Addressing PR feedback: Iteration 1

drivers/src/hmac384_kdf.rs → drivers/src/hmac_kdf.rs

@@ -4,7 +4,7 @@ Licensed under the Apache-2.0 license.
 
 File Name:
 
-    hmac384_kdf.rs
+    hmac_kdf.rs
 
 Abstract:
 

drivers/src/lib.rs

@@ -32,7 +32,7 @@ mod fuse_bank;
 pub mod fuse_log;
 pub mod hand_off;
 mod hmac;
-mod hmac384_kdf;
+mod hmac_kdf;
 mod key_vault;
 mod kv_access;
 mod lms;
@@ -77,7 +77,7 @@ pub use fuse_bank::{
 };
 pub use hand_off::FirmwareHandoffTable;
 pub use hmac::{Hmac, HmacData, HmacKey, HmacMode, HmacOp, HmacTag};
-pub use hmac384_kdf::hmac_kdf;
+pub use hmac_kdf::hmac_kdf;
 pub use key_vault::{KeyId, KeyUsage, KeyVault};
 pub use kv_access::{KeyReadArgs, KeyWriteArgs};
 pub use lms::{

kat/src/kats_env.rs

@@ -17,8 +17,8 @@ pub struct KatsEnv<'a> {
     // SHA2-512/384 Accelerator
     pub sha2_512_384_acc: &'a mut Sha2_512_384Acc,
 
-    /// Hmac384 Engine
-    pub hmac384: &'a mut Hmac,
+    /// Hmac-512/384 Engine
+    pub hmac: &'a mut Hmac,
 
     /// Cryptographically Secure Random Number Generator
     pub trng: &'a mut Trng,

kat/src/lib.rs

@@ -59,7 +59,7 @@ pub fn execute_kat(env: &mut KatsEnv) -> CaliptraResult<()> {
     Ecc384Kat::default().execute(env.ecc384, env.trng)?;
 
     cprintln!("[kat] HMAC-384Kdf");
-    Hmac384KdfKat::default().execute(env.hmac384, env.trng)?;
+    Hmac384KdfKat::default().execute(env.hmac, env.trng)?;
 
     cprintln!("[kat] LMS");
     LmsKat::default().execute(env.sha256, env.lms)?;

rom/dev/src/flow/cold_reset/fw_processor.rs

@@ -71,8 +71,8 @@ impl FirmwareProcessor {
             // SHA2-512/384 Accelerator
             sha2_512_384_acc: &mut env.sha2_512_384_acc,
 
-            // Hmac Engine
-            hmac384: &mut env.hmac,
+            // Hmac-512/384 Engine
+            hmac: &mut env.hmac,
 
             /// Cryptographically Secure Random Number Generator
             trng: &mut env.trng,

rom/dev/src/main.rs

@@ -139,8 +139,8 @@ pub extern "C" fn rom_entry() -> ! {
             // SHA2-512/384 Accelerator
             sha2_512_384_acc: &mut env.sha2_512_384_acc,
 
-            // Hmac Engine
-            hmac384: &mut env.hmac,
+            // Hmac-512/384 Engine
+            hmac: &mut env.hmac,
 
             /// Cryptographically Secure Random Number Generator
             trng: &mut env.trng,

runtime/src/certify_key_extended.rs

@@ -55,7 +55,7 @@ impl CertifyKeyExtendedCmd {
             &mut drivers.sha384,
             &mut drivers.trng,
             &mut drivers.ecc384,
-            &mut drivers.hmac384,
+            &mut drivers.hmac,
             &mut drivers.key_vault,
             &mut pdata.fht.rt_dice_pub_key,
             key_id_rt_cdi,

runtime/src/disable.rs

@@ -55,7 +55,7 @@ impl DisableAttestationCmd {
     fn zero_rt_cdi(drivers: &mut Drivers) -> CaliptraResult<()> {
         let key_id_rt_cdi = Drivers::get_key_id_rt_cdi(drivers)?;
         hmac_kdf(
-            &mut drivers.hmac384,
+            &mut drivers.hmac,
             HmacKey::Array4x12(&Array4x12::default()),
             b"zero_rt_cdi",
             None,

runtime/src/dpe_crypto.rs

@@ -43,7 +43,7 @@ impl<'a> DpeCrypto<'a> {
         sha384: &'a mut Sha384,
         trng: &'a mut Trng,
         ecc384: &'a mut Ecc384,
-        hmac384: &'a mut Hmac,
+        hmac: &'a mut Hmac,
         key_vault: &'a mut KeyVault,
         rt_pub_key: &'a mut Ecc384PubKey,
         key_id_rt_cdi: KeyId,
@@ -53,7 +53,7 @@ impl<'a> DpeCrypto<'a> {
             sha384,
             trng,
             ecc384,
-            hmac: hmac384,
+            hmac,
             key_vault,
             rt_pub_key,
             key_id_rt_cdi,

runtime/src/drivers.rs

@@ -81,8 +81,8 @@ pub struct Drivers {
     // SHA2-512/384 Accelerator
     pub sha2_512_384_acc: Sha2_512_384Acc,
 
