"readme.rst" did not exist on "fef4fdb9cc0f2e4ca9d2864e1e92624da1e96ff5"
fix(driver/auth): avoid NV counter upgrade without certificate validation
Platform NV counter get updated (if cert NV counter > plat NV counter) before authenticating the certificate if the platform specifies NV counter method before signature authentication in its CoT, and this provides an opportunity for a tempered certificate to upgrade the platform NV counter. This is theoretical issue, as in practice none of the standard CoT (TBBR, dualroot) or upstream platforms ones (NXP) exercised this issue. To fix this issue, modified the auth_nvctr method to do only NV counter check, and flags if the NV counter upgrade is needed or not. Then ensured that the platform NV counter gets upgraded with the NV counter value from the certificate only after that certificate gets authenticated. This change is verified manually by modifying the CoT that specifies certificate with: 1. NV counter authentication before signature authentication method 2. NV counter authentication method only Change-Id: I1ad17f1a911fb103...
Showing
+34 -13
Please register or sign in to comment