cr50: fix zeroization of U2F secrets

Due to incorrect flags for TPM2 objects U2F secrets were not fully
zeroized (however were overwritten with new owner). Doesn't affect G2F.

BUG=b:268382629
TEST=make CRYPTO_TEST=1 U2F_TEST=1
fips del
fips old
fips u2f # prints old keys
u2f_test # all tests passed
fips del
fips new
fips u2f # print new key size
u2f_test # all tests passed
fips del
fips u2f # prints 0 sizes for u2f secrets

Change-Id: I2549dd5fd20937170c9b8d87363d90b138fdc4dc
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4269450
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>

1 files changed, 5 insertions, 3 deletions

diff --git a/board/cr50/u2f_state_load.c b/board/cr50/u2f_state_load.c
index b9ff9ec178..d63194f65d 100644
--- a/board/cr50/u2f_state_load.c
+++ b/board/cr50/u2f_state_load.c
@@ -172,12 +172,14 @@ enum ec_error_list u2f_gen_kek_seed(void)
 }
 
 /* Can't include TPM2 headers, so just define constant locally. */
-#define HR_NV_INDEX (1U << 24)
+#define TPM_HT_HIDDEN ((uint8_t)0xfe)
+#define HR_SHIFT      24
+#define HR_HIDDEN     (TPM_HT_HIDDEN << HR_SHIFT)
 
 enum ec_error_list u2f_zeroize_keys(void)
 {
-	const uint32_t u2fobjs[] = { TPM_HIDDEN_U2F_KEK | HR_NV_INDEX,
-				     TPM_HIDDEN_U2F_KH_SALT | HR_NV_INDEX, 0 };
+	const uint32_t u2fobjs[] = { TPM_HIDDEN_U2F_KEK | HR_HIDDEN,
+				     TPM_HIDDEN_U2F_KH_SALT | HR_HIDDEN, 0 };
 
 	enum ec_error_list result1, result2;