Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[rom] Switch keys SPX+ keys to OTP #22066

Merged
merged 4 commits into from
Mar 17, 2024
Merged

[rom] Switch keys SPX+ keys to OTP #22066

merged 4 commits into from
Mar 17, 2024

Conversation

moidx
Copy link
Contributor

@moidx moidx commented Mar 16, 2024

  1. Add sigverify config parameters to const.bzl so that they can be used in OTP config targets.
  2. Introduce OTP partitions for real and fake keys.
  3. Update OtpMemImg.py to enable code generation for ROT_AUTH OTP partitions. This will be used to enable the provisioning flows later.

@moidx
[otp] Add ROT_CREATOR partitions to OptMemImg software generator.
b062bda 
Update the SW_WRITE_ALIGNMENT dictionary to capture the byte alignment
properties of the `ROT_CREATOR_AUTH_CODESIGN` and
`ROT_CREATOR_AUTH_STATE` partitions.

Signed-off-by: Miguel Osorio <miguelosorio@google.com>
@moidx moidx requested review from cfrantz and timothytrippel March 16, 2024 21:20
@moidx moidx requested a review from a team as a code owner March 16, 2024 21:20
@moidx moidx removed the request for review from a team March 16, 2024 21:21
@moidx moidx force-pushed the a1-rom-switch-spx-keys-to-otp branch 2 times, most recently from 94dea17 to d73696f Compare March 16, 2024 21:26
moidx added 3 commits March 16, 2024 17:12
@moidx
[bazel] Add constant definitions for sigverify.
13013b3 
Keys stored in OTP will have to be configured with constant values that
are defined in the rom sigverify library. This change adds such constant
definitions to //rules/const.bzl.

In addition to this. The SPX+ config id enums were updated to use higher
hamming distance values and to use a name reflecting the SPX+ parameter
configuration.

Signed-off-by: Miguel Osorio <miguelosorio@google.com>
@moidx
[rom] Introduce OTP configuration for RoT keys.
55fc5f0 
This commit adds a fake keys build configuration for RoT keys.

Signed-off-by: Miguel Osorio <miguelosorio@google.com>
@moidx
[rom] Stage real key OTP configuration.
61fec85 
This commit adds a placeholder for the real SPX+ keys based on the
earlgrey_es_sival real key configuration.

Signed-off-by: Miguel Osorio <miguelosorio@google.com>
@moidx moidx force-pushed the a1-rom-switch-spx-keys-to-otp branch from d73696f to 61fec85 Compare March 17, 2024 00:12
@moidx moidx merged commit b2d9173 into lowRISC:master Mar 17, 2024
32 checks passed
@moidx moidx deleted the a1-rom-switch-spx-keys-to-otp branch March 17, 2024 19:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timothytrippel timothytrippel timothytrippel approved these changes

@cfrantz cfrantz Awaiting requested review from cfrantz cfrantz is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@moidx @timothytrippel