diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-09-17 08:22:31 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-09-17 20:48:59 +0000 |
commit | 339b2361910e02d2522021d4895b7aa501fdf36c (patch) | |
tree | e51e1d4fe029aeea91266f9a2fdf2688ce596363 /test | |
parent | 469a4055e4b71bf2a8550e837401c255a8f06416 (diff) | |
download | chrome-ec-339b2361910e02d2522021d4895b7aa501fdf36c.tar.gz |
cr50: block access to U2F functions in case of FIPS errors
All public functionality of FIPS module should be disabled in case
of FIPS errors.
BUG=b:197893750
TEST=make BOARD=cr50 CRYPTO_TEST=1;
ccd:
fips sha
fips test
u2f_test - should fail
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ice8a0ab6535fcb0bd426ebbe969db1859cbd3ae8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3169097
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'test')
-rw-r--r-- | test/u2f.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/test/u2f.c b/test/u2f.c index 0ef0d55f42..ddaba0e8dd 100644 --- a/test/u2f.c +++ b/test/u2f.c @@ -38,6 +38,11 @@ bool fips_trng_bytes(void *buffer, size_t len) return true; } +bool fips_crypto_allowed(void) +{ + return true; +} + int DCRYPTO_x509_gen_u2f_cert_name(const p256_int *d, const p256_int *pk_x, const p256_int *pk_y, const p256_int *serial, const char *name, uint8_t *cert, const int n) |