-    /// Hmac384 Engine
-    pub hmac384: Hmac,
+    /// Hmac-512/384 Engine
+    pub hmac: Hmac,
 
     /// Cryptographically Secure Random Number Generator
     pub trng: Trng,
@@ -133,7 +133,7 @@ impl Drivers {
             sha256: Sha256::new(Sha256Reg::new()),
             sha384: Sha384::new(Sha512Reg::new()),
             sha2_512_384_acc: Sha2_512_384Acc::new(Sha512AccCsr::new()),
-            hmac384: Hmac::new(HmacReg::new()),
+            hmac: Hmac::new(HmacReg::new()),
             ecc384: Ecc384::new(EccReg::new()),
             sha1: Sha1::default(),
             lms: Lms::default(),
@@ -384,7 +384,7 @@ impl Drivers {
             &mut drivers.sha384,
             &mut drivers.trng,
             &mut drivers.ecc384,
-            &mut drivers.hmac384,
+            &mut drivers.hmac,
             &mut drivers.key_vault,
             &mut pdata.fht.rt_dice_pub_key,
             key_id_rt_cdi,

runtime/src/fips.rs

@@ -159,8 +159,8 @@ pub mod fips_self_test_cmd {
             // SHA2-512/384 Accelerator
             sha2_512_384_acc: &mut env.sha2_512_384_acc,
 
-            // Hmac384 Engine
-            hmac384: &mut env.hmac384,
+            // Hmac-512/384 Engine
+            hmac: &mut env.hmac,
 
             /// Cryptographically Secure Random Number Generator
             trng: &mut env.trng,

runtime/src/hmac.rs

@@ -45,7 +45,7 @@ fn ecc384_key_gen(
     priv_key: KeyId,
 ) -> CaliptraResult<Ecc384KeyPair> {
     hmac_kdf(
-        &mut drivers.hmac384,
+        &mut drivers.hmac,
         KeyReadArgs::new(input).into(),
         label,
         None,
@@ -93,7 +93,7 @@ impl Hmac {
     /// * `output` - KeyId which the output hash should be written to
     #[cfg_attr(not(feature = "no-cfi"), cfi_impl_fn)]
     pub fn hmac384_hash(drivers: &mut Drivers, input: KeyId, output: KeyId) -> CaliptraResult<()> {
-        drivers.hmac384.hmac(
+        drivers.hmac.hmac(
             &KeyReadArgs::new(input).into(),
             &HmacData::Slice(&[]),
             &mut drivers.trng,
@@ -150,7 +150,7 @@ impl Hmac {
             hasher.finalize(&mut pubkey_digest)?;
 
             let mut hmac_output = Array4x12::default();
-            drivers.hmac384.hmac(
+            drivers.hmac.hmac(
                 &HmacKey::Array4x12(&pubkey_digest),
                 &HmacData::Slice(data),
                 &mut drivers.trng,

runtime/src/invoke_dpe.rs

@@ -55,7 +55,7 @@ impl InvokeDpeCmd {
                 &mut drivers.sha384,
                 &mut drivers.trng,
                 &mut drivers.ecc384,
-                &mut drivers.hmac384,
+                &mut drivers.hmac,
                 &mut drivers.key_vault,
                 &mut pdata.fht.rt_dice_pub_key,
                 key_id_rt_cdi,

runtime/src/stash_measurement.rs

@@ -57,7 +57,7 @@ impl StashMeasurementCmd {
                 &mut drivers.sha384,
                 &mut drivers.trng,
                 &mut drivers.ecc384,
-                &mut drivers.hmac384,
+                &mut drivers.hmac,
                 &mut drivers.key_vault,
                 &mut pdata.fht.rt_dice_pub_key,
                 key_id_rt_cdi,

sw-emulator/lib/periph/src/hmac.rs

@@ -641,12 +641,6 @@ impl HmacSha {
     fn tag_write_complete(&mut self) {
         let key_id = self.tag_write_ctrl.reg.read(TagWriteControl::KEY_ID);
 
-        // let temp = &self.tag.as_bytes()[..self.key_len() * 4];
-        // println!("EMU: HMAC Tag: ");
-        // for i in 0..temp.len() {
-        //     print!("{:x}, ", temp[i]);
-        // }
-        // println!();
         // Store the tag in the key-vault.
         // Tag is in big-endian format and is stored in the same format.
         let tag_write_result = match self