Merge branch 'main' into hw-model-output

FROZEN_IMAGES.sha384sum

@@ -1,3 +1,3 @@
 # WARNING: Do not update this file without the approval of the Caliptra TAC
-02cacb47219b317eb1f83a42269d38cd358e90a1e346397bf1ebcc14e309d21f4fd82fd54745d67537c67eb9ca4c67e3  caliptra-rom-no-log.bin
-dd5769fdafa3ec59eac0b49017a2410b1091693c68583962f67fd73a72380cfd9b0b384c141f67a87160ef108d8e69ba  caliptra-rom-with-log.bin
+b800d04c3737be19298c8989e14edd54dee1418efd673830d95350f85bdc39bcc2732cca1b8ed7a5e410f40e93cf2689  caliptra-rom-no-log.bin
+c49b5f7e0583139415e4c2a30e8813f12ff0e5aafde6a34ae62ea1c018815a8f6bfd433cf4149fddabe08dbe9572ba09  caliptra-rom-with-log.bin

builder/Cargo.toml

@@ -24,6 +24,7 @@ zerocopy.workspace = true
 
 [features]
 slow_tests = []
+fpga_realtime = []
 
 [[bin]]
 name = "image"

builder/src/firmware.rs

@@ -313,11 +313,6 @@ pub mod runtime_tests {
         ..RUNTIME_TEST_FWID_BASE
     };
 
-    pub const KEYVAULT: FwId = FwId {
-        bin_name: "keyvault",
-        ..RUNTIME_TEST_FWID_BASE
-    };
-
     pub const LOCKED_DV: FwId = FwId {
         bin_name: "locked_dv",
         ..RUNTIME_TEST_FWID_BASE
@@ -385,7 +380,6 @@ pub const REGISTERED_FW: &[&FwId] = &[
     &fmc_tests::MOCK_RT_WITH_UART,
     &fmc_tests::MOCK_RT_INTERACTIVE,
     &runtime_tests::BOOT,
-    &runtime_tests::KEYVAULT,
     &runtime_tests::LOCKED_DV,
     &runtime_tests::CERT,
     &runtime_tests::WDT,

builder/src/lib.rs

@@ -142,6 +142,12 @@ pub fn build_firmware_elfs_uncached<'a>(
             }
             features_csv.push_str("riscv");
         }
+        if cfg!(feature = "fpga_realtime") {
+            if !features_csv.is_empty() {
+                features_csv.push(',');
+            }
+            features_csv.push_str("fpga_realtime");
+        }
 
         let workspace_dir = workspace_dir.unwrap_or_else(|| Path::new(THIS_WORKSPACE_DIR));
 

drivers/Cargo.toml

@@ -25,7 +25,7 @@ zeroize.workspace = true
 [features]
 emu = []
 runtime = ["dep:dpe"]
-fpga_realtime = ["caliptra-hw-model/fpga_realtime"]
+fpga_realtime = ["caliptra-hw-model/fpga_realtime", "caliptra-builder/fpga_realtime"]
 itrng = ["caliptra-hw-model/itrng"]
 verilator = ["caliptra-hw-model/verilator"]
 

drivers/src/ecc384.rs

@@ -377,7 +377,7 @@ impl Ecc384 {
             Ecc384Result::SigVerifyFailed
         };
 
-        verify_r.0.fill(0);
+        verify_r.0.zeroize();
         Ok(result)
     }
 

drivers/src/lms.rs

@@ -22,6 +22,7 @@ use caliptra_lms_types::{
     LmotsAlgorithmType, LmsAlgorithmType, LmsIdentifier, LmsPublicKey, LmsSignature,
 };
 use zerocopy::{AsBytes, LittleEndian, U32};
+use zeroize::Zeroize;
 
 pub const D_PBLC: u16 = 0x8080;
 pub const D_MESG: u16 = 0x8181;
@@ -373,7 +374,7 @@ impl Lms {
         }
         hasher.finalize(&mut digest)?;
         let result = HashValue::<N>::from(digest);
-        digest.0.fill(0);
+        digest.0.zeroize();
         Ok(result)
     }
 
@@ -393,7 +394,7 @@ impl Lms {
         } else {
             Ok(LmsResult::Success)
         };
-        candidate_key.0.fill(0);
+        candidate_key.0.zeroize();
         result
     }
 
