diff options
| author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-12-29 10:42:14 -0800 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2021-12-29 19:54:29 +0000 |
| commit | 914a20f4b8640abf32691a4db7d7160303e2f419 (patch) | |
| tree | 57842f9ac3c7c4dcb92b23b8af701acd13db7d98 /test | |
| parent | 74c466bee3adb64232f5aa3b613a54891558e40c (diff) | |
| download | chrome-ec-914a20f4b8640abf32691a4db7d7160303e2f419.tar.gz | |
cr50: improve g2f implementation
Replace int to size_t in DCRYPTO_x509_* functions to indicate that
returned value is actually a size.
Replaced int to enum dcrypto_result and removed arithmetic on enum in
DCRYPTO_x509_gen_u2f_cert_name() to make code clear.
Added intermediate variable certificate_len in GetG2fCert to make logic
clear. However, virtual nvmem requires further refactoring to replace
void with size_t to escalate errors if any.
Added check that G2F certificate is not all zeroes in tpm_test.py
BUG=b:212517336
TEST=test/tpm_test.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I5ee4567219f43dd3c7e7ef7d260b446732c5c22d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3361100
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'test')
| -rw-r--r-- | test/tpm_test/u2f_test.py | 3 | ||||
| -rw-r--r-- | test/u2f.c | 7 |
2 files changed, 6 insertions, 4 deletions
diff --git a/test/tpm_test/u2f_test.py b/test/tpm_test/u2f_test.py index 97ca4a4141..a0118c7b13 100644 --- a/test/tpm_test/u2f_test.py +++ b/test/tpm_test/u2f_test.py @@ -102,9 +102,10 @@ def g2f_get_cert(tpm): ] g2f_read_cmd = bytes(g2f_read) response = tpm.command(g2f_read_cmd) - if len(response) <= 10: + if len(response) <= 16 or response.count(0) > 100: raise subcmd.TpmTestError('Unexpected G2F response: ' + utils.hex_dump(response)) + print('G2F cert len', len(response)) return response diff --git a/test/u2f.c b/test/u2f.c index 3ddf38616b..c99dc7d631 100644 --- a/test/u2f.c +++ b/test/u2f.c @@ -41,9 +41,10 @@ bool fips_trng_bytes(void *buffer, size_t len) return true; } -int DCRYPTO_x509_gen_u2f_cert_name(const p256_int *d, const p256_int *pk_x, - const p256_int *pk_y, const p256_int *serial, - const char *name, uint8_t *cert, const int n) +size_t DCRYPTO_x509_gen_u2f_cert_name(const p256_int *d, const p256_int *pk_x, + const p256_int *pk_y, + const p256_int *serial, const char *name, + uint8_t *cert, const size_t n) { /* Return the size of certificate, 0 means error. */ return 0; |