adding valid wires to obf uds and field entropy

src/integration/rtl/caliptra_top.sv

@@ -36,7 +36,9 @@ module caliptra_top
 
     input logic [255:0]                              cptra_obf_key,
     input logic [`CLP_CSR_HMAC_KEY_DWORDS-1:0][31:0] cptra_csr_hmac_key,    
+    input logic                                      cptra_obf_field_entropy_vld,
     input logic [`CLP_OBF_FE_DWORDS-1 :0][31:0]      cptra_obf_field_entropy,
+    input logic                                      cptra_obf_uds_seed_vld,
     input logic [`CLP_OBF_UDS_DWORDS-1:0][31:0]      cptra_obf_uds_seed,
 
 
@@ -1297,8 +1299,10 @@ soc_ifc_top1
     .scan_mode(scan_mode),
     .cptra_obf_key(cptra_obf_key),
     .cptra_obf_key_reg(cptra_obf_key_reg),
+    .cptra_obf_field_entropy_vld(cptra_obf_field_entropy_vld),
     .cptra_obf_field_entropy(cptra_obf_field_entropy),
     .obf_field_entropy(obf_field_entropy),
+    .cptra_obf_uds_seed_vld(cptra_obf_uds_seed_vld),
     .cptra_obf_uds_seed(cptra_obf_uds_seed),
     .obf_uds_seed(obf_uds_seed),
 

src/integration/tb/caliptra_top_tb.sv

@@ -198,8 +198,10 @@ caliptra_top caliptra_top_dut (
     .clk                        (core_clk),
 
     .cptra_obf_key              (cptra_obf_key),
-    .cptra_obf_uds_seed         ('0),
-    .cptra_obf_field_entropy    ('0),
+    .cptra_obf_uds_seed_vld     ('0), //TODO
+    .cptra_obf_uds_seed         ('0), //TODO
+    .cptra_obf_field_entropy_vld('0), //TODO
+    .cptra_obf_field_entropy    ('0), //TODO
     .cptra_csr_hmac_key         (cptra_csr_hmac_key),
 
     .jtag_tck(jtag_tck),

src/soc_ifc/rtl/soc_ifc_fuse_reg.rdl

@@ -16,7 +16,7 @@
 // FUSE Registers
 // All fuses persist across caliptra reset. Locked by Fuse WR done. "Read/Write Lock - Sticky" => RWL-S
 
-field secret {sw = w1; hw = rw; wel; swwel; hwclr; resetsignal = cptra_pwrgood;};
+field secret {sw = w1; hw = rw; we; swwel; hwclr; resetsignal = cptra_pwrgood;};
 field key    {sw = w; swwe; hw = rw; wel; hwclr;};
 field Fuse   {sw = rw; hw = r; swwel; resetsignal = cptra_pwrgood;};
 

src/soc_ifc/rtl/soc_ifc_reg.sv

@@ -3557,7 +3557,7 @@ module soc_ifc_reg (
             if(decoded_reg_strb.fuse_uds_seed[i0] && decoded_req_is_wr && !(hwif_in.fuse_uds_seed[i0].seed.swwel)) begin // SW write
                 next_c = (field_storage.fuse_uds_seed[i0].seed.value & ~decoded_wr_biten[31:0]) | (decoded_wr_data[31:0] & decoded_wr_biten[31:0]);
                 load_next_c = '1;
-            end else if(!hwif_in.fuse_uds_seed[i0].seed.wel) begin // HW Write - wel
+            end else if(hwif_in.fuse_uds_seed[i0].seed.we) begin // HW Write - we
                 next_c = hwif_in.fuse_uds_seed[i0].seed.next;
                 load_next_c = '1;
             end else if(hwif_in.fuse_uds_seed[i0].seed.hwclr) begin // HW Clear
@@ -3586,7 +3586,7 @@ module soc_ifc_reg (
             if(decoded_reg_strb.fuse_field_entropy[i0] && decoded_req_is_wr && !(hwif_in.fuse_field_entropy[i0].seed.swwel)) begin // SW write
                 next_c = (field_storage.fuse_field_entropy[i0].seed.value & ~decoded_wr_biten[31:0]) | (decoded_wr_data[31:0] & decoded_wr_biten[31:0]);
                 load_next_c = '1;
-            end else if(!hwif_in.fuse_field_entropy[i0].seed.wel) begin // HW Write - wel
+            end else if(hwif_in.fuse_field_entropy[i0].seed.we) begin // HW Write - we
                 next_c = hwif_in.fuse_field_entropy[i0].seed.next;
                 load_next_c = '1;
             end else if(hwif_in.fuse_field_entropy[i0].seed.hwclr) begin // HW Clear

