Software APIs
dice_keys.c
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 
5 #include "sw/device/silicon_creator/lib/drivers/keymgr.h"
6 #include "sw/device/silicon_creator/manuf/lib/flash_info_fields.h"
7 
8 // UDS (Creator) attestation key diverisfier constants.
9 // Note: versions are always set to 0 so these keys are always valid from the
10 // perspective of the keymgr hardware.
11 const sc_keymgr_diversification_t kUdsKeymgrDiversifier = {
12  .salt =
13  {
14  0xabffa6a9,
15  0xc781f1ad,
16  0x4c1107ad,
17  0xf9210d85,
18  0x0931f555,
19  0x6c5aef5d,
20  0xb9ba4df0,
21  0x77b248d2,
22  },
23  .version = 0,
24 };
25 // CDI_0 (OwnerIntermediate) attestation key diverisfier constants.
26 const sc_keymgr_diversification_t kCdi0KeymgrDiversifier = {
27  .salt =
28  {
29  0x3e5913c7,
30  0x41156f1d,
31  0x998ddb9f,
32  0xfa334191,
33  0x8a85380e,
34  0xba76ca1a,
35  0xdb17c4a7,
36  0xfb8852dc,
37  },
38  .version = 0,
39 };
40 // CDI_1 (Owner) attestation key diverisfier constants.
41 const sc_keymgr_diversification_t kCdi1KeymgrDiversifier = {
42  .salt =
43  {
44  0x2d12c2e3,
45  0x6acc6876,
46  0x4bfb07ee,
47  0xc45fc414,
48  0x5d4fa9de,
49  0xf295b128,
50  0x50f49882,
51  0xbbdefa29,
52  },
53  .version = 0,
54 };
55 
56 const sc_keymgr_ecc_key_t kDiceKeyUds = {
57  .type = kScKeymgrKeyTypeAttestation,
58  .keygen_seed_idx = kFlashInfoFieldUdsKeySeedIdx,
59  .keymgr_diversifier = &kUdsKeymgrDiversifier,
60  .required_keymgr_state = kScKeymgrStateCreatorRootKey,
61 };
62 
63 const sc_keymgr_ecc_key_t kDiceKeyCdi0 = {
64  .type = kScKeymgrKeyTypeAttestation,
65  .keygen_seed_idx = kFlashInfoFieldCdi0KeySeedIdx,
66  .keymgr_diversifier = &kCdi0KeymgrDiversifier,
67  .required_keymgr_state = kScKeymgrStateOwnerIntermediateKey,
68 };
69 
70 const sc_keymgr_ecc_key_t kDiceKeyCdi1 = {
71  .type = kScKeymgrKeyTypeAttestation,
72  .keygen_seed_idx = kFlashInfoFieldCdi1KeySeedIdx,
73  .keymgr_diversifier = &kCdi1KeymgrDiversifier,
74  .required_keymgr_state = kScKeymgrStateOwnerKey,
75 };
Return to OpenTitan Documentation