diff options
| author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-09-02 08:55:45 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2021-09-15 03:13:08 +0000 |
| commit | 4ad2fe9ff8dd7088050c8b8aa3ddcd722bcfaf4f (patch) | |
| tree | cf0dc64e0db26d90a33fe6b9ba6ac5e60968ea64 /include | |
| parent | e33cd20b6898e8a8896795425dc4e9c7c51d12be (diff) | |
| download | chrome-ec-4ad2fe9ff8dd7088050c8b8aa3ddcd722bcfaf4f.tar.gz | |
cr50: update FIPS known-answer tests
1. KAT tests should check that result doesn't match expectation for
modified input, not just failing on request. Added modification of input
data in case test break is needed (during module validation).
2. For ECDSA added pair-wise consistency test with known key pair.
However, this test adds roughly 40ms, so disable it and use sign test
with fixed nonce instead.
3. Some internal changes to support functionality - internally provided
dcrypto_p256_ecdsa_sign_raw() which takes precomputed nonce vs. drbg.
This allows generation of nonce with reseeding of DRBG if needed.
Also added dcrypto_p256_fips_sign_internal() which does same as
dcrypto_p256_ecdsa_sign() except that it reseeds DRBG with entropy if
needed.
4. Implemented ECDSA sign test with fixed nonce, and combined with
verify test. This allows to free some space for test vectors.
Also, store SHA256 of message as SHA256 is already tested. This saves
another 96 bytes.
5. KAT test time increased 2X from ~40ms to 60ms due to ECDSA sign test.
5. Run SHA2-256 KAT before self-integrity test, as it is used for
self-integrity.
BUG=b:138577539
TEST=make BOARD=cr50
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I1cbd470bc64ef3eb50e9a28055404fb998c65b61
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3144376
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/config.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/config.h b/include/config.h index 475c56f13f..6d8f7c6544 100644 --- a/include/config.h +++ b/include/config.h @@ -4901,5 +4901,7 @@ #undef CONFIG_FIPS_SW_HMAC_DRBG /* Don't run AES CBC 256 test (not used for U2F anymore). */ #undef CONFIG_FIPS_AES_CBC_256 +/* Don't use ECDSA pair-wise consistency test. We verify sign/verify. */ +#undef CONFIG_FIPS_ECDSA_PWCT #endif /* __CROS_EC_CONFIG_H */ |