Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[pa,spm] enhance DeriveSymmetricKeys to gen multiple keys and hashed OT LC tokens #32

Merged
merged 6 commits into from
Oct 8, 2024
Merged

[pa,spm] enhance DeriveSymmetricKeys to gen multiple keys and hashed OT LC tokens #32

merged 6 commits into from
Oct 8, 2024

Conversation

timothytrippel
Copy link
Collaborator

This enhances the DeriveSymmetricKey RPC function (and renames it to DeriveSymmetricKeys) to be able to:

  • generate multiple keys with one invocation, and
  • generate cSHAKE128 hashed OT LC tokens.

Overall this will increase the performance of the provisioning system as a whole by reducing the number of round-trips between the tester and PA/SPM.

Note: this depends on #31. Only review the last two commits.

@timothytrippel
[pa] add SKU to DeriveSymmetricKeyRequest message proto
66d467e 
This SKU string is required in order to retrieve the SE session that
backs the SPM service.

Signed-off-by: Tim Trippel <[email protected]>
@timothytrippel
[pa,spm] implement DeriveSymmetricKey RPC
319e4a4 
This updates the PA and SPM to implement the `DeriveSymmetricKey` key
RPC function. This partially addresses lowRISC#4.

Signed-off-by: Tim Trippel <[email protected]>
@timothytrippel
[sku] add sival OpenTitan Earlgrey SKU for testing
dbd75f8 
This adds a `sival` OpenTitan Earlgrey SKU configuration for testing.
Additionally this removes the execute privilege bits on the SKU YAML
config files.

Signed-off-by: Tim Trippel <[email protected]>
@timothytrippel
[test] add sival SKU integration tests
9ee3896 
This updates the PA loadtest and integration test script to enable
testing the sival SKU provisioning sequence that now includes invoking
the DeriveSymmetricKey function on the PA and SPM.

Part of refactoring the loadtest will enable testing additional SKUs in
the future as well.

Signed-off-by: Tim Trippel <[email protected]>
@timothytrippel
[pa,spm] enhance DeriveSymmetricKeys to gen multiple keys
69624d4 
This enhances the `DeriveSymmetricKey` RPC function (and renames it to
`DeriveSymmetricKeys`) to be able to generate multiple keys with one
invocation. This will increase the performance of the provisioning
system as a whole by reducing the number of round-trips between the
tester and PA/SPM.

Signed-off-by: Tim Trippel <[email protected]>
@timothytrippel
[spm] add ability to generate hashed OT LC tokens
545261a 
This updates the SPM to enable generating cSHAKE128 hashed OpenTitan
lifecycle tokens using the DeriveSymmetricKeys RPC function.

This partially addresses lowRISC#4.

Signed-off-by: Tim Trippel <[email protected]>
@timothytrippel timothytrippel mentioned this pull request Oct 8, 2024
Closed
@timothytrippel timothytrippel merged commit 892487b into lowRISC:main Oct 8, 2024
4 checks passed
@timothytrippel timothytrippel mentioned this pull request Oct 8, 2024
Closed
@timothytrippel timothytrippel deleted the impl-derrive-seed-pt2 branch October 8, 2024 16:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moidx moidx moidx approved these changes

@cfrantz cfrantz Awaiting requested review from cfrantz

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@timothytrippel @moidx