diff --git a/common/src/verifier.rs b/common/src/verifier.rs index 35b7b2ef7a..ae558cff94 100644 --- a/common/src/verifier.rs +++ b/common/src/verifier.rs @@ -128,11 +128,6 @@ impl<'a, 'b> ImageVerificationEnv for &mut FirmwareImageVerificationEnv<'a, 'b> self.data_vault.fmc_tci().into() } - // Get Fuse FMC Key Manifest SVN - fn fmc_fuse_svn(&self) -> u32 { - self.soc_ifc.fuse_bank().fmc_fuse_svn() - } - // Get Runtime fuse SVN fn runtime_fuse_svn(&self) -> u32 { self.soc_ifc.fuse_bank().runtime_fuse_svn() diff --git a/drivers/src/fuse_log.rs b/drivers/src/fuse_log.rs index 1e09f6f321..3f73a1de2c 100644 --- a/drivers/src/fuse_log.rs +++ b/drivers/src/fuse_log.rs @@ -19,26 +19,28 @@ use zeroize::Zeroize; pub enum FuseLogEntryId { Invalid = 0, - VendorEccPubKeyIndex = 1, // 4 bytes (From Manifest) - VendorEccPubKeyRevocation = 2, // 4 bytes (From Fuse) - ManifestFmcSvn = 3, // 4 bytes - ManifestReserved0 = 4, // 4 bytes - FuseFmcSvn = 5, // 4 bytes - ManifestRtSvn = 6, // 4 bytes - ManifestReserved1 = 7, // 4 bytes - FuseRtSvn = 8, // 4 bytes - VendorLmsPubKeyIndex = 9, // 4 bytes (From Manifest) + VendorEccPubKeyIndex = 1, // 4 bytes (From Manifest) + VendorEccPubKeyRevocation = 2, // 4 bytes (From Fuse) + ManifestFmcSvn = 3, // 4 bytes + ManifestReserved0 = 4, // 4 bytes + #[deprecated] + _DeprecatedFuseFmcSvn = 5, // 4 bytes + ManifestRtSvn = 6, // 4 bytes + ManifestReserved1 = 7, // 4 bytes + FuseRtSvn = 8, // 4 bytes + VendorLmsPubKeyIndex = 9, // 4 bytes (From Manifest) VendorLmsPubKeyRevocation = 10, // 4 bytes (From Fuse) } impl From for FuseLogEntryId { + #[allow(deprecated)] fn from(id: u32) -> FuseLogEntryId { match id { 1 => FuseLogEntryId::VendorEccPubKeyIndex, 2 => FuseLogEntryId::VendorEccPubKeyRevocation, 3 => FuseLogEntryId::ManifestFmcSvn, 4 => FuseLogEntryId::ManifestReserved0, - 5 => FuseLogEntryId::FuseFmcSvn, + 5 => FuseLogEntryId::_DeprecatedFuseFmcSvn, 6 => FuseLogEntryId::ManifestRtSvn, 7 => FuseLogEntryId::ManifestReserved1, 8 => FuseLogEntryId::FuseRtSvn, diff --git a/error/src/lib.rs b/error/src/lib.rs index 6103bd3c21..1bd65a3840 100644 --- a/error/src/lib.rs +++ b/error/src/lib.rs @@ -218,12 +218,9 @@ impl CaliptraError { CaliptraError::new_const(0x000b0023); pub const IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_UNALIGNED: CaliptraError = CaliptraError::new_const(0x000b0024); - pub const IMAGE_VERIFIER_ERR_FMC_SVN_GREATER_THAN_MAX_SUPPORTED: CaliptraError = - CaliptraError::new_const(0x000b0025); - pub const IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_MIN_SUPPORTED: CaliptraError = - CaliptraError::new_const(0x000b0026); - pub const IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_FUSE: CaliptraError = - CaliptraError::new_const(0x000b0027); + // 0x000b0025 was IMAGE_VERIFIER_ERR_FMC_SVN_GREATER_THAN_MAX_SUPPORTED + // 0x000b0026 was IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_MIN_SUPPORTED + // 0x000b0027 was IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_FUSE pub const IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_INVALID: CaliptraError = CaliptraError::new_const(0x000b0028); pub const IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_UNALIGNED: CaliptraError = @@ -234,8 +231,7 @@ impl CaliptraError { CaliptraError::new_const(0x000b002b); pub const IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED: CaliptraError = CaliptraError::new_const(0x000b002c); - pub const IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_MIN_SUPPORTED: CaliptraError = - CaliptraError::new_const(0x000b002d); + // 0x000b002d was IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_MIN_SUPPORTED pub const IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE: CaliptraError = CaliptraError::new_const(0x000b002e); pub const IMAGE_VERIFIER_ERR_IMAGE_LEN_MORE_THAN_BUNDLE_SIZE: CaliptraError = diff --git a/image/types/src/lib.rs b/image/types/src/lib.rs index 3b778e925c..c645707836 100644 --- a/image/types/src/lib.rs +++ b/image/types/src/lib.rs @@ -479,6 +479,7 @@ pub struct ImageTocEntry { pub version: u32, /// Security Version Number + /// Only read for Runtime entries. Not read for FMC. pub svn: u32, /// Reserved field diff --git a/image/verify/fuzz/src/fuzz_target_common.rs b/image/verify/fuzz/src/fuzz_target_common.rs index 900fdbb3a6..5a39d1b07c 100644 --- a/image/verify/fuzz/src/fuzz_target_common.rs +++ b/image/verify/fuzz/src/fuzz_target_common.rs @@ -121,14 +121,6 @@ impl ImageVerificationEnv for TestEnv { self.fmc_digest } - fn fmc_fuse_svn(&self) -> u32 { - 0 - } - - fn runtime_fuse_svn(&self) -> u32 { - 0 - } - fn iccm_range(&self) -> Range { Range { start: ICCM_ORG, diff --git a/image/verify/src/lib.rs b/image/verify/src/lib.rs index f132b81f49..a013cc9cc1 100644 --- a/image/verify/src/lib.rs +++ b/image/verify/src/lib.rs @@ -25,7 +25,7 @@ pub const MAX_RUNTIME_SVN: u32 = 128; /// Image Verifification Executable Info #[derive(Default, Debug)] -pub struct ImageSvnLogInfo { +pub struct FirmwareSvnLogInfo { pub manifest_svn: u32, pub reserved: u32, pub fuse_svn: u32, @@ -43,12 +43,6 @@ pub struct ImageVerificationExeInfo { /// Entry Point pub entry_point: u32, - /// Security version number - pub svn: u32, - - /// The effective fuse SVN for this image - pub effective_fuse_svn: u32, - /// Digest of the image pub digest: ImageDigest, } @@ -68,11 +62,8 @@ pub struct ImageVerificationLogInfo { /// Vendor LMS Public Key Revocation Fuse pub fuse_vendor_lms_pub_key_revocation: u32, - /// First Mutable code's logging information - pub fmc_log_info: ImageSvnLogInfo, - - /// Runtime Mutable code's logging information - pub rt_log_info: ImageSvnLogInfo, + /// Firmware's SVN logging information + pub fw_log_info: FirmwareSvnLogInfo, } /// Verified image information @@ -93,6 +84,12 @@ pub struct ImageVerificationInfo { /// Whether `owner_pub_keys_digest` was in fuses pub owner_pub_keys_digest_in_fuses: bool, + /// The SVN for this firmware bundle + pub fw_svn: u32, + + /// The effective fuse SVN for this firmware bundle + pub effective_fuse_svn: u32, + /// First mutable code pub fmc: ImageVerificationExeInfo, @@ -154,9 +151,6 @@ pub trait ImageVerificationEnv { // Save the