[crypto] Add placeholder for key integrity checks.
The checksum algorithm has not yet been decided, but adding this
template will allow implementations something to call in the meantime.
Also exposes a structure for blinded keys. Originally this was supposed
to be hidden, but since the caller needs to allocate it we must expose
the structure.
Signed-off-by: Jade Philipoom <jadep@google.com>
diff --git a/sw/device/lib/crypto/impl/BUILD b/sw/device/lib/crypto/impl/BUILD
index 5d3bd77..a52bad3 100644
--- a/sw/device/lib/crypto/impl/BUILD
+++ b/sw/device/lib/crypto/impl/BUILD
@@ -12,3 +12,15 @@
"//sw/device/lib/crypto/drivers:otbn",
],
)
+
+cc_library(
+ name = "integrity_check",
+ srcs = ["integrity_check.c"],
+ hdrs = [
+ "integrity_check.h",
+ "//sw/device/lib/crypto/include:datatypes.h",
+ ],
+ deps = [
+ "//sw/device/lib/base:hardened",
+ ],
+)
diff --git a/sw/device/lib/crypto/impl/integrity_check.c b/sw/device/lib/crypto/impl/integrity_check.c
new file mode 100644
index 0000000..b1e3789
--- /dev/null
+++ b/sw/device/lib/crypto/impl/integrity_check.c
@@ -0,0 +1,18 @@
+// Copyright lowRISC contributors.
+// Licensed under the Apache License, Version 2.0, see LICENSE for details.
+// SPDX-License-Identifier: Apache-2.0
+
+#include "sw/device/lib/crypto/impl/integrity_check.h"
+
+#include "sw/device/lib/base/hardened.h"
+
+hardened_bool_t unblinded_key_integrity_check(
+ const crypto_unblinded_key_t *key) {
+ // TODO: decide on a checksum algorithm and implement integrity checks.
+ return kHardenedBoolTrue;
+}
+
+hardened_bool_t blinded_key_integrity_check(const crypto_blinded_key_t *key) {
+ // TODO: decide on a checksum algorithm and implement integrity checks.
+ return kHardenedBoolTrue;
+}
diff --git a/sw/device/lib/crypto/impl/integrity_check.h b/sw/device/lib/crypto/impl/integrity_check.h
new file mode 100644
index 0000000..dc8f352
--- /dev/null
+++ b/sw/device/lib/crypto/impl/integrity_check.h
@@ -0,0 +1,48 @@
+// Copyright lowRISC contributors.
+// Licensed under the Apache License, Version 2.0, see LICENSE for details.
+// SPDX-License-Identifier: Apache-2.0
+
+#ifndef OPENTITAN_SW_DEVICE_LIB_CRYPTO_IMPL_INTEGRITY_CHECK_H_
+#define OPENTITAN_SW_DEVICE_LIB_CRYPTO_IMPL_INTEGRITY_CHECK_H_
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include "sw/device/lib/base/hardened.h"
+#include "sw/device/lib/base/macros.h"
+#include "sw/device/lib/crypto/include/datatypes.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif // __cplusplus
+
+/**
+ * Perform an integrity check on the unblinded key.
+ *
+ * Returns `kHardenedBoolTrue` if the check passed and `kHardenedBoolFalse`
+ * otherwise.
+ *
+ * @param key Unblinded key.
+ * @returns Whether the integrity check passed.
+ */
+OT_WARN_UNUSED_RESULT
+hardened_bool_t unblinded_key_integrity_check(
+ const crypto_unblinded_key_t *key);
+
+/**
+ * Perform an integrity check on the blinded key.
+ *
+ * Returns `kHardenedBoolTrue` if the check passed and `kHardenedBoolFalse`
+ * otherwise.
+ *
+ * @param key Blinded key.
+ * @returns Whether the integrity check passed.
