + sizeof(fp_positive_match_salt[0])); } /** |