summaryrefslogtreecommitdiff
path: root/include/u2f_impl.h
Commit message (Collapse)AuthorAgeFilesLines
* cr50: Change U2F key derivation to include user secrets.Louis Collard2019-01-311-0/+33
| | | | | | | | | | | | | | | | | Currently it is assumed that the user secret is passed to cr50 in plaintext for each command. A future CL will change this so that the user secret is sent once per 'session', but this will not impact key derivation. BUG=b:112603199 BRANCH=none TEST=manual tests on local device Change-Id: I25bc8986a25defbc60ac32311c8747db3071e469 Signed-off-by: Louis Collard <louiscollard@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1436975 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Reviewed-by: Andrey Pronin <apronin@chromium.org>
* cr50: Make G2F attestation certificate available in vNVRAM.Louis Collard2019-01-301-0/+13
| | | | | | | | | | | | | | | As part of a refactor to reduce the amount of U2F-specific code in cr50, the certificate for the fixed G2F key used in U2F attestation needs to be made available to u2fd. BRANCH=none BUG=b:123161715 TEST=read nv space locally Change-Id: I4b457b1446bd13bdb125509218b577bc62f9355b Signed-off-by: Louis Collard <louiscollard@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1424043 Reviewed-by: Andrey Pronin <apronin@chromium.org>
* ec: Move some U2F constants from u2f_impl.h to u2f.hLouis Collard2019-01-091-11/+0
| | | | | | | | | | | | | | | | These constants are extensions to the U2F protocol, and as such, form part of the API. Moving them to u2f.h so they can be re-used by U2F clients. TEST=build BUG=b:112603199 BRANCH=none Change-Id: I1cad417bfbd109c253876cbb762f5119ff39da06 Signed-off-by: Louis Collard <louiscollard@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1397099 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Reviewed-by: Andrey Pronin <apronin@chromium.org>
* cr50: Add a separate seed for kek, that resets on TPM clear.Louis Collard2018-11-271-0/+10
| | | | | | | | | | | | | | | This is so that U2F registrations are invalidated after the device goes through powerwash. TEST=test_that <..> firmware_Cr50U2fPowerwash, manual tests BRANCH=none BUG=b:112604850 Change-Id: I94257ec71adc7d49dcb676f0b1dc9aa1151116bd Signed-off-by: Louis Collard <louiscollard@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1308238 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org>
* Add U2F implementationVincent Palatin2017-06-291-0/+111
Add the common code to support FIDO U2F (Universal second factor authentication) protocol implementation: the APDU parsing and standard commands execution, plus a few non-standard flags and hooks. The u2f.h header is the unmodified copy from the U2F v1.1 Specifications archive. Mostly copied over from the cr52 code-base. Signed-off-by: Vincent Palatin <vpalatin@chromium.org> BRANCH=cr50 BUG=b:35545754 TEST=with follow-up CLs, run U2FTest on Eve. CQ-DEPEND=CL:*390230 Change-Id: I636d4a77ea69d69b5ab18a958e58ee6fcb2476bc Reviewed-on: https://chromium-review.googlesource.com/518136 Commit-Ready: Vincent Palatin <vpalatin@chromium.org> Tested-by: Vincent Palatin <vpalatin@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org>
View Lorry Controller Status