fmc digest in the data vault on cold boot fn get_fmc_digest_dv(&self) -> ImageDigest; - // Get Fuse FMC Key Manifest SVN - fn fmc_fuse_svn(&self) -> u32; - // Get Runtime fuse SVN fn runtime_fuse_svn(&self) -> u32; diff --git a/image/verify/src/verifier.rs b/image/verify/src/verifier.rs index 15bd546054..e0228a326a 100644 --- a/image/verify/src/verifier.rs +++ b/image/verify/src/verifier.rs @@ -112,10 +112,18 @@ impl ImageVerifier { let image_info = okref(&image_info)?; // Verify FMC - let (fmc_info, fmc_log_info) = self.verify_fmc(image_info.fmc, reason)?; + let fmc_info = self.verify_fmc(image_info.fmc, reason)?; // Verify Runtime - let (runtime_info, rt_log_info) = self.verify_runtime(image_info.runtime)?; + let runtime_info = self.verify_runtime(image_info.runtime)?; + + // The FMC and RT FW images within the bundle each include an SVN, for + // backwards compatibility with 1.x. ROM only inspects the RT FW SVN. + let fw_svn = image_info.runtime.svn; + + self.verify_svn(fw_svn)?; + + let effective_fuse_svn = self.effective_fuse_svn(); let info = ImageVerificationInfo { vendor_ecc_pub_key_idx: header_info.vendor_ecc_pub_key_idx, @@ -124,13 +132,18 @@ impl ImageVerifier { owner_pub_keys_digest_in_fuses: header_info.owner_pub_keys_digest_in_fuses, fmc: fmc_info, runtime: runtime_info, + fw_svn, + effective_fuse_svn, log_info: ImageVerificationLogInfo { vendor_ecc_pub_key_idx: header_info.vendor_ecc_pub_key_idx, fuse_vendor_ecc_pub_key_revocation: header_info.vendor_ecc_pub_key_revocation, - fmc_log_info, - rt_log_info, fuse_vendor_lms_pub_key_revocation: header_info.vendor_lms_pub_key_revocation, vendor_lms_pub_key_idx: header_info.vendor_lms_pub_key_idx, + fw_log_info: FirmwareSvnLogInfo { + manifest_svn: fw_svn, + reserved: 0, + fuse_svn: self.env.runtime_fuse_svn(), + }, }, pqc_verify_config: manifest.fw_image_type.into(), }; @@ -138,6 +151,37 @@ impl ImageVerifier { Ok(info) } + /// If an SVN check is required, verifies that the given SVN is greater than + /// or equal to the fuse SVN. + fn verify_svn(&mut self, fw_svn: u32) -> CaliptraResult<()> { + if self.svn_check_required() { + if fw_svn > MAX_RUNTIME_SVN { + Err(CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED)?; + } + + if cfi_launder(fw_svn) < self.env.runtime_fuse_svn() { + Err(CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE)?; + } else { + cfi_assert_ge(fw_svn, self.env.runtime_fuse_svn()); + } + } + Ok(()) + } + + /// Calculates the effective fuse SVN. + /// + /// If anti-rollback is disabled, the effective fuse-SVN is zero. + /// Otherwise, it is the value in fuses. + fn effective_fuse_svn(&mut self) -> u32 { + if cfi_launder(self.env.anti_rollback_disable()) { + cfi_assert!(self.env.anti_rollback_disable()); + 0_u32 + } else { + cfi_assert!(!self.env.anti_rollback_disable()); + self.env.runtime_fuse_svn() + } + } + /// Verify Preamble #[cfg_attr(all(not(test), not(feature = "no-cfi")), cfi_impl_fn)] fn verify_preamble<'a>( @@ -761,7 +805,7 @@ impl ImageVerifier { &mut self, verify_info: &ImageTocEntry, reason: ResetReason, - ) -> CaliptraResult<(ImageVerificationExeInfo, ImageSvnLogInfo)> { + ) -> CaliptraResult { let range = verify_info.image_range()?; #[cfg(feature = "fips-test-hooks")] @@ -806,21 +850,6 @@ impl ImageVerifier { Err(CaliptraError::IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_UNALIGNED)?; } - if self.svn_check_required() { - if verify_info.svn > 32 { - Err(CaliptraError::IMAGE_VERIFIER_ERR_FMC_SVN_GREATER_THAN_MAX_SUPPORTED)?; - } - - if cfi_launder(verify_info.svn) < self.env.fmc_fuse_svn() { - Err(CaliptraError::IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_FUSE)?; - } else { - cfi_assert_ge(verify_info.svn, self.env.fmc_fuse_svn()); - } - } - - let effective_fuse_svn = - Self::effective_fuse_svn(self.env.fmc_fuse_svn(), self.env.anti_rollback_disable()); - if cfi_launder(reason) == ResetReason::UpdateReset { if cfi_launder(actual) != self.env.get_fmc_digest_dv() { Err(CaliptraError::IMAGE_VERIFIER_ERR_UPDATE_RESET_FMC_DIGEST_MISMATCH)?; @@ -834,19 +863,11 @@ impl ImageVerifier { let info = ImageVerificationExeInfo { load_addr: verify_info.load_addr, entry_point: verify_info.entry_point, - svn: verify_info.svn, - effective_fuse_svn, digest: verify_info.digest, size: verify_info.size, }; - let log_info: ImageSvnLogInfo = ImageSvnLogInfo { - manifest_svn: verify_info.svn, - reserved: verify_info.reserved, - fuse_svn: self.env.fmc_fuse_svn(), - }; - - Ok((info, log_info)) + Ok(info) } /// Verify Runtime @@ -854,7 +875,7 @@ impl ImageVerifier { fn verify_runtime( &mut self, verify_info: &ImageTocEntry, - ) -> CaliptraResult<(ImageVerificationExeInfo, ImageSvnLogInfo)> { + ) -> CaliptraResult { let range = verify_info.image_range()?; #[cfg(feature = "fips-test-hooks")] @@ -898,53 +919,14 @@ impl ImageVerifier { Err(CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_UNALIGNED)?; } - if self.svn_check_required() { - if verify_info.svn > MAX_RUNTIME_SVN { - Err(CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED)?; - } - - if cfi_launder(verify_info.svn) < self.env.runtime_fuse_svn() { - Err(CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE)?; - } else { - cfi_assert_ge(verify_info.svn, self.env.runtime_fuse_svn()); - } - } - - let effective_fuse_svn = Self::effective_fuse_svn( - self.env.runtime_fuse_svn(), - self.env.anti_rollback_disable(), - ); - let info = ImageVerificationExeInfo { load_addr: verify_info.load_addr, entry_point: verify_info.entry_point, - svn: verify_info.svn, - effective_fuse_svn, digest: verify_info.digest, size: verify_info.size, }; - let log_info: ImageSvnLogInfo = ImageSvnLogInfo { - manifest_svn: verify_info.svn, - reserved: verify_info.reserved, - fuse_svn: self.env.runtime_fuse_svn(), - }; - - Ok((info, log_info)) - } - - /// Calculates the effective fuse SVN. - /// - /// If anti-rollback is disabled, the effective fuse-SVN is zero. - /// Otherwise, it is SVN-fuses. - fn effective_fuse_svn(fuse_svn: u32, anti_rollback_disable: bool) -> u32 { - if cfi_launder(anti_rollback_disable) { - cfi_assert!(anti_rollback_disable); - 0_u32 - } else { - cfi_assert!