[rom_ext] Remove Signature Algorithm Identifier

This field was being used to encode the Hash algorithm we had chosen. We are using the PKCS1 v1.5 padding scheme, so this information is now redundant. I have chosen to leave a reserved field in the manifest here, instead of moving all the other fields, as a prudent measure in case we need a small field in the header in the future. Signed-off-by: Sam Elliott <[email protected]>
tomeroberts · Dec 9, 2020 · 284b400 · 284b400
1 parent 23cbb9c
commit 284b400
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 53 deletions.
diff --git a/sw/device/rom_exts/docs/manifest.md b/sw/device/rom_exts/docs/manifest.md
@@ -62,10 +62,10 @@ At which point you can find the format in `${OUT_DIR}/manifest.txt`
 +                        image_timestamp                        +
 |                                                               |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-|                 signature_algorithm_identifier                |
-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                 signature_key_public_exponent                 |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                          - reserved -                         |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                                                               |
 +                                                               +
 |                                                               |
@@ -203,24 +203,6 @@ Notes:
 
     *Alignment* This is 64-bit aligned.
 
-1.  **Signature Algorithm Identifier** This identifies which algorithm has been
-    used to sign the ROM_EXT Image. This is a 32-bit enumeration value.
-
-    This is used when signing and validating the image. This happens in the
-    Mask ROM, as well as during firmware update.
-
-    `0x0` denotes an unsigned image. Unsigned images **must not** be booted.
-
-    The initial version of the Mask ROM will support the following message
-    digest algorithms:
-
-    *   SHA2-265
-    *   SHA2-384
-    *   SHA2-512
-
-    The specific signature scheme is as yet undefined, but will be based on
-    RSA-3072, and one of the message digest algorithms above.
-
 1.  **Signature Key Public Exponent** This is the RSA public exponent to be used
     during signature verification. This is a 32-bit numeric value.
 
@@ -344,7 +326,11 @@ Notes:
 
     This would have been used by the Mask ROM as an input for the key manager.
 
-# Development Versions (Subject to Change)
+*   **Signature Algorithm Identifier** We originally planned to have this field
+    in the ROM_EXT manifest, but with the padding scheme, it is redundant, so it
+    has been removed.
+
+## Development Versions (Subject to Change)
 
 **ROM_EXT Manifest Identifier**: `0x4552544F` (Reads "OTRE" when Disassembled --
 OpenTitan ROM_EXT)

diff --git a/sw/device/rom_exts/manifest.hjson b/sw/device/rom_exts/manifest.hjson
@@ -58,15 +58,6 @@
       size: 64,
       alignment: 64,
     },
-    {
-      name: "signature_algorithm_identifier",
-      desc: '''ROM_EXT Manifest signature algorithm identifier.
-
-            TODO
-            ''',
-      type: "field",
-      size: 32,
-    },
     {
       name: "signature_key_public_exponent",
       desc: '''ROM_EXT Manifest Signature Key Public Exponent.
@@ -76,6 +67,10 @@
       type: "field",
       size: 32,
     },
+    {
+      type: "reserved",
+      size: 32,
+    }
     {
       name: "usage_constraints",
       desc: '''ROM_EXT Manifest usage constraints.

diff --git a/sw/device/rom_exts/rom_ext_manifest_parser.c b/sw/device/rom_exts/rom_ext_manifest_parser.c
@@ -79,11 +79,6 @@ uint64_t rom_ext_get_timestamp(rom_ext_manifest_t params) {
   return ((uint64_t)timestamp_high << 32) | timestamp_low;
 }
 
-uint32_t rom_ext_get_algorithm_id(rom_ext_manifest_t params) {
-  return mmio_region_read32(params.base_addr,
-                            ROM_EXT_SIGNATURE_ALGORITHM_IDENTIFIER_OFFSET);
-}
-
 uint32_t rom_ext_get_signature_key_public_exponent(rom_ext_manifest_t params) {
   return mmio_region_read32(params.base_addr,
                             ROM_EXT_SIGNATURE_KEY_PUBLIC_EXPONENT_OFFSET);

diff --git a/sw/device/rom_exts/rom_ext_manifest_parser.h b/sw/device/rom_exts/rom_ext_manifest_parser.h
@@ -208,17 +208,6 @@ uint32_t rom_ext_get_version(rom_ext_manifest_t params);
  */
 uint64_t rom_ext_get_timestamp(rom_ext_manifest_t params);
 
-/**
- * Retrieves the ROM_EXT signature algorithm identifier.
- *
- * The memory address where ROM_EXT signature algorithm identifier field
- * resides, is relative.
- *
- * @param params Parameters required for manifest parsing.
- * @return ROM_EXT signature algorithm identifier.
- */
-uint32_t rom_ext_get_algorithm_id(rom_ext_manifest_t params);
-
 /**
  * Retrieves the ROM_EXT Signature Key Public Exponent.
  *

diff --git a/sw/device/tests/rom_ext/rom_ext_parser_unittest.cc b/sw/device/tests/rom_ext/rom_ext_parser_unittest.cc
@@ -109,13 +109,6 @@ TEST_F(ImageTimestampGetTest, Success) {
   EXPECT_EQ(rom_ext_get_timestamp(params_), 0xababababcdcdcdcd);
 }
 
-class AlgorithmIdGetTest : public ParserTest {};
-
-TEST_F(AlgorithmIdGetTest, Success) {
-  EXPECT_READ32(ROM_EXT_SIGNATURE_ALGORITHM_IDENTIFIER_OFFSET, 0xa5a5a5a5);
-  EXPECT_EQ(rom_ext_get_algorithm_id(params_), 0xa5a5a5a5);
-}
-
 class SignatureKeyPublicExponentGetTest : public ParserTest {};
 
 TEST_F(SignatureKeyPublicExponentGetTest, Success) {