[sw,rom_ext] Replace exponent with address translation in manifest.
We needed to make two changes to the manifest:
* remove the exponent field (since only one exponent, 65537, is now
supported), and
* add a field to indicate whether the `ROM_EXT` expects address
translation.
Since the two fields are the same size, it causes minimum disruption in
padding/offsets to simply replace one with the other.
Signed-off-by: Jade Philipoom <jadep@google.com>
diff --git a/doc/security/specs/ownership_transfer/_index.md b/doc/security/specs/ownership_transfer/_index.md
index bdd9463..6b7a6d5 100644
--- a/doc/security/specs/ownership_transfer/_index.md
+++ b/doc/security/specs/ownership_transfer/_index.md
@@ -32,7 +32,7 @@
### CODE_SIGN
* **Description**: Used to verify the Silicon Owner first bootloader stage.
-* **Key Type**: RSA-3072 public key with exponent 3 or F4.
+* **Key Type**: RSA-3072 public key with exponent F4.
### UNLOCK
diff --git a/sw/device/silicon_creator/lib/manifest.h b/sw/device/silicon_creator/lib/manifest.h
index 586556c..a0696b8 100644
--- a/sw/device/silicon_creator/lib/manifest.h
+++ b/sw/device/silicon_creator/lib/manifest.h
@@ -149,9 +149,9 @@
*/
sigverify_rsa_buffer_t modulus;
/**
- * Exponent of the signer's RSA public key.
+ * Address translation (hardened boolean).
*/
- uint32_t exponent;
+ uint32_t address_translation;
/**
* Manifest identifier.
*/
@@ -214,7 +214,7 @@
OT_ASSERT_MEMBER_OFFSET(manifest_t, signature, 0);
OT_ASSERT_MEMBER_OFFSET(manifest_t, usage_constraints, 384);
OT_ASSERT_MEMBER_OFFSET(manifest_t, modulus, 432);
-OT_ASSERT_MEMBER_OFFSET(manifest_t, exponent, 816);
+OT_ASSERT_MEMBER_OFFSET(manifest_t, address_translation, 816);
OT_ASSERT_MEMBER_OFFSET(manifest_t, identifier, 820);
OT_ASSERT_MEMBER_OFFSET(manifest_t, length, 824);
OT_ASSERT_MEMBER_OFFSET(manifest_t, version_major, 828);
diff --git a/sw/device/silicon_creator/rom_ext/docs/manifest.md b/sw/device/silicon_creator/rom_ext/docs/manifest.md
index ffca969..87a100d 100644
--- a/sw/device/silicon_creator/rom_ext/docs/manifest.md
+++ b/sw/device/silicon_creator/rom_ext/docs/manifest.md
@@ -34,7 +34,7 @@
| `manuf_state_owner` | 4 | 4 | 424 | `uint32_t` |
| `life_cycle_state` | 4 | 4 | 428 | `uint32_t` |
| `modulus` | 384 | 4 | 432 | `uint32_t[96]` |
-| `exponent` | 4 | 4 | 816 | `uint32_t` |
+| `address_translation` | 4 | 4 | 816 | `uint32_t` |
| `identifier` | 4 | 4 | 820 | `uint32_t` |
| `length` | 4 | 4 | 824 | `uint32_t` |
| `version_major` | 4 | 4 | 828 | `uint32_t` |
@@ -83,8 +83,10 @@
* `modulus`: Modulus of the signer's 3072-bit RSA public key.
-* `exponent`: Exponent of the signer's RSA public key. The only values
- supported by OpenTitan are 3 and 65537.
+* `address_translation`: A hardened boolean representing whether address
+ translation should be used for the `ROM_EXT` (see the [Ibex wrapper
+ documentation](https://docs.opentitan.org/hw/ip/rv_core_ibex/doc/)).
+ This value should be either `0x739` (true) or `0x1d4` (false).
