mldsa pcr signing (#670)

* added pcr_mldsa_key to KV

* updated pcr signing hash with SHA512 mode

* updated ECC pcr smoke tests for SHA512

* added mldsa pcr injection to services_tb

* re-enabled mldsa smoke tests

* updated test vector

* updated reg files

* wait for mldsa zeroize

* fixed typo

* updated pv_sign_and_hash smoke test for mldsa

* fixed offset rollover bug

* updated mldsa submodule to include pcr

* MICROSOFT AUTOMATED PIPELINE: Stamp 'mojtaba-mldsa-pcr' with updated timestamp and hash after successful run

* reduced PCR bus based on requried key size

* fixed port mismatch

* MICROSOFT AUTOMATED PIPELINE: Stamp 'mojtaba-mldsa-pcr' with updated timestamp and hash after successful run

---------

Co-authored-by: Caleb Whitehead <[email protