| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a reland of d2627d12bb21308f49a72cadaf47a0a86730a960 with one
modification: The versioned key handle header (the old "key handle"
concept) is now used in the derivation of authorization_hmac. This is
to tie the key handle to the authorization secret.
Original change's description:
> u2f: Append hmac of auth time secret to versioned KH
>
> When generating versioned KHs, u2fd should send a public derivative
> (sha256) of the user's auth time secret to cr50. Cr50 derives an
> hmac of it and appends this authorization_hmac to the KH.
>
> When signing versioned KHs, u2fd may supply the unhashed auth time
> secret. Cr50 will check the authorization_hmac if no power button press.
> If the reconstructed hmac matches authorization_hmac, power button press
> is waived.
>
> Currently for v1, we will just prepare the authorization_hmac but not
> enforce it. This is because fingerprint and PIN are unable to unlock
> the same secret.
>
> While we waive power button press for v1, we can enforce
> authorization_hmac whenever auth-time secrets is ready.
>
> BUG=b:144861739
> TEST=- Use a known 32-byte "auth-time secret"
> - Compute the sha256 of the auth-time secret (this is public)
> - u2f_generate with the computed "authTimeSecretHash"
> - Add code to u2f_sign command handler such that cr50 computes
> the sha256 of the supplied auth-time secret at u2f_sign time
> and require power button press if the hmac doesn't match.
> - u2f_sign with the true auth-time secret -> observe in logging
> that hmac matches, and no power button press required.
> - u2f_sign with a wrong auth-time secret -> observe in logging
> that hmac doesn't match, and power button press is required
> for signing.
>
> Cq-Depend: chromium:2321731
> Change-Id: Ib9ae913667f8178ac7a4790f861d7dada972c4a0
> Signed-off-by: Yicheng Li <yichengli@chromium.org>
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2317047
> Reviewed-by: Andrey Pronin <apronin@chromium.org>
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
BUG=b:144861739
TEST=See original CL's TEST above
Cq-Depend: chromium:2327865
Change-Id: Ia1b0b4a585ec604398cfa730354ae1a91e7bc00b
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2355177
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Status of completion of power-up tests was in long life register
which survives reboots and even firmware upgrades, which is not
an intended behavior. Moving status to PWRDN register makes it
reset on graceful reboots and firmware upgrades, but avoid
running tests on wake from deep sleep. This switch also enables
use of multiple bits to indicate status of tests, which makes it
more fault tolerant.
BUG=b:138577491
TEST=make BOARD=cr50, then deassert DIOM3 to trigger deep sleep
FIPS power-on tests shouldn't run on wake.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I098940e45afd5b5b9447b2780ff69372a922c03f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2330976
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since FIPS-compliant U2F code is not yet ready, make sure that new
devices won't switch to FIPS-approved by default when there are no
U2F keys. This CL puts the logic that checks if the U2F seed exists
and turns FIPS mode on when it doesn't under compile-time switch,
and for now turns this switch off. As a result, FIPS mode is always
off.
BUG=b:138577491
TEST=make BOARD=cr50, then check FIPS mode in CCD
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I33b559c3f348f34115263fd3fedc8b7a2fbeab31
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2328113
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit d2627d12bb21308f49a72cadaf47a0a86730a960.
Reason for revert: Causing crbug.com/1111182
Original change's description:
> u2f: Append hmac of auth time secret to versioned KH
>
> When generating versioned KHs, u2fd should send a public derivative
> (sha256) of the user's auth time secret to cr50. Cr50 derives an
> hmac of it and appends this authorization_hmac to the KH.
>
> When signing versioned KHs, u2fd may supply the unhashed auth time
> secret. Cr50 will check the authorization_hmac if no power button press.
> If the reconstructed hmac matches authorization_hmac, power button press
> is waived.
>
> Currently for v1, we will just prepare the authorization_hmac but not
> enforce it. This is because fingerprint and PIN are unable to unlock
> the same secret.
>
> While we waive power button press for v1, we can enforce
> authorization_hmac whenever auth-time secrets is ready.
>
> BUG=b:144861739
> TEST=- Use a known 32-byte "auth-time secret"
> - Compute the sha256 of the auth-time secret (this is public)
> - u2f_generate with the computed "authTimeSecretHash"
> - Add code to u2f_sign command handler such that cr50 computes
> the sha256 of the supplied auth-time secret at u2f_sign time
> and require power button press if the hmac doesn't match.
> - u2f_sign with the true auth-time secret -> observe in logging
> that hmac matches, and no power button press required.
> - u2f_sign with a wrong auth-time secret -> observe in logging
> that hmac doesn't match, and power button press is required
> for signing.
>
> Cq-Depend: chromium:2321731
> Change-Id: Ib9ae913667f8178ac7a4790f861d7dada972c4a0
> Signed-off-by: Yicheng Li <yichengli@chromium.org>
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2317047
> Reviewed-by: Andrey Pronin <apronin@chromium.org>
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Bug: b:144861739
Cq-Depend: chromium:2327779
Exempt-From-Owner-Approval: Causing crbug.com/1111182
Change-Id: I8c8a594d148b92556b20a2753aa1007cf2c1676b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2327358
Tested-by: Archie Pusaka <apusaka@chromium.org>
Reviewed-by: Yicheng Li <yichengli@chromium.org>
Reviewed-by: Archie Pusaka <apusaka@chromium.org>
Commit-Queue: Archie Pusaka <apusaka@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When generating versioned KHs, u2fd should send a public derivative
(sha256) of the user's auth time secret to cr50. Cr50 derives an
hmac of it and appends this authorization_hmac to the KH.
When signing versioned KHs, u2fd may supply the unhashed auth time
secret. Cr50 will check the authorization_hmac if no power button press.
If the reconstructed hmac matches authorization_hmac, power button press
is waived.
Currently for v1, we will just prepare the authorization_hmac but not
enforce it. This is because fingerprint and PIN are unable to unlock
the same secret.
While we waive power button press for v1, we can enforce
authorization_hmac whenever auth-time secrets is ready.
BUG=b:144861739
TEST=- Use a known 32-byte "auth-time secret"
- Compute the sha256 of the auth-time secret (this is public)
- u2f_generate with the computed "authTimeSecretHash"
- Add code to u2f_sign command handler such that cr50 computes
the sha256 of the supplied auth-time secret at u2f_sign time
and require power button press if the hmac doesn't match.
- u2f_sign with the true auth-time secret -> observe in logging
that hmac matches, and no power button press required.
- u2f_sign with a wrong auth-time secret -> observe in logging
that hmac doesn't match, and power button press is required
for signing.
Cq-Depend: chromium:2321731
Change-Id: Ib9ae913667f8178ac7a4790f861d7dada972c4a0
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2317047
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent access to FIPS CCD commands which can inject errors
due to unclear security impact. Instead, made them available
only in CR50_DEV builts. Same with vendor commands - moved them
from CRYPTO_TEST to under CR50_DEV.
BUG=b:138577491
TEST=help fips, fips sha/trng - ignored
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ic86db02f2c9c5abbea8f3f23ee56a5f5f570e177
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2321344
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The recent modification of chip/g/build.mk introduced a bug where an
awk script error is reported if the board name does not contain an
underscore.
It went unnoticed because it does not prevent make from reporting
success and most boards do not care about the results of running of
this awk script.
This patch fixes the problem.
BUG=none
TEST=ran make for cr50 and hslt_d2c, observed proper modification of
the manifest, verified that no script errors are reported any
more.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I0981411ec7bc17e4473d4b33125f76b75983d974
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2317059
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Personalization infrastructure expects the image header tag filed to
be set to the board name in ASCII.
This patch modifies the chip g makefile to paste the board name into
the manifest, the signer copies the value into the image header.
BUG=b:161498484
TEST=verified that the manifest is updated as expected:
$ diff util/signer/ec_RW-manifest-dev.json /tmp/h1.signer.F2Pu6d
33c33
< "tag": "00000000000000000000000000000000000000000000000000000000",
---
> "tag": "68736c74206432630000000000000000000000000000000000000000",
and observed the personalizer test harness to retrieve the expected
board name from the running image.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I9ecf009e21c2ab77b03c9de1ebb176197923e6e1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2310850
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Version strings of the boards built from the private directories
should include git status information from all git trees used to build
the images.
BUG=none
TEST=tried running 'BOARD=xyz ./util/getversion.sh' and verified that
the expected git trees are added to the version string.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I5414a1de07171d37277ba508551a79ba84776ac6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2310777
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:161755898
TEST=none
Change-Id: Ic1e719addea733a3b8d198a771e0f038f9adf854
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2310592
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't touch the SYS_RST_L or EC_RST_L signals when flashing the AP if
flashrom is run with custom_rst=True.
BUG=b:154885210
TEST=manual on bob
ecrst on
flashrom -p raiden_debug_spi:target=EC -r ec.bin
ecrst on
flashrom -p raiden_debug_spi:target=AP,custom_rst=True -r ap.bin
check ecrst is still on
flashrom -p raiden_debug_spi:target=AP -r ap.bin
Change-Id: Ia1ab8c853c25ced994e053c9e19a18d0d0f1cb45
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2301239
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
new_device and new_gang_mode are both only used for spi_hash SPI
enable/disable. Rename them, so that's clear.
BUG=none
TEST=make buildall -j
Change-Id: I67a4f7865e8a5ff21c79b4462a0f2c1d0f85f76d
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2300698
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To reuse u2f_origin_user_keypair(), u2f_sign extracts the
key handle bytes from versioned and non-versioned requests
according to the format. In the versioned path the code
incorrectly uses the non-versioned struct to extract the
key handle bytes, which would result in wrong private key and thus
non-verifiable signature in WebAuthn on version 1 key handles.
Both the bug and the fix do not affect the non-versioned path.
BUG=b:144861739
TEST=Added debug statements to verify that u2f_generate and u2f_sign
arrive at the same private key. With the previous buggy code
they get different private key.
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Change-Id: If79daeff98b01d050fcdc8dd69c809c184e6abb3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2303278
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In https://crrev.com/c/2258534 fix read_tpm_nvmem_size() was introduced,
however it failed to properly return size of hidden objects, and code
worked because it was masked by prior check of size for nvmem variable
with getvar(), and these variables were always set together.
This fix relies on https://crrev.com/c/2280405 for tpm2 to add proper
service function.
BUG=None
TEST=manual, tested in upcoming change in cr50/board/u2f.c
Cq-Depend: chromium:2280405
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I38cfbf97e5cc99907c05887345017db92c5abc72
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2285432
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This test's main goal is to be used against future changes in the
dcrypto engine. All it does is comparing signature received from the
ecdsa sign function to the golden results.
Signed-off-by: mschilder@google.com
BUG=b:137659935
TEST=something of a test itself and is run by calling the command
through the console connection via host.
The test sequence is following:
- call the dcrypto_ecdsa_sign function on the known input.
- call the dcrypto_ecdsa_verisign on the same input (this function is
added in the following CLs in the chain).
- compare both results to the golden value.
Test passes if both results match to the golden value.
To run the test compile the CR50:
make -j BOARD=cr50 CRYPTO_TEST=1
in the console run:
dcrypto_ecdsa
Change-Id: I07437f6a69ba79bdcce8c92976a374733b17d339
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2269337
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was added to support u2fd on M77, and can
be removed iff the version of cr50 this change is
included in will not be expected to work with M77.
BUG=b:158268336
TEST=build
Signed-off-by: Louis Collard <louiscollard@chromium.org>
Change-Id: I6bbbae44a86c1a70fef4c8e1da1c1116f9909aa8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2275504
Reviewed-by: Yicheng Li <yichengli@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Yicheng Li <yichengli@chromium.org>
Tested-by: Yicheng Li <yichengli@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a test_that command to show how we run tests locally.
BUG=none
TEST=none
Change-Id: I04d1a5d96c03b1cdceff6677e64893498837ea88
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2092202
Reviewed-by: Shelley Chen <shchen@chromium.org>
(cherry picked from commit 4bdb7d9889371ca8ae74599cead640a254ed7b0d)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278525
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Tom Hughes <tomhughes@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=none
Change-Id: Ibe22f9131dc34ce4185379d8db166de42a3d1e24
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1873853
Reviewed-by: Patrick Georgi <pgeorgi@chromium.org>
(cherry picked from commit e4967bcc38227275d6788f1504e7a679c865357d)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278524
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Tom Hughes <tomhughes@chromium.org>
Reviewed-by: Tom Hughes <tomhughes@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor the CCD documentation so it's easier for non-experts to
understand.
BUG=none
TEST=view in gitiles
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: I89ba8fd5906119c4acfe1a555db5b7872dd949a9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2137929
(cherry picked from commit 2ba6907508ecfc223c047db686fe459c9596f026)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278523
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the standard used across the documentation for specifying different
shell prompts:
(chroot) $
(dut) $
cr50 >
This makes it clear where the command should be run.