* `identifier`: Image identifier used to identify boot stage images. The
value of this field must be `0x4552544f` (ASCII: "OTRE") for a `ROM_EXT`
diff --git a/sw/host/opentitanlib/src/image/manifest.rs b/sw/host/opentitanlib/src/image/manifest.rs
index 0c76754..daa26e6 100644
--- a/sw/host/opentitanlib/src/image/manifest.rs
+++ b/sw/host/opentitanlib/src/image/manifest.rs
@@ -43,7 +43,7 @@
pub signature: SigverifyRsaBuffer,
pub usage_constraints: ManifestUsageConstraints,
pub modulus: SigverifyRsaBuffer,
- pub exponent: u32,
+ pub address_translation: u32,
pub identifier: u32,
pub length: u32,
pub version_major: u32,
@@ -117,7 +117,7 @@
assert_eq!(offset_of!(Manifest, signature), 0);
assert_eq!(offset_of!(Manifest, usage_constraints), 384);
assert_eq!(offset_of!(Manifest, modulus), 432);
- assert_eq!(offset_of!(Manifest, exponent), 816);
+ assert_eq!(offset_of!(Manifest, address_translation), 816);
assert_eq!(offset_of!(Manifest, identifier), 820);
assert_eq!(offset_of!(Manifest, length), 824);
assert_eq!(offset_of!(Manifest, version_major), 828);
diff --git a/sw/host/opentitanlib/src/image/manifest_def.rs b/sw/host/opentitanlib/src/image/manifest_def.rs
index 9a011f8..2cd3e04 100644
--- a/sw/host/opentitanlib/src/image/manifest_def.rs
+++ b/sw/host/opentitanlib/src/image/manifest_def.rs
@@ -93,7 +93,7 @@
signature: ManifestBigInt,
usage_constraints: ManifestUsageConstraintsDef,
modulus: ManifestBigInt,
- exponent: ManifestSmallInt<u32>,
+ address_translation: ManifestSmallInt<u32>,
identifier: ManifestSmallInt<u32>,
length: ManifestSmallInt<u32>,
version_major: ManifestSmallInt<u32>,
diff --git a/sw/host/opentitanlib/src/image/testdata/manifest.hjson b/sw/host/opentitanlib/src/image/testdata/manifest.hjson
index 87e3c7f..a7c165b 100644
--- a/sw/host/opentitanlib/src/image/testdata/manifest.hjson
+++ b/sw/host/opentitanlib/src/image/testdata/manifest.hjson
@@ -94,9 +94,9 @@
*/
modulus: "0xA54D06061A27A2F6AE70F6A1FA51A840F62B64864E20DD713F633420802359DA7AD61881B2B7A6C4B57D4BBD84966168CA1F1C2FC843940BA18EAA436A12E3E17DEE78F3E1603F2BAB4CC60F4703C6CFBACC2F231E9090AAB18851531FC8AB95845D007D774C66140DB8474ABDA36DA28549DC59713C4750E23317FE46FED91672D2CFB91C37331E1CB4A94BA0C5E87F0A869FE39C55CA686F4943B305AA1890CBED0A33A37A51DECB0627DB353EAAEB48BC2C3FCC710D6D35F8DE11342FBC4CB697687A55999572C7F34B5837749BCA8CA48D073D30D71006B0C7056BF073814CD1A262454FBD003BCD6871999413F0C2E8C321B0534714D8E542B1398D0080B1A11919D66EDA8F467D309624ED7AE596B16EB082BFC17F2E6F33BCEAEEF18133582475406F4F784C3DABD22935D01C84B5C2638A8C287C93173C620D5050BAF8D4CC8C1D2FE2A40407A7D609F2C164CF0BB48508C441C252A930489A50994876CAFACE79D48B6C1234C915320527E335AAED816C39EAAC0123456789012345"
/**
- * Exponent of the signer's RSA public key.
+ * Address translation (hardened boolean).
*/
- exponent: 3
+ address_translation: "0x00000739"
/**
* Manifest identifier.
*/
diff --git a/sw/host/rom_ext_image_tools/signer/README.md b/sw/host/rom_ext_image_tools/signer/README.md
index 56d2451..e68ae9d 100644
--- a/sw/host/rom_ext_image_tools/signer/README.md
+++ b/sw/host/rom_ext_image_tools/signer/README.md
@@ -59,7 +59,7 @@
Please note that some field values are known upfront, however other must be
obtained at runtime. Fields like (but not limited to) signature public modulus
-and signature key public exponent are extracted separately.
+are extracted separately.
Complex fields such as "Peripheral Lockdown Info" have a separate data
structure.
diff --git a/sw/host/rom_ext_image_tools/signer/image/src/manifest.rs b/sw/host/rom_ext_image_tools/signer/image/src/manifest.rs
index af7de91..ac577c6 100644
--- a/sw/host/rom_ext_image_tools/signer/image/src/manifest.rs
+++ b/sw/host/rom_ext_image_tools/signer/image/src/manifest.rs
@@ -43,7 +43,7 @@
pub signature: SigverifyRsaBuffer,
pub usage_constraints: ManifestUsageConstraints,
pub modulus: SigverifyRsaBuffer,
- pub exponent: u32,
+ pub address_translation: u32,
pub identifier: u32,
pub length: u32,
pub version_major: u32,
@@ -118,7 +118,7 @@
assert_eq!(offset_of!(Manifest, signature), 0);
assert_eq!(offset_of!(Manifest, usage_constraints), 384);
assert_eq!(offset_of!(Manifest, modulus), 432);
- assert_eq!(offset_of!(Manifest, exponent), 816);
+ assert_eq!(offset_of!(Manifest, address_translation), 816);
assert_eq!(offset_of!(Manifest, identifier), 820);
assert_eq!(offset_of!(Manifest, length), 824);
assert_eq!(offset_of!(Manifest, version_major), 828);
diff --git a/sw/host/rom_ext_image_tools/signer/src/main.rs b/sw/host/rom_ext_image_tools/signer/src/main.rs
index ef0d57a..436ee86 100644
--- a/sw/host/rom_ext_image_tools/signer/src/main.rs
+++ b/sw/host/rom_ext_image_tools/signer/src/main.rs
@@ -133,6 +133,7 @@
*image.manifest = Manifest {
identifier,
length: u32::try_from(image.bytes().len())?,
+ address_translation: 0x739u32, // kHardenedBoolTrue
code_start: {
let addr = u32::try_from(
elf.section_by_name(".vectors")
@@ -164,14 +165,6 @@
..Default::default()
};
- let exponent_be = key.public_exponent_be();
- let dest = image.manifest.exponent.as_bytes_mut().iter_mut();
- let src = exponent_be.iter().rev().copied();
- ensure!(dest.len() >= src.len(), "Unexpected exponent length.");
- for (d, s) in Iterator::zip(dest, src) {
- *d = s;
- }
-
let modulus_be = key.public_modulus_be();
let dest = image.manifest.modulus.as_bytes_mut().iter_mut();
let src = modulus_be.iter().rev().copied();
