diff options
author | Tom Hughes <tomhughes@chromium.org> | 2022-09-21 14:10:01 -0700 |
---|---|---|
committer | Tom Hughes <tomhughes@chromium.org> | 2022-09-22 12:49:33 -0700 |
commit | 2bcf863b492fe7ed8105c853814dba6ed32ba719 (patch) | |
tree | fcf6ce5810f9ff9e3c8cce434812dd75492269ed /extra/rma_reset | |
parent | e5fb0b9ba488614b5684e640530f00821ab7b943 (diff) | |
parent | 28712dae9d7ed1e694f7622cc083afa71090d4d5 (diff) | |
download | chrome-ec-firmware-fpmcu-bloonchipper-release.tar.gz |
Merge remote-tracking branch cros/main into firmware-fpmcu-bloonchipper-releasefirmware-fpmcu-bloonchipper-release
Generated by: ./util/update_release_branch.py --board bloonchipper
--relevant_paths_file ./util/fingerprint-relevant-paths.txt firmware-
fpmcu-bloonchipper-release
Relevant changes:
git log --oneline e5fb0b9ba4..28712dae9d -- board/hatch_fp
board/bloonchipper common/fpsensor docs/fingerprint driver/fingerprint
util/getversion.sh
ded9307b79 util/getversion.sh: Fix version when not in a git repo
956055e692 board: change Google USB vendor info
71b2ef709d Update license boilerplate text in source code files
33e11afda0 Revert "fpsensor: Build fpsensor source file with C++"
c8d0360723 fpsensor: Build fpsensor source file with C++
bc113abd53 fpsensor: Fix g++ compiler error
150a58a0dc fpsensor: Fix fp_set_sensor_mode return type
b33b5ce85b fpsensor: Remove nested designators for C++ compatibility
2e864b2539 tree-wide: const-ify argv for console commands
56d8b360f9 test: Add test for get ikm failure when seed not set
3a3d6c3690 test: Add test for fpsensor trivial key failure
233e6bbd08 fpsensor_crypto: Abstract calls to hmac_SHA256
0a041b285b docs/fingerprint: Typo correction
c03fab67e2 docs/fingerprint: Fix the path of fputils.py
0b5d4baf5a util/getversion.sh: Fix empty file list handling
6e128fe760 FPMCU dev board environment with Satlab
3eb29b6aa5 builtin: Move ssize_t to sys/types.h
345d62ebd1 docs/fingerprint: Update power numbers for latest dartmonkey release
c25ffdb316 common: Conditionally support printf %l and %i modifiers
9a3c514b45 test: Add a test to check if the debugger is connected
54e603413f Move standard library tests to their own file
43fa6b4bf8 docs/fingerprint: Update power numbers for latest bloonchipper release
25536f9a84 driver/fingerprint/fpc/bep/fpc_sensor_spi.c: Format with clang-format
4face99efd driver/fingerprint/fpc/libfp/fpc_sensor_pal.h: Format with clang-format
738de2b575 trng: Rename rand to trng_rand
14b8270edd docs/fingerprint: Update dragonclaw power numbers
0b268f93d1 driver/fingerprint/fpc/libfp/fpc_private.c: Format with clang-format
f80da163f2 driver/fingerprint/fpc/libfp/fpc_private.h: Format with clang-format
5e9c85c9b1 driver/fingerprint/fpc/libfp/fpc_sensor_pal.c: Format with clang-format
c1f9dd3cf8 driver/fingerprint/fpc/libfp/fpc_bio_algorithm.h: Format with clang-format
eb1e1bed8d driver/fingerprint/fpc/libfp/fpc1145_private.h: Format with clang-format