(!anti_rollback_disable); - fuse_svn - } + Ok(info) } } @@ -1953,10 +1935,9 @@ mod tests { let result = verifier.verify_fmc(&verify_info, ResetReason::ColdReset); assert!(result.is_ok()); - let (info, _log_info) = result.unwrap(); + let info = result.unwrap(); assert_eq!(info.load_addr, ICCM_ORG); assert_eq!(info.entry_point, ICCM_ORG); - assert_eq!(info.svn, 1); assert_eq!(info.size, 100); } @@ -2016,10 +1997,9 @@ mod tests { }; let result = verifier.verify_runtime(&verify_info); assert!(result.is_ok()); - let (info, _log_info) = result.unwrap(); + let info = result.unwrap(); assert_eq!(info.load_addr, ICCM_ORG); assert_eq!(info.entry_point, ICCM_ORG); - assert_eq!(info.svn, 1); assert_eq!(info.size, 100); } @@ -2122,10 +2102,6 @@ mod tests { self.fmc_digest } - fn fmc_fuse_svn(&self) -> u32 { - 0 - } - fn runtime_fuse_svn(&self) -> u32 { 0 } diff --git a/rom/dev/README.md b/rom/dev/README.md index 3570812db5..4fa7917269 100644 --- a/rom/dev/README.md +++ b/rom/dev/README.md @@ -62,7 +62,6 @@ Following are the main FUSE & Architectural Registers used by the Caliptra ROM f | FUSE_LMS_REVOCATION | 32 | Manufacturer LMS Public Key Revocation Mask | | FUSE_MLDSA_REVOCATION | 32 | Manufacturer MLDSA Public Key Revocation Mask | | FUSE_OWNER_PK_HASH | 384 | Owner ECC and LMS or MLDSA Public Key Hash | -| FUSE_FMC_KEY_MANIFEST_SVN | 32 | FMC Security Version Number | | FUSE_RUNTIME_SVN | 128 | Runtime Security Version Number | | FUSE_ANTI_ROLLBACK_DISABLE | 1 | Disable SVN checking for FMC & Runtime when bit is set | | FUSE_IDEVID_CERT_ATTR | 768 | FUSE containing information for generating IDEVID CSR
**Word 0:bits[0-2]**: ECDSA X509 Key Id Algorithm (3 bits) 0: SHA1, 1: SHA256, 2: SHA384, 3: SHA512, 4: Fuse
**Word 0:bits[3-5]**: MLDSA X509 Key Id Algorithm (3 bits) 0: SHA1, 1: SHA256, 2: SHA384, 3: SHA512, 4: Fuse
**Word 1,2,3,4,5**: ECDSA Subject Key Id
**Word 6,7,8,9,10**: MLDSA Subject Key Id
**Words 11,12**: Unique Endpoint ID
**Words 13,14,15,16**: Manufacturer Serial Number | @@ -159,7 +158,7 @@ It contains the image information and SHA-384 hash of individual firmware images | Image Type | 4 | Image Type that defines format of the image section
**0x0000_0001:** Executable | | Image Revision | 20 | Git Commit hash of the build | | Image Version | 4 | Firmware release number | -| Image SVN | 4 | Security Version Number for the Image. This field is compared against the fuses (FMC SVN or RUNTIME SVN) | +| Image SVN | 4 | Security Version Number for the image. It is compared to FW SVN fuses. FMC TOC entry's SVN field is ignored. | | Reserved | 4 | Reserved field | | Image Load Address | 4 | Load address | | Image Entry Point | 4 | Entry point to start the execution from | @@ -683,7 +682,7 @@ Alias FMC Layer includes the measurement of the FMC and other security states. T - Firmware Image Bundle is successfully loaded and verified from the Mailbox - ROM has following information from Firmware Image Bundle - FMC_DIGEST - Digest of the FMC -- FMC_SVN - SVN for FMC +- FW_SVN - SVN for the firmware - MANUFACTURER_PK - Manufacturer Public Key(s) used to verify the firmware image bundle - MANUFACTURER_PK_INDEX - Index of the MANUFACTURER_PK in the firmware image bundle @@ -698,8 +697,8 @@ Alias FMC Layer includes the measurement of the FMC and other security states. T CPTRA_SECURITY_STATE.DEBUG_ENABLED, FUSE_ANTI_ROLLBACK_DISABLE, ECC_VENDOR_PK_INDEX, - FMC_SVN, - FMC_FUSE_SVN (or 0 if `FUSE_ANTI_ROLLBACK_DISABLE`), + FW_SVN, + FW_FUSE_SVN (or 0 if `FUSE_ANTI_ROLLBACK_DISABLE`), PQC_VENDOR_PK_INDEX, ROM_VERIFY_CONFIG, OWNER_PK_HASH_FROM_FUSES (0 or 1), @@ -774,7 +773,7 @@ Alias FMC Layer includes the measurement of the FMC and other security states. T `dccm_dv_store(FMC_DIGEST, lock_for_wr)` - `dccm_dv_store(FMC_SVN, lock_for_wr)` + `dccm_dv_store(FW_SVN, lock_for_wr)` `dccm_dv_store(FUSE_OWNER_PK_HASH, lock_for_wr)` @@ -811,7 +810,7 @@ Alias FMC Layer includes the measurement of the FMC and other security states. T | 🔒Alias FMC Cert ECDSA Signature R | | 🔒Alias FMC Cert ECDSA Signature S | | 🔒Alias FMC Cert MLDSA Signature | - | 🔒FMC SVN | + | 🔒FW SVN | | 🔒ROM Cold Boot Status | | 🔒FMC Entry Point | | 🔒Manufacturer ECDSA Public Key Index | @@ -828,7 +827,6 @@ Alias FMC Layer includes the measurement of the FMC and other security states. T - **Cold Reset Unlockable values:** These values are unlocked on a Cold Reset: - FMC TCI - - FMC SVN - FMC Entry Point - Owner Pub Key Hash - Ecc Vendor Pub Key Index @@ -943,7 +941,6 @@ The following are the pre-conditions that should be satisfied: - fuse_lms_revocation : This is the bitmask of the LMS keys which are revoked. - fuse_mldsa_revocation : This is the bitmask of the MLDSA keys which are revoked. - fuse_owner_pk_hash : The hash of the owner public keys in preamble. - - fuse_key_manifest_svn : Used in FMC validation to make sure that the version number is good. - fuse_runtime_svn : Used in RT validation to make sure that the runtime image's version number is good. - The SOC has written the data to the mailbox. - The SOC has written the data length in the DLEN mailbox register. @@ -1053,7 +1050,7 @@ Compare the computed hash with the hash specified in the RT TOC. - Alias FMC Public MLDSA Key. - Digest of the FMC part of the image. - Digest of the ECC and LMS or MLDSA owner public keys portion of preamble. - - FMC SVN. + - FW SVN. - ROM Cold Boot Status. - FMC Entry Point. - ECC Vendor public key index. diff --git a/rom/dev/doc/error-attribution.md b/rom/dev/doc/error-attribution.md index 2ab9b22050..c871f3509b 100644 --- a/rom/dev/doc/error-attribution.md +++ b/rom/dev/doc/error-attribution.md @@ -91,15 +91,11 @@ Verifier Library | IMAGE_VERIFIER_ERR_FMC_LOAD_ADDR_INVALID Verifier Library | IMAGE_VERIFIER_ERR_FMC_LOAD_ADDR_UNALIGNED | 0x000b0022 Verifier Library | IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_INVALID | 0x000b0023 Verifier Library | IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_UNALIGNED | 0x000b0024 -Verifier Library | IMAGE_VERIFIER_ERR_FMC_SVN_GREATER_THAN_MAX_SUPPORTED | 0x000b0025 -Verifier Library | IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_MIN_SUPPORTED | 0x000b0026 -Verifier Library | IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_FUSE | 0x000b0027 Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_INVALID | 0x000b0028 Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_UNALIGNED | 0x000b0029 Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_INVALID | 0x000b002a Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_UNALIGNED | 0x000b002b Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED | 0x000b002c -Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_MIN_SUPPORTED | 0x000b002d Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE | 0x000b002e Verifier Library | IMAGE_VERIFIER_ERR_IMAGE_LEN_MORE_THAN_BUNDLE_SIZE | 0x000b002f Verifier Library | IMAGE_VERIFIER_ERR_VENDOR_LMS_PUB_KEY_INDEX_MISMATCH | 0x000b0030 @@ -211,15 +207,11 @@ Verifier Library | IMAGE_VERIFIER_ERR_FMC_LOAD_ADDR_INVALID Verifier Library | IMAGE_VERIFIER_ERR_FMC_LOAD_ADDR_UNALIGNED | 0x000b0022 Verifier Library | IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_INVALID | 0x000b0023 Verifier Library | IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_UNALIGNED | 0x000b0024 -Verifier Library | IMAGE_VERIFIER_ERR_FMC_SVN_GREATER_THAN_MAX_SUPPORTED | 0x000b0025 -Verifier Library | IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_MIN_SUPPORTED | 0x000b0026 -Verifier Library | IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_FUSE | 0x000b0027 Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_INVALID | 0x000b0028 Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_UNALIGNED | 0x000b0029 Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_INVALID | 0x000b002a Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_UNALIGNED | 0x000b002b Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED | 0x000b002c -Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_MIN_SUPPORTED | 0x000b002d Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE | 0x000b002e Verifier Library | IMAGE_VERIFIER_ERR_IMAGE_LEN_MORE_THAN_BUNDLE_SIZE | 0x000b002f Verifier Library | IMAGE_VERIFIER_ERR_VENDOR_LMS_PUB_KEY_INDEX_MISMATCH | 0x000b0030 diff --git a/rom/dev/doc/test-coverage/test-coverage.md b/rom/dev/doc/test-coverage/test-coverage.md index 85b1801763..9477b13a3f 100644 --- a/rom/dev/doc/test-coverage/test-coverage.md +++ b/rom/dev/doc/test-coverage/test-coverage.md @@ -37,8 +37,6 @@ Test Scenario| Test Name | ROM Error Code Check if FMC entry point is within ICCM range | **test_fmc_invalid_entry_point_before_iccm** | IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_INVALID Check if FMC entry point is within ICCM range | **test_fmc_invalid_entry_point_after_iccm** | IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_INVALID Check if FMC entry point is DWORD aligned | **test_fmc_entry_point_unaligned** | IMAGE_VERIFIER_ERR_FMC_ENTRY_POINT_UNALIGNED - Check if FMC SVN is greater than max (32) | **test_fmc_svn_greater_than_32** | IMAGE_VERIFIER_ERR_FMC_SVN_GREATER_THAN_MAX_SUPPORTED - Check if FMC SVN is less than fuse svn | **test_fmc_svn_less_than_fuse_svn** | IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_FUSE Check if RT size if 0 | **test_toc_rt_size_zero** | IMAGE_VERIFIER_ERR_RUNTIME_SIZE_ZERO Check if manifest.rt_toc.digest matches Runtime image digest | **test_runtime_digest_mismatch** | IMAGE_VERIFIER_ERR_RUNTIME_DIGEST_MISMATCH Check if RT load address is within ICCM range | **test_runtime_invalid_load_addr_before_iccm** | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_INVALID diff --git a/rom/dev/src/flow/cold_reset/fmc_alias.rs b/rom/dev/src/flow/cold_reset/fmc_alias.rs index b466270ec9..19f754b3d0 100644 --- a/rom/dev/src/flow/cold_reset/fmc_alias.rs +++ b/rom/dev/src/flow/cold_reset/fmc_alias.rs @@ -186,7 +186,7 @@ impl FmcAliasLayer { let flags = Self::make_flags(env.soc_ifc.lifecycle(), env.soc_ifc.debug_locked()); let svn = env.data_vault.fmc_svn() as u8; - let fuse_svn = fw_proc_info.fmc_effective_fuse_svn as u8; + let fuse_svn = fw_proc_info.effective_fuse_svn as u8; let mut fuse_info_digest = Array4x12::default(); let mut hasher = env.sha384.digest_init()?; diff --git a/rom/dev/src/flow/cold_reset/fw_processor.rs b/rom/dev/src/flow/cold_reset/fw_processor.rs index 0b6870d141..112163193c 100644 --- a/rom/dev/src/flow/cold_reset/fw_processor.rs +++ b/rom/dev/src/flow/cold_reset/fw_processor.rs @@ -47,7 +47,7 @@ pub struct FwProcInfo { pub fmc_cert_valid_not_after: NotAfter, - pub fmc_effective_fuse_svn: u32, + pub effective_fuse_svn: u32, pub owner_pub_keys_digest_in_fuses: bool, @@ -148,7 +148,7 @@ impl FirmwareProcessor { Ok(FwProcInfo { fmc_cert_valid_not_before: nb, fmc_cert_valid_not_after: nf, - fmc_effective_fuse_svn: info.fmc.effective_fuse_svn, + effective_fuse_svn: info.effective_fuse_svn, owner_pub_keys_digest_in_fuses: info.owner_pub_keys_digest_in_fuses, pqc_verify_config: info.pqc_verify_config as u8, }) @@ -390,8 +390,10 @@ impl FirmwareProcessor { let info = verifier.verify(manifest, img_bundle_sz, ResetReason::ColdReset)?; cprintln!( - "[fwproc] Img verified w/ Vendor ECC Key Idx {}", + "[fwproc] Img verified w/ Vendor ECC Key Idx {}, with SVN {} and effective fuse SVN {}", info.vendor_ecc_pub_key_idx, + info.fw_svn, + info.effective_fuse_svn, ); report_boot_status(FwProcessorImageVerificationComplete.into()); Ok(info) @@ -430,42 +432,43 @@ impl FirmwareProcessor { log_fuse_data( log, FuseLogEntryId::ManifestFmcSvn, - log_info.fmc_log_info.manifest_svn.as_bytes(), + log_info.fw_log_info.manifest_svn.as_bytes(), )?; // Log ManifestReserved0 log_fuse_data( log, FuseLogEntryId::ManifestReserved0, - log_info.fmc_log_info.reserved.as_bytes(), + log_info.fw_log_info.reserved.as_bytes(), )?; - // Log FuseFmcSvn + // Log DeprecatedFuseFmcSvn (which is now the same as FuseRtSvn) + #[allow(deprecated)] log_fuse_data( log, - FuseLogEntryId::FuseFmcSvn, - log_info.fmc_log_info.fuse_svn.as_bytes(), + FuseLogEntryId::_DeprecatedFuseFmcSvn, + log_info.fw_log_info.fuse_svn.as_bytes(), )?; // Log ManifestRtSvn log_fuse_data( log, FuseLogEntryId::ManifestRtSvn, - log_info.rt_log_info.manifest_svn.as_bytes(), + log_info.fw_log_info.manifest_svn.as_bytes(), )?; // Log ManifestReserved1 