From 6fa9cc0c7484be908010a6acdd6547d686234e34 Mon Sep 17 00:00:00 2001 From: Yi Chou Date: Fri, 31 Mar 2023 15:52:13 +0800 Subject: Use third_party boringssl for AES The original boringssl copy is not maintainable in the long term. We should build it from the upstream version. BUG=b:248508087, b:273639386 TEST=make runhosttests -j TEST=make buildall -j BRANCH=none Signed-off-by: Yi Chou Change-Id: I3ead1244c3c839590281e20e5c4828242933d1f2 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3925087 Reviewed-by: Tom Hughes --- baseboard/nucleo-f412zg/base-board.h | 3 +-- baseboard/nucleo-h743zi/base-board.h | 3 +-- board/hatch_fp/board.h | 3 +-- board/nocturne_fp/board.h | 3 +-- board/nucleo-dartmonkey/board.h | 2 ++ common/fpsensor/fpsensor_crypto.cc | 15 +++++++---- fuzz/fuzz_config.h | 3 +-- test/aes.cc | 9 +++++-- test/test_config.h | 6 ++--- third_party/boringssl/include/aes_gcm_helpers.h | 35 +++++++++++++++++++++++++ 10 files changed, 61 insertions(+), 21 deletions(-) create mode 100644 third_party/boringssl/include/aes_gcm_helpers.h diff --git a/baseboard/nucleo-f412zg/base-board.h b/baseboard/nucleo-f412zg/base-board.h index 7eb589183e..18e88df48c 100644 --- a/baseboard/nucleo-f412zg/base-board.h +++ b/baseboard/nucleo-f412zg/base-board.h @@ -157,8 +157,7 @@ * Other *-------------------------------------------------------------------------*/ -#define CONFIG_AES -#define CONFIG_AES_GCM +#define CONFIG_BORINGSSL_CRYPTO #define CONFIG_DMA_CROS #define CONFIG_FPU #define CONFIG_HOST_COMMAND_STATUS diff --git a/baseboard/nucleo-h743zi/base-board.h b/baseboard/nucleo-h743zi/base-board.h index 987ddf5f16..936b2c6e1c 100644 --- a/baseboard/nucleo-h743zi/base-board.h +++ b/baseboard/nucleo-h743zi/base-board.h @@ -83,8 +83,7 @@ /* Enabled features */ -#define CONFIG_AES -#define CONFIG_AES_GCM +#define CONFIG_BORINGSSL_CRYPTO #define CONFIG_DMA_CROS #define CONFIG_FORCE_CONSOLE_RESUME #define CONFIG_FPU diff --git a/board/hatch_fp/board.h b/board/hatch_fp/board.h index 082bc937e8..721d216a44 100644 --- a/board/hatch_fp/board.h +++ b/board/hatch_fp/board.h @@ -222,8 +222,7 @@ * Other *-------------------------------------------------------------------------*/ -#define CONFIG_AES -#define CONFIG_AES_GCM +#define CONFIG_BORINGSSL_CRYPTO #define CONFIG_DMA_CROS #define CONFIG_FPU #define CONFIG_FPU_WARNINGS diff --git a/board/nocturne_fp/board.h b/board/nocturne_fp/board.h index 543e8fd30f..1a34c05ed8 100644 --- a/board/nocturne_fp/board.h +++ b/board/nocturne_fp/board.h @@ -202,8 +202,7 @@ #undef CONFIG_ROLLBACK_UPDATE #endif -#define CONFIG_AES -#define CONFIG_AES_GCM +#define CONFIG_BORINGSSL_CRYPTO #define CONFIG_RNG diff --git a/board/nucleo-dartmonkey/board.h b/board/nucleo-dartmonkey/board.h index 76e278b4ca..4e070bf91b 100644 --- a/board/nucleo-dartmonkey/board.h +++ b/board/nucleo-dartmonkey/board.h @@ -31,6 +31,8 @@ /* Fingerprint needs to store a secrect in the anti-rollback block */ #define CONFIG_ROLLBACK_SECRET_SIZE 32 +#define CONFIG_BORINGSSL_CRYPTO + /* SPI configuration for the fingerprint sensor */ #define CONFIG_SPI_CONTROLLER #define CONFIG_SPI_FP_PORT 2 /* SPI4: third master config */ diff --git a/common/fpsensor/fpsensor_crypto.cc b/common/fpsensor/fpsensor_crypto.cc index 824f3d6c73..5861064427 100644 --- a/common/fpsensor/fpsensor_crypto.cc +++ b/common/fpsensor/fpsensor_crypto.cc @@ -3,16 +3,21 @@ * found in the LICENSE file. */ +#include "aes_gcm_helpers.h" #include "fpsensor_crypto.h" #include "fpsensor_state.h" #include "fpsensor_utils.h" +#include "openssl/aes.h" + +/* These must be included after the "openssl/aes.h" */ +#include "crypto/fipsmodule/aes/internal.h" +#include "crypto/fipsmodule/modes/internal.h" extern "C" { -#include "aes-gcm.h" -#include "aes.h" #include "cryptoc/util.h" #include "rollback.h" #include "sha256.h" +#include "util.h" test_export_static int get_ikm(uint8_t *ikm); test_mockable void compute_hmac_sha256(uint8_t *output, const uint8_t *key, @@ -22,9 +27,9 @@ test_mockable void compute_hmac_sha256(uint8_t *output, const uint8_t *key, } #include -#if !defined(CONFIG_AES) || !defined(CONFIG_AES_GCM) || \ - !defined(CONFIG_ROLLBACK_SECRET_SIZE) -#error "fpsensor requires AES, AES_GCM and ROLLBACK_SECRET_SIZE" + +#if !defined(CONFIG_BORINGSSL_CRYPTO) || !defined(CONFIG_ROLLBACK_SECRET_SIZE) +#error "fpsensor requires CONFIG_BORINGSSL_CRYPTO and ROLLBACK_SECRET_SIZE" #endif test_export_static int get_ikm(uint8_t *ikm) diff --git a/fuzz/fuzz_config.h b/fuzz/fuzz_config.h index d642513b24..e7b539b864 100644 --- a/fuzz/fuzz_config.h +++ b/fuzz/fuzz_config.h @@ -25,8 +25,7 @@ #endif /* ! FUZZ_HOSTCMD_VERBOSE */ /* The following are for fpsensor host commands. */ -#define CONFIG_AES -#define CONFIG_AES_GCM +#define CONFIG_BORINGSSL_CRYPTO #define CONFIG_ROLLBACK_SECRET_SIZE 32 #define CONFIG_SHA256 diff --git a/test/aes.cc b/test/aes.cc index d08679d489..98d79b4b03 100644 --- a/test/aes.cc +++ b/test/aes.cc @@ -19,8 +19,6 @@ #include "test_util.h" extern "C" { -#include "aes-gcm.h" -#include "aes.h" #include "builtin/assert.h" #include "console.h" #include "timer.h" @@ -28,6 +26,13 @@ extern "C" { #include "watchdog.h" } +#include "aes_gcm_helpers.h" +#include "openssl/aes.h" + +/* These must be included after the "openssl/aes.h" */ +#include "crypto/fipsmodule/aes/internal.h" +#include "crypto/fipsmodule/modes/internal.h" + /* Temporary buffer, to avoid using too much stack space. */ static uint8_t tmp[512]; diff --git a/test/test_config.h b/test/test_config.h index 8f1c482b71..51c15f4c8c 100644 --- a/test/test_config.h +++ b/test/test_config.h @@ -31,8 +31,7 @@ #endif #if defined(TEST_AES) || defined(TEST_CRYPTO_BENCHMARK) -#define CONFIG_AES -#define CONFIG_AES_GCM +#define CONFIG_BORINGSSL_CRYPTO #endif #ifdef TEST_BASE32 @@ -110,8 +109,7 @@ #if defined(TEST_FPSENSOR) || defined(TEST_FPSENSOR_STATE) || \ defined(TEST_FPSENSOR_CRYPTO) -#define CONFIG_AES -#define CONFIG_AES_GCM +#define CONFIG_BORINGSSL_CRYPTO #define CONFIG_ROLLBACK_SECRET_SIZE 32 #define CONFIG_SHA256 #endif diff --git a/third_party/boringssl/include/aes_gcm_helpers.h b/third_party/boringssl/include/aes_gcm_helpers.h new file mode 100644 index 0000000000..7c902169b7 --- /dev/null +++ b/third_party/boringssl/include/aes_gcm_helpers.h @@ -0,0 +1,35 @@ +/* Copyright 2023 The ChromiumOS Authors + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +/* Helpers for the boringssl AEC GCM interface. */ + +#ifndef __CROS_EC_AES_GCM_HELPERS_H +#define __CROS_EC_AES_GCM_HELPERS_H + +#include "openssl/aes.h" +#include "string.h" + +/* These must be included after the "openssl/aes.h" */ +#include "crypto/fipsmodule/aes/internal.h" +#include "crypto/fipsmodule/modes/internal.h" + +/* CRYPTO_gcm128_init initialises |ctx| to use |block| (typically AES) with + * the given key. |block_is_hwaes| is one if |block| is |aes_hw_encrypt|. + * + * This API was removed in upstream: + * https://boringssl-review.googlesource.com/c/boringssl/+/32004 + * + * Note: The content of GCM128_CONTEXT must be initialized by this function. + * Passing the context that remain uninitialized parts into the other + * CRYPTO_gcm128_ functions will result undefined behavior. + */ +static inline void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, const AES_KEY *key, + block128_f block, int block_is_hwaes) +{ + memset(ctx, 0, sizeof(*ctx)); + CRYPTO_gcm128_init_key(&ctx->gcm_key, key, block, block_is_hwaes); +} + +#endif /* __CROS_EC_AES_GCM_HELPERS_H */ -- cgit v1.2.1