summaryrefslogtreecommitdiff
path: root/common/rollback.c
diff options
context:
space:
mode:
authorNicolas Boichat <drinkcat@google.com>2017-05-31 12:41:01 +0800
committerchrome-bot <chrome-bot@chromium.org>2017-06-06 08:52:16 -0700
commit6d05a31a4442c0475e2bcfc33692089e78c73da2 (patch)
treefa4d3314ad290b46bba48a948749e01303af8194 /common/rollback.c
parent39db721f9ace13cc210278c88c3f364b5d67b5b8 (diff)
downloadchrome-ec-6d05a31a4442c0475e2bcfc33692089e78c73da2.tar.gz
rollback: Include board-generated entropy when adding entropy
Mix in board-generated entropy with the externally provided one, which should help make the per-device secret stronger. BRANCH=none BUG=b:38486828 TEST=reboot; rollbackaddent Hello => works fine when USB is connected, fails otherwise, as board-generated entropy relies on USB timing. Change-Id: I314f44759c5f8b859913a748db95e9d42b5cdd11 Reviewed-on: https://chromium-review.googlesource.com/518609 Commit-Ready: Nicolas Boichat <drinkcat@chromium.org> Tested-by: Nicolas Boichat <drinkcat@chromium.org> Reviewed-by: Mattias Nissler <mnissler@chromium.org> Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Diffstat (limited to 'common/rollback.c')
-rw-r--r--common/rollback.c20
1 files changed, 16 insertions, 4 deletions
diff --git a/common/rollback.c b/common/rollback.c
index a26b22e669..840229c85d 100644
--- a/common/rollback.c
+++ b/common/rollback.c
@@ -135,24 +135,34 @@ int rollback_lock(void)
#ifdef CONFIG_ROLLBACK_UPDATE
#ifdef CONFIG_ROLLBACK_SECRET_SIZE
-static void add_entropy(uint8_t *dst, const uint8_t *src,
+static int add_entropy(uint8_t *dst, const uint8_t *src,
uint8_t *add, unsigned int add_len)
{
#ifdef CONFIG_SHA256
BUILD_ASSERT(SHA256_DIGEST_SIZE == CONFIG_ROLLBACK_SECRET_SIZE);
struct sha256_ctx ctx;
uint8_t *hash;
+ uint8_t extra;
+ int i;
SHA256_init(&ctx);
SHA256_update(&ctx, src, CONFIG_ROLLBACK_SECRET_SIZE);
SHA256_update(&ctx, add, add_len);
- /* TODO(b:38486828): Add other sources of entropy (e.g. device id) */
+#ifdef CONFIG_ROLLBACK_SECRET_LOCAL_ENTROPY_SIZE
+ /* Add some locally produced entropy */
+ for (i = 0; i < CONFIG_ROLLBACK_SECRET_LOCAL_ENTROPY_SIZE; i++) {
+ if (!board_get_entropy(&extra, 1))
+ return 0;
+ SHA256_update(&ctx, &extra, 1);
+ }
+#endif
hash = SHA256_final(&ctx);
memcpy(dst, hash, CONFIG_ROLLBACK_SECRET_SIZE);
#else
#error "Adding entropy to secret in rollback region requires SHA256."
#endif
+ return 1;
}
#endif /* CONFIG_ROLLBACK_SECRET_SIZE */
@@ -212,8 +222,10 @@ static int rollback_update(int32_t next_min_version,
* If we are provided with some entropy, add it to secret. Otherwise,
* data.secret is left untouched and written back to the other region.
*/
- if (entropy)
- add_entropy(data.secret, data.secret, entropy, length);
+ if (entropy) {
+ if (!add_entropy(data.secret, data.secret, entropy, length))
+ return EC_ERROR_UNCHANGED;
+ }
#endif
data.cookie = CROS_EC_ROLLBACK_COOKIE;
View Lorry Controller Status