BUG=none
TEST=view in gitiles
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: I0383e00825b5d9b500464ac1979555ca5afd8296
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2136870
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 8f13313b8b0b8787e01f5604cc6b812155c2a6ac)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278522
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No content changes.
Command used:
mdformat --compatibility -w docs/case_closed_debugging_cr50.md
BUG=none
TEST=view in gitiles
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: Ieb84866ad610122da08873087f79a6d45ea17ab3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2137633
Reviewed-by: Justin TerAvest <teravest@chromium.org>
Commit-Queue: Justin TerAvest <teravest@chromium.org>
(cherry picked from commit 14c35054e52bba725a3b34e64f50cf3446f4f1d5)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278361
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adapts the "UART rescue mode" text from go/cr50-devel to
open-source documentation in the EC codebase. This information has been
necessary for partners to update cr50 on their own internal boards,
where other update methods may not be viable.
BUG=None
TEST=worked with partner to reflash cr50 with attached instructions
Change-Id: I6cf5defd38432e0ceda3cc809d43d94fa14797b4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1974501
Reviewed-by: Keith Short <keithshort@chromium.org>
Commit-Queue: Justin TerAvest <teravest@chromium.org>
Tested-by: Justin TerAvest <teravest@chromium.org>
(cherry picked from commit bccc832b7dbc056f464d549dd5f347277670d1b3)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278360
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Tom Hughes <tomhughes@chromium.org>
Reviewed-by: Tom Hughes <tomhughes@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When programming AP flash for the very first time it is sufficient to
program just a few sections. This makes it possible for the device to
boot Chrome OS, at which point the rest of the AP flash can be
programmed much faster.
BUG=none
TEST=verified proper rendering using gerrit
Change-Id: I444b857302e67c6d7c54c026b9205d0ec734e24a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1981085
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit 85326c1662f8db3cdc9ed801986f65127ccca123)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278359
Commit-Queue: Tom Hughes <tomhughes@chromium.org>
Reviewed-by: Tom Hughes <tomhughes@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=view in gitiles
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: I7da8856cb0d39befead6418e53e709569adae613
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2134806
(cherry picked from commit 263b54489f08557690791fe7f0aaed634ddc6a2e)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278358
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=view in gitiles
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: Id55665d87e80a472af61f0ccb7ecb8bc097ebb3c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2134646
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
(cherry picked from commit 697b49ae69ae35e1df9188e2c6f4df07b0cdc2cc)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2278357
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Despite all make tricks, sometimes switching between make invocations
with CR50_DEV defined and not defined, the code which updates the
IFNO1 RW rollback space runs even when CR50_DEV was defined at compile
time and the image header rollback space is set to all zeros.
This causes complete clearing of the INFO1 RW rollback space, which in
turn prevents from running images built without CR50_DEV=1.
Let's add a check to see if the currently running image has the entire
rollback space in the header erased, and not proceed with the INFO1
space update in this case.
BUG=b:160013710
TEST=verified that images built both with CR50_DEV defined and not
defined run properly.
- removed '#ifndef CR50_DEV' block around lines 610..719 and built
and ran the image, observed the "Skipped updating INFO1 RW" map
message.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I63a54ba2a82cd250d1e4018768b7a55c406b69c0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2271016
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support generating and signing versioned key handles in addition
to non-versioned ones.
BUG=b:144861739
TEST=used webauthntool to verify that KH generated by old cr50 firmware
can be signed with this firmware
TEST=used webauthntool to verify that non-versioned KH generated by this
firmware can be signed by old cr50 firmware
(This and the first TEST proves that non-versioned path is the
same as old firmware.)
TEST=used webauthntool to verify that non-versioned KH generated by this
firmware can be signed by this firmware
TEST=used webauthntool to verify that versioned KH generated by this
firmware can be signed by this firmware
TEST=test_that --board=nami <IP> firmware_Cr50U2fCommands
Cq-Depend: chromium:2280394
Change-Id: Idf413a1a3e6c35a3e7e651faaa91fe2894b805db
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2202949
Reviewed-by: Louis Collard <louiscollard@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add invocation of power-up known-answer tests (KATs) on power-on
and after failures, while avoiding power-up tests on wake from sleep.
Added console & vendor commands to report FIPS status, run tests,
simulate errors.
