Google Git
Sign in
opensecura/3p/lowrisc/opentitan/c92fa305b5443d2f2f51764d41f8d00b39e3b13d^!/.
commit
c92fa305b5443d2f2f51764d41f8d00b39e3b13d
[log]
author
Michael Schaffner <msf@opentitan.org>
Wed May 26 12:09:47 2021 -0700
committer
Michael Schaffner <msf@google.com>
Wed May 26 14:45:14 2021 -0700
tree
d7262fecb35512c8eae5d53600d4812bedba3015
parent
bc67abeba3703aa7bce1a1b13d11c9079db762a4 [diff]
[lc_ctrl] Add cSHAKE128 token hashing to the LC scripts

Signed-off-by: Michael Schaffner <msf@opentitan.org>

diff --git a/hw/ip/lc_ctrl/rtl/lc_ctrl_state_pkg.sv b/hw/ip/lc_ctrl/rtl/lc_ctrl_state_pkg.sv
index 71d4438..c97f2cc 100644
--- a/hw/ip/lc_ctrl/rtl/lc_ctrl_state_pkg.sv
+++ b/hw/ip/lc_ctrl/rtl/lc_ctrl_state_pkg.sv

@@ -262,10 +262,10 @@
     128'h1C8BE2FF12790AE2E6D6A68151CBD084
   };
   parameter lc_token_t AllZeroTokenHashed = {
-    128'h0
+    128'h8D05B96D5FD2C1D5F15FCFAE5B305238
   };
   parameter lc_token_t RndCnstRawUnlockTokenHashed = {
-    128'h1C8BE2FF12790AE2E6D6A68151CBD084
+    128'h14150A19925EFAC7CAB0921065A33FEE
   };
 
 endpackage : lc_ctrl_state_pkg

diff --git a/util/design/lib/LcStEnc.py b/util/design/lib/LcStEnc.py
index 1f80151..ddbecd6 100644
--- a/util/design/lib/LcStEnc.py
+++ b/util/design/lib/LcStEnc.py

@@ -7,6 +7,7 @@
 import logging as log
 import random
 from collections import OrderedDict
+from Crypto.Hash import cSHAKE128
 
 from lib.common import (check_int, ecc_encode, get_hd, hd_histogram,
                         is_valid_codeword, random_or_hexvalue, scatter_bits)
@@ -181,14 +182,24 @@
     '''Validates and hashes the tokens'''
     config.setdefault('token_size', 128)
     config['token_size'] = check_int(config['token_size'])
+    # This needs to be byte aligned
+    if config['token_size'] % 8:
+        raise ValueError('Size of token {} must be byte aligned'
+                         .format(token['name']))
+
+    num_bytes = config['token_size'] // 8
 
     hashed_tokens = []
     for token in config['tokens']:
         random_or_hexvalue(token, 'value', config['token_size'])
         hashed_token = OrderedDict()
         hashed_token['name'] = token['name'] + 'Hashed'
-        # TODO: plug in PRESENT-based hashing algo or KMAC
-        hashed_token['value'] = token['value']
+        data = token['value'].to_bytes(num_bytes, byteorder='big')
+        # Custom string chosen for life cycle KMAC App interface
+        custom = 'LC_CTRL'.encode('UTF-8')
+        hashobj = cSHAKE128.new(data=data, custom=custom)
+        hashed_token['value'] = int.from_bytes(hashobj.read(num_bytes),
+                                               byteorder='big')
         hashed_tokens.append(hashed_token)
 
     config['tokens'] += hashed_tokens