Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[dice] Refactor some dice related constants and APIs #25023

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

[dice] Refactor some dice related constants and APIs #25023

wants to merge 3 commits into from

Conversation

tommychiu-github
Copy link
Contributor

Some DICE key creation constants and utilities are invoked by several modules.
Refactor them for a better code reuse.

@tommychiu-github tommychiu-github requested a review from a team as a code owner November 6, 2024 04:19
@tommychiu-github tommychiu-github requested review from pamaury and removed request for a team November 6, 2024 04:19
@tommychiu-github
Copy link
Contributor Author

@timothytrippel for viz.

@tommychiu-github
[util] Move curr_tbs_signature_le_to_be_convert to util library
c5dbe61 
It'll be invoked by several modules, so move it to base:util library for
code reuse.

Signed-off-by: Tommy Chiu <[email protected]>
@tommychiu-github
[dice] Move dice key related seeds to a separate library
6a6647a 
Both X509 and CWT DICE implementations need these definitions. Move it
out from the original source file for code reuse.

Signed-off-by: Tommy Chiu <[email protected]>
@tommychiu-github
[dice,ctw] Add more cbor wrappers for auto-gen cwt template
6c60a5c 
The autogen source from templates needs some more APIs to utilize the
Cbor structure, including
- calculate the size of a given cbor argument
- add a bstr/tstr header with size, and rewind the cursor
- copy the war data from input pointer to the CborOut buffer

Signed-off-by: Tommy Chiu <[email protected]>
timothytrippel
timothytrippel reviewed Nov 7, 2024
View reviewed changes
sw/device/silicon_creator/lib/cert/cbor.c
return kErrorOk; \
} while (0)

inline rom_error_t cbor_write_out_init(struct CborOut *p, void *buf,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you want to keep all of these inline functions in the header file and mark then static inline. You can still share them with everything that include the header. It ensure they get inlined without LTO: https://stackoverflow.com/a/47821267 (applies to all inline functions)

sw/device/silicon_creator/lib/cert/cbor.h
CborWriteBstr(data_size, data, p);
CBOR_CHECK_OVERFLOWED_AND_RETURN(p);
}
rom_error_t cbor_write_out_init(struct CborOut *p, void *buf,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

all functions prototypes in the header file should have doxygen style comments: https://cs.opensource.google/opentitan/opentitan/+/master:sw/device/lib/testing/i2c_testutils.h;l=158

sw/device/silicon_creator/lib/cert/cbor.h
CborWriteBstr(data_size, data, p);
CBOR_CHECK_OVERFLOWED_AND_RETURN(p);
}
rom_error_t cbor_write_out_init(struct CborOut *p, void *buf,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
rom_error_t cbor_write_out_init(struct CborOut *p, void *buf,
OT_WARN_UNUSED
rom_error_t cbor_write_out_init(struct CborOut *p, void *buf,

?

sw/device/silicon_creator/lib/cert/BUILD
Comment on lines +134 to +135
"//sw/device/silicon_creator/lib/cert:dice_keys",
"//sw/device/silicon_creator/manuf/lib:flash_info_fields",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are these two deps needed here?

sw/device/silicon_creator/lib/base/util.h
kUtilEcdsaP256SignatureComponentBytes =
kUtilEcdsaP256SignatureComponentBits / 8,
/**
* Size of an attestation signature component in 32b words.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Size of an attestation signature component in 32b words.
* Size of an ECDSA signature component in 32b words.

sw/device/silicon_creator/lib/base/util.h
*/
kUtilEcdsaP256SignatureComponentBits = 256,
/**
* Size of an attestation signature component in bytes.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Size of an attestation signature component in bytes.
* Size of an ECDSA signature component in bytes.

sw/device/silicon_creator/lib/base/util.h
@@ -12,6 +12,23 @@
extern "C" {
#endif

enum {
/**
* Size of an attestation signature component in bits.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Size of an attestation signature component in bits.
* Size of an ECDSA signature component in bits.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timothytrippel timothytrippel timothytrippel left review comments

@pamaury pamaury Awaiting requested review from pamaury pamaury is a code owner automatically assigned from lowRISC/ot-c-cpp-reviewers

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tommychiu-github @timothytrippel