commit 31a5c9c9ad75ce89c6fa67cb5b6237722472b2bb
author Dan McArdle <dmcardle@opentitan.org> Thu Mar 02 13:39:48 2023 -0500
committer Timothy Trippel <5633066+timothytrippel@users.noreply.github.com> Tue Mar 14 09:58:31 2023 -0700
tree 595496d5b0615e85dc290dde08ef85ec94f4cd7d
parent 71261a0cd22b7f29bf7e729661b44f58897168c4

[test] e2e_bootstrap_rma: Hardcode RMA_TOKEN in OTP

For reproducibility, this commit also adds a Python script that
generates the RMA_TOKEN from a hardcoded preimage. This script is
equivalent to lc_ctrl's token hashing mechanism [0]. It's also
equivalent to the DV function `dec_otp_token_from_lc_csrs()`.

[0]: https://docs.opentitan.org/hw/ip/lc_ctrl/doc/#token-hashing-mechanism

Signed-off-by: Dan McArdle <dmcardle@opentitan.org>

sw/device/silicon_creator/rom/e2e/BUILD

diff --git a/sw/device/silicon_creator/rom/e2e/BUILD b/sw/device/silicon_creator/rom/e2e/BUILD
index 8b7747f..36067cc 100644
--- a/sw/device/silicon_creator/rom/e2e/BUILD
+++ b/sw/device/silicon_creator/rom/e2e/BUILD
@@ -459,6 +459,21 @@
                 "CREATOR_SW_CFG_RMA_SPIN_CYCLES": "10",
             },
         ),
+        otp_partition(
+            name = "SECRET2",
+            items = {
+                # This RMA token is a cSHAKE128 digest. The preimage is
+                # hardcoded into the test harness [0] and the tool that
+                # generated this token [1].
+                #
+                # [0]: //sw/host/tests/rom/e2e_bootstrap_rma
+                # [1]: //sw/host/tests/rom/e2e_bootstrap_rma:gen_rma_token
+                "RMA_TOKEN": "0x1faf9056acde66561685549803a28bec",
+                "CREATOR_ROOT_KEY_SHARE0": "<random>",
+                "CREATOR_ROOT_KEY_SHARE1": "<random>",
+            },
+            lock = True,
+        ),
     ],
     visibility = ["//visibility:private"],
 )

sw/host/tests/rom/e2e_bootstrap_rma/BUILD

diff --git a/sw/host/tests/rom/e2e_bootstrap_rma/BUILD b/sw/host/tests/rom/e2e_bootstrap_rma/BUILD
index f5033a6..1f943a0 100644
--- a/sw/host/tests/rom/e2e_bootstrap_rma/BUILD
+++ b/sw/host/tests/rom/e2e_bootstrap_rma/BUILD
@@ -20,3 +20,10 @@
         "//third_party/rust/crates:structopt",
     ],
 )
+
+py_binary(
+    name = "gen_rma_token",
+    srcs = [
+        "gen_rma_token.py",
+    ],
+)

sw/host/tests/rom/e2e_bootstrap_rma/gen_rma_token.py

diff --git a/sw/host/tests/rom/e2e_bootstrap_rma/gen_rma_token.py b/sw/host/tests/rom/e2e_bootstrap_rma/gen_rma_token.py
new file mode 100644
index 0000000..28115a0
--- /dev/null
+++ b/sw/host/tests/rom/e2e_bootstrap_rma/gen_rma_token.py
@@ -0,0 +1,19 @@
+# Copyright lowRISC contributors.
+# Licensed under the Apache License, Version 2.0, see LICENSE for details.
+# SPDX-License-Identifier: Apache-2.0
+
+from Crypto.Hash import cSHAKE128
+
+TOKEN_LEN = 16
+# This hardcoded preimage was generated by `secrets.token_bytes(16)`.
+TOKEN_PREIMAGE = b'S\xa3\x81+ZL\x04\xa4\x85\xda\xac%-\x14\\\xaf'
+
+if __name__ == '__main__':
+    hash_obj = cSHAKE128.new(data=TOKEN_PREIMAGE, custom=b'LC_CTRL')
+    digest_bytes = hash_obj.read(TOKEN_LEN)
+    digest_int = int.from_bytes(digest_bytes, byteorder='little')
+
+    preimage_literal = '[' + ','.join(hex(byte) for byte in TOKEN_PREIMAGE) + ']'
+    literal = f'0x{digest_int:032x}'
+    print(f'preimage literal: {preimage_literal}')
+    print(f'postimage literal: {literal}')