diff options
Diffstat (limited to 'common')
-rw-r--r-- | common/ap_ro_integrity_check.c | 4 | ||||
-rw-r--r-- | common/ccd_config.c | 13 | ||||
-rw-r--r-- | common/pinweaver.c | 46 | ||||
-rw-r--r-- | common/rma_auth.c | 16 | ||||
-rw-r--r-- | common/u2f.c | 54 |
5 files changed, 67 insertions, 66 deletions
diff --git a/common/ap_ro_integrity_check.c b/common/ap_ro_integrity_check.c index f6592d1ca9..ea0456ad5a 100644 --- a/common/ap_ro_integrity_check.c +++ b/common/ap_ro_integrity_check.c @@ -12,11 +12,11 @@ #include "extension.h" #include "flash.h" #include "flash_info.h" -#include "cryptoc/sha256.h" #include "stddef.h" #include "stdint.h" #include "timer.h" #include "usb_spi.h" +#include "usb_spi_board.h" #define CPRINTS(format, args...) cprints(CC_SYSTEM, format, ##args) #define CPRINTF(format, args...) cprintf(CC_SYSTEM, format, ##args) @@ -269,7 +269,7 @@ static enum ap_ro_check_vc_errors ap_ro_check_unsupported(int add_flash_event) int validate_ap_ro(void) { uint32_t i; - HASH_CTX ctx; + struct sha256_ctx ctx; uint8_t digest[SHA256_DIGEST_SIZE]; int rv; diff --git a/common/ccd_config.c b/common/ccd_config.c index 3433766b7c..b3b12e12a7 100644 --- a/common/ccd_config.c +++ b/common/ccd_config.c @@ -9,7 +9,6 @@ #include "byteorder.h" #include "ccd_config.h" #include "console.h" -#include "cryptoc/sha256.h" #include "dcrypto.h" #include "extension.h" #include "hooks.h" @@ -239,17 +238,17 @@ static int raw_has_password(void) */ static void ccd_password_digest(uint8_t *digest, const char *password) { - HASH_CTX sha; + struct sha256_ctx sha; uint8_t *unique_id; int unique_id_len; unique_id_len = system_get_chip_unique_id(&unique_id); - DCRYPTO_SHA256_init(&sha, 0); - HASH_update(&sha, config.password_salt, sizeof(config.password_salt)); - HASH_update(&sha, unique_id, unique_id_len); - HASH_update(&sha, password, strlen(password)); - memcpy(digest, HASH_final(&sha), CCD_PASSWORD_DIGEST_SIZE); + SHA256_hw_init(&sha); + SHA256_update(&sha, config.password_salt, sizeof(config.password_salt)); + SHA256_update(&sha, unique_id, unique_id_len); + SHA256_update(&sha, password, strlen(password)); + memcpy(digest, SHA256_final(&sha)->b8, CCD_PASSWORD_DIGEST_SIZE); } /** diff --git a/common/pinweaver.c b/common/pinweaver.c index 2cc4118c7d..7cea0ca1b0 100644 --- a/common/pinweaver.c +++ b/common/pinweaver.c @@ -159,17 +159,19 @@ static int create_merkle_tree(struct bits_per_level_t bits_per_level, uint8_t temp_hash[PW_HASH_SIZE] = {}; uint8_t hx; uint16_t kx; - LITE_SHA256_CTX ctx; + struct sha256_ctx ctx; merkle_tree->bits_per_level = bits_per_level; merkle_tree->height = height; /* Initialize the root hash. */ for (hx = 0; hx < height.v; ++hx) { - DCRYPTO_SHA256_init(&ctx, 0); + SHA256_hw_init(&ctx); for (kx = 0; kx < fan_out; ++kx) - HASH_update(&ctx, temp_hash, PW_HASH_SIZE); - memcpy(temp_hash, HASH_final(&ctx), PW_HASH_SIZE); + HASH_update((union hash_ctx *)&ctx, temp_hash, + PW_HASH_SIZE); + memcpy(temp_hash, HASH_final((union hash_ctx *)&ctx), + PW_HASH_SIZE); } memcpy(merkle_tree->root, temp_hash, PW_HASH_SIZE); @@ -179,24 +181,25 @@ static int create_merkle_tree(struct bits_per_level_t bits_per_level, } /* Computes the HMAC for an encrypted leaf using the key in the merkle_tree. */ -static void compute_hmac( - const struct merkle_tree_t *merkle_tree, - const struct imported_leaf_data_t *imported_leaf_data, - uint8_t result[PW_HASH_SIZE]) +static void compute_hmac(const struct merkle_tree_t *merkle_tree, + const struct imported_leaf_data_t *imported_leaf_data, + uint8_t result[PW_HASH_SIZE]) { - LITE_HMAC_CTX hmac; + struct hmac_sha256_ctx hmac; - DCRYPTO_HMAC_SHA256_init(&hmac, merkle_tree->hmac_key, + HMAC_SHA256_hw_init(&hmac, merkle_tree->hmac_key, sizeof(merkle_tree->hmac_key)); - HASH_update(&hmac.hash, imported_leaf_data->head, + /* use HASH_update() vs. HMAC_update() due limits of dcrypto mock. */ + HASH_update((union hash_ctx *)&hmac.hash, imported_leaf_data->head, sizeof(*imported_leaf_data->head)); - HASH_update(&hmac.hash, imported_leaf_data->iv, + HASH_update((union hash_ctx *)&hmac.hash, imported_leaf_data->iv, sizeof(PW_WRAP_BLOCK_SIZE)); - HASH_update(&hmac.hash, imported_leaf_data->pub, + HASH_update((union hash_ctx *)&hmac.hash, imported_leaf_data->pub, imported_leaf_data->head->pub_len); - HASH_update(&hmac.hash, imported_leaf_data->cipher_text, + HASH_update((union hash_ctx *)&hmac.hash, + imported_leaf_data->cipher_text, imported_leaf_data->head->sec_len); - memcpy(result, DCRYPTO_HMAC_final(&hmac), PW_HASH_SIZE); + memcpy(result, HMAC_SHA256_hw_final(&hmac), PW_HASH_SIZE); } /* Computes the root hash for the specified path and child hash. */ @@ -1386,16 +1389,17 @@ void compute_hash(const uint8_t hashes[][PW_HASH_SIZE], uint16_t num_hashes, const uint8_t child_hash[PW_HASH_SIZE], uint8_t result[PW_HASH_SIZE]) { - LITE_SHA256_CTX ctx; + struct sha256_ctx ctx; - DCRYPTO_SHA256_init(&ctx, 0); + SHA256_hw_init(&ctx); if (location.v > 0) - HASH_update(&ctx, hashes[0], PW_HASH_SIZE * location.v); - HASH_update(&ctx, child_hash, PW_HASH_SIZE); + HASH_update((union hash_ctx *)&ctx, hashes[0], + PW_HASH_SIZE * location.v); + HASH_update((union hash_ctx *)&ctx, child_hash, PW_HASH_SIZE); if (location.v < num_hashes) - HASH_update(&ctx, hashes[location.v], + HASH_update((union hash_ctx *)&ctx, hashes[location.v], PW_HASH_SIZE * (num_hashes - location.v)); - memcpy(result, HASH_final(&ctx), PW_HASH_SIZE); + memcpy(result, HASH_final((union hash_ctx *)&ctx), PW_HASH_SIZE); } /* If a request from older protocol comes, this method should make it diff --git a/common/rma_auth.c b/common/rma_auth.c index 7a34396acd..09539c537b 