cr50: block access to U2F functions in case of FIPS errors

All public functionality of FIPS module should be disabled in case of FIPS errors. BUG=b:197893750 TEST=make BOARD=cr50 CRYPTO_TEST=1; ccd: fips sha fips test u2f_test - should fail Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: Ice8a0ab6535fcb0bd426ebbe969db1859cbd3ae8 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3169097 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
author: Vadim Sukhomlinov <sukhomlinov@google.com> 2021-09-17 08:22:31 -0700
committer: Commit Bot <commit-bot@chromium.org> 2021-09-17 20:48:59 +0000
commit: 339b2361910e02d2522021d4895b7aa501fdf36c (patch)
tree: e51e1d4fe029aeea91266f9a2fdf2688ce596363 /test
parent: 469a4055e4b71bf2a8550e837401c255a8f06416 (diff)
download: chrome-ec-339b2361910e02d2522021d4895b7aa501fdf36c.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/test/u2f.c b/test/u2f.c
index 0ef0d55f42..ddaba0e8dd 100644
--- a/test/u2f.c
+++ b/test/u2f.c
@@ -38,6 +38,11 @@ bool fips_trng_bytes(void *buffer, size_t len)
 	return true;
 }
 
+bool fips_crypto_allowed(void)
+{
+	return true;
+}
+
 int DCRYPTO_x509_gen_u2f_cert_name(const p256_int *d, const p256_int *pk_x,
 				   const p256_int *pk_y, const p256_int *serial,
 				   const char *name, uint8_t *cert, const int n)
author	Vadim Sukhomlinov <sukhomlinov@google.com>	2021-09-17 08:22:31 -0700
committer	Commit Bot <commit-bot@chromium.org>	2021-09-17 20:48:59 +0000
commit	339b2361910e02d2522021d4895b7aa501fdf36c (patch)
tree	e51e1d4fe029aeea91266f9a2fdf2688ce596363 /test
parent	469a4055e4b71bf2a8550e837401c255a8f06416 (diff)
download	chrome-ec-339b2361910e02d2522021d4895b7aa501fdf36c.tar.gz