[chip-test] chip_sw_keymgr_key_derivation #21500
Assignees
Labels
Component:ChipLevelTest
Used to filter the chip-level test backlog
IP:keymgr
Priority:P2
Priority: medium
SiVal:Autogen
Generated by script
Milestone
Comments
johngt
added
Component:ChipLevelTest
andrea-caforio
added a commit
to andrea-caforio/opentitan
that referenced
this issue
Oct 9, 2024
keymgr_key_derivation_test_fpga_cw310_sival_rom_ext test was marked as broken in lowRISC#21706. This commit fixes this and addresses lowRISC#21500. The source of the bug is due to the nature of the ROM_EXT that runs through a CDI attestation flow advancing the key manager state to "OwnerRootKey" in the process. This was not accounted for in the test, which assumed an active CreatorRootKey" state (this works for sim_dv tests but not with ROM_EXT). The solution to this issue lies in rendering the test state-agnostic, meaning it will execute its verifications independently of the current key manager state. This approach thus mimics the keymgr_sideload_{aes,kmac,otbn} tests which follow a similar strategy. Signed-off-by: Andrea Caforio <[email protected]>
andrea-caforio
added a commit
to andrea-caforio/opentitan
that referenced
this issue
Oct 9, 2024
keymgr_key_derivation_test_fpga_cw310_sival_rom_ext test was marked as broken in lowRISC#21706. This commit fixes this and addresses lowRISC#21500. The source of the bug is due to the nature of the ROM_EXT that runs through a CDI attestation flow advancing the key manager state to "OwnerRootKey" in the process. This was not accounted for in the test, which assumed an active "CreatorRootKey" state (this works for sim_dv tests but not with ROM_EXT). The solution to this issue lies in rendering the test state-agnostic, meaning it will execute its verifications independently of the current key manager state. This approach thus mimics the keymgr_sideload_{aes,kmac,otbn} tests which follow a similar strategy. Signed-off-by: Andrea Caforio <[email protected]>
andrea-caforio
added a commit
to andrea-caforio/opentitan
that referenced
this issue
Oct 9, 2024
keymgr_key_derivation_test_fpga_cw310_sival_rom_ext test was marked as broken in lowRISC#21706. This commit fixes this and addresses lowRISC#21500. The source of the bug is due to the nature of the ROM_EXT that runs through a CDI attestation flow advancing the key manager state to "OwnerRootKey" in the process. This was not accounted for in the test, which assumed an active "CreatorRootKey" state (this works for sim_dv tests but not with ROM_EXT). The solution to this issue lies in rendering the test state-agnostic, meaning it will execute its verifications independently of the current key manager state. This approach thus mimics the keymgr_sideload_{aes,kmac,otbn} tests which follow a similar strategy. Signed-off-by: Andrea Caforio <[email protected]>
andrea-caforio
added a commit
to andrea-caforio/opentitan
that referenced
this issue
Oct 9, 2024
keymgr_key_derivation_test_fpga_cw310_sival_rom_ext test was marked as broken in lowRISC#21706. This commit fixes this and addresses lowRISC#21500. The source of the bug is due to the nature of the ROM_EXT that runs through a CDI attestation flow advancing the key manager state to "OwnerRootKey" in the process. This was not accounted for in the test, which assumed an active "CreatorRootKey" state (this works for sim_dv tests but not with ROM_EXT). The solution to this issue lies in rendering the test state-agnostic, meaning it will execute its verifications independently of the current key manager state. This approach thus mimics the keymgr_sideload_{aes,kmac,otbn} tests which follow a similar strategy. Signed-off-by: Andrea Caforio <[email protected]>
andrea-caforio
added a commit
to andrea-caforio/opentitan
that referenced
this issue
Oct 10, 2024
keymgr_key_derivation_test_fpga_cw310_sival_rom_ext test was marked as broken in lowRISC#21706. This commit fixes this and addresses lowRISC#21500. The source of the bug is due to the nature of the ROM_EXT that runs through a CDI attestation flow advancing the key manager state to "OwnerRootKey" in the process. This was not accounted for in the test, which assumed an active "CreatorRootKey" state (this works for sim_dv tests but not with ROM_EXT). The solution to this issue lies in rendering the test state-agnostic, meaning it will execute its verifications independently of the current key manager state. This approach thus mimics the keymgr_sideload_{aes,kmac,otbn} tests which follow a similar strategy. Signed-off-by: Andrea Caforio <[email protected]>
jwnrt
pushed a commit
that referenced
this issue
Oct 10, 2024
keymgr_key_derivation_test_fpga_cw310_sival_rom_ext test was marked as broken in #21706. This commit fixes this and addresses #21500. The source of the bug is due to the nature of the ROM_EXT that runs through a CDI attestation flow advancing the key manager state to "OwnerRootKey" in the process. This was not accounted for in the test, which assumed an active "CreatorRootKey" state (this works for sim_dv tests but not with ROM_EXT). The solution to this issue lies in rendering the test state-agnostic, meaning it will execute its verifications independently of the current key manager state. This approach thus mimics the keymgr_sideload_{aes,kmac,otbn} tests which follow a similar strategy. Signed-off-by: Andrea Caforio <[email protected]>
|
Addressed in #24755. |
jwnrt
changed the title
github-actions bot
pushed a commit
that referenced
this issue
Nov 13, 2024
keymgr_key_derivation_test_fpga_cw310_sival_rom_ext test was marked as broken in #21706. This commit fixes this and addresses #21500. The source of the bug is due to the nature of the ROM_EXT that runs through a CDI attestation flow advancing the key manager state to "OwnerRootKey" in the process. This was not accounted for in the test, which assumed an active "CreatorRootKey" state (this works for sim_dv tests but not with ROM_EXT). The solution to this issue lies in rendering the test state-agnostic, meaning it will execute its verifications independently of the current key manager state. This approach thus mimics the keymgr_sideload_{aes,kmac,otbn} tests which follow a similar strategy. Signed-off-by: Andrea Caforio <[email protected]> (cherry picked from commit aa4031d)
luismarques
pushed a commit
that referenced
this issue
Nov 14, 2024
keymgr_key_derivation_test_fpga_cw310_sival_rom_ext test was marked as broken in #21706. This commit fixes this and addresses #21500. The source of the bug is due to the nature of the ROM_EXT that runs through a CDI attestation flow advancing the key manager state to "OwnerRootKey" in the process. This was not accounted for in the test, which assumed an active "CreatorRootKey" state (this works for sim_dv tests but not with ROM_EXT). The solution to this issue lies in rendering the test state-agnostic, meaning it will execute its verifications independently of the current key manager state. This approach thus mimics the keymgr_sideload_{aes,kmac,otbn} tests which follow a similar strategy. Signed-off-by: Andrea Caforio <[email protected]> (cherry picked from commit aa4031d)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Test point name
chip_sw_keymgr_key_derivation
Host side component
Rust?
Opentitantool infrastructure implemented
Yes
Silicon Validation (SiVal)
Yes
Emulation targets
Contact person
Checklist
Please fill out this checklist as items are completed. Link to PRs and issues as appropriate.
The text was updated successfully, but these errors were encountered: