diff options
author | Howard Yang <hcyang@google.com> | 2022-05-26 12:29:01 +0800 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-06-03 07:55:37 +0000 |
commit | e5b0f03a6f132d57337212c3928c820d785072e0 (patch) | |
tree | 92d598703fba4aacef54bb882e945f4ffb099a4e /test/tpm_test | |
parent | 1e27cdddad231f9cd75c77923d1e952883f6125e (diff) | |
download | chrome-ec-e5b0f03a6f132d57337212c3928c820d785072e0.tar.gz |
cr50: Add corp format to u2f_attest
Add a format for u2fd-corp attestation to u2f_attest, and corresponding
test case in u2f_test.py
BUG=b:233147441
TEST=make buildall -j
TEST=u2f_test.py
Change-Id: I4d12345fd0531a4be091c05670215444fe38e706
Signed-off-by: Howard Yang <hcyang@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3670107
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'test/tpm_test')
-rw-r--r-- | test/tpm_test/u2f_test.py | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/test/tpm_test/u2f_test.py b/test/tpm_test/u2f_test.py index a0118c7b13..a5f9e0743c 100644 --- a/test/tpm_test/u2f_test.py +++ b/test/tpm_test/u2f_test.py @@ -57,12 +57,20 @@ def u2f_sign(tpm, origin, user, auth, kh, msg, flag, fail=False): return b'' return sig -def u2f_attest(tpm, origin, user, challenge, kh, public_key, fail=False): +def u2f_attest(tpm, origin, user, challenge, kh, public_key, corp_format=False, fail=False): origin = origin[:32].ljust(32, b'\0') user = user[:32].ljust(32, b'\0') - challenge = challenge[:32].ljust(32, b'\0') - g2f_cmd = b'\0' + origin + challenge + kh + public_key - cmd = user + b'\0' + len(g2f_cmd).to_bytes(1, 'big') + g2f_cmd + if not corp_format: + challenge = challenge[:32].ljust(32, b'\0') + g2f_cmd = b'\0' + origin + challenge + kh + public_key + cmd = user + b'\0' + len(g2f_cmd).to_bytes(1, 'big') + g2f_cmd + else: + challenge = challenge[:16].ljust(16, b'\0') + salt = b'\0' * 65 + corp_data = challenge + public_key + salt + corp_cmd = corp_data + origin + kh + cmd = user + b'\1' + len(corp_cmd).to_bytes(1, 'big') + corp_cmd + if fail==False: wrapped_response = tpm.command(tpm.wrap_ext_command( subcmd.U2F_ATTEST, cmd)) @@ -171,4 +179,9 @@ def u2f_test(tpm): sig_attest = u2f_attest(tpm, origin, user, auth, khv0, public_key0) if tpm.debug_enabled(): print('sig attest = ',utils.hex_dump(sig_attest), len(sig_attest)) + + print('U2F_ATTEST corp'); + sig_attest = u2f_attest(tpm, origin, user, auth, khv0, public_key0, corp_format=True) + if tpm.debug_enabled(): + print('sig attest = ',utils.hex_dump(sig_attest), len(sig_attest)) print('%sSUCCESS: %s' % (utils.cursor_back(), 'U2F test')) |