Age | Commit message (Collapse) | Author |
|
07a9435803 am: 19237091e3
am: 98b0e9b9f4
Change-Id: If08baa76ab20307f1690ffad345152e7f6616faf
|
|
07a9435803
am: 19237091e3
Change-Id: Ie987d7bf3c9872ec35cbe88f863ebaf58b3e4950
|
|
am: 07a9435803
Change-Id: I7c9ac4a9973aa33890034a544a5aec0cf3f5c8a2
|
|
am: a71795a2cd
Change-Id: I4b54efeedb0e6835491ac40d29a47af9bcc24a7d
|
|
am: e760ff57b9
Change-Id: I21c094b84f345de24afde68875d0558148042374
|
|
The current implementation of MemoryEqual
will not necessarily compile to a constant-time
instruction sequence. This change ensures that
every byte of the input must be inspected.
BRANCH=none
BUG=none
TEST=TCG tests pass
Change-Id: Ide83bce6cafea2d48c03e5116e97a6dd23419134
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/503478
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
am: 2022877777
Change-Id: I357e3b3bffebb02eac1b73813e5a5327203c1ea2
|
|
am: 9695b44f9a
Change-Id: If4762aa705543514d891a0604e7c961cc02998cf
|
|
am: c8ea94480d
Change-Id: I4e0b9703317df67dc6b999c7645091394d7cbaa5
|
|
am: 4454439844
Change-Id: I1c98b0a5e4d19e805a5da8df677a3c5e6bc5bc4a
|
|
Test: links
Bug: 37512442
Change-Id: I6a5bd123737d3bffa6b6c27c8d598552d2d3fb0f
|
|
am: 4f0ca3b562 am: 3ec2270abd
am: 29e56ce56b
Change-Id: I09813b6c15dac1445e9f10c64465b8dfb70f4534
|
|
am: 4f0ca3b562
am: 3ec2270abd
Change-Id: I125d44b4cdcef57484a51cff9d92a5ccb44e7125
|
|
am: 4f0ca3b562
Change-Id: I8c1da02ce57cc32b84b62127d149dc7fcdb88798
|
|
am: d5f5f466f6
Change-Id: I8b5e72b413473f5748b392cfae9ee26652288e71
|
|
am: 1a68fe6fa8
Change-Id: I57cb0a4c004a3ae3ca4a850d958f358c5cfdfe45
|
|
The TPM2 library and cr50 board have separate definitions of the NVMEM
size, which need to be changed manually and are enforced by a compile
time check in the cr50 code.
CQ-DEPEND=CL:433184
BRANCH=none
BUG=chrome-os-partner:62260
TEST=see dependent CL for test description
Change-Id: I0586a35b77b2f52538023442f537c7a48b3357e7
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/433839
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
5bbd9763d5
am: fe6b30fb4e
Change-Id: Ie8e28a2badaec6e58f932304c0d8f1d593d7b239
|
|
am: 5bbd9763d5
Change-Id: Ifff46be5982398cc1282df9077db3691a38fd1cf
|
|
am: 94907f49fd
Change-Id: Ief4d7c45c0eccc62fc09a662fb3c974e2f06a029
|
|
am: 6ece5a16ed
Change-Id: Ie30be3fd1839ea681901a88e6721f8803236de16
|
|
am: 21756127fd
Change-Id: I3ec3888ba566dc15bd81084da00fe9e581e9296c
|
|
Reference implementation stores OBJECT structures in NVRAM
unmarshaled, even though this structure layout is such that most of
its 1540 bytes remain unused by the object stored in the structure.
Marshaling the structure before storing it in NVMEM allows to save a
lot of room there.
To make sure that marshaling is not processing junk data, clear the
entire structure before allocating a new OBJECT.
This change is meant to be backwards compatible. When data is read
from NVMEM, in case its size is equal the size of OBJECT structure,
data is considered stored unmarshaled and is copied to the output
directly. If the stored size is smaller - unmarshaling function is
invoked.
BUG=chrome-os-partner:60502
TEST=tcg test suite passes (not that it exercises this a lot, just
five instances of storing/retrieving objects for the entire
suite). Will test on real tpm to verify NVMEM storage format
backwards compatibility.