log_fuse_data( log, FuseLogEntryId::ManifestReserved1, - log_info.rt_log_info.reserved.as_bytes(), + log_info.fw_log_info.reserved.as_bytes(), )?; // Log FuseRtSvn log_fuse_data( log, FuseLogEntryId::FuseRtSvn, - log_info.rt_log_info.fuse_svn.as_bytes(), + log_info.fw_log_info.fuse_svn.as_bytes(), )?; // Log VendorLmsPubKeyIndex @@ -540,7 +543,7 @@ impl FirmwareProcessor { ) { data_vault.write_cold_reset_entry48(ColdResetEntry48::FmcTci, &info.fmc.digest.into()); - data_vault.write_cold_reset_entry4(ColdResetEntry4::FmcSvn, info.fmc.svn); + data_vault.write_cold_reset_entry4(ColdResetEntry4::FmcSvn, info.fw_svn); data_vault.write_cold_reset_entry4(ColdResetEntry4::FmcEntryPoint, info.fmc.entry_point); @@ -563,7 +566,7 @@ impl FirmwareProcessor { data_vault.write_warm_reset_entry48(WarmResetEntry48::RtTci, &info.runtime.digest.into()); - data_vault.write_warm_reset_entry4(WarmResetEntry4::RtSvn, info.runtime.svn); + data_vault.write_warm_reset_entry4(WarmResetEntry4::RtSvn, info.fw_svn); data_vault.write_warm_reset_entry4(WarmResetEntry4::RtEntryPoint, info.runtime.entry_point); diff --git a/rom/dev/src/flow/fake.rs b/rom/dev/src/flow/fake.rs index e79fe95d93..b8a8f7dc7d 100644 --- a/rom/dev/src/flow/fake.rs +++ b/rom/dev/src/flow/fake.rs @@ -340,12 +340,7 @@ impl<'a, 'b> ImageVerificationEnv for &mut FakeRomImageVerificationEnv<'a, 'b> { self.data_vault.fmc_tci().into() } - // Get Fuse FMC Key Manifest SVN - fn fmc_fuse_svn(&self) -> u32 { - self.soc_ifc.fuse_bank().fmc_fuse_svn() - } - - // Get Runtime fuse SVN + // Get Fuse FW Manifest SVN fn runtime_fuse_svn(&self) -> u32 { self.soc_ifc.fuse_bank().runtime_fuse_svn() } diff --git a/rom/dev/src/flow/update_reset.rs b/rom/dev/src/flow/update_reset.rs index 06269bbf36..2f453feb8d 100644 --- a/rom/dev/src/flow/update_reset.rs +++ b/rom/dev/src/flow/update_reset.rs @@ -215,7 +215,7 @@ impl UpdateResetFlow { fn populate_data_vault(data_vault: &mut DataVault, info: &ImageVerificationInfo) { data_vault.write_warm_reset_entry48(WarmResetEntry48::RtTci, &info.runtime.digest.into()); - data_vault.write_warm_reset_entry4(WarmResetEntry4::RtSvn, info.runtime.svn); + data_vault.write_warm_reset_entry4(WarmResetEntry4::RtSvn, info.fw_svn); data_vault.write_warm_reset_entry4(WarmResetEntry4::RtEntryPoint, info.runtime.entry_point); diff --git a/rom/dev/src/pcr.rs b/rom/dev/src/pcr.rs index 41cbb2b77e..54d3d02b05 100644 --- a/rom/dev/src/pcr.rs +++ b/rom/dev/src/pcr.rs @@ -84,7 +84,7 @@ pub(crate) fn extend_pcrs( env.soc_ifc.fuse_bank().anti_rollback_disable() as u8, env.data_vault.ecc_vendor_pk_index() as u8, env.data_vault.fmc_svn() as u8, - info.fmc.effective_fuse_svn as u8, + info.effective_fuse_svn as u8, env.data_vault.lms_vendor_pk_index() as u8, info.pqc_verify_config as u8, info.owner_pub_keys_digest_in_fuses as u8, diff --git a/rom/dev/tests/rom_integration_tests/test_fmcalias_derivation.rs b/rom/dev/tests/rom_integration_tests/test_fmcalias_derivation.rs index a9e1373c1f..72a3079fca 100644 --- a/rom/dev/tests/rom_integration_tests/test_fmcalias_derivation.rs +++ b/rom/dev/tests/rom_integration_tests/test_fmcalias_derivation.rs @@ -163,6 +163,7 @@ fn test_pcr_log() { let image_options = ImageOptions { vendor_config: VENDOR_CONFIG_KEY_1, fmc_svn: FMC_SVN, + app_svn: FMC_SVN, ..Default::default() }; let image_bundle = caliptra_builder::build_and_sign_image( @@ -339,6 +340,7 @@ fn test_pcr_log_fmc_fuse_svn() { key_manifest_pk_hash: vendor_pubkey_digest, owner_pk_hash: owner_pubkey_digest, fmc_key_manifest_svn: FMC_FUSE_SVN, + runtime_svn: [0x3, 0, 0, 0], // TODO: add tooling to make this more ergonomic. ..Default::default() }; let rom = caliptra_builder::build_firmware_rom(firmware::rom_from_env()).unwrap(); @@ -358,6 +360,7 @@ fn test_pcr_log_fmc_fuse_svn() { let image_options = ImageOptions { vendor_config: VENDOR_CONFIG_KEY_1, fmc_svn: FMC_SVN, + app_svn: FMC_SVN, ..Default::default() }; let image_bundle = caliptra_builder::build_and_sign_image( @@ -478,6 +481,7 @@ fn test_pcr_log_across_update_reset() { let fuses = Fuses { anti_rollback_disable: false, fmc_key_manifest_svn: FMC_FUSE_SVN, + runtime_svn: [1, 0, 0, 0], key_manifest_pk_hash: vendor_pubkey_digest, owner_pk_hash: owner_pubkey_digest, ..Default::default() @@ -499,6 +503,7 @@ fn test_pcr_log_across_update_reset() { let image_options = ImageOptions { vendor_config: VENDOR_CONFIG_KEY_1, fmc_svn: FMC_SVN, + app_svn: FMC_SVN, ..Default::default() }; let image_bundle = caliptra_builder::build_and_sign_image( @@ -572,6 +577,7 @@ fn test_pcr_log_across_update_reset() { } #[test] +#[allow(deprecated)] fn test_fuse_log() { const FMC_SVN: u32 = 4; @@ -660,11 +666,14 @@ fn test_fuse_log() { ); assert_eq!(fuse_log_entry.log_data[0], 0); - // Validate the FuseFmcSvn + // Validate the _DeprecatedFuseFmcSvn fuse_log_entry_offset += core::mem::size_of::(); let fuse_log_entry = FuseLogEntry::read_from_prefix(fuse_entry_arr[fuse_log_entry_offset..].as_bytes()).unwrap(); - assert_eq!(fuse_log_entry.entry_id, FuseLogEntryId::FuseFmcSvn as u32); + assert_eq!( + fuse_log_entry.entry_id, + FuseLogEntryId::_DeprecatedFuseFmcSvn as u32 + ); assert_eq!(fuse_log_entry.log_data[0], FMC_SVN); // Validate the ManifestRtSvn diff --git a/rom/dev/tests/rom_integration_tests/test_image_validation.rs b/rom/dev/tests/rom_integration_tests/test_image_validation.rs index db0f915aaf..89618df6e8 100644 --- a/rom/dev/tests/rom_integration_tests/test_image_validation.rs +++ b/rom/dev/tests/rom_integration_tests/test_image_validation.rs @@ -1348,77 +1348,6 @@ fn test_fmc_entry_point_unaligned() { ); } -#[test] -fn test_fmc_svn_greater_than_32() { - let gen = ImageGenerator::new(Crypto::default()); - let image_bundle = helpers::build_image_bundle(ImageOptions::default()); - let vendor_pubkey_digest = gen - .vendor_pubkey_digest(&image_bundle.manifest.preamble) - .unwrap(); - - let fuses = caliptra_hw_model::Fuses { - life_cycle: DeviceLifecycle::Manufacturing, - anti_rollback_disable: false, - key_manifest_pk_hash: vendor_pubkey_digest, - ..Default::default() - }; - - let image_options = ImageOptions { - fmc_svn: 33, - ..Default::default() - }; - - let (mut hw, image_bundle) = helpers::build_hw_model_and_image_bundle(fuses, image_options); - assert_eq!