diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2023-02-19 11:41:09 -0800 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2023-02-20 01:55:47 +0000 |
commit | 81541ac95446d126b562ee067d1196d4035cf054 (patch) | |
tree | 7c587e2a52cfc09fa376e0347bc9d4c73e3f36b9 /include/ap_ro_integrity_check.h | |
parent | f24055ddd803f994adb767932c254939720dbe61 (diff) | |
download | chrome-ec-81541ac95446d126b562ee067d1196d4035cf054.tar.gz |
cr50: fix zeroization of U2F secrets
Due to incorrect flags for TPM2 objects U2F secrets were not fully
zeroized (however were overwritten with new owner). Doesn't affect G2F.
BUG=b:268382629
TEST=make CRYPTO_TEST=1 U2F_TEST=1
fips del
fips old
fips u2f # prints old keys
u2f_test # all tests passed
fips del
fips new
fips u2f # print new key size
u2f_test # all tests passed
fips del
fips u2f # prints 0 sizes for u2f secrets
Change-Id: I2549dd5fd20937170c9b8d87363d90b138fdc4dc
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4269450
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'include/ap_ro_integrity_check.h')
0 files changed, 0 insertions, 0 deletions