[feat] ROM ALIAS FMC DICE changes for MLDSA support

chipsalliance · Nov 20, 2024 · cf0bbde · cf0bbde
1 parent 98df8cb
commit cf0bbde
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 27 deletions.
diff --git a/rom/dev/src/flow/cold_reset/fmc_alias.rs b/rom/dev/src/flow/cold_reset/fmc_alias.rs
@@ -48,10 +48,15 @@ impl FmcAliasLayer {
     ) -> CaliptraResult<()> {
         cprintln!("[afmc] ++");
         cprintln!("[afmc] CDI.KEYID = {}", KEY_ID_ROM_FMC_CDI as u8);
-        cprintln!("[afmc] SUBJECT.KEYID = {}", KEY_ID_FMC_ECDSA_PRIV_KEY as u8);
         cprintln!(
-            "[afmc] ECC AUTHORITY.KEYID = {}",
-            input.ecc_auth_key_pair.priv_key as u8
+            "[afmc] ECC SUBJECT.KEYID = {}, MLDSA SUBJECT.KEYID = {}",
+            KEY_ID_FMC_ECDSA_PRIV_KEY as u8,
+            KEY_ID_FMC_MLDSA_KEYPAIR_SEED as u8
+        );
+        cprintln!(
+            "[afmc] ECC AUTHORITY.KEYID = {}, MLDSA AUTHORITY.KEYID = {}",
+            input.ecc_auth_key_pair.priv_key as u8,
+            input.mldsa_auth_key_pair.key_pair_seed as u8
         );
 
         // We use the value of PCR0 as the measurement for deriving the CDI.
@@ -62,31 +67,34 @@ impl FmcAliasLayer {
         measurement.0.zeroize();
         result?;
 
-        // Derive DICE Key Pair from CDI
-        let ecc_key_pair =
-            Self::derive_key_pair(env, KEY_ID_ROM_FMC_CDI, KEY_ID_FMC_ECDSA_PRIV_KEY)?;
+        // Derive DICE ECC and MLDSA Key Pairs from CDI
+        let (ecc_key_pair, mldsa_key_pair) = Self::derive_key_pair(
+            env,
+            KEY_ID_ROM_FMC_CDI,
+            KEY_ID_FMC_ECDSA_PRIV_KEY,
+            KEY_ID_FMC_MLDSA_KEYPAIR_SEED,
+        )?;
 
         // Generate the Subject Serial Number and Subject Key Identifier.
         //
         // This information will be used by next DICE Layer while generating
         // certificates
         let ecc_subj_sn = X509::subj_sn(env, &PubKey::Ecc(&ecc_key_pair.pub_key))?;
+        let mldsa_subj_sn = X509::subj_sn(env, &PubKey::Mldsa(&mldsa_key_pair.pub_key))?;
         report_boot_status(FmcAliasSubjIdSnGenerationComplete.into());
 
         let ecc_subj_key_id = X509::subj_key_id(env, &PubKey::Ecc(&ecc_key_pair.pub_key))?;
+        let mldsa_subj_key_id = X509::subj_key_id(env, &PubKey::Mldsa(&mldsa_key_pair.pub_key))?;
         report_boot_status(FmcAliasSubjKeyIdGenerationComplete.into());
 
         // Generate the output for next layer
         let mut output = DiceOutput {
             ecc_subj_key_pair: ecc_key_pair,
             ecc_subj_sn,
             ecc_subj_key_id,
-            mldsa_subj_key_id: [0; 20],
-            mldsa_subj_key_pair: MlDsaKeyPair {
-                key_pair_seed: KEY_ID_FMC_MLDSA_KEYPAIR_SEED,
-                pub_key: Default::default(),
-            },
-            mldsa_subj_sn: [0; 64],
+            mldsa_subj_key_pair: mldsa_key_pair,
+            mldsa_subj_sn,
+            mldsa_subj_key_id,
         };
 
         // Generate FMC Alias Certificate
@@ -111,7 +119,7 @@ impl FmcAliasLayer {
     fn derive_cdi(env: &mut RomEnv, measurements: &Array4x12, cdi: KeyId) -> CaliptraResult<()> {
         let mut measurements: [u8; 48] = measurements.into();
 
