cr50: add support for padding-only RSASSA

Perform PKCS1-padding-only signing for RSASSA if hashing algorithm is
TPM_ALG_NULL.

This feature is guarded by SUPPORT_PADDING_ONLY_RSASSA macro in
tpm2/Implementation.h.

BUG=chrome-os-partner:60967
BRANCH=none
TEST=On a unowned machine with TPM2: corp enroll, login, install
     a network certificate (gECC or GMC), then:
     a) retrieve the public key from the installed certificate
       LIBCHAPS=`ls /usr/lib**/libchaps.so`
       CERTID=`pkcs11-tool --module=$LIBCHAPS --slot=1 --type=cert \
               -O | grep "ID:" | awk '{print $2}'`
       pkcs11-tool --module=$LIBCHAPS --slot=1 --id=$CERTID \
                   --type=cert -r > /tmp/cert
       openssl x509 -inform der -pubkey -noout -in /tmp/cert > /tmp/pub.key
     b) sign a sample text using the private key for the certificate and
        MD5-RSA-PKCS mechanism, not supported by TPM2_Sign command:
       echo "ABCDEF" > /tmp/1.txt
       pkcs11-tool --module=$LIBCHAPS --slot=1 --id=$CERTID --sign \
                 -i /tmp/1.txt -o /tmp/1.sig -m MD5-RSA-PKCS
     c) verify signature:
       openssl dgst -md5 -verify /tmp/pub.key \
                    -signature /tmp/1.sig /tmp/1.txt
     Step (b) should succeed and step (c) should return "Verified OK".

Change-Id: I0d7a11c48cdb04e37748f7255b98e9e023481a96
Signed-off-by: Andrey Pronin <apronin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/420854
Reviewed-by: Darren Krahn <dkrahn@chromium.org>

1 files changed, 2 insertions, 1 deletions

diff --git a/chip/g/dcrypto/dcrypto.h b/chip/g/dcrypto/dcrypto.h
index dfe04b2111..fbc4beb583 100644
--- a/chip/g/dcrypto/dcrypto.h
+++ b/chip/g/dcrypto/dcrypto.h
@@ -35,7 +35,8 @@ enum hashing_mode {
 	HASH_SHA1 = 0,
 	HASH_SHA256 = 1,
 	HASH_SHA384 = 2,  /* Only supported for PKCS#1 signing */
-	HASH_SHA512 = 3   /* Only supported for PKCS#1 signing */
+	HASH_SHA512 = 3,  /* Only supported for PKCS#1 signing */
+	HASH_NULL = 4  /* Only supported for PKCS#1 signing */
 };
 
 /*