Also tried taking a chrome os device through enterprise
enrollment. With the old code after enrollment there is room for
just two eviction objects left:
# command to retrieve number of objects in nvmem(is in the last
# byte of the response)
localhost ~ # trunks_send --raw 80 01 00 00 00 16 00 00 01 7a 00\
00 00 06 00 00 02 08 00 00 00 01
80010000001B000000000100000006000000010000020800000003
# command to retrieve how many objects the tpm estimates it is
# still possible to store in nvram (is in the last byte of the
# response)
localhost ~ # trunks_send --raw 80 01 00 00 00 16 00 00 01 7a \
00 00 00 06 00 00 02 09 00 00 00 01
80010000001B000000000100000006000000010000020900000002
with the new code after enrollment the responses the above commands
are:
80010000001B000000000100000006000000010000020800000003
80010000001B000000000100000006000000010000020900000004
That is with three objects stored there is room for 4 more
objects.
Also verified that the device enrolled with the old version of the
cr50 firmware remains enrolled after firmware update, which
demonstrates backward compatibility.
Change-Id: Ic2d5f902220b451523b740b57edb7867441d1faa
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/424171
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
acdff2ed61 am: abf58a352b
am: 2ba96f18ca
Change-Id: I5d06675027c4bc201e4cc093bd9e29fd1b408461
|
|
acdff2ed61
am: abf58a352b
Change-Id: I008be36f019c3cda402734f64e594a9b26bcaf1e
|
|
am: acdff2ed61
Change-Id: I25c29962e149bac7c9fc57d33ae253f5553a71ab
|
|
am: be42694d9f
Change-Id: I79933c1fb3b91ddf6ff30cdc32d4560495f5c85d
|
|
am: 569c3c58dc
Change-Id: I9c12247c6c6ec66ac1091275db40dc371be9bcab
|
|
Perform PKCS1-padding-only signing for RSASSA if hashing algorithm is
TPM_ALG_NULL in TPM2_Sign parameters and in the key public area.
This feature is guarded by SUPPORT_PADDING_ONLY_RSASSA macro.
BUG=chrome-os-partner:60967
BRANCH=none
TEST=On a unowned machine with TPM2: corp enroll, login, install
a network certificate (gECC or GMC), then:
a) retrieve the public key from the installed certificate
LIBCHAPS=`ls /usr/lib**/libchaps.so`
CERTID=`pkcs11-tool --module=$LIBCHAPS --slot=1 --type=cert \
-O | grep "ID:" | awk '{print $2}'`
pkcs11-tool --module=$LIBCHAPS --slot=1 --id=$CERTID \
--type=cert -r > /tmp/cert
openssl x509 -inform der -pubkey -noout -in /tmp/cert > /tmp/pub.key
b) sign a sample text using the private key for the certificate and
MD5-RSA-PKCS mechanism, not supported by TPM2_Sign command:
echo "ABCDEF" > /tmp/1.txt
pkcs11-tool --module=$LIBCHAPS --slot=1 --id=$CERTID --sign \
-i /tmp/1.txt -o /tmp/1.sig -m MD5-RSA-PKCS
c) verify signature:
openssl dgst -md5 -verify /tmp/pub.key -signature /tmp/1.sig /tmp/1.txt
Step (b) should succeed and step (c) should return "Verified OK".
Change-Id: Iefc85d163089d6f7e09b3e7a41e1df33ba88fa3b
Signed-off-by: Andrey Pronin <apronin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/420811
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
|
|
09170b3a3c am: 12242f389d
am: 6c856e6362
Change-Id: I3c4c9e70b879f414fffc23a30ddbd7a32d3c8e8e
|
|
09170b3a3c
am: 12242f389d
Change-Id: I8f2fc3d7789e065c9a7d5b9db324276eb212dc01
|
|
am: 09170b3a3c
Change-Id: I0f6ea2214f7e9eaaa9aa588e8fe430e157f6154b
|
|
am: 458b6689d7
Change-Id: I0a6124b6f177077f05c8c466c170692b12f99455
|
|
am: 1d3ac31070
Change-Id: I6fd167b748ac45fdacde2af135b96375aee59896
|
|
Add a build assert that checks the sizeof the tpm2
OBJECT struct. This check indicates that NV_FORMAT_VERSION
needs to be bumped, due to a change to tpm2 data structures.
