Revert "Reland "fpsensor: Use OPENSSL_cleanse instead of always_memset""

This reverts commit 32316a1137042220e533166e097a23b12d5ce91c.

Reason for revert: Breaks postsubmit b/279174496

Original change's description:
> Reland "fpsensor: Use OPENSSL_cleanse instead of always_memset"
>
> This is a reland of commit 848e5a749e7cd6d02a2b31ee275470ba68cbe43d
>
> Original change's description:
> > fpsensor: Use OPENSSL_cleanse instead of always_memset
> >
> > BUG=b:248508087, b:273639386
> > TEST=make runhosttests -j
> > TEST=make buildall -j
> > BRANCH=none
> >
> > Change-Id: If26578b31d768875bd4b85cdce8a6365e181685a
> > Signed-off-by: Yi Chou <yich@google.com>
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4387995
> > Reviewed-by: Tom Hughes <tomhughes@chromium.org>
>
> BUG=b:248508087, b:273639386
> TEST=make runhosttests -j
> TEST=make buildall -j
> BRANCH=none
>
> Change-Id: I2a818345996e4a9f545ad7eefbdaf6a7e4497795
> Signed-off-by: Yi Chou <yich@google.com>
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4439434
> Reviewed-by: Tom Hughes <tomhughes@chromium.org>

Bug: b:248508087, b:273639386
Change-Id: I8d34bb643c6d7c3be2ef1719c7b6ffae387a36b1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4459599
Auto-Submit: Jonathon Murphy <jpmurphy@google.com>
Tested-by: Jonathon Murphy <jpmurphy@google.com>
Commit-Queue: Tom Hughes <tomhughes@chromium.org>
Reviewed-by: Tom Hughes <tomhughes@chromium.org>
Owners-Override: Jonathon Murphy <jpmurphy@google.com>

3 files changed, 21 insertions, 25 deletions

diff --git a/common/fpsensor/fpsensor.cc b/common/fpsensor/fpsensor.cc
index e3d96cde16..cb013363f1 100644
--- a/common/fpsensor/fpsensor.cc
+++ b/common/fpsensor/fpsensor.cc
@@ -4,14 +4,12 @@
  */
 #include "compile_time_macros.h"
 
-/* Boringssl headers need to be included before extern "C" section. */
-#include "openssl/mem.h"
-
 extern "C" {
 #include "atomic.h"
 #include "clock.h"
 #include "common.h"
 #include "console.h"
+#include "cryptoc/util.h"
 #include "ec_commands.h"
 #include "gpio.h"
 #include "host_command.h"
@@ -519,7 +517,7 @@ static enum ec_status fp_command_frame(struct host_cmd_handler_args *args)
 				      encrypted_template, encrypted_blob_size,
 				      enc_info->nonce, FP_CONTEXT_NONCE_BYTES,
 				      enc_info->tag, FP_CONTEXT_TAG_BYTES);
-		OPENSSL_cleanse(key, sizeof(key));
+		always_memset(key, 0, sizeof(key));
 		if (ret != EC_SUCCESS) {
 			CPRINTS("fgr%d: Failed to encrypt template", fgr);
 			return EC_RES_UNAVAILABLE;
@@ -642,7 +640,7 @@ static enum ec_status fp_command_template(struct host_cmd_handler_args *args)
 				      encrypted_template, encrypted_blob_size,
 				      enc_info->nonce, FP_CONTEXT_NONCE_BYTES,
 				      enc_info->tag, FP_CONTEXT_TAG_BYTES);
-		OPENSSL_cleanse(key, sizeof(key));
+		always_memset(key, 0, sizeof(key));
 		if (ret != EC_SUCCESS) {
 			CPRINTS("fgr%d: Failed to decipher template", idx);
 			/* Don't leave bad data in the template buffer */
@@ -661,8 +659,8 @@ static enum ec_status fp_command_template(struct host_cmd_handler_args *args)
 		if (bytes_are_trivial(positive_match_salt,
 				      sizeof(fp_positive_match_salt[0]))) {
 			CPRINTS("fgr%d: Trivial positive match salt.", idx);
-			OPENSSL_cleanse(fp_template[idx],
-					sizeof(fp_template[0]));
+			always_memset(fp_template[idx], 0,
+				      sizeof(fp_template[0]));
 			return EC_RES_INVALID_PARAM;
 		}
 		memcpy(fp_positive_match_salt[idx], positive_match_salt,
diff --git a/common/fpsensor/fpsensor_crypto.cc b/common/fpsensor/fpsensor_crypto.cc
index 5b5ce9de49..5861064427 100644
--- a/common/fpsensor/fpsensor_crypto.cc
+++ b/common/fpsensor/fpsensor_crypto.cc
@@ -8,13 +8,13 @@
 #include "fpsensor_state.h"
 #include "fpsensor_utils.h"
 #include "openssl/aes.h"
-#include "openssl/mem.h"
 