src/soc_ifc/rtl/soc_ifc_reg_pkg.sv

@@ -278,7 +278,7 @@ package soc_ifc_reg_pkg;
 
     typedef struct packed{
         logic [31:0] next;
-        logic wel;
+        logic we;
         logic swwel;
         logic hwclr;
     } soc_ifc_reg__secret_w32__in_t;

src/soc_ifc/rtl/soc_ifc_top.sv

@@ -104,8 +104,10 @@ module soc_ifc_top
     input  logic scan_mode,
     input  logic [`CLP_OBF_KEY_DWORDS-1:0][31:0] cptra_obf_key,
     output logic [`CLP_OBF_KEY_DWORDS-1:0][31:0] cptra_obf_key_reg,
+    input  logic                                 cptra_obf_field_entropy_vld,
     input  logic [`CLP_OBF_FE_DWORDS-1 :0][31:0] cptra_obf_field_entropy,
     output logic [`CLP_OBF_FE_DWORDS-1 :0][31:0] obf_field_entropy,
+    input  logic                                 cptra_obf_uds_seed_vld,
     input  logic [`CLP_OBF_UDS_DWORDS-1:0][31:0] cptra_obf_uds_seed,
     output logic [`CLP_OBF_UDS_DWORDS-1:0][31:0] obf_uds_seed,
 
@@ -492,13 +494,17 @@ always_comb begin
     end
     for (int i = 0; i < `CLP_OBF_UDS_DWORDS; i++) begin
         soc_ifc_reg_hwif_in.fuse_uds_seed[i].seed.hwclr = clear_obf_secrets;
-        soc_ifc_reg_hwif_in.fuse_uds_seed[i].seed.wel = ~Warm_Reset_Capture_Flag || ~security_state.debug_locked || scan_mode_f;
+        //Sample immediately after we leave warm reset.
+        //Only if debug locked, not scan mode, and the fuse valid bit is set
+        soc_ifc_reg_hwif_in.fuse_uds_seed[i].seed.we = ~Warm_Reset_Capture_Flag && security_state.debug_locked && ~scan_mode_f && cptra_obf_uds_seed_vld;
         soc_ifc_reg_hwif_in.fuse_uds_seed[i].seed.next = cptra_obf_uds_seed[i];
         obf_uds_seed[i] = soc_ifc_reg_hwif_out.fuse_uds_seed[i].seed.value;
     end
     for (int i = 0; i < `CLP_OBF_FE_DWORDS; i++) begin
         soc_ifc_reg_hwif_in.fuse_field_entropy[i].seed.hwclr = clear_obf_secrets;
-        soc_ifc_reg_hwif_in.fuse_field_entropy[i].seed.wel = ~Warm_Reset_Capture_Flag || ~security_state.debug_locked || scan_mode_f;
+        //Sample immediately after we leave warm reset.
+        //Only if debug locked, not scan mode, and the fuse valid bit is set
+        soc_ifc_reg_hwif_in.fuse_field_entropy[i].seed.we = ~Warm_Reset_Capture_Flag && security_state.debug_locked && ~scan_mode_f && cptra_obf_field_entropy_vld;
         soc_ifc_reg_hwif_in.fuse_field_entropy[i].seed.next = cptra_obf_field_entropy[i];
         obf_field_entropy[i] = soc_ifc_reg_hwif_out.fuse_field_entropy[i].seed.value;
     end