blob: ab159abf6dc38478df0a972c1d8618e330b1716b [file] [log] [blame]
// Copyright lowRISC contributors.
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0
#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_ROM_SIGVERIFY_KEYS_H_
#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_ROM_SIGVERIFY_KEYS_H_
#include <stdint.h>
#include "sw/device/silicon_creator/lib/drivers/lifecycle.h"
#include "sw/device/silicon_creator/lib/error.h"
#include "sw/device/silicon_creator/lib/sigverify/rsa_key.h"
#ifdef __cplusplus
extern "C" {
#endif // __cplusplus
/**
* Key types.
*
* The life cycle states in which a key can be used depend on its type.
*
* Encoding generated with
* $ ./util/design/sparse-fsm-encode.py -d 6 -m 3 -n 32 \
* -s 1985033815 --language=c
*
* Minimum Hamming distance: 15
* Maximum Hamming distance: 18
* Minimum Hamming weight: 13
* Maximum Hamming weight: 16
*/
typedef enum sigverify_key_type {
/**
* A key used for manufacturing, testing, and RMA.
*
* Keys of this type can be used only in TEST_UNLOCKED* and RMA life cycle
* states.
*/
kSigverifyKeyTypeTest = 0x3ff0c819,
/**
* A production key.
*
* Keys of this type can be used in all operational life cycle states, i.e.
* states in which CPU execution is enabled.
*/
kSigverifyKeyTypeProd = 0x43a839ad,
/**
* A development key.
*
* Keys of this type can be used only in the DEV life cycle state.
*/
kSigverifyKeyTypeDev = 0x7a01a471,
} sigverify_key_type_t;
enum {
/**
* Number of key validity entries per OTP word.
*
* Validity of each public key is encoded using a byte-sized
* `hardened_byte_bool_t` in the `CREATOR_SW_CFG_SIGVERIFY_RSA_KEY_EN` OTP
* item. Size of a `hardened_byte_bool_t` is 1 byte, thus each 32-bit OTP word
* has 4 entries.
*/
kSigverifyNumEntriesPerOtpWord = sizeof(uint32_t),
};
/**
* An RSA public key stored in ROM.
*/
typedef struct sigverify_rom_key {
/**
* An RSA public key.
*/
sigverify_rsa_key_t key;
/**
* Type of the key.
*/
sigverify_key_type_t key_type;
} sigverify_rom_key_t;
/**
* Number of RSA public keys.
*/
extern const size_t kSigverifyRsaKeysCnt;
/**
* Step size to use when checking RSA public keys.
*
* This must be coprime with and less than `kSigverifyNumRsaKeys`.
* Note: Step size is not applicable when `kSigverifyNumRsaKeys` is 1.
*/
extern const size_t kSigverifyRsaKeysStep;
/**
* Public keys for signature verification.
*/
extern const sigverify_rom_key_t kSigverifyRsaKeys[];
/**
* Returns the key with the given ID.
*
* This function returns the key only if it can be used in the given life cycle
* state and is valid in OTP. OTP check is performed only if the device is in a
* non-test operational state (PROD, PROD_END, DEV, RMA).
*
* @param key_id A key ID.
* @param lc_state Life cycle state of the device.
* @param key Key with the given ID, valid only if it exists.
* @return Result of the operation.
*/
rom_error_t sigverify_rsa_key_get(uint32_t key_id, lifecycle_state_t lc_state,
const sigverify_rsa_key_t **key);
#ifdef __cplusplus
} // extern "C"
#endif // __cplusplus
#endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_ROM_SIGVERIFY_KEYS_H_