-        let result = Crypto::hmac384_kdf(env, cdi, b"fmc_alias_cdi", Some(&measurements), cdi);
+        let result = Crypto::hmac384_kdf(env, cdi, b"alias_fmc_cdi", Some(&measurements), cdi);
         measurements.zeroize();
         result?;
         report_boot_status(FmcAliasDeriveCdiComplete.into());
@@ -124,7 +132,8 @@ impl FmcAliasLayer {
     ///
     /// * `env`      - ROM Environment
     /// * `cdi`      - Composite Device Identity
-    /// * `priv_key` - Key slot to store the private key into
+    /// * `ecc_priv_key` - Key slot to store the ECC private key into
+    /// * `mldsa_keypair_seed` - Key slot to store the MLDSA key pair seed
     ///
     /// # Returns
     ///
@@ -133,16 +142,23 @@ impl FmcAliasLayer {
     fn derive_key_pair(
         env: &mut RomEnv,
         cdi: KeyId,
-        priv_key: KeyId,
-    ) -> CaliptraResult<Ecc384KeyPair> {
-        let result = Crypto::ecc384_key_gen(env, cdi, b"fmc_alias_keygen", priv_key);
+        ecc_priv_key: KeyId,
+        mldsa_keypair_seed: KeyId,
+    ) -> CaliptraResult<(Ecc384KeyPair, MlDsaKeyPair)> {
+        let result = Crypto::ecc384_key_gen(env, cdi, b"alias_fmc_ecc_key", ecc_priv_key);
         if cfi_launder(result.is_ok()) {
             cfi_assert!(result.is_ok());
-            report_boot_status(FmcAliasKeyPairDerivationComplete.into());
         } else {
             cfi_assert!(result.is_err());
         }
-        result
+        let ecc_keypair = result?;
+
+        // Derive the MLDSA Key Pair.
+        let mldsa_key_pair =
+            Crypto::mldsa_key_gen(env, cdi, b"alias_fmc_mldsa_key", mldsa_keypair_seed)?;
+
+        report_boot_status(FmcAliasKeyPairDerivationComplete.into());
+        Ok((ecc_keypair, mldsa_key_pair))
     }
 
     /// Generate Local Device ID Certificate Signature
@@ -240,6 +256,8 @@ impl FmcAliasLayer {
         //  Copy TBS to DCCM.
         copy_tbs(tbs.tbs(), TbsType::FmcaliasTbs, env)?;
 
+        // [CAP2][TODO] Generate MLDSA certificate signature, TBS.
+
         report_boot_status(FmcAliasCertSigGenerationComplete.into());
         Ok(())
     }

diff --git a/test/src/derive.rs b/test/src/derive.rs
@@ -420,14 +420,14 @@ impl FmcAliasKey {
     pub fn derive(pcr0: &Pcr0, ldevid: &LDevId) -> Self {
         let mut cdi: [u32; 12] = transmute!(hmac384_kdf(
             swap_word_bytes(&ldevid.cdi).as_bytes(),
-            b"fmc_alias_cdi",
+            b"alias_fmc_cdi",
             Some(swap_word_bytes(&pcr0.0).as_bytes()),
         ));
         swap_word_bytes_inplace(&mut cdi);
 
         let mut priv_key_seed: [u32; 12] = transmute!(hmac384_kdf(
             swap_word_bytes(&cdi).as_bytes(),
-            b"fmc_alias_keygen",
+            b"alias_fmc_ecc_key",
             None
         ));
         swap_word_bytes_inplace(&mut priv_key_seed);
@@ -519,13 +519,13 @@ fn test_derive_fmc_alias_key() {
     assert_eq!(
         fmc_alias_key,
         FmcAliasKey {
-            cdi: [
-                0xf4fb8b09, 0xc9233adb, 0x3dfade39, 0xb656f0ef, 0x151404dc, 0xf4fe787a, 0x0664baea,
-                0xe9d2de59, 0x22401c7c, 0x59087111, 0xd3aeb5b1, 0x368742da
-            ],
             priv_key: [
-                0x81a4f53c, 0xeb0749ca, 0x77b0fe32, 0x33fd9798, 0x7412f652, 0xded8f8a5, 0x39a9ebbd,
-                0x75ce2870, 0xb5f62bb3, 0x25376504, 0xa34f286c, 0x849ea86c,
+                0xB0490161, 0xA1D2393A, 0x752E2F60, 0x4BB9A01E, 0x293B9E47, 0x61698007, 0x2CED9BAF,
+                0x1F828679, 0xCB5054CD, 0xFD0EB072, 0x8D6BE59F, 0x75C55332
+            ],
+            cdi: [
+                0xCEAA7956, 0x4E5A8809, 0x7F1BF1B8, 0xA3A9C903, 0x37B4335F, 0xEA8A93D2, 0x5D02F1BF,
+                0x16B1A537, 0xFE5DB006, 0xD8427583, 0x72C836F1, 0x9BE74AF5,
             ],
         }
     );