( - ModelError::MailboxCmdFailed( - CaliptraError::IMAGE_VERIFIER_ERR_FMC_SVN_GREATER_THAN_MAX_SUPPORTED.into() - ), - hw.upload_firmware(&image_bundle.to_bytes().unwrap()) - .unwrap_err() - ); - - assert_eq!( - hw.soc_ifc().cptra_boot_status().read(), - u32::from(FwProcessorManifestLoadComplete) - ); -} - -#[test] -fn test_fmc_svn_less_than_fuse_svn() { - let gen = ImageGenerator::new(Crypto::default()); - let image_bundle = helpers::build_image_bundle(ImageOptions::default()); - let vendor_pubkey_digest = gen - .vendor_pubkey_digest(&image_bundle.manifest.preamble) - .unwrap(); - - let fuses = caliptra_hw_model::Fuses { - life_cycle: DeviceLifecycle::Manufacturing, - anti_rollback_disable: false, - key_manifest_pk_hash: vendor_pubkey_digest, - fmc_key_manifest_svn: 0b11, // fuse svn = 2 - ..Default::default() - }; - - let image_options = ImageOptions { - fmc_svn: 1, - ..Default::default() - }; - - let (mut hw, image_bundle) = helpers::build_hw_model_and_image_bundle(fuses, image_options); - assert_eq!( - ModelError::MailboxCmdFailed(u32::from( - CaliptraError::IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_FUSE - )), - hw.upload_firmware(&image_bundle.to_bytes().unwrap()) - .unwrap_err() - ); - - assert_eq!( - hw.soc_ifc().cptra_boot_status().read(), - u32::from(FwProcessorManifestLoadComplete) - ); -} - #[test] fn test_toc_rt_size_zero() { let (mut hw, mut image_bundle) = diff --git a/rom/dev/tests/rom_integration_tests/test_warm_reset.rs b/rom/dev/tests/rom_integration_tests/test_warm_reset.rs index 19d45dfb03..2ddaeb1806 100644 --- a/rom/dev/tests/rom_integration_tests/test_warm_reset.rs +++ b/rom/dev/tests/rom_integration_tests/test_warm_reset.rs @@ -33,6 +33,7 @@ fn test_warm_reset_success() { &APP_WITH_UART, ImageOptions { fmc_svn: 9, + app_svn: 9, ..Default::default() }, ) @@ -56,6 +57,7 @@ fn test_warm_reset_success() { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash: owner_pk_desc_hash, fmc_key_manifest_svn: 0b1111111, + runtime_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }, fw_image: Some(&image.to_bytes().unwrap()), @@ -74,6 +76,7 @@ fn test_warm_reset_success() { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash: owner_pk_desc_hash, fmc_key_manifest_svn: 0b1111111, + runtime_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }); diff --git a/runtime/tests/runtime_integration_tests/test_info.rs b/runtime/tests/runtime_integration_tests/test_info.rs index 461fdee7f2..07745a793c 100644 --- a/runtime/tests/runtime_integration_tests/test_info.rs +++ b/runtime/tests/runtime_integration_tests/test_info.rs @@ -107,7 +107,7 @@ fn test_fw_info() { let info = get_fwinfo(&mut model); // Verify FW info assert_eq!(info.pl0_pauser, 0x1); - assert_eq!(info.fmc_manifest_svn, 5); + assert_eq!(info.fmc_manifest_svn, 10); assert_eq!(info.runtime_svn, 10); assert_eq!(info.min_runtime_svn, 10); // Verify revision (Commit ID) and digest of each component @@ -134,6 +134,7 @@ fn test_fw_info() { let info = get_fwinfo(&mut model); assert_eq!(info.runtime_svn, 20); assert_eq!(info.min_runtime_svn, 10); + assert_eq!(info.fmc_manifest_svn, 10); // Make image with older SVN. let mut image_opts5 = image_opts; @@ -149,12 +150,14 @@ fn test_fw_info() { let info = get_fwinfo(&mut model); assert_eq!(info.runtime_svn, 5); assert_eq!(info.min_runtime_svn, 5); + assert_eq!(info.fmc_manifest_svn, 10); // Go back to SVN 20 update_to(&mut model, &image20); let info = get_fwinfo(&mut model); assert_eq!(info.runtime_svn, 20); assert_eq!(info.min_runtime_svn, 5); + assert_eq!(info.fmc_manifest_svn, 10); } #[test] diff --git a/test/tests/caliptra_integration_tests/fake_collateral_boot_test.rs b/test/tests/caliptra_integration_tests/fake_collateral_boot_test.rs index b837701cef..811583c884 100755 --- a/test/tests/caliptra_integration_tests/fake_collateral_boot_test.rs +++ b/test/tests/caliptra_integration_tests/fake_collateral_boot_test.rs @@ -59,6 +59,7 @@ fn fake_boot_test() { &APP_WITH_UART, ImageOptions { fmc_svn: 9, + app_svn: 9, ..Default::default() }, ) @@ -81,6 +82,7 @@ fn fake_boot_test() { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash: owner_pk_desc_hash, fmc_key_manifest_svn: 0b1111111, + runtime_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }, fw_image: Some(&image.to_bytes().unwrap()), diff --git a/test/tests/caliptra_integration_tests/jtag_test.rs b/test/tests/caliptra_integration_tests/jtag_test.rs index 00535c1819..e3615b85d6 100644 --- a/test/tests/caliptra_integration_tests/jtag_test.rs +++ b/test/tests/caliptra_integration_tests/jtag_test.rs @@ -90,6 +90,7 @@ fn gdb_test() { &firmware::APP_WITH_UART, ImageOptions { fmc_svn: 9, + app_svn: 9, ..Default::default() }, ) diff --git a/test/tests/caliptra_integration_tests/smoke_test.rs b/test/tests/caliptra_integration_tests/smoke_test.rs index 7add7c142f..d915d24059 100644 --- a/test/tests/caliptra_integration_tests/smoke_test.rs +++ b/test/tests/caliptra_integration_tests/smoke_test.rs @@ -151,6 +151,7 @@ fn smoke_test() { &firmware::APP_WITH_UART, ImageOptions { fmc_svn: 9, + app_svn: 9, ..Default::default() }, ) @@ -164,6 +165,7 @@ fn smoke_test() { key_manifest_pk_hash: vendor_pk_desc_hash_words, owner_pk_hash: owner_pk_desc_hash_words, fmc_key_manifest_svn: 0b1111111, + runtime_svn: [0x7F, 0, 0, 0], // Equals 7 lms_verify: true, ..Default::default() }; @@ -461,7 +463,8 @@ fn smoke_test() { Some(DiceTcbInfo { vendor: None, model: None, - svn: Some(0x100), + // This is from the SVN in the image (9) + svn: Some(0x109), fwids: vec![DiceFwid { // RT hash_alg: asn1::oid!(2, 16, 840, 1, 101, 3, 4, 2, 2), @@ -559,6 +562,7 @@ fn smoke_test() { ImageOptions { fmc_version: 1, fmc_svn: 10, + app_svn: 10, app_version: 2, ..Default::default() }, @@ -611,7 +615,8 @@ fn smoke_test() { Some(DiceTcbInfo { vendor: None, model: None, - svn: Some(0x100), + // This is from the SVN in the image (10) + svn: Some(0x10A), fwids: vec![DiceFwid { // FMC hash_alg: asn1::oid!