 |
Software APIs
|
|
Software APIs
|
Manifest for boot stage images stored in flash. More...
#include <sw/device/silicon_creator/lib/manifest.h>
Data Fields | |
| union { | |
| sigverify_rsa_buffer_t | rsa_signature |
| RSA signature of the image. More... | |
| ecdsa_p256_signature_t | ecdsa_signature |
| ECDSA P256 signature of the image. More... | |
| }; | |
| The manifest only supports one of the following signatures: More... | |
| manifest_usage_constraints_t | usage_constraints |
| Usage constraints. | |
| union { | |
| sigverify_rsa_buffer_t | rsa_modulus |
| Modulus of the signer's 3072-bit RSA public key. | |
| ecdsa_p256_public_key_t | ecdsa_public_key |
| Signer's ECDSA NIST P256 ECC public key. | |
| }; | |
| The manifest only supports one of the following public key types: More... | |
| uint32_t | address_translation |
| Address translation (hardened boolean). | |
| uint32_t | identifier |
| Manifest identifier. | |
| manifest_version_t | manifest_version |
| Manifest format major and minor version. More... | |
| uint32_t | signed_region_end |
| Offset of the end of the signed region relative to the start of the manifest. | |
| uint32_t | length |
| Length of the image including the manifest in bytes. More... | |
| uint32_t | version_major |
| Image major version. | |
| uint32_t | version_minor |
| Image minor version. | |
| uint32_t | security_version |
| Security version of the image used for anti-rollback protection. | |
| manifest_timestamp_t | timestamp |
| Image timestamp. More... | |
| keymgr_binding_value_t | binding_value |
| Binding value used by key manager to derive secret values. More... | |
| uint32_t | max_key_version |
| Maximum allowed version for keys generated at the next boot stage. | |
| uint32_t | code_start |
| Offset of the start of the executable region of the image from the start of the manifest in bytes. | |
| uint32_t | code_end |
| Offset of the end of the executable region (exclusive) of the image from the start of the manifest in bytes. | |
| uint32_t | entry_point |
| Offset of the first instruction to execute in the image from the start of the manifest in bytes. | |
| manifest_ext_table_t | extensions |
| Extensions. | |
Manifest for boot stage images stored in flash.
OpenTitan secure boot, at a minimum, consists of three boot stages: ROM, ROM_EXT, and the first owner boot stage, e.g. BL0. ROM is stored in the read-only ROM while remaining stages are stored in flash. This structure must be placed at the start of ROM_EXT and first owner boot stage images so that ROM and ROM_EXT can verify the integrity and authenticity of the next stage and configure peripherals as needed before handing over execution.
Use of this struct for stages following the first owner boot stage is optional.
Note: The definitions in sw/host/rom_ext_image_tools/signer/image/src/manifest.rs must be updated if this struct is modified. Please see the instructions in that file.
Definition at line 195 of file manifest.h.
| union { ... } |
The manifest only supports one of the following signatures:
kManifestVersionMajor1: rsa_signature.kManifestVersionMajor2: ecdsa_signature.Both signatures use SHA-256 as the hash function.
On-target verification should also integrate usage constraints comparison to signature verification to harden it against potential attacks. During verification, the digest of an image should be computed by first reading the usage constraints from the hardware and then concatenating the rest of the image:
digest = SHA256(usage_constraints_from_hw || rest_of_the_image)
The start and the length of the region that should be concatenated to the usage constraints read from the hardware can be obtained using manifest_digest_region_get().
| union { ... } |
The manifest only supports one of the following public key types:
kManifestVersionMajor1: rsa_modulus.kManifestVersionMajor2: ecdsa_public_key. | uint32_t manifest::address_translation |
Address translation (hardened boolean).
Definition at line 259 of file manifest.h.
| keymgr_binding_value_t manifest::binding_value |
Binding value used by key manager to derive secret values.
A change in this value changes the secret value of key manager, and consequently, the versioned keys and identity seeds generated at subsequent boot stages.
Definition at line 310 of file manifest.h.
| uint32_t manifest::code_end |
Offset of the end of the executable region (exclusive) of the image from the start of the manifest in bytes.
Definition at line 324 of file manifest.h.
| uint32_t manifest::code_start |
Offset of the start of the executable region of the image from the start of the manifest in bytes.
Definition at line 319 of file manifest.h.
| uint32_t manifest::entry_point |
Offset of the first instruction to execute in the image from the start of the manifest in bytes.
Definition at line 329 of file manifest.h.
| manifest_ext_table_t manifest::extensions |
Extensions.
Definition at line 333 of file manifest.h.
| uint32_t manifest::identifier |
Manifest identifier.
Definition at line 263 of file manifest.h.
| uint32_t manifest::length |
Length of the image including the manifest in bytes.
Note that the length includes the signature but the signature is excluded from the signed region.
Definition at line 283 of file manifest.h.
| manifest_version_t manifest::manifest_version |
Manifest format major and minor version.
These version values can be used to maintain or break forward compatibility in ROM while preserving backward compatibility in ROM_EXT. ROM requires the major version to be kManifestVersionMajor2.
Definition at line 271 of file manifest.h.
| uint32_t manifest::max_key_version |
Maximum allowed version for keys generated at the next boot stage.
Definition at line 314 of file manifest.h.
| uint32_t manifest::security_version |
Security version of the image used for anti-rollback protection.
Definition at line 295 of file manifest.h.
| uint32_t manifest::signed_region_end |
Offset of the end of the signed region relative to the start of the manifest.
Definition at line 276 of file manifest.h.
| manifest_timestamp_t manifest::timestamp |
Image timestamp.
Unix timestamp that gives the creation time of the image, seconds since 00:00:00 on January 1, 1970 UTC (the Unix Epoch).
Definition at line 302 of file manifest.h.
| manifest_usage_constraints_t manifest::usage_constraints |
Usage constraints.
Definition at line 239 of file manifest.h.
| uint32_t manifest::version_major |
Image major version.
Definition at line 287 of file manifest.h.
| uint32_t manifest::version_minor |
Image minor version.
Definition at line 291 of file manifest.h.