100644 --- a/common/rma_auth.c +++ b/common/rma_auth.c @@ -80,11 +80,11 @@ static void get_hmac_sha256(void *hmac_out, const uint8_t *secret, size_t ch_size) { #ifdef USE_DCRYPTO - LITE_HMAC_CTX hmac; + struct hmac_sha256_ctx hmac; - DCRYPTO_HMAC_SHA256_init(&hmac, secret, secret_size); - HASH_update(&hmac.hash, ch_ptr, ch_size); - memcpy(hmac_out, DCRYPTO_HMAC_final(&hmac), 32); + HMAC_SHA256_hw_init(&hmac, secret, secret_size); + HMAC_SHA256_update(&hmac, ch_ptr, ch_size); + memcpy(hmac_out, HMAC_SHA256_hw_final(&hmac), 32); #else hmac_SHA256(hmac_out, secret, secret_size, ch_ptr, ch_size); #endif @@ -131,7 +131,7 @@ static void p256_get_pub_key_and_secret(uint8_t pub_key[P256_NBYTES], * until the genreated bublic key has the compliant Y coordinate. */ while (1) { - HASH_CTX sha; + struct sha256_ctx sha; if (DCRYPTO_p256_key_from_bytes(&pk_x, &pk_y, &d, buf)) { @@ -141,9 +141,9 @@ static void p256_get_pub_key_and_secret(uint8_t pub_key[P256_NBYTES], } /* Did not succeed, rehash the private key and try again. */ - DCRYPTO_SHA256_init(&sha, 0); - HASH_update(&sha, buf, sizeof(buf)); - memcpy(buf, HASH_final(&sha), sizeof(buf)); + SHA256_hw_init(&sha); + SHA256_update(&sha, buf, sizeof(buf)); + memcpy(buf, SHA256_final(&sha), sizeof(buf)); } /* X coordinate is passed to the server as the public key. */ diff --git a/common/u2f.c b/common/u2f.c index 7a5b3e5945..c209be466e 100644 --- a/common/u2f.c +++ b/common/u2f.c @@ -8,10 +8,6 @@ #include "console.h" #include "cryptoc/p256.h" -#ifndef TEST_BUILD -#include "cryptoc/sha256.h" -#endif - #include "dcrypto.h" #include "extension.h" #include "system.h" @@ -444,7 +440,7 @@ static enum vendor_cmd_rc u2f_attest(enum vendor_cmd_cc code, void *buf, int verify_ret; - struct HASH_CTX h_ctx; + struct sha256_ctx h_ctx; struct drbg_ctx dr_ctx; /* Data hash, and corresponding signature. */ @@ -471,9 +467,9 @@ static enum vendor_cmd_rc u2f_attest(enum vendor_cmd_cc code, void *buf, return verify_ret; /* Message signature */ - DCRYPTO_SHA256_init(&h_ctx, 0); - HASH_update(&h_ctx, req->data, u2f_attest_format_size(req->format)); - p256_from_bin(HASH_final(&h_ctx), &h); + SHA256_hw_init(&h_ctx); + SHA256_update(&h_ctx, req->data, u2f_attest_format_size(req->format)); + p256_from_bin(SHA256_final(&h_ctx)->b8, &h); /* Derive G2F Attestation Key */ if (g2f_individual_keypair(&d, &pk_x, &pk_y)) { @@ -509,7 +505,7 @@ int u2f_origin_user_keyhandle(const uint8_t *origin, const uint8_t *user, const uint8_t *origin_seed, struct u2f_key_handle *key_handle) { - LITE_HMAC_CTX ctx; + struct hmac_sha256_ctx ctx; struct u2f_state *state = get_state(); if (!state) @@ -517,12 +513,13 @@ int u2f_origin_user_keyhandle(const uint8_t *origin, const uint8_t *user, memcpy(key_handle->origin_seed, origin_seed, P256_NBYTES); - DCRYPTO_HMAC_SHA256_init(&ctx, state->salt_kek, SHA256_DIGEST_SIZE); - HASH_update(&ctx.hash, origin, P256_NBYTES); - HASH_update(&ctx.hash, user, P256_NBYTES); - HASH_update(&ctx.hash, origin_seed, P256_NBYTES); + HMAC_SHA256_hw_init(&ctx, state->salt_kek, SHA256_DIGEST_SIZE); + HMAC_SHA256_update(&ctx, origin, P256_NBYTES); + HMAC_SHA256_update(&ctx, user, P256_NBYTES); + HMAC_SHA256_update(&ctx, origin_seed, P256_NBYTES); - memcpy(key_handle->hmac, DCRYPTO_HMAC_final(&ctx), SHA256_DIGEST_SIZE); + memcpy(key_handle->hmac, HMAC_SHA256_hw_final(&ctx), + SHA256_DIGEST_SIZE); return EC_SUCCESS; } @@ -532,7 +529,7 @@ int u2f_origin_user_versioned_keyhandle( uint8_t version, struct u2f_versioned_key_handle_header *key_handle_header) { - LITE_HMAC_CTX ctx; + struct hmac_sha256_ctx ctx; struct u2f_state *state = get_state(); if (!state) @@ -541,13 +538,13 @@ int u2f_origin_user_versioned_keyhandle( key_handle_header->version = version; memcpy(key_handle_header->origin_seed, origin_seed, P256_NBYTES); - DCRYPTO_HMAC_SHA256_init(&ctx, state->salt_kek, SHA256_DIGEST_SIZE); - HASH_update(&ctx.hash, origin, P256_NBYTES); - HASH_update(&ctx.hash, user, P256_NBYTES); - HASH_update(&ctx.hash, origin_seed, P256_NBYTES); - HASH_update(&ctx.hash, &version, sizeof(key_handle_header->version)); + HMAC_SHA256_hw_init(&ctx, state->salt_kek, SHA256_DIGEST_SIZE); + HMAC_SHA256_update(&ctx, origin, P256_NBYTES); + HMAC_SHA256_update(&ctx, user, P256_NBYTES); + HMAC_SHA256_update(&ctx, origin_seed, P256_NBYTES); + HMAC_SHA256_update(&ctx, &version, sizeof(key_handle_header->version)); - memcpy(key_handle_header->kh_hmac, DCRYPTO_HMAC_final(&ctx), + memcpy(key_handle_header->kh_hmac, HMAC_SHA256_hw_final(&ctx), SHA256_DIGEST_SIZE); return EC_SUCCESS; @@ -557,19 +554,20 @@ int u2f_authorization_hmac(const uint8_t *authorization_salt, const struct u2f_versioned_key_handle_header *header, const uint8_t *auth_time_secret_hash, uint8_t *hmac) { - LITE_HMAC_CTX ctx; + struct hmac_sha256_ctx ctx; struct u2f_state *state = get_state(); if (!state) return EC_ERROR_UNKNOWN; - DCRYPTO_HMAC_SHA256_init(&ctx, state->salt_kek, SHA256_DIGEST_SIZE); - HASH_update(&ctx.hash, authorization_salt, U2F_AUTHORIZATION_SALT_SIZE); - HASH_update(&ctx.hash, (uint8_t *)header, - sizeof(struct u2f_versioned_key_handle_header)); - HASH_update(&ctx.hash, auth_time_secret_hash, SHA256_DIGEST_SIZE); + HMAC_SHA256_hw_init(&ctx, state->salt_kek, SHA256_DIGEST_SIZE); + HMAC_SHA256_update(&ctx, authorization_salt, + U2F_AUTHORIZATION_SALT_SIZE); + HMAC_SHA256_update(&ctx, (uint8_t *)header, + sizeof(struct u2f_versioned_key_handle_header)); + HMAC_SHA256_update(&ctx, auth_time_secret_hash, SHA256_DIGEST_SIZE); - memcpy(hmac, DCRYPTO_HMAC_final(&ctx), SHA256_DIGEST_SIZE); + memcpy(hmac, HMAC_SHA256_hw_final(&ctx), SHA256_DIGEST_SIZE); return EC_SUCCESS; } |