(2, 16, 840, 1, 101, 3, 4, 2, 2), diff --git a/test/tests/caliptra_integration_tests/warm_reset.rs b/test/tests/caliptra_integration_tests/warm_reset.rs index c793369829..eb6d6a8110 100644 --- a/test/tests/caliptra_integration_tests/warm_reset.rs +++ b/test/tests/caliptra_integration_tests/warm_reset.rs @@ -30,6 +30,7 @@ fn warm_reset_basic() { &APP_WITH_UART, ImageOptions { fmc_svn: 9, + app_svn: 9, ..Default::default() }, ) @@ -52,6 +53,7 @@ fn warm_reset_basic() { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash: owner_pk_desc_hash, fmc_key_manifest_svn: 0b1111111, + runtime_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }, fw_image: Some(&image.to_bytes().unwrap()), @@ -70,6 +72,7 @@ fn warm_reset_basic() { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash: owner_pk_desc_hash, fmc_key_manifest_svn: 0b1111111, + runtime_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }); @@ -91,6 +94,7 @@ fn warm_reset_during_fw_load() { &APP_WITH_UART, ImageOptions { fmc_svn: 9, + app_svn: 9, ..Default::default() }, ) @@ -113,6 +117,7 @@ fn warm_reset_during_fw_load() { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash: owner_pk_desc_hash, fmc_key_manifest_svn: 0b1111111, + runtime_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }, fw_image: None, @@ -142,6 +147,7 @@ fn warm_reset_during_fw_load() { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash: owner_pk_desc_hash, fmc_key_manifest_svn: 0b1111111, + runtime_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }); diff --git a/test/tests/fips_test_suite/README.md b/test/tests/fips_test_suite/README.md index 38085b0624..414ee0ffa8 100755 --- a/test/tests/fips_test_suite/README.md +++ b/test/tests/fips_test_suite/README.md @@ -72,7 +72,7 @@ Test hooks are needed to meet the following FIPS 140-3 test requirements: | kat_sha1_digest_failure_rom
kat_sha1_digest_mismatch_rom
kat_sha256_digest_failure_rom
kat_sha256_digest_mismatch_rom
kat_sha384_digest_failure_rom
kat_sha384_digest_mismatch_rom
kat_sha2_512_384acc_digest_start_op_failure_rom
kat_sha2_512_384acc_digest_failure_rom
kat_sha2_512_384acc_digest_mismatch_rom
kat_ecc384_signature_generate_failure_rom
kat_ecc384_signature_verify_failure_rom
kat_hmac384_failure_rom
kat_hmac384_tag_mismatch_rom
kat_lms_digest_mismatch_rom | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Enable the hook for triggering an error with the SHA1 KAT
Verify the correct error is returned
Verify we cannot utilize the associated functionality by proving we can't issues commands
Verify an undocumented attempt to clear the error fails
Clear the error with an approved method - restart Caliptra
Verify crypto operations using the engine can be performed | | kat_sha1_digest_failure_rt
kat_sha1_digest_mismatch_rt
kat_sha256_digest_failure_rt
kat_sha256_digest_mismatch_rt
kat_sha384_digest_failure_rt
kat_sha384_digest_mismatch_rt
kat_sha2_512_384acc_digest_start_op_failure_rt
kat_sha2_512_384acc_digest_failure_rt
kat_sha2_512_384acc_digest_mismatch_rt
kat_ecc384_signature_generate_failure_rt
kat_ecc384_signature_verify_failure_rt
kat_hmac384_failure_rt
kat_hmac384_tag_mismatch_rt
kat_lms_digest_mismatch_rt | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Boot to runtime
Enable the hook for triggering an error with the KAT
Issue self test command
Verify the correct error is returned
Verify we cannot utilize the associated functionality by proving we can't issues commands
Verify an undocumented attempt to clear the error fails
Clear the error with an approved method - restart Caliptra
Verify crypto operations using the engine can be performed | | integrity_check_failure_rom | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Corrupt ROM integrity check hash
Verify the correct error is returned
Verify we cannot issue commands
Verify an undocumented attempt to clear the error fails
(Cannot clear this error without changing ROM which would invlove recreating the whole platform with a new ROM and therefore isn't really a continuation of this test) | -| fw_load_error_manifest_marker_mismatch
fw_load_error_manifest_size_mismatch
fw_load_error_vendor_pub_key_digest_invalid
fw_load_error_vendor_pub_key_digest_failure
fw_load_error_vendor_pub_key_digest_mismatch
fw_load_error_owner_pub_key_digest_failure
fw_load_error_owner_pub_key_digest_mismatch
fw_load_error_vendor_ecc_pub_key_index_out_of_bounds
fw_load_error_vendor_ecc_pub_key_revoked
fw_load_error_header_digest_failure
fw_load_error_vendor_ecc_verify_failure
fw_load_error_vendor_ecc_signature_invalid
fw_load_error_vendor_ecc_pub_key_index_mismatch
fw_load_error_owner_ecc_verify_failure
fw_load_error_owner_ecc_signature_invalid
fw_load_error_toc_entry_count_invalid
fw_load_error_toc_digest_failure
fw_load_error_toc_digest_mismatch
fw_load_error_fmc_digest_failure
fw_load_error_fmc_digest_mismatch
fw_load_error_runtime_digest_failure
fw_load_error_runtime_digest_mismatch
fw_load_error_fmc_runtime_overlap
fw_load_error_fmc_runtime_incorrect_order
fw_load_error_owner_ecc_pub_key_invalid_arg
fw_load_error_owner_ecc_signature_invalid_arg
fw_load_error_vendor_pub_key_digest_invalid_arg
fw_load_error_vendor_ecc_signature_invalid_arg
fw_load_error_update_reset_owner_digest_failure
fw_load_error_update_reset_vendor_ecc_pub_key_idx_mismatch
fw_load_error_update_reset_fmc_digest_mismatch
fw_load_error_fmc_load_addr_invalid
fw_load_error_fmc_load_addr_unaligned
fw_load_error_fmc_entry_point_invalid
fw_load_error_fmc_entry_point_unaligned
fw_load_error_fmc_svn_greater_than_max_supported
fw_load_error_fmc_svn_less_than_fuse
fw_load_error_runtime_load_addr_invalid
fw_load_error_runtime_load_addr_unaligned
fw_load_error_runtime_entry_point_invalid
fw_load_error_runtime_entry_point_unaligned
fw_load_error_runtime_svn_greater_than_max_supported
fw_load_error_runtime_svn_less_than_fuse
fw_load_error_image_len_more_than_bundle_size
fw_load_error_vendor_lms_pub_key_index_mismatch
fw_load_error_vendor_lms_verify_failure
fw_load_error_vendor_lms_pub_key_index_out_of_bounds
fw_load_error_vendor_lms_signature_invalid
fw_load_error_fmc_runtime_load_addr_overlap
fw_load_error_owner_lms_verify_failure
fw_load_error_owner_lms_signature_invalid
fw_load_error_vendor_lms_pub_key_revoked
fw_load_error_fmc_size_zero
fw_load_error_runtime_size_zero
fw_load_error_update_reset_vendor_lms_pub_key_idx_mismatch