6e7b611821 driver/fingerprint/fpc/bep/fpc_bio_algorithm.h: Format with clang-format
e0589cd5e2 driver/fingerprint/fpc/bep/fpc1035_private.h: Format with clang-format
7905e556a0 common/fpsensor/fpsensor_crypto.c: Format with clang-format
21289d170c driver/fingerprint/fpc/bep/fpc1025_private.h: Format with clang-format
98a20f937e common/fpsensor/fpsensor_state.c: Format with clang-format
a2d255d8af common/fpsensor/fpsensor.c: Format with clang-format
73055eeb3f driver/fingerprint/fpc/bep/fpc_private.c: Format with clang-format
0f7b5cb509 common/fpsensor/fpsensor_private.h: Format with clang-format
1ceade6e65 driver/fingerprint/fpc/bep/fpc_private.h: Format with clang-format
dc3e9008b8 board/hatch_fp/board.h: Format with clang-format
dca9d74321 Revert "trng: Rename rand to trng_rand"
a6b0b3554f trng: Rename rand to trng_rand
28d0b75b70 third_party/boringssl: Remove unused header
BRANCH=None
BUG=b:246424843 b:234181908 b:244781166 b:234181908 b:244387210
BUG=b:242720240 chromium:1098010 b:180945056 b:236025198 b:234181908
BUG=b:234181908 b:237344361 b:131913998 b:236386294 b:234143158
BUG=b:234781655 b:215613183 b:242720910
TEST=`make -j buildall`
TEST=./test/run_device_tests.py --board bloonchipper
Test "aes": PASSED
Test "cec": PASSED
Test "cortexm_fpu": PASSED
Test "crc": PASSED
Test "flash_physical": PASSED
Test "flash_write_protect": PASSED
Test "fpsensor_hw": PASSED
Test "fpsensor_spi_ro": PASSED
Test "fpsensor_spi_rw": PASSED
Test "fpsensor_uart_ro": PASSED
Test "fpsensor_uart_rw": PASSED
Test "mpu_ro": PASSED
Test "mpu_rw": PASSED
Test "mutex": PASSED
Test "pingpong": PASSED
Test "printf": PASSED
Test "queue": PASSED
Test "rollback_region0": PASSED
Test "rollback_region1": PASSED
Test "rollback_entropy": PASSED
Test "rtc": PASSED
Test "sha256": PASSED
Test "sha256_unrolled": PASSED
Test "static_if": PASSED
Test "stdlib": PASSED
Test "system_is_locked_wp_on": PASSED
Test "system_is_locked_wp_off": PASSED
Test "timer_dos": PASSED
Test "utils": PASSED
Test "utils_str": PASSED
Test "stm32f_rtc": PASSED
Test "panic_data_bloonchipper_v2.0.4277": PASSED
Test "panic_data_bloonchipper_v2.0.5938": PASSED
Force-Relevant-Builds: all
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: I264ad0ffe7afcd507a1e483c6e934a9c4fea47c3
Diffstat (limited to 'extra/rma_reset')
-rw-r--r-- | extra/rma_reset/Makefile | 4 | ||||
-rw-r--r-- | extra/rma_reset/board.h | 2 | ||||
-rw-r--r-- | extra/rma_reset/rma_reset.c | 146 |
3 files changed, 71 insertions, 81 deletions
diff --git a/extra/rma_reset/Makefile b/extra/rma_reset/Makefile index 4a640c5b4c..d4644e91c8 100644 --- a/extra/rma_reset/Makefile +++ b/extra/rma_reset/Makefile @@ -1,4 +1,4 @@ -# Copyright 2017 The Chromium OS Authors. All rights reserved. +# Copyright 2017 The ChromiumOS Authors # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. @@ -19,7 +19,7 @@ CFLAGS := -std=gnu99 \ -Wredundant-decls \ -Wmissing-declarations -ifeq ($(DEBUG),1) +ifneq ($(DEBUG),) CFLAGS += -g -O0 else CFLAGS += -O3 diff --git a/extra/rma_reset/board.h b/extra/rma_reset/board.h index f969ad0c56..38e3e7b382 100644 --- a/extra/rma_reset/board.h +++ b/extra/rma_reset/board.h @@ -1,4 +1,4 @@ -/* Copyright 2017 The Chromium OS Authors. All rights reserved. +/* Copyright 2017 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ diff --git a/extra/rma_reset/rma_reset.c b/extra/rma_reset/rma_reset.c index fe1eb5e909..d437b63f1a 100644 --- a/extra/rma_reset/rma_reset.c +++ b/extra/rma_reset/rma_reset.c @@ -1,4 +1,4 @@ -/* Copyright 2017 The Chromium OS Authors. All rights reserved. +/* Copyright 2017 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ @@ -27,24 +27,22 @@ #define EC_COORDINATE_SZ 32 #define EC_PRIV_KEY_SZ 32 #define EC_P256_UNCOMPRESSED_PUB_KEY_SZ (EC_COORDINATE_SZ * 2 + 1) -#define EC_P256_COMPRESSED_PUB_KEY_SZ (EC_COORDINATE_SZ + 1) +#define EC_P256_COMPRESSED_PUB_KEY_SZ (EC_COORDINATE_SZ + 1) #define SERVER_ADDRESS \ "https://www.google.com/chromeos/partner/console/cr50reset/request" /* Test server keys for x25519 and p256 curves. */ static const uint8_t rma_test_server_x25519_public_key[] = { - 0x03, 0xae, 0x2d, 0x2c, 0x06, 0x23, 0xe0, 0x73, - 0x0d, 0xd3, 0xb7, 0x92, 0xac, 0x54, 0xc5, 0xfd, - 0x7e, 0x9c, 0xf0, 0xa8, 0xeb, 0x7e, 0x2a, 0xb5, - 0xdb, 0xf4, 0x79, 0x5f, 0x8a, 0x0f, 0x28, 0x3f + 0x03, 0xae, 0x2d, 0x2c, 0x06, 0x23, 0xe0, 0x73, 0x0d, 0xd3, 0xb7, + 0x92, 0xac, 0x54, 0xc5, 0xfd, 0x7e, 0x9c, 0xf0, 0xa8, 0xeb, 0x7e, + 0x2a, 0xb5, 0xdb, 0xf4, 0x79, 0x5f, 0x8a, 0x0f, 0x28, 0x3f }; static const uint8_t rma_test_server_x25519_private_key[] = { - 0x47, 0x3b, 0xa5, 0xdb, 0xc4, 0xbb, 0xd6, 0x77, - 0x20, 0xbd, 0xd8, 0xbd, 0xc8, 0x7a, 0xbb, 0x07, - 0x03, 0x79, 0xba, 0x7b, 0x52, 0x8c, 0xec, 0xb3, - 0x4d, 0xaa, 0x69, 0xf5, 0x65, 0xb4, 0x31, 0xad + 0x47, 0x3b, 0xa5, 0xdb, 0xc4, 0xbb, 0xd6, 0x77, 0x20, 0xbd, 0xd8, + 0xbd, 0xc8, 0x7a, 0xbb, 0x07, 0x03, 0x79, 0xba, 0x7b, 0x52, 0x8c, + 0xec, 0xb3, 0x4d, 0xaa, 0x69, 0xf5, 0x65, 0xb4, 0x31, 0xad }; #define RMA_TEST_SERVER_X25519_KEY_ID 0x10 @@ -57,10 +55,9 @@ static const uint8_t rma_test_server_x25519_private_key[] = { * openssl ec -in key.pem -text -noout */ static const uint8_t rma_test_server_p256_private_key[] = { - 0x54, 0xb0, 0x82, 0x92, 0x54, 0x92, 0xfc, 0x4a, - 0xa7, 0x6b, 0xea, 0x8f, 0x30, 0xcc, 0xf7, 0x3d, - 0xa2, 0xf6, 0xa7, 0xad, 0xf0, 0xec, 0x7d, 0xe9, - 0x26, 0x75, 0xd1, 0xec, 0xde, 0x20, 0x8f, 0x81 + 0x54, 0xb0, 0x82, 0x92, 0x54, 0x92, 0xfc, 0x4a, 0xa7, 0x6b, 0xea, + 0x8f, 0x30, 0xcc, 0xf7, 0x3d, 0xa2, 0xf6, 0xa7, 0xad, 0xf0, 0xec, + 0x7d, 0xe9, 0x26, 0x75, 0xd1, 0xec, 0xde, 0x20, 0x8f, 0x81 }; /* @@ -68,15 +65,12 @@ static const uint8_t rma_test_server_p256_private_key[] = { * prefix, 65 bytes total. */ static const uint8_t rma_test_server_p256_public_key[] = { - 0x04, 0xe7, 0xbe, 0x37, 0xaa, 0x68, 0xca, 0xcc, - 