cr50: Add corp format to u2f_attest

Add a format for u2fd-corp attestation to u2f_attest, and corresponding test case in u2f_test.py BUG=b:233147441 TEST=make buildall -j TEST=u2f_test.py Change-Id: I4d12345fd0531a4be091c05670215444fe38e706 Signed-off-by: Howard Yang <hcyang@google.com> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3670107 Reviewed-by: Andrey Pronin <apronin@chromium.org> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
author: Howard Yang <hcyang@google.com> 2022-05-26 12:29:01 +0800
committer: Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> 2022-06-03 07:55:37 +0000
commit: e5b0f03a6f132d57337212c3928c820d785072e0 (patch)
tree: 92d598703fba4aacef54bb882e945f4ffb099a4e /test
parent: 1e27cdddad231f9cd75c77923d1e952883f6125e (diff)
download: chrome-ec-e5b0f03a6f132d57337212c3928c820d785072e0.tar.gz
1 files changed, 17 insertions, 4 deletions
diff --git a/test/tpm_test/u2f_test.py b/test/tpm_test/u2f_test.py
index a0118c7b13..a5f9e0743c 100644
--- a/test/tpm_test/u2f_test.py
+++ b/test/tpm_test/u2f_test.py
@@ -57,12 +57,20 @@ def u2f_sign(tpm, origin, user, auth, kh, msg, flag, fail=False):
         return b''
     return sig
 
-def u2f_attest(tpm, origin, user, challenge, kh, public_key, fail=False):
+def u2f_attest(tpm, origin, user, challenge, kh, public_key, corp_format=False, fail=False):
     origin = origin[:32].ljust(32, b'\0')
     user = user[:32].ljust(32, b'\0')
-    challenge = challenge[:32].ljust(32, b'\0')
-    g2f_cmd = b'\0' + origin + challenge + kh + public_key
-    cmd = user + b'\0' + len(g2f_cmd).to_bytes(1, 'big') + g2f_cmd
+    if not corp_format:
+        challenge = challenge[:32].ljust(32, b'\0')
+        g2f_cmd = b'\0' + origin + challenge + kh + public_key
+        cmd = user + b'\0' + len(g2f_cmd).to_bytes(1, 'big') + g2f_cmd
+    else:
+        challenge = challenge[:16].ljust(16, b'\0')
+        salt = b'\0' * 65
+        corp_data = challenge + public_key + salt
+        corp_cmd = corp_data + origin + kh
+        cmd = user + b'\1' + len(corp_cmd).to_bytes(1, 'big') + corp_cmd
+
     if fail==False:
         wrapped_response = tpm.command(tpm.wrap_ext_command(
                                        subcmd.U2F_ATTEST, cmd))
@@ -171,4 +179,9 @@ def u2f_test(tpm):
     sig_attest = u2f_attest(tpm, origin, user, auth, khv0, public_key0)
     if tpm.debug_enabled():
         print('sig attest = ',utils.hex_dump(sig_attest), len(sig_attest))
+
+    print('U2F_ATTEST corp');
+    sig_attest = u2f_attest(tpm, origin, user, auth, khv0, public_key0, corp_format=True)
+    if tpm.debug_enabled():
+        print('sig attest = ',utils.hex_dump(sig_attest), len(sig_attest))
     print('%sSUCCESS: %s' % (utils.cursor_back(), 'U2F test'))
author	Howard Yang <hcyang@google.com>	2022-05-26 12:29:01 +0800
committer	Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com>	2022-06-03 07:55:37 +0000
commit	e5b0f03a6f132d57337212c3928c820d785072e0 (patch)
tree	92d598703fba4aacef54bb882e945f4ffb099a4e /test
parent	1e27cdddad231f9cd75c77923d1e952883f6125e (diff)
download	chrome-ec-e5b0f03a6f132d57337212c3928c820d785072e0.tar.gz