From fb9c6a66bd4cb462b988fe94298111b43e580da9 Mon Sep 17 00:00:00 2001 From: Vadim Sukhomlinov Date: Tue, 14 Sep 2021 18:37:21 -0700 Subject: cr50: added DCRYPTO_p256_is_valid_point() to public API. To cleanly split internal API in internal.h from external API in dcrypto.h we need to add missing DCRYPTO_p256_is_valid_point(). While adding this switch to enum dcrypto_result for both internal and external versions. Added check that provided point is valid to DCRYPTO_p256_point_mul() as important security precaution. Currently this check is still in tpm2/ecc.c, but it will be removed in next CLs with switching to enum dcrypto_result. Added comments on input parameters and behavior. BUG=b:134594373 TEST=make BOARD=cr50; test/tpm_test/tpmtest.py; TCG tests -------------------------- Test Result Summary ------------------------- Test executed on: Tue Sep 14 18:24:10 2021 Performed Tests: 248 Passed Tests: 248 Failed Tests: 0 Errors: 0 Warnings: 0 ======================================================================== Signed-off-by: Vadim Sukhomlinov Change-Id: I4637f7b61b5a502854d9cad03e8e603529278873 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3161507 Reviewed-by: Vadim Sukhomlinov Reviewed-by: Andrey Pronin Tested-by: Vadim Sukhomlinov Commit-Queue: Vadim Sukhomlinov --- board/cr50/dcrypto/internal.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'board/cr50/dcrypto/internal.h') diff --git a/board/cr50/dcrypto/internal.h b/board/cr50/dcrypto/internal.h index d681a1c1fb..ef092f6fb5 100644 --- a/board/cr50/dcrypto/internal.h +++ b/board/cr50/dcrypto/internal.h @@ -246,7 +246,8 @@ int dcrypto_p256_ecdsa_verify(const p256_int *key_x, const p256_int *key_y, const p256_int *message, const p256_int *r, const p256_int *s) __attribute__((warn_unused_result)); -int dcrypto_p256_is_valid_point(const p256_int *x, const p256_int *y) +enum dcrypto_result dcrypto_p256_is_valid_point(const p256_int *x, + const p256_int *y) __attribute__((warn_unused_result)); /* Wipe content of rnd with pseudo-random values. */ -- cgit v1.2.1