Software APIs
util.h
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 
5 #ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_MANUF_LIB_UTIL_H_
6 #define OPENTITAN_SW_DEVICE_SILICON_CREATOR_MANUF_LIB_UTIL_H_
7 
8 #include <stdint.h>
9 
10 #include "sw/device/lib/base/status.h"
11 #include "sw/device/lib/crypto/include/datatypes.h"
12 #include "sw/device/lib/dif/dif_otp_ctrl.h"
13 
14 /**
15  * Hashes a lifecycle transition token to prepare it to be written to OTP.
16  *
17  * According to the Lifecycle Controller's specification:
18  *
19  * "All 128bit lock and unlock tokens are passed through a cryptographic one way
20  * function in hardware before the life cycle controller compares them to the
21  * provisioned values ...", and
22  * "The employed one way function is a 128bit cSHAKE hash with the function name
23  * “” and customization string “LC_CTRL”".
24  *
25  * @param raw_token The raw token to be hashed.
26  * @param token_size_bytes The expected hashed token size in bytes.
27  * @param[out] hashed_token The hashed token.
28  * @return Result of the hash operation.
29  */
30 OT_WARN_UNUSED_RESULT
31 status_t manuf_util_hash_lc_transition_token(const uint32_t *raw_token,
32  size_t token_size_bytes,
33  uint64_t *hashed_token);
34 
35 /**
36  * Computes a SHA256 digest of the specified OTP partition.
37  *
38  * Acceptable OTP partitions are:
39  * - VendorTest
40  * - CreatorSwCfg
41  * - OwnerSwCfg
42  *
43  * For the *SwCfg partitions, the entire hash can be written to the UDS
44  * (Creator) certificate DiceTcbInfo extension (specifically the `fwids` field),
45  * and the least-significant 64-bits can be written to the corresponding OTP
46  * *_SW_CFG partition digest CSRs.
47  *
48  * @param partition The OTP partition to use.
49  * @param[out] output The output hash.
50  * @return Result of the hash operation.
51  */
52 OT_WARN_UNUSED_RESULT
53 status_t manuf_util_hash_otp_partition(const dif_otp_ctrl_t *otp_ctrl,
54  dif_otp_ctrl_partition_t partition,
55  otcrypto_word32_buf_t hash);
56 
57 #endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_MANUF_LIB_UTIL_H_
Return to OpenTitan Documentation