0x68, 0xf4, 0x8c, 0x56, 0x65, 0x5a, 0xcb, 0xf8, - 0xf4, 0x65, 0x3c, 0xd3, 0xc6, 0x1b, 0xae, 0xd6, - 0x51, 0x7a, 0xcc, 0x00, 0x8d, 0x59, 0x6d, 0x1b, - 0x0a, 0x66, 0xe8, 0x68, 0x5e, 0x6a, 0x82, 0x19, - 0x81, 0x76, 0x84, 0x92, 0x7f, 0x8d, 0xb2, 0xbe, - 0xf5, 0x39, 0x50, 0xd5, 0xfe, 0xee, 0x00, 0x67, - 0xcf, 0x40, 0x5f, 0x68, 0x12, 0x83, 0x4f, 0xa4, - 0x35 + 0x04, 0xe7, 0xbe, 0x37, 0xaa, 0x68, 0xca, 0xcc, 0x68, 0xf4, 0x8c, + 0x56, 0x65, 0x5a, 0xcb, 0xf8, 0xf4, 0x65, 0x3c, 0xd3, 0xc6, 0x1b, + 0xae, 0xd6, 0x51, 0x7a, 0xcc, 0x00, 0x8d, 0x59, 0x6d, 0x1b, 0x0a, + 0x66, 0xe8, 0x68, 0x5e, 0x6a, 0x82, 0x19, 0x81, 0x76, 0x84, 0x92, + 0x7f, 0x8d, 0xb2, 0xbe, 0xf5, 0x39, 0x50, 0xd5, 0xfe, 0xee, 0x00, + 0x67, 0xcf, 0x40, 0x5f, 0x68, 0x12, 0x83, 0x4f, 0xa4, 0x35 }; #define RMA_TEST_SERVER_P256_KEY_ID 0x20 @@ -84,8 +78,8 @@ static const uint8_t rma_test_server_p256_public_key[] = { /* Default values which can change based on command line arguments. */ static uint8_t server_key_id = RMA_TEST_SERVER_X25519_KEY_ID; -static uint8_t board_id[4] = {'Z', 'Z', 'C', 'R'}; -static uint8_t device_id[8] = {'T', 'H', 'X', 1, 1, 3, 8, 0xfe}; +static uint8_t board_id[4] = { 'Z', 'Z', 'C', 'R' }; +static uint8_t device_id[8] = { 'T', 'H', 'X', 1, 1, 3, 8, 0xfe }; static uint8_t hw_id[20] = "TESTSAMUS1234"; static char challenge[RMA_CHALLENGE_BUF_SIZE]; @@ -95,20 +89,15 @@ static char *progname; static char *short_opts = "a:b:c:d:hpk:tw:"; static const struct option long_opts[] = { /* name hasarg *flag val */ - {"auth_code", 1, NULL, 'a'}, - {"board_id", 1, NULL, 'b'}, - {"challenge", 1, NULL, 'c'}, - {"device_id", 1, NULL, 'd'}, - {"help", 0, NULL, 'h'}, - {"hw_id", 1, NULL, 'w'}, - {"key_id", 1, NULL, 'k'}, - {"p256", 0, NULL, 'p'}, - {"test", 0, NULL, 't'}, - {}, + { "auth_code", 1, NULL, 'a' }, { "board_id", 1, NULL, 'b' }, + { "challenge", 1, NULL, 'c' }, { "device_id", 1, NULL, 'd' }, + { "help", 0, NULL, 'h' }, { "hw_id", 1, NULL, 'w' }, + { "key_id", 1, NULL, 'k' }, { "p256", 0, NULL, 'p' }, + { "test", 0, NULL, 't' }, {}, }; void panic_assert_fail(const char *fname, int linenum); -void rand_bytes(void *buffer, size_t len); +void trng_rand_bytes(void *buffer, size_t len); int safe_memcmp(const void *s1, const void *s2, size_t size); void panic_assert_fail(const char *fname, int linenum) @@ -131,7 +120,7 @@ int safe_memcmp(const void *s1, const void *s2, size_t size) return result != 0; } -void rand_bytes(void *buffer, size_t len) +void trng_rand_bytes(void *buffer, size_t len) { RAND_bytes(buffer, len); } @@ -173,8 +162,8 @@ static void p256_key_and_secret_seed(uint8_t pub_key[32], /* Extract public key into an octal array. */ EC_POINT_point2oct(group, EC_KEY_get0_public_key(key), - POINT_CONVERSION_UNCOMPRESSED, - buf, sizeof(buf), NULL); + POINT_CONVERSION_UNCOMPRESSED, buf, + sizeof(buf), NULL); /* If Y coordinate is an odd value, we are done. */ } while (!(buf[sizeof(buf) - 1] & 1)); @@ -195,8 +184,8 @@ static void p256_key_and_secret_seed(uint8_t pub_key[32], secret_point = EC_POINT_new(group); /* Multiply server public key by our private key. */ - EC_POINT_mul(group, secret_point, 0, pub, - EC_KEY_get0_private_key(key), 0); + EC_POINT_mul(group, secret_point, 0, pub, EC_KEY_get0_private_key(key), + 0); /* Pull the result back into the octal buffer. */ EC_POINT_point2oct(group, secret_point, POINT_CONVERSION_UNCOMPRESSED, @@ -252,9 +241,8 @@ static void p256_calculate_secret(uint8_t secret[32], secret_point = EC_POINT_new(group); /* Multiply client's point by our private key. */ - EC_POINT_mul(group, secret_point, 0, - EC_KEY_get0_public_key(key), - priv, 0); + EC_POINT_mul(group, secret_point, 0, EC_KEY_get0_public_key(key), priv, + 0); /* Pull the result back into the octal buffer. */ EC_POINT_point2oct(group, secret_point, POINT_CONVERSION_UNCOMPRESSED, @@ -274,7 +262,7 @@ static int rma_server_side(const char *generated_challenge) /* Convert the challenge back into binary */ if (base32_decode(cptr, 8 * sizeof(c), generated_challenge, 9) != - 8 * sizeof(c)) { + 8 * sizeof(c)) { printf("Error decoding challenge\n"); return -1; } @@ -311,8 +299,8 @@ static int rma_server_side(const char *generated_challenge) * and DeviceID. */ hmac_SHA256(hmac, secret, sizeof(secret), cptr + 1, sizeof(c) - 1); - if (base32_encode(authcode, RMA_AUTHCODE_BUF_SIZE, - hmac, RMA_AUTHCODE_CHARS * 5, 0)) { + if (base32_encode(authcode, RMA_AUTHCODE_BUF_SIZE, hmac, + RMA_AUTHCODE_CHARS * 5, 0)) { printf("Error encoding auth code\n"); return -1; } @@ -323,7 +311,7 @@ static int rma_server_side(const char *generated_challenge) static int rma_create_test_challenge(int p256_mode) { - uint8_t temp[32]; /* Private key or HMAC */ + uint8_t temp[32]; /* Private key or HMAC */ uint8_t secret_seed[32]; struct rma_challenge c; uint8_t *cptr = (uint8_t *)&c; @@ -334,8 +322,8 @@ static int rma_create_test_challenge(int p256_mode) memset(authcode, 0, sizeof(authcode)); memset(&c, 0, sizeof(c)); - c.version_key_id = RMA_CHALLENGE_VKID_BYTE( - RMA_CHALLENGE_VERSION, server_key_id); + c.version_key_id = + RMA_CHALLENGE_VKID_BYTE(RMA_CHALLENGE_VERSION, server_key_id); memcpy(&bid, board_id, sizeof(bid)); bid = be32toh(bid); @@ -361,8 +349,8 @@ static int rma_create_test_challenge(int p256_mode) * and DeviceID. Those are all in the right order in the challenge * struct, after the version/key id byte. */ - hmac_SHA256(temp, secret_seed, sizeof(secret_seed), - cptr + 1, sizeof(c) - 1); + hmac_SHA256(temp, secret_seed, sizeof(secret_seed), cptr + 1, + sizeof(c) - 1); if (base32_encode(authcode, sizeof(authcode), temp, RMA_AUTHCODE_CHARS * 5, 0)) return 1; @@ -382,7 +370,8 @@ static void dump_key(const char *title, const uint8_t *key, size_t key_size) printf("\n\n\%s\n", title); for (i = 0; i < key_size; i++) - printf("%02x%c", key[i], ((i + 1) % bytes_per_line) ? ' ':'\n'); + printf("%02x%c", key[i], + ((i + 1) % bytes_per_line) ? ' ' : '\n'); if (i % bytes_per_line) printf("\n"); @@ -453,25 +442,26 @@ static void usage(void) "--device_id <arg> --hw_id <arg> |\n" " --auth_code <arg> |\n" " --challenge <arg>\n" - "\n" - "This is used to generate the cr50 or server responses for rma " - "open.