diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-09-29 15:02:49 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-10-05 19:08:53 +0000 |
commit | 9cd80daff9f6d9df08311a790a79632ab647a162 (patch) | |
tree | f454c7c3b3e8b47f0dd7327fc7be7e9f9dd2181d /test | |
parent | d64c8e2803a570aa3181fe67f2fb0f3241789de1 (diff) | |
download | chrome-ec-9cd80daff9f6d9df08311a790a79632ab647a162.tar.gz |
cr50: Update AES public APIsfactory-ambassador-14265.B-cr50_stab
To support FIPS mode we need to block access to crypto in case of
errors.
1) Added check for FIPS errors into DCRYPTO_aes_init()
2) Return codes updated to enum dcrypto_result
3) Call sites updated to check for return codes
BUG=b:197893750
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Id614cc346fe22537e9208196bf1322221a253b0c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3194985
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'test')
-rw-r--r-- | test/pinweaver.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/test/pinweaver.c b/test/pinweaver.c index df7327887f..8f2890d34b 100644 --- a/test/pinweaver.c +++ b/test/pinweaver.c @@ -936,16 +936,17 @@ const struct sha256_digest *HMAC_SHA256_final(struct hmac_sha256_ctx *ctx) /* Perform a symmetric transformation of the data to simulate AES without * requiring a full AES-CTR implementation. * - * 1 for success 0 for fail + * DCRYPTO_OK for success DCRYPTO_FAIL for fail */ -int DCRYPTO_aes_ctr(uint8_t *out, const uint8_t *key, uint32_t key_bits, - const uint8_t *iv, const uint8_t *in, size_t in_len) +enum dcrypto_result DCRYPTO_aes_ctr(uint8_t *out, const uint8_t *key, + uint32_t key_bits, const uint8_t *iv, + const uint8_t *in, size_t in_len) { size_t x; if (MOCK_aes_fail) { --MOCK_aes_fail; - return 0; + return DCRYPTO_FAIL; } TEST_ASSERT(key_bits == 256); @@ -956,7 +957,7 @@ int DCRYPTO_aes_ctr(uint8_t *out, const uint8_t *key, uint32_t key_bits, for (x = 0; x < in_len; ++x) out[x] = MOCK_AES_XOR_BYTE(x) ^ in[x]; - return 1; + return DCRYPTO_OK; } /* 1 for success 0 for fail*/ |