[silicon_creator/sw] refactor the otbn_boot_attestation_keygen function
#22622
Assignees
Labels
Component:Software
Issue related to Software
Manufacturing
Issues related to manufacturing tasks (hw or sw)
Priority:P1
Priority: high
SW:ROM_EXT
ROM_EXT related issues
Type:Task
Tasks, to-do list.
Milestone
Comments
timothytrippel
added
SW:ROM_EXT
timothytrippel
changed the title
otbn_boot_attestation_keygen function to:otbn_boot_attestation_keygen function to:
timothytrippel
changed the title
otbn_boot_attestation_keygen function to:otbn_boot_attestation_keygen function to
timothytrippel
changed the title
otbn_boot_attestation_keygen function tootbn_boot_attestation_keygen function
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
Apr 24, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]>
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
Apr 24, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]>
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
Apr 25, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]>
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
Apr 27, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]>
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
Apr 29, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]>
timothytrippel
added a commit
that referenced
this issue
Apr 30, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes #22622. Signed-off-by: Tim Trippel <[email protected]>
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
Apr 30, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]> (cherry picked from commit 641d4e0)
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
May 1, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]> (cherry picked from commit 641d4e0)
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
May 3, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]> (cherry picked from commit 641d4e0)
timothytrippel
added a commit
to timothytrippel/opentitan
that referenced
this issue
May 3, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes lowRISC#22622. Signed-off-by: Tim Trippel <[email protected]> (cherry picked from commit 641d4e0)
timothytrippel
added a commit
that referenced
this issue
May 4, 2024
This refactors the OTBN boot services library, and silicon_creator keymgr driver to enable generating two types attestation keys: 1. DICE keys, that are based on the attestation side of the key ladder, and 2. TPM keys, that are based on the sealing side of the key ladder. This fixes #22622. Signed-off-by: Tim Trippel <[email protected]> (cherry picked from commit 641d4e0)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
To enable #22573, we need to refactor the
otbn_boot_attestation_keygenfunction to: allow selecting which side of the key ladder we are generating a key from. For the TPM key case we want to generate from thesealingside, but as is currently written, theotbn_boot_attestation_keygenfunction callssc_keymgr_generate_attestation_key_otbnhere, which under the hood, selects theattestationside of the key ladder here.Originally posted by @timothytrippel in #22573 (comment)
The text was updated successfully, but these errors were encountered: