diff options
author | nagendra modadugu <ngm@google.com> | 2017-01-19 15:34:12 -0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-01-21 15:16:42 -0800 |
commit | 337aab4ea4f9631885f794db856ae9e68ef617b9 (patch) | |
tree | f26f12b13e776e7d4ea3593146c8e626ef35d544 /chip | |
parent | 6550e44ed7effb61e9090f954de54ea6c74994bb (diff) | |
download | chrome-ec-337aab4ea4f9631885f794db856ae9e68ef617b9.tar.gz |
g: add application directed wrappers for key-ladder keys
Add functions that derive application specific keys based
on FRK2. For the moment, derived keys need to be manually
copied into the AES engine. Since key-ladder state depends
on the code-signer (prod vs. dev), application derived keys
are also different in the two modes. Thus ciphertext blobs
produced by prod-signed code cannot be decrypted by dev-signed
code.
To minimize stack requirements on the hook_task, the SHA
context in DCRYPTO_appkey_init() is placed in allocated/freed
memory. This SHA object will become unnecessary once the
AES engine is seeded directly from the key-ladder.
BRANCH=none
BUG=chrome-os-partner:55331
TEST=pending
Change-Id: Ifb274b15e61be317e02ec31fc52f9a41e06dcba3
Signed-off-by: nagendra modadugu <ngm@google.com>
Signed-off-by: Marius Schilder <mschilder@chromium.org>
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/428170
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Diffstat (limited to 'chip')
-rw-r--r-- | chip/g/build.mk | 1 | ||||
-rw-r--r-- | chip/g/dcrypto/app_key.c | 50 | ||||
-rw-r--r-- | chip/g/dcrypto/dcrypto.h | 15 |
3 files changed, 64 insertions, 2 deletions
diff --git a/chip/g/build.mk b/chip/g/build.mk index c6f2f47c96..f5df5069d4 100644 --- a/chip/g/build.mk +++ b/chip/g/build.mk @@ -29,6 +29,7 @@ chip-y += uartn.o endif chip-$(CONFIG_DCRYPTO)+= dcrypto/aes.o +chip-$(CONFIG_DCRYPTO)+= dcrypto/app_key.o chip-$(CONFIG_DCRYPTO)+= dcrypto/bn.o chip-$(CONFIG_DCRYPTO)+= dcrypto/bn_hw.o chip-$(CONFIG_DCRYPTO)+= dcrypto/compare.o diff --git a/chip/g/dcrypto/app_key.c b/chip/g/dcrypto/app_key.c new file mode 100644 index 0000000000..0c560656ef --- /dev/null +++ b/chip/g/dcrypto/app_key.c @@ -0,0 +1,50 @@ +/* Copyright 2016 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ +#include "dcrypto.h" +#include "internal.h" +#include "endian.h" +#include "registers.h" +#include "console.h" +#include "shared_mem.h" + +#include "cryptoc/util.h" + +static const char * const dcrypto_app_names[] = { + "NVMEM" +}; + +int DCRYPTO_appkey_init(enum dcrypto_appid appid, struct APPKEY_CTX *ctx) +{ + LITE_HMAC_CTX *hmac_ctx; + + if (appid >= ARRAY_SIZE(dcrypto_app_names)) + return 0; + + memset(ctx, 0, sizeof(ctx)); + + if (!DCRYPTO_ladder_compute_frk2(0, ctx->key)) + return 0; + + if (shared_mem_acquire(sizeof(LITE_HMAC_CTX), + (char **)&hmac_ctx) != EC_SUCCESS) { + return 0; + } + + HMAC_SHA256_init(hmac_ctx, ctx->key, sizeof(ctx->key)); + HMAC_update(hmac_ctx, dcrypto_app_names[appid], + strlen(dcrypto_app_names[appid])); + memcpy(ctx->key, HMAC_final(hmac_ctx), SHA256_DIGEST_SIZE); + + always_memset(hmac_ctx, 0, sizeof(LITE_HMAC_CTX)); + + shared_mem_release(hmac_ctx); + return 1; +} + +void DCRYPTO_appkey_finish(struct APPKEY_CTX *ctx) +{ + always_memset(ctx, 0, sizeof(struct APPKEY_CTX)); + GREG32(KEYMGR, AES_WIPE_SECRETS) = 1; +} diff --git a/chip/g/dcrypto/dcrypto.h b/chip/g/dcrypto/dcrypto.h index a5b38acdbc..3b80f6e6b8 100644 --- a/chip/g/dcrypto/dcrypto.h +++ b/chip/g/dcrypto/dcrypto.h @@ -201,9 +201,20 @@ int DCRYPTO_x509_verify(const uint8_t *cert, size_t len, */ int DCRYPTO_equals(const void *a, const void *b, size_t len); +int DCRYPTO_ladder_compute_frk2(size_t major_fw_version, uint8_t *frk2); + /* - * Key ladder related functions. + * Application key related functions. */ -int DCRYPTO_ladder_compute_frk2(size_t major_fw_version, uint8_t *frk2); +enum dcrypto_appid { + NVMEM = 0 +}; + +struct APPKEY_CTX { + uint8_t key[SHA256_DIGEST_SIZE]; +}; + +int DCRYPTO_appkey_init(enum dcrypto_appid id, struct APPKEY_CTX *ctx); +void DCRYPTO_appkey_finish(struct APPKEY_CTX *ctx); #endif /* ! __EC_CHIP_G_DCRYPTO_DCRYPTO_H */ |