 /* These must be included after the "openssl/aes.h" */
 #include "crypto/fipsmodule/aes/internal.h"
 #include "crypto/fipsmodule/modes/internal.h"
 
 extern "C" {
+#include "cryptoc/util.h"
 #include "rollback.h"
 #include "sha256.h"
 #include "util.h"
@@ -101,7 +101,7 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
 	compute_hmac_sha256(key_buf, prk, prk_size, message_buf, info_size + 1);
 
 	memcpy(out_key, key_buf, out_key_size);
-	OPENSSL_cleanse(key_buf, sizeof(key_buf));
+	always_memset(key_buf, 0, sizeof(key_buf));
 
 	return EC_SUCCESS;
 }
@@ -156,8 +156,8 @@ int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk, size_t prk_size,
 		out_key += block_size;
 		L -= block_size;
 	}
-	OPENSSL_cleanse(T_buffer, sizeof(T_buffer));
-	OPENSSL_cleanse(info_buffer, sizeof(info_buffer));
+	always_memset(T_buffer, 0, sizeof(T_buffer));
+	always_memset(info_buffer, 0, sizeof(info_buffer));
 	return EC_SUCCESS;
 #undef HASH_LEN
 }
@@ -187,7 +187,7 @@ int derive_positive_match_secret(uint8_t *output,
 	/* "Extract" step of HKDF. */
 	hkdf_extract(prk, input_positive_match_salt,
 		     FP_POSITIVE_MATCH_SALT_BYTES, ikm, sizeof(ikm));
-	OPENSSL_cleanse(ikm, sizeof(ikm));
+	always_memset(ikm, 0, sizeof(ikm));
 
 	memcpy(info, info_prefix, strlen(info_prefix));
 	memcpy(info + strlen(info_prefix), user_id, sizeof(user_id));
@@ -195,7 +195,7 @@ int derive_positive_match_secret(uint8_t *output,
 	/* "Expand" step of HKDF. */
 	ret = hkdf_expand(output, FP_POSITIVE_MATCH_SECRET_BYTES, prk,
 			  sizeof(prk), info, sizeof(info));
-	OPENSSL_cleanse(prk, sizeof(prk));
+	always_memset(prk, 0, sizeof(prk));
 
 	/* Check that secret is not full of 0x00 or 0xff. */
 	if (bytes_are_trivial(output, FP_POSITIVE_MATCH_SECRET_BYTES)) {
@@ -225,7 +225,7 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
 	/* "Extract step of HKDF. */
 	hkdf_extract(prk, salt, FP_CONTEXT_ENCRYPTION_SALT_BYTES, ikm,
 		     sizeof(ikm));
-	OPENSSL_cleanse(ikm, sizeof(ikm));
+	always_memset(ikm, 0, sizeof(ikm));
 
 	/*
 	 * Only 1 "expand" step of HKDF since the size of the "info" context
@@ -234,7 +234,7 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
 	 */
 	ret = hkdf_expand_one_step(out_key, SBP_ENC_KEY_LEN, prk, sizeof(prk),
 				   (uint8_t *)user_id, sizeof(user_id));
-	OPENSSL_cleanse(prk, sizeof(prk));
+	always_memset(prk, 0, sizeof(prk));
 
 	return ret;
 }
diff --git a/common/fpsensor/fpsensor_state.cc b/common/fpsensor/fpsensor_state.cc
index c4fec5fb5b..7a2c9b6347 100644
--- a/common/fpsensor/fpsensor_state.cc
+++ b/common/fpsensor/fpsensor_state.cc
@@ -4,13 +4,12 @@
  */
 
 #include "compile_time_macros.h"
-
-/* Boringssl headers need to be included before extern "C" section. */
-#include "openssl/mem.h"
+#include "fpsensor_utils.h"
 
 extern "C" {
 #include "atomic.h"
 #include "common.h"
+#include "cryptoc/util.h"
 #include "ec_commands.h"
 #include "host_command.h"
 #include "system.h"
@@ -21,7 +20,6 @@ extern "C" {
 #include "fpsensor.h"
 #include "fpsensor_crypto.h"
 #include "fpsensor_state.h"
-#include "fpsensor_utils.h"
 
 /* Last acquired frame (aligned as it is used by arbitrary binary libraries) */
 uint8_t fp_buffer[FP_SENSOR_IMAGE_SIZE] FP_FRAME_SECTION __aligned(4);
@@ -73,9 +71,9 @@ void fp_task_simulate(void)
 
 void fp_clear_finger_context(uint16_t idx)
 {
-	OPENSSL_cleanse(fp_template[idx], sizeof(fp_template[0]));
-	OPENSSL_cleanse(fp_positive_match_salt[idx],
-			sizeof(fp_positive_match_salt[0]));
+	always_memset(fp_template[idx], 0, sizeof(fp_template[0]));
+	always_memset(fp_positive_match_salt[idx], 0,
+		      sizeof(fp_positive_match_salt[0]));
 }
 
 /**
@@ -87,9 +85,9 @@ static void _fp_clear_context(void)
 {
 	templ_valid = 0;
 	templ_dirty = 0;
-	OPENSSL_cleanse(fp_buffer, sizeof(fp_buffer));
-	OPENSSL_cleanse(fp_enc_buffer, sizeof(fp_enc_buffer));
-	OPENSSL_cleanse(user_id, sizeof(user_id));
+	always_memset(fp_buffer, 0, sizeof(fp_buffer));
+	always_memset(fp_enc_buffer, 0, sizeof(fp_enc_buffer));
+	always_memset(user_id, 0, sizeof(user_id));
 	fp_disable_positive_match_secret(&positive_match_secret_state);
 	for (uint16_t idx = 0; idx < FP_MAX_FINGER_COUNT; idx++)
 		fp_clear_finger_context(idx);