BRANCH=none
BUG=none
TEST=build succeeds
Change-Id: Id6cddd7bec10ebf0aa78e2199826fb6e1ff4fd8c
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/419120
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
am: 29b86236a6 am: 5e683e8a4c
am: 03d6eae321
Change-Id: Ic07b6cabbcff7f97fe771e0119e5a16e7f354b37
|
|
am: 29b86236a6
am: 5e683e8a4c
Change-Id: Ieb33e4c449e2c41cec845c500ab391dac2bd6ba7
|
|
am: 29b86236a6
Change-Id: I55a7459aa15d16a5fddb30a3608eb2fac1507d74
|
|
am: be4ffac51a
Change-Id: I987dfeaa1ffc6875230a0e883fefa17bd025aa61
|
|
am: abb7a18cbd
Change-Id: Ie29134b65552a2ff0a1b68e3ff7d9b50cd7fd6df
|
|
BUG=none
BRANCH=none
TEST=follow instructions in fuzz/build.sh
Change-Id: Id3f1ade1ec74401e741928a6961f1da6a21deb6a
Reviewed-on: https://chromium-review.googlesource.com/417702
Commit-Ready: Mike Aizitsky <aizatsky@chromium.org>
Tested-by: Mike Aizitsky <aizatsky@chromium.org>
Reviewed-by: Mike Aizitsky <aizatsky@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Nagendra Modadugu <ngm@google.com>
|
|
am: da73c11811 am: d936fce981
am: 2fe751e255
Change-Id: I56532cceef1e79c440629dd1efa304339b6b1ee3
|
|
am: da73c11811
am: d936fce981
Change-Id: I22beb227166d3e90196b76f9ac42726cb96df520
|
|
am: da73c11811
Change-Id: I2480d22a46dce31b5cc5228c46e855cec452b779
|
|
am: 3f545ad4e8
Change-Id: I5fcd8c43f428a148f2b80829f136f5d9bb9ab487
|
|
am: f037a5c57c
Change-Id: Ib1700fc14aaa486b3740877aa0598496e6ed01ed
|
|
In practice, RSASSA/SHA-512 is used for signing with tpm-backed keys,
so we need to enable this algorithm. SHA-384 is also enabled, as it
doesn't affect the size of objects, and support for it is also added
in the code.
Note that for cr50 this change combined with CL:415218 is sufficient
to support SHA-384/512 digests in RSA Sign operations. However, more
changes are required to actually support the new hashing algorithm,
and will come in a separate CL.
Bumped NV_FORMAT_VERSION to 2 since this change increases OBJECT size
(that has 5 digest structures inside, so +32 (32->64) to max digest
means +160 bytes to OBJECT).
Note that it leads to decreasing the number of persistent objects that
can be stored in NVRAM.
BUG=chrome-os-partner:59754
TEST=1) On TPM2 simulator for a pre-generated key pair (/tmp/priv.key +
/tmp/pub.key) and input /tmp/1.txt, import the private key, sign
the text using it and SHA512-RSA-PKCS, and verify that the
signature is correct:
openssl pkcs8 -inform pem -outform der -in /tmp/priv.key \
-out /tmp/priv.der -nocrypt
p11_replay --import --path=/tmp/priv.der --type=privkey \
-id=bbbbbb
pkcs11-tool --module=`ls /usr/lib**/libchaps.so` --slot=0 \
--id=bbbbbb --sign -i /tmp/1.txt -o /tmp/1.sig \
-m SHA512-RSA-PKCS
openssl dgst -sha512 -verify /tmp/pub.key \
-signature /tmp/1.sig /tmp/1.txt
The last operation should say "Verified OK".
2) Repeat the same for SHA384-RSA-PKCS and openssl dgst -sha384.
3) Boot on TPM2 board after clearing tpm owner, corp enroll,
login.
Change-Id: I03e24bd0659aa8b1d76dd16640ea44b6eb46bf56
Reviewed-on: https://chromium-review.googlesource.com/415108
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
630e2e46ea am: a8882eec97
am: 7906c74bd6
Change-Id: If2cb45262fcf7f5afc3756eb98ac8859cee3f512
|
|
630e2e46ea
am: a8882eec97
Change-Id: I7bfc4a0c5132ad853062391894078ab0e17d16ec
|
|
am: 630e2e46ea
Change-Id: Ib35cc66f14c576c24ab4ee2aedfbded38cfa124d
|