BUG=b:138577539
TEST=manual; check console
fips on, fips test, fips sha, fips trng
will add tpmtest for vendor command
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I58790d0637fda683c4b6187ba091edf08757f8ee
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2262055
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch addresses gerrit markdown rendering deficiency where the
target image is not properly rendered gerrit by the gerrit server.
The images were duplicated on Google Drive, such that the smaller in
the page version of the image is still loaded from the local tree, but
the target image comes from Drive, which allows to see full size
images when required.
BUG=none
TEST=verified proper rendering of the full size images
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ief2f18bd9b3805b391b19b8ebb8828d9e5ca05b4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2274302
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added service function read_tpm_nvmem_size() to return size of hidden
nvmem object, which is needed in FIPS framework code, but can't be
implemented locally due to conflicting headers between TPM2 library
and Cryptoc library, and util.h
BUG=none
TEST=make BOARD=cr50; meaningul test will be added in upcoming CLs
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Iab9520170cfdcd754f1fe2e79143f75766284921
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2258534
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A document describing how AP and H1 interact during the boot up
process, and typical failures causing the Chrome OS device falling
into recovery mode.
BUG=none
TEST=none
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ib71ffbc9c7dadd5f42923c0bfac038ae7f0ca8e5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261318
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many source files over time started to respect 'bool' and 'size_t'
types for better code readability. However, these types are defined
in stdbool.h and stddef.h headers, so each time they were used
there was a need to include them. util.h included both, and one option
was to use it, but it conflicts with TPM2 library on definition MAX/MIN
BUG=none
TEST=make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ia0aca578e901c60aeafee5278471c228194d36bf
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2258540
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://crrev.com/c/2222386 added support for short EC keys to some
functions. Extending this support to sign and verify.
Added test vectors for regression testing in tpmtest.py
BUG=b:157528390
TEST=tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I3db2c9eee9da995d45d534a2732130948548ead8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2265605
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds another NVMEM API, which allows to erase stored TPM
objects selectively. The list of indices of the objects to be erases
is supplied in a zero terminated array.
The existing nvmem_erase_tpm_data() has been modified to erase only
selected objects, if the list of objects is supplied by the caller.
BUG=b:138578447
TEST=Using tpm_manager_client created a bogus NVMEM object, modified
Cr50 code to provide a CLI command which would invoke the new
NVMEM API function to delete the new object.
Invoked 'dump_nvmem' command before and after deleting the bogus
object. Observed the NVMEM contents compacted and the bogus
object deleted. Rebooted the device, observed proper Chrome OS
start up maintaining the existing user account.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I3e299c8004141fa01ff20c290131b6526575c42e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2253324
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add proper TRNG health tests and CR50-wide DRBG with reseeding
BUG=b:138578157
TEST=tpmtest.py -t1 fails after cr50 reboot.
rand_perf in console (kick-off FIPS TRNG test) and then
tpmtest.py -t1 and tpmtest.py -t2 should succeed.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I94c2dbd7a00dedcf1a0f318539a3c73c0c8076ef
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2251381
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The logic of deciding if the alternative RW image is newer than a
certain version needs to be updated to accommodate moving to higher
prod and prepvt major version numbers.
BUG=none
TEST=the 'nvmem_find_partition: No Legacy Partitions found.' message
is not printed during startup any more when updating from 6.3 to
6.4.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I59e18712b3365446c29f569bf0b50f95ab67df95
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2250658
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Time it takes for TRNG to come-up with 32-bit of randomness
varies, and once TRNG started to use 1-bit alphabet, it's average
increased. We handle this timeout by resetting TRNG and
writing record in the flash log. With current setting of EMPTY_COUNT
set to 400 it's almost never happens under normal use, and is harmless,
but adds unnecessary records in the log under heavy use like TRNG
health tests. Adjusting EMPTY_COUNT to higher value reduce probability
of TRNG reset when value is just delayed, but TRNG is not stalled yet.
BUG=b:138578157
TEST=tpmtest -t0
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ic0152da05934a70dd16b3e4178361bfcefbdda26
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2252481
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: William Wesson <wesson@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to changes in internal structures, stack consumption for SHA2,
HMAC, HMAC_DRBG grew up, and when combined with stack growth due to
changes in cprintf cause crash for some development console commands.
This patch increase console stack for CR50_DEV and CRYPTO_TEST modes.
