[test] e2e_bootstrap_rma: Hardcode RMA_TOKEN in OTP For reproducibility, this commit also adds a Python script that generates the RMA_TOKEN from a hardcoded preimage. This script is equivalent to lc_ctrl's token hashing mechanism [0]. It's also equivalent to the DV function `dec_otp_token_from_lc_csrs()`. [0]: https://docs.opentitan.org/hw/ip/lc_ctrl/doc/#token-hashing-mechanism Signed-off-by: Dan McArdle <dmcardle@opentitan.org>
diff --git a/sw/device/silicon_creator/rom/e2e/BUILD b/sw/device/silicon_creator/rom/e2e/BUILD index 8b7747f..36067cc 100644 --- a/sw/device/silicon_creator/rom/e2e/BUILD +++ b/sw/device/silicon_creator/rom/e2e/BUILD
@@ -459,6 +459,21 @@ "CREATOR_SW_CFG_RMA_SPIN_CYCLES": "10", }, ), + otp_partition( + name = "SECRET2", + items = { + # This RMA token is a cSHAKE128 digest. The preimage is + # hardcoded into the test harness [0] and the tool that + # generated this token [1]. + # + # [0]: //sw/host/tests/rom/e2e_bootstrap_rma + # [1]: //sw/host/tests/rom/e2e_bootstrap_rma:gen_rma_token + "RMA_TOKEN": "0x1faf9056acde66561685549803a28bec", + "CREATOR_ROOT_KEY_SHARE0": "<random>", + "CREATOR_ROOT_KEY_SHARE1": "<random>", + }, + lock = True, + ), ], visibility = ["//visibility:private"], )
diff --git a/sw/host/tests/rom/e2e_bootstrap_rma/BUILD b/sw/host/tests/rom/e2e_bootstrap_rma/BUILD index f5033a6..1f943a0 100644 --- a/sw/host/tests/rom/e2e_bootstrap_rma/BUILD +++ b/sw/host/tests/rom/e2e_bootstrap_rma/BUILD
@@ -20,3 +20,10 @@ "//third_party/rust/crates:structopt", ], ) + +py_binary( + name = "gen_rma_token", + srcs = [ + "gen_rma_token.py", + ], +)
diff --git a/sw/host/tests/rom/e2e_bootstrap_rma/gen_rma_token.py b/sw/host/tests/rom/e2e_bootstrap_rma/gen_rma_token.py new file mode 100644 index 0000000..28115a0 --- /dev/null +++ b/sw/host/tests/rom/e2e_bootstrap_rma/gen_rma_token.py
@@ -0,0 +1,19 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# SPDX-License-Identifier: Apache-2.0 + +from Crypto.Hash import cSHAKE128 + +TOKEN_LEN = 16 +# This hardcoded preimage was generated by `secrets.token_bytes(16)`. +TOKEN_PREIMAGE = b'S\xa3\x81+ZL\x04\xa4\x85\xda\xac%-\x14\\\xaf' + +if __name__ == '__main__': + hash_obj = cSHAKE128.new(data=TOKEN_PREIMAGE, custom=b'LC_CTRL') + digest_bytes = hash_obj.read(TOKEN_LEN) + digest_int = int.from_bytes(digest_bytes, byteorder='little') + + preimage_literal = '[' + ','.join(hex(byte) for byte in TOKEN_PREIMAGE) + ']' + literal = f'0x{digest_int:032x}' + print(f'preimage literal: {preimage_literal}') + print(f'postimage literal: {literal}')