u2f: Move some u2f logic to common/ for testing

Since this is cr50's branch, there's no semantic difference whether
we put logic in board/cr50/u2f.c or common/u2f.c. EC's build system
doesn't quite allow unit-testing board-specific logic, so to unit-test
some of the crypto logic in board/cr50/u2f.c, things need to move
to common/u2f.c. There's no change in functionality.

There should also be no problem for merging/cherry-picking ToT changes
to cr50_stab, because any new u2f changes are made on cr50_stab only
and not on ToT.

BUG=b:172971998
TEST=make run-u2f
TEST=make CR50_DEV=1 BOARD=cr50

Change-Id: I3cb8d78fd6427620a6fe20cef12708899d2896b5
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2702496
Reviewed-by: Mary Ruthven <mruthven@chromium.org>

1 files changed, 20 insertions, 0 deletions

diff --git a/include/u2f_impl.h b/include/u2f_impl.h
index a2f2cfaa97..d3f4800387 100644
--- a/include/u2f_impl.h
+++ b/include/u2f_impl.h
@@ -33,6 +33,19 @@ enum touch_state {
  */
 enum touch_state pop_check_presence(int consume);
 
+/* ---- non-volatile U2F state ---- */
+
+struct u2f_state {
+	uint32_t salt[8];
+	uint32_t salt_kek[8];
+	uint32_t salt_kh[8];
+};
+
+/**
+ * Get the current u2f state from the board.
+ */
+struct u2f_state *get_state(void);
+
 /* ---- platform cryptography hooks ---- */
 
 /**
@@ -145,4 +158,11 @@ int g2f_attestation_cert(uint8_t *buf);
 enum vendor_cmd_rc u2f_generate(enum vendor_cmd_cc code, void *buf,
 				size_t input_size, size_t *response_size);
 
+/**
+ * U2F_SIGN command handler. Verifies a key handle is owned and signs data with
+ * it.
+ */
+enum vendor_cmd_rc u2f_sign(enum vendor_cmd_cc code, void *buf,
+			    size_t input_size, size_t *response_size);
+
 #endif /* __CROS_EC_U2F_IMPL_H */