fw_load_error_fmc_load_address_image_size_arithmetic_overflow
fw_load_error_runtime_load_address_image_size_arithmetic_overflow
fw_load_error_toc_entry_range_arithmetic_overflow | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Make change related to error in fw bundle or fuses
Attempt to load the FW
Verify the correct error is returned
Verify we cannot utilize RT FW by sending a message
Verify an undocumented attempt to clear the error fails
Clear the error with an approved method - restart Caliptra
Verify we can utilize RT FW by sending a message
NOTE: This isn't a specific crypto engine but this still counts as a self test, some of the requirements are tailored toward crypto engines. | +| fw_load_error_manifest_marker_mismatch
fw_load_error_manifest_size_mismatch
fw_load_error_vendor_pub_key_digest_invalid
fw_load_error_vendor_pub_key_digest_failure
fw_load_error_vendor_pub_key_digest_mismatch
fw_load_error_owner_pub_key_digest_failure
fw_load_error_owner_pub_key_digest_mismatch
fw_load_error_vendor_ecc_pub_key_index_out_of_bounds
fw_load_error_vendor_ecc_pub_key_revoked
fw_load_error_header_digest_failure
fw_load_error_vendor_ecc_verify_failure
fw_load_error_vendor_ecc_signature_invalid
fw_load_error_vendor_ecc_pub_key_index_mismatch
fw_load_error_owner_ecc_verify_failure
fw_load_error_owner_ecc_signature_invalid
fw_load_error_toc_entry_count_invalid
fw_load_error_toc_digest_failure
fw_load_error_toc_digest_mismatch
fw_load_error_fmc_digest_failure
fw_load_error_fmc_digest_mismatch
fw_load_error_runtime_digest_failure
fw_load_error_runtime_digest_mismatch
fw_load_error_fmc_runtime_overlap
fw_load_error_fmc_runtime_incorrect_order
fw_load_error_owner_ecc_pub_key_invalid_arg
fw_load_error_owner_ecc_signature_invalid_arg
fw_load_error_vendor_pub_key_digest_invalid_arg
fw_load_error_vendor_ecc_signature_invalid_arg
fw_load_error_update_reset_owner_digest_failure
fw_load_error_update_reset_vendor_ecc_pub_key_idx_mismatch
fw_load_error_update_reset_fmc_digest_mismatch
fw_load_error_fmc_load_addr_invalid
fw_load_error_fmc_load_addr_unaligned
fw_load_error_fmc_entry_point_invalid
fw_load_error_fmc_entry_point_unaligned
fw_load_error_runtime_load_addr_invalid
fw_load_error_runtime_load_addr_unaligned
fw_load_error_runtime_entry_point_invalid
fw_load_error_runtime_entry_point_unaligned
fw_load_error_runtime_svn_greater_than_max_supported
fw_load_error_runtime_svn_less_than_fuse
fw_load_error_image_len_more_than_bundle_size
fw_load_error_vendor_lms_pub_key_index_mismatch
fw_load_error_vendor_lms_verify_failure
fw_load_error_vendor_lms_pub_key_index_out_of_bounds
fw_load_error_vendor_lms_signature_invalid
fw_load_error_fmc_runtime_load_addr_overlap
fw_load_error_owner_lms_verify_failure
fw_load_error_owner_lms_signature_invalid
fw_load_error_vendor_lms_pub_key_revoked
fw_load_error_fmc_size_zero
fw_load_error_runtime_size_zero
fw_load_error_update_reset_vendor_lms_pub_key_idx_mismatch
fw_load_error_fmc_load_address_image_size_arithmetic_overflow
fw_load_error_runtime_load_address_image_size_arithmetic_overflow
fw_load_error_toc_entry_range_arithmetic_overflow | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Make change related to error in fw bundle or fuses
Attempt to load the FW
Verify the correct error is returned
Verify we cannot utilize RT FW by sending a message
Verify an undocumented attempt to clear the error fails
Clear the error with an approved method - restart Caliptra
Verify we can utilize RT FW by sending a message
NOTE: This isn't a specific crypto engine but this still counts as a self test, some of the requirements are tailored toward crypto engines. | | key_pair_consistency_error | TE10.35.04 | Enable hook to corrupt key pair during generation
Trigger the keypair generation (Just boot and allow DICE flow to start?)
Verify the correct error for key pair inconsistency is generated | | fw_load_blank_pub_keys
fw_load_blank_pub_key_hashes | TE10.37.09 | Clear the public keys/hashes from the FW image
Start the FW load
Verify the correct error is returned | | fips_self_test_rom
fips_self_test_rt | TE10.53.02 | Execute FIPS self test command
Verify the output is correct and the self tests pass | diff --git a/test/tests/fips_test_suite/fw_load.rs b/test/tests/fips_test_suite/fw_load.rs index 0d7192bb5b..3821bb7c24 100755 --- a/test/tests/fips_test_suite/fw_load.rs +++ b/test/tests/fips_test_suite/fw_load.rs @@ -792,65 +792,6 @@ fn fw_load_error_fmc_entry_point_unaligned() { ); } -#[test] -fn fw_load_error_fmc_svn_greater_than_max_supported() { - // Generate image - let image_options = ImageOptions { - fmc_svn: 33, - ..Default::default() - }; - let fw_image = build_fw_image(image_options); - - // Set fuses - let gen = ImageGenerator::new(Crypto::default()); - let vendor_pubkey_digest = gen - .vendor_pubkey_digest(&fw_image.manifest.preamble) - .unwrap(); - let fuses = caliptra_hw_model::Fuses { - life_cycle: DeviceLifecycle::Manufacturing, - anti_rollback_disable: false, - key_manifest_pk_hash: vendor_pubkey_digest, - ..Default::default() - }; - - fw_load_error_flow( - Some(fw_image), - Some(fuses), - CaliptraError::IMAGE_VERIFIER_ERR_FMC_SVN_GREATER_THAN_MAX_SUPPORTED.into(), - ); -} - -// IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_MIN_SUPPORTED is defined but never used in the code (svn is a u32) - -#[test] -fn fw_load_error_fmc_svn_less_than_fuse() { - // Generate image - let image_options = ImageOptions { - fmc_svn: 1, - ..Default::default() - }; - let fw_image = build_fw_image(image_options); - - // Set fuses - let gen = ImageGenerator::new(Crypto::default()); - let vendor_pubkey_digest = gen - .vendor_pubkey_digest(&fw_image.manifest.preamble) - .unwrap(); - let fuses = caliptra_hw_model::Fuses { - life_cycle: DeviceLifecycle::Manufacturing, - anti_rollback_disable: false, - key_manifest_pk_hash: vendor_pubkey_digest, - fmc_key_manifest_svn: 0b11, // fuse svn = 2 - ..Default::default() - }; - - fw_load_error_flow( - Some(fw_image), - Some(fuses), - CaliptraError::IMAGE_VERIFIER_ERR_FMC_SVN_LESS_THAN_FUSE.into(), - ); -} - #[test] fn fw_load_error_runtime_load_addr_invalid() { // Generate image