Skip to content

Commit 7fad165

Browse files
rivos-eblotrivos-eblot
committed
[ot] hw/opentitan: ot_otp: make constant configurable at runtime
Signed-off-by: Emmanuel Blot <eblot@rivosinc.com>
1 parent b6628f2 commit 7fad165

File tree

5 files changed

+505
-410
lines changed

5 files changed

+505
-410
lines changed

docs/opentitan/otcfg.md

Lines changed: 28 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,8 @@ Depending on the machine, the parameters may either override default constants d
2020
code - such as default cryptographic constants that are already exposed in the public OpenTitan
2121
repository - or be required in the configuration file for the matching device to become functional.
2222

23-
Beware **not** to store such a configuration file into a public repository!
23+
⚠️ Beware **not** to store such a configuration file into a public repository if it contains
24+
production data!
2425

2526
## Syntax
2627

@@ -61,3 +62,29 @@ Constants can usually be retrieved from the OpenTitan autogenerated "top" HSJON
6162
nonce = "0123456789abcdef"
6263
```
6364
where `<romid>` is the ROM identifier as documented [here](rom_ctrl.md#romid)
65+
66+
### OTP controller [otp]
67+
68+
```ini
69+
[ot_device "ot-otp-dj"]
70+
# 256-bit scramble key, match RndCnstOtpCtrlScrmblKeyInit
71+
scrmbl_key = "ffeeddccbbaa99887766554433221100ffeeddccbbaa99887766554433221100"
72+
# consistency digest
73+
digest_const = "ffeeddccbbaa99887766554433221100"
74+
digest_iv = "0123456789abcdef"
75+
# SRAM data key
76+
sram_const = "ffeeddccbbaa99887766554433221100"
77+
sram_iv = "0123456789abcdef"
78+
# 20-byte sequence of the first non-RAW life cycle state (LC_STATE_TESTUNLOCKED0)
79+
lc_state_first = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
80+
# 20-byte sequence of the last valid life cycle state (LC_STATE_SCRAP)
81+
lc_state_last = "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"
82+
# 24-byte sequence for the first non-RAW transition count (#1)
83+
lc_trscnt_first = "cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc"
84+
# 24-byte sequence for the last transition count (#24)
85+
lc_trscnt_last = "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd"
86+
```
87+
88+
Here, `digest_const` is expected to match the `--constant` argument of the [otptool.py](otptool.md)
89+
tool, whereas `digest_iv` is expected to match its `--iv` argument. Should those values differ,
90+
OpenTitan OTP controller would fail to verify the OTP partition digests.

0 commit comments

Comments
 (0)