@@ -417,7 +418,7 @@ impl Lms {
         } else {
             Ok(LmsResult::Success)
         };
-        candidate_key.0.fill(0);
+        candidate_key.0.zeroize();
         result
     }
 
@@ -532,9 +533,9 @@ impl Lms {
             temp = HashValue::<N>::from(digest);
             node_num /= 2;
             i += 1;
-            digest.0.fill(0);
+            digest.0.zeroize();
         }
-        digest.0.fill(0);
+        digest.0.zeroize();
         Ok(temp)
     }
 }

drivers/test-fw/Cargo.toml

@@ -18,6 +18,7 @@ zerocopy.workspace = true
 
 [features]
 emu = ["caliptra-test-harness/emu"]
+fpga_realtime = []
 
 # This feature is used to filter all these binary targets during normal builds
 # (targets must be built with cargo arguments:

drivers/test-fw/src/bin/keyvault_tests.rs

@@ -19,6 +19,7 @@ use caliptra_drivers::{KeyId, KeyUsage, KeyVault};
 use caliptra_registers::kv::KvReg;
 use caliptra_test_harness::test_suite;
 
+#[cfg(not(feature = "fpga_realtime"))]
 const KEY_IDS: [KeyId; 32] = [
     KeyId::KeyId0,
     KeyId::KeyId1,
@@ -54,6 +55,26 @@ const KEY_IDS: [KeyId; 32] = [
     KeyId::KeyId31,
 ];
 
+#[cfg(feature = "fpga_realtime")]
+const KEY_IDS: [KeyId; 16] = [
+    KeyId::KeyId0,
+    KeyId::KeyId1,
+    KeyId::KeyId2,
+    KeyId::KeyId3,
+    KeyId::KeyId4,
+    KeyId::KeyId5,
+    KeyId::KeyId6,
+    KeyId::KeyId7,
+    KeyId::KeyId8,
+    KeyId::KeyId9,
+    KeyId::KeyId10,
+    KeyId::KeyId11,
+    KeyId::KeyId12,
+    KeyId::KeyId13,
+    KeyId::KeyId14,
+    KeyId::KeyId15,
+];
+
 fn test_write_lock_and_erase_keys() {
     let mut vault = unsafe { KeyVault::new(KvReg::new()) };
 

hw-latest/fpga/fpga_configuration.tcl

@@ -309,6 +309,7 @@ if {$BUILD} {
   launch_runs impl_1 -jobs 10
   wait_on_runs impl_1
   open_run impl_1
+  report_utilization -file $outputDir/utilization.txt
   # Embed git hash in USR_ACCESS register for bitstream identification.
   set_property BITSTREAM.CONFIG.USR_ACCESS 0x$VERSION [current_design]
   write_bitstream -bin_file $outputDir/caliptra_fpga

hw-latest/fpga/src/kv_reg.sv

@@ -1,6 +1,6 @@
 // FPGA replacement for KV with a configurable depth to use less resources
 
-`define KV_DEPTH 8
+`define KV_DEPTH 16
 
 module kv_reg (
         input wire clk,

rom/dev/src/flow/cold_reset/crypto.rs

@@ -224,7 +224,7 @@ impl Crypto {
         let priv_key_args = KeyReadArgs::new(priv_key);
         let priv_key = Ecc384PrivKeyIn::Key(priv_key_args);
         let result = env.ecc384.sign(&priv_key, pub_key, digest, &mut env.trng);
-        digest.0.fill(0);
+        digest.0.zeroize();
         result
     }
 }

rom/dev/src/flow/cold_reset/fmc_alias.rs

@@ -55,7 +55,7 @@ impl FmcAliasLayer {
 
         // Derive the DICE CDI from decrypted UDS
         let result = Self::derive_cdi(env, &measurement, KEY_ID_ROM_FMC_CDI);
-        measurement.0.fill(0);
+        measurement.0.zeroize();
         result?;
 
         // Derive DICE Key Pair from CDI
@@ -101,7 +101,7 @@ impl FmcAliasLayer {
         let mut measurements: [u8; 48] = measurements.into();
 
         let result = Crypto::hmac384_kdf(env, cdi, b"fmc_alias_cdi", Some(&measurements), cdi);
-        measurements.fill(0);
+        measurements.zeroize();
         result?;
         report_boot_status(FmcAliasDeriveCdiComplete.into());
         Ok(())
@@ -204,7 +204,10 @@ impl FmcAliasLayer {
 
