cr50: Add vendor command to set U2F modestabilize-12441.B

The existing U2F command will be deleted, as
it is part of the legacy U2F implementation;
this command is a replacement for it.

BRANCH=none
BUG=b:138578925
TEST=run u2fd with --g2f and --u2f,
     check G2F cert to verify mode is respected

Signed-off-by: Louis Collard <louiscollard@chromium.org>
Change-Id: I3956809248bb35baaaecdeef66f2fa35832aa421
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1748846
Reviewed-by: Andrey Pronin <apronin@chromium.org>

2 files changed, 19 insertions, 0 deletions

diff --git a/board/cr50/u2f.c b/board/cr50/u2f.c
index bf0bbb8791..9ac009c7d1 100644
--- a/board/cr50/u2f.c
+++ b/board/cr50/u2f.c
@@ -188,6 +188,23 @@ unsigned u2f_custom_dispatch(uint8_t ins, struct apdu apdu,
 	return U2F_SW_INS_NOT_SUPPORTED;
 }
 
+static enum vendor_cmd_rc set_u2f_mode(enum vendor_cmd_cc code, void *buf,
+				       size_t input_size, size_t *response_size)
+{
+	uint8_t *mode = (uint8_t *)buf;
+
+	if (input_size != 1)
+		return VENDOR_RC_BOGUS_ARGS;
+
+	u2f_mode = *mode;
+
+	*mode = use_u2f() ? u2f_mode : 0;
+	*response_size = 1;
+
+	return VENDOR_RC_SUCCESS;
+}
+DECLARE_VENDOR_COMMAND(VENDOR_CC_U2F_MODE, set_u2f_mode);
+
 /* ---- chip-specific U2F crypto ---- */
 
 static int _derive_key(enum dcrypto_appid appid, const uint32_t input[8],
diff --git a/include/tpm_vendor_cmds.h b/include/tpm_vendor_cmds.h
index 5aef9ec150..b19339c1dd 100644
--- a/include/tpm_vendor_cmds.h
+++ b/include/tpm_vendor_cmds.h
@@ -134,6 +134,8 @@ enum vendor_cmd_cc {
 	VENDOR_CC_FLOG_TIMESTAMP = 47,
 	VENDOR_CC_ENDORSEMENT_SEED = 48,
 
+	VENDOR_CC_U2F_MODE = 48,
+
 	LAST_VENDOR_COMMAND = 65535,
 };