| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=None
TEST=make -j buildall
Change-Id: Icf2cfb6a2657064c10721c0e527d24fbb3be6ab3
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1330102
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to bind the PIN authentication to PCR4, required for
additional security, a set of valid PCR criteria is added as metadata
in the leaf of the tree. Each criteria has a bitmask of PCR indexes
and the digest sha256 that should be obtained from concatenation of
PCR values for the respective indexes. Pinweaver will handle
both types of requests, in old and the new format.
For migration of old leaves that don't have the new field, the
process expects cryptohome to detect that the leaf needs migration
based on protocol used, leaf version and if the list of PCR
criteria is empty. In case the leaf needs migration, cryptohome
should insert a new leaf with the same data and remove the old one.
The PCR criteria set is created on Chrome OS side. Details of that
implementation is in
https://chromium-review.googlesource.com/c/chromiumos/platform2/+/1124856
BRANCH=none
BUG=chromium:812165
TEST=sudo V=1 make run-pinweaver -j
pinweaver_client selftest
Deploy old image on a device and create an account setting a PIN code
as well. Deploy the new image and new CR50 build. Login and check that the
migration works well. Also try to put device to sleep and unlock. Check
that a new credential creation with new version works as well and sleep +
unlock work as expected. Extend PCR4 on device and check that login/unlock
works only for the user which obfuscated_username was used to extend the
PCR. Also check that authentication works with cases when old cryptohome
and new pinweaver is deployed, or old pinweaver and new cryptohome.
CQ-DEPEND=CL:1124856
Change-Id: If778c4e46b9945afadfd2af7d58353005624d668
Signed-off-by: igorcov@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/1112014
Commit-Ready: Igor <igorcov@chromium.org>
Tested-by: Igor <igorcov@chromium.org>
Reviewed-by: Igor <igorcov@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to be able to recover from the AP and Cr50 getting out of
sync, this logging functionality gives Cr50 a way to track the
state changes of the merkle tree so that the AP can be updated to
the current state as long as it has a recent enough copy.
This involves packing the important information so it can be stored
efficiently on flash, and adding the necessary messages for the
replay.
CQ-DEPEND=CL:895395,CL:929430
BRANCH=none
BUG=chromium:809729, chromium:809745
TEST=cd ~/src/platform/ec && V=1 make run-weaver_ng -j
Change-Id: I40f98de2c8e9706cccb5b922215699f2132fa121
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/963773
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
This adds some of the ground work for hardware backed brute force
resistance on Cr50. The feature is called Pinweaver. It will
initially be used to enable PIN authentication on CrOS devices
without reducing the security of the platform. A Merkle tree is
used to validate encrypted metadata used to track login attempts.
The metadata tracks counts of failed attempts, a timestamp of the
last failed attempt, the secrets, and any associated parameters.
Instead of storing the metadata on Cr50 an AES-CTR is used with an
HMAC to encrypt the data so it can be stored off-chip and loaded
when needed.
The Merkle tree is used to track the current state of all the
metadata to prevent replay attacks of previously exported copies.
It is a tree of hashes whose root hash is stored on Cr50, and whose
leaves are the HMACs of the encrypted metadata.
BRANCH=none
BUG=chromium:809730, chromium:809741, chromium:809743, chromium:809747
TEST=cd ~/src/platform/ec && V=1 make run-pinweaver -j
Change-Id: Id10bb49d8ebc5a487dd90c6093bc0f51dadbd124
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/895395
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