+ */
+OT_WARN_UNUSED_RESULT
+hardened_bool_t blinded_key_integrity_check(const crypto_blinded_key_t *key);
+
+#ifdef __cplusplus
+} // extern "C"
+#endif // __cplusplus
+
+#endif // OPENTITAN_SW_DEVICE_LIB_CRYPTO_IMPL_INTEGRITY_CHECK_H_
diff --git a/sw/device/lib/crypto/include/BUILD b/sw/device/lib/crypto/include/BUILD
new file mode 100644
index 0000000..b37a978
--- /dev/null
+++ b/sw/device/lib/crypto/include/BUILD
@@ -0,0 +1,11 @@
+# Copyright lowRISC contributors.
+# Licensed under the Apache License, Version 2.0, see LICENSE for details.
+# SPDX-License-Identifier: Apache-2.0
+
+package(default_visibility = ["//visibility:public"])
+
+load("//rules:opentitan.bzl", "OPENTITAN_CPU")
+load("//rules:opentitan_test.bzl", "opentitan_functest", "verilator_params")
+
+# Export all headers.
+exports_files(glob(["*.h"]))
diff --git a/sw/device/lib/crypto/include/datatypes.h b/sw/device/lib/crypto/include/datatypes.h
index bf53194..d0ffc27 100644
--- a/sw/device/lib/crypto/include/datatypes.h
+++ b/sw/device/lib/crypto/include/datatypes.h
@@ -5,6 +5,8 @@
#ifndef OPENTITAN_SW_DEVICE_LIB_CRYPTO_INCLUDE_DATATYPES_H_
#define OPENTITAN_SW_DEVICE_LIB_CRYPTO_INCLUDE_DATATYPES_H_
+#include "sw/device/lib/base/hardened.h"
+
/**
* @file
* @brief Shared datatypes for the OpenTitan cryptography library.
@@ -27,7 +29,7 @@
// Status is OK; no errors.
kCryptoStatusOK = 0x4d39,
// Invalid input arguments; wrong length or invalid type.
- kCryptoIncorrectInput = 0xbd57,
+ kCryptoStatusBadArgs = 0xbd57,
// Inconsistencies when cross-checking results, witness,checksum.
kCryptoStatusInternalError = 0x86ba,
// An asynchronous operation is still in progress.
@@ -245,13 +247,23 @@
* Struct to handle unmasked key type.
*/
typedef struct crypto_unblinded_key {
- // Mode for which the key usage is intended.
+ /**
+ * Mode for which the key usage is intended.
+ */
key_mode_t key_mode;
- // Key length.
+ /**
+ * Key length in bytes.
+ */
size_t key_length;
- // Implementation specific, storage provided by caller.
+ /**
+ * Implementation specific, storage provided by caller.
+ *
+ * Length in bytes must be equal to `key_length`.
+ */
uint32_t *key;
- // Implementation specific, checksum for this struct.
+ /**
+ * Implementation specific, checksum for this struct.
+ */
uint32_t checksum;
} crypto_unblinded_key_t;
@@ -267,7 +279,34 @@
* integrity purposes. The way the checksum is computed is a
* implementation specific details.
*/
-typedef struct crypto_blinded_key crypto_blinded_key_t;
+typedef struct crypto_blinded_key {
+ /**
+ * Mode for which the key usage is intended.
+ */
+ key_mode_t key_mode;
+ /**
+ * Key length in bytes.
+ */
+ size_t key_length;
+ /**
+ * Implementation specific, storage provided by caller.
+ *
+ * Length in bytes must be equal to `key_length`.
+ */
+ uint32_t *key_blob;
+ /**
+ * True if and only if this represents a hardware-backed key.
+ *
+ * In the case of sideloaded keys, `key_blob` contains the handle used to
+ * generate the key from the key manager, rather than the actual key
+ * material.
+ */
+ hardened_bool_t sideloaded;
+ /**
+ * Implementation specific, checksum for this struct.
+ */
+ uint32_t checksum;
+} crypto_blinded_key_t;
#ifdef __cplusplus
} // extern "C"
