diff options
-rw-r--r-- | board/cr50/tpm_nvmem_ops.h | 3 | ||||
-rw-r--r-- | board/cr50/u2f.c | 23 |
2 files changed, 23 insertions, 3 deletions
diff --git a/board/cr50/tpm_nvmem_ops.h b/board/cr50/tpm_nvmem_ops.h index d01c804c4e..d12eb1bb5f 100644 --- a/board/cr50/tpm_nvmem_ops.h +++ b/board/cr50/tpm_nvmem_ops.h @@ -20,7 +20,8 @@ enum tpm_write_rv { }; enum tpm_nv_hidden_object { - TPM_HIDDEN_U2F_KEK + TPM_HIDDEN_U2F_KEK, + TPM_HIDDEN_U2F_KH_SALT, }; enum tpm_read_rv read_tpm_nvmem(uint16_t object_index, diff --git a/board/cr50/u2f.c b/board/cr50/u2f.c index 16960812ea..d9cc8c7989 100644 --- a/board/cr50/u2f.c +++ b/board/cr50/u2f.c @@ -70,6 +70,7 @@ enum u2f_mode { static uint32_t salt[8]; static uint32_t salt_kek[8]; +static uint32_t salt_kh[8]; static uint8_t u2f_mode = MODE_UNSET; static const uint8_t k_salt = NVMEM_VAR_U2F_SALT; @@ -123,6 +124,24 @@ static int load_state(void) return 0; } + if (read_tpm_nvmem_hidden( + TPM_HIDDEN_U2F_KH_SALT, + sizeof(salt_kh), salt_kh) == + tpm_read_not_found) { + /* + * We have never used u2f before - generate + * new seed. + */ + if (!DCRYPTO_ladder_random(salt_kh)) + return 0; + + if (write_tpm_nvmem_hidden( + TPM_HIDDEN_U2F_KH_SALT, + sizeof(salt_kh), salt_kh, 1 /* commit */) != + tpm_write_created) + return 0; + } + return 1; } @@ -242,13 +261,13 @@ int u2f_origin_user_keypair(const uint8_t *key_handle, return EC_ERROR_UNKNOWN; hmac_drbg_init(&drbg, + salt_kh, P256_NBYTES, dev_salt, P256_NBYTES, - key_handle, P256_NBYTES * 2, NULL, 0); hmac_drbg_generate(&drbg, key_seed, sizeof(key_seed), - NULL, 0); + key_handle, P256_NBYTES * 2); return DCRYPTO_p256_key_from_bytes( pk_x, pk_y, d, key_seed) == 0; |