\n" - "The cr50 side can be used to generate a challenge response " - "and sends authoriztion code to reset device.\n" - "The server side can generate an authcode from cr50's " - "rma challenge.\n" - "\n" - " -c,--challenge The challenge generated by cr50\n" - " -k,--key_id Index of the server private key\n" - " -b,--board_id BoardID type field\n" - " -d,--device_id Device-unique identifier\n" - " -a,--auth_code Reset authorization code\n" - " -w,--hw_id Hardware id\n" - " -h,--help Show this message\n" - " -p,--p256 Use prime256v1 curve instead of x25519\n" - " -t,--test " - "Generate challenge using default test inputs\n" - "\n", progname); + "\n" + "This is used to generate the cr50 or server responses for rma " + "open.\n" + "The cr50 side can be used to generate a challenge response " + "and sends authoriztion code to reset device.\n" + "The server side can generate an authcode from cr50's " + "rma challenge.\n" + "\n" + " -c,--challenge The challenge generated by cr50\n" + " -k,--key_id Index of the server private key\n" + " -b,--board_id BoardID type field\n" + " -d,--device_id Device-unique identifier\n" + " -a,--auth_code Reset authorization code\n" + " -w,--hw_id Hardware id\n" + " -h,--help Show this message\n" + " -p,--p256 Use prime256v1 curve instead of x25519\n" + " -t,--test " + "Generate challenge using default test inputs\n" + "\n", + progname); } static int atoh(char *v) @@ -498,7 +488,7 @@ static int set_server_key_id(char *id) return 1; /* verify digits */ - if (!isxdigit(*id) || !isxdigit(*(id+1))) + if (!isxdigit(*id) || !isxdigit(*(id + 1))) return 1; server_key_id = atoh(id); @@ -520,7 +510,7 @@ static int set_board_id(char *id) return 1; for (i = 0; i < 4; i++) - board_id[i] = atoh((id + (i*2))); + board_id[i] = atoh((id + (i * 2))); return 0; } @@ -538,7 +528,7 @@ static int set_device_id(char *id) return 1; for (i = 0; i < 8; i++) - device_id[i] = atoh((id + (i*2))); + device_id[i] = atoh((id + (i * 2))); return 0; } @@ -635,14 +625,14 @@ int main(int argc, char **argv) case 'h': usage(); return 0; - case 0: /* auto-handled option */ + case 0: /* auto-handled option */ break; case '?': if (optopt) printf("Unrecognized option: -%c\n", optopt); else printf("Unrecognized option: %s\n", - argv[optind - 1]); + argv[optind - 1]); break; case ':': printf("Missing argument to %s\n", argv[optind - 1]); @@ -683,7 +673,7 @@ int main(int argc, char **argv) if (!k_flag || !b_flag || !d_flag || !w_flag) { printf("server-side: Flag -c is mandatory\n"); printf("cr50-side: Flags -k, -b, -d, and -w " - "are mandatory\n"); + "are mandatory\n"); return 1; } } |