BUG=none
TEST=manual, build with CR50_DEV or CRYPTO_TEST, run taskinfo
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I7170c65e4b8092d165c478f505a435f834744ed9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2251382
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to NIST SP 800-90B only vetted conditioning mechanism should
be used for post-processing raw entropy. See SP 800-90B, 3.1.5.1 Using
Vetted Conditioning Components. Use of non-vetted algorithms is governed
in 3.1.5.2, but assumes conservative coefficient 0.85 for entropy estimate,
which increase number of requests to TRNG to get desirable entropy.
More details on entropy estimate tests are in associated bug.
Entropy measurements using NIST assessment tool didn't report noticeable
change in entropy estimate. However, more changes are needed to use
DRBG instead of raw TRNG for all purposes.
TRNG changes reviewed also at https://crrev.com/c/1926384
BUG=b:138577834
TEST=test/tpm_test/nist_entropy.sh
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I5a578b90b8b7a77fae6a218eec48e87e7644ab44
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2240519
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement board-local configuraration of FIPS 140-2/3 policy as
complementary to FWMP policy. This is intended mostly for lab
testing and dogfooding, when FWMP policy is not feasible.
board_fips_enforced() returns status of FIPS from FWMP and NVRAM
and caches state to avoid expensive operations later.
BUG=b:138577491
TEST=manual, make buildall -j
Actual test command to be added in upcoming CLs
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I8fa651e56e6e76a87bbc4dd911e7a8c0546e7e0f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2247112
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIPS 140-2 certification requires that security related output from
module should be disabled until completion of known-answer tests.
However, it's tricky to justify what output is security related, as
most of output data can be used to track current execution stage which
may be helpful for attacker. So, its safer to disable any output for
a short time once internal testing is done.
Provide console_disable_output() and console_enable_output()
functions which are supposed to be used by board initialization code
driving FIPS mode initialization.
BUG=b:138577539
TEST=manual; make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I42902acef7a5e99142ce2b6517ae511f63206e93
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2247103
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add FE_LOG_FIPS_FAILURE event type
BUG=b:138577539
TEST=manual
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I11be32598ddbbb327175a656c21abcb8388246d0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2247106
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added check for output len as defined by NIST for HMAC_DRBG and
define error codes instead of constants.
Propagate status for hmac_drbg_generate_p256
BUG=b:138578157
TEST=make buildall ; make BOARD=cr50 ; tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I16a1eac51ca11a6419a86922cfe59c13d9c703a0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243762
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:158843230
TEST=run 'ver' on cr50
Change-Id: Ia22cbc74dc23156a11caceb587f8380aa68ce23b
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243312
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:158774719
TEST=none
Change-Id: I4558a8d4cb9219c8d78db9982f9c5d80d8a30d84
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242770
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To prevent issues with long HMAC keys (longer than block size, which
is 64 for SHA-256 and 128 bytes for SHA-384/512)
BUG=b:158094716
TEST=make BOARD=cr50 CRYPTO_TEST=1 ; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: If4c3e6cd0c753f39a7ea39515ae0596cfab6a6b8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2239481
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to Python3 switch tpm_test.py stop working. Updates to make it
work with Python3.
cros lint complains it can't import Crypto and rsa
BUG=None
TEST=tpmtest.py
tpmtest.py -t
To test exception handling change line 167 in crypto_test.py from
if real_out_text != out_text:
to
if real_out_text == out_text:
and run tpmtest.py again.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I927b25ab3288274993949c53564bed73faa346e9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2231974
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL enables cr50 to accept EC points of which X and/or Y component
has less than 32 bytes.
For testing, the following 4 data inputs can pass the test:
1. Creating salted session with a full-length ephemeral key.
2. Creating salted session with a short ephemeral key.
3. Walking through enrollment flow with a full-length ephemeral key.
4. Walking through enrollment flow with a short ephemeral key.
BUG=b:157528390
TEST=see the comment above.
Change-Id: I12c744ab00391a31d81d4ac6b6e644981ae46f48
Signed-off-by: Leo Lai <cylai@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2222386
Tested-by: Leo Lai <cylai@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:158533918
TEST=tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ia6b59c49afc7ed19507fab254cab44b2a5c1953b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2236588
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In https://crrev.com/c/2227077 ECC command handler was reimplemented,
but associated test was uploaded with old version of constant.
BUG=b:138578319
TEST=make CRYPTO_TEST=1 BOARD=cr50 -j && test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I7c50ed108d193958e62f76c2f7315247df14a398
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2238649
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|