         // Clear the authority private key
         cprintln!("[afmc] Erasing AUTHORITY.KEYID = {}", auth_priv_key as u8);
-        env.key_vault.erase_key(auth_priv_key)?;
+        env.key_vault.erase_key(auth_priv_key).map_err(|err| {
+            sig.zeroize();
+            err
+        })?;
 
         let _pub_x: [u8; 48] = (&pub_key.x).into();
         let _pub_y: [u8; 48] = (&pub_key.y).into();

rom/dev/src/flow/cold_reset/idev_id.rs

@@ -283,7 +283,7 @@ impl InitDevIdLayer {
 
         // Execute Send CSR Flow
         let result = Self::send_csr(env, InitDevIdCsr::new(&csr, csr_len));
-        csr.fill(0);
+        csr.zeroize();
 
         result
     }

rom/dev/src/flow/cold_reset/ldev_id.rs

@@ -180,7 +180,10 @@ impl LocalDevIdLayer {
         // Clear the authority private key
         //To-Do : Disabling The Print Temporarily
         //cprintln!("[ldev] Erasing AUTHORITY.KEYID = {}", auth_priv_key as u8);
-        env.key_vault.erase_key(auth_priv_key)?;
+        env.key_vault.erase_key(auth_priv_key).map_err(|err| {
+            sig.zeroize();
+            err
+        })?;
 
         let _pub_x: [u8; 48] = (&pub_key.x).into();
         let _pub_y: [u8; 48] = (&pub_key.y).into();

runtime/src/disable.rs

@@ -4,7 +4,8 @@ use crate::Drivers;
 use caliptra_common::keyids::{KEY_ID_RT_CDI, KEY_ID_RT_PRIV_KEY};
 use caliptra_common::mailbox_api::MailboxResp;
 use caliptra_drivers::{
-    hmac384_kdf, CaliptraError, CaliptraResult, KeyReadArgs, KeyUsage, KeyWriteArgs,
+    hmac384_kdf, Array4x12, CaliptraError, CaliptraResult, Hmac384Key, KeyReadArgs, KeyUsage,
+    KeyWriteArgs,
 };
 
 pub struct DisableAttestationCmd;
@@ -19,11 +20,32 @@ impl DisableAttestationCmd {
             .erase_key(KEY_ID_RT_PRIV_KEY)
             .map_err(|_| CaliptraError::RUNTIME_DISABLE_ATTESTATION_FAILED)?;
 
+        Self::zero_rt_cdi(drivers)?;
         Self::generate_dice_key(drivers)?;
         drivers.attestation_disabled = true;
         Ok(MailboxResp::default())
     }
 
+    // Set CDI key vault slot to an HMAC of a buffer of 0s.
+    fn zero_rt_cdi(drivers: &mut Drivers) -> CaliptraResult<()> {
+        hmac384_kdf(
+            &mut drivers.hmac384,
+            Hmac384Key::Array4x12(&Array4x12::default()),
+            b"zero_rt_cdi",
+            None,
+            &mut drivers.trng,
+            KeyWriteArgs::new(
+                KEY_ID_RT_CDI,
+                KeyUsage::default()
+                    .set_hmac_key_en()
+                    .set_ecc_key_gen_seed_en(),
+            )
+            .into(),
+        )?;
+
+        Ok(())
+    }
+
     // Dice key is derived from an empty CDI slot so it will not match the key that was certified in the rt_alias cert.
     fn generate_dice_key(drivers: &mut Drivers) -> CaliptraResult<()> {
         hmac384_kdf(

runtime/test-fw/Cargo.toml

@@ -33,11 +33,6 @@ name = "wdt"
 path = "src/wdt_timeout_tests.rs"
 required-features = ["riscv"]
 
-[[bin]]
-name = "keyvault"
-path = "src/keyvault_tests.rs"
-required-features = ["riscv"]
-
 [[bin]]
 name = "locked_dv"
 path = "src/locked_dv_test.rs"

runtime/tests/integration_tests.rs

@@ -94,13 +94,6 @@ fn test_boot() {
     model.step_until_exit_success().unwrap();
 }
 
-#[test]
-fn test_keyvault() {
-    let mut model = run_rt_test(Some(&firmware::runtime_tests::KEYVAULT), None);
-
-    model.step_until_exit_success().unwrap();
-}
-
 #[test]
 fn test_locked_dv_slot() {
     let mut model = run_rt_test(Some(&firmware::runtime_tests::LOCKED_DV), None);