[manuf] send additional CA key ID to host during perso

This updates the ManufCertgenInputs ujson data payload sent to the
device during personalization to pass an additional CA key ID (serial
number) to address #24955.

Signed-off-by: Tim Trippel <[email protected]>

sw/device/lib/testing/json/provisioning_data.h

@@ -73,7 +73,8 @@ UJSON_SERDE_STRUCT(LcTokenHash, \
     field(owner_manifest_measurement, uint32_t, 8) \
     field(owner_measurement, uint32_t, 8) \
     field(owner_security_version, uint32_t) \
-    field(auth_key_key_id, uint8_t, 20)
+    field(dice_auth_key_key_id, uint8_t, 20) \
+    field(ext_auth_key_key_id, uint8_t, 20)
 UJSON_SERDE_STRUCT(ManufCertgenInputs, \
                    manuf_certgen_inputs_t, \
                    STRUCT_MANUF_CERTGEN_INPUTS);

sw/device/silicon_creator/manuf/base/ft_personalize.c

@@ -434,9 +434,9 @@ static status_t personalize_gen_dice_certificates(ujson_t *uj) {
   // sw/host/provisioning/ft_lib/src/lib.rs
   LOG_INFO("Waiting for certificate inputs ...");
   TRY(ujson_deserialize_manuf_certgen_inputs_t(uj, &certgen_inputs));
-  // We copy over the TPM/UDS endorsement key ID to an SHA256 digest type, since
+  // We copy over the UDS endorsement key ID to an SHA256 digest type, since
   // this is the format of key IDs generated on-dice.
-  memcpy(uds_endorsement_key_id.digest, certgen_inputs.auth_key_key_id,
+  memcpy(uds_endorsement_key_id.digest, certgen_inputs.dice_auth_key_key_id,
          kCertKeyIdSizeInBytes);
 
   // Initialize entropy complex / KMAC for key manager operations.

sw/device/silicon_creator/manuf/base/tpm_personalize_ext.c

@@ -61,7 +61,7 @@ static status_t personalize_gen_tpm_ek_certificate(
     cert_flash_info_layout_t *cert_flash_layout) {
   size_t curr_cert_size = 0;
   // Set the endorsement key ID.
-  memcpy(tpm_endorsement_key_id.digest, certgen_inputs->auth_key_key_id,
+  memcpy(tpm_endorsement_key_id.digest, certgen_inputs->ext_auth_key_key_id,
          kCertKeyIdSizeInBytes);
 
   // Set the flash info page layout.

sw/host/provisioning/ft/src/main.rs

@@ -158,14 +158,16 @@ fn main() -> Result<()> {
     let owner_measurement =
         hex_string_to_u32_arrayvec::<8>(opts.provisioning_data.owner_measurement.as_str())?;
     let owner_security_version = opts.provisioning_data.owner_security_version;
-    let ca_key_id = hex_string_to_u8_arrayvec::<20>(ca_cfgs["dice"].key_id.as_str())?;
+    let dice_ca_key_id = hex_string_to_u8_arrayvec::<20>(ca_cfgs["dice"].key_id.as_str())?;
+    let ext_ca_key_id = hex_string_to_u8_arrayvec::<20>(ca_cfgs["ext"].key_id.as_str())?;
     let _perso_certgen_inputs = ManufCertgenInputs {
         rom_ext_measurement: rom_ext_measurement.clone(),
         rom_ext_security_version,
         owner_manifest_measurement: owner_manifest_measurement.clone(),
         owner_measurement: owner_measurement.clone(),
         owner_security_version,
-        auth_key_key_id: ca_key_id.clone(),
+        dice_auth_key_key_id: dice_ca_key_id.clone(),
+        ext_auth_key_key_id: ext_ca_key_id.clone(),
     };
 
     // Only run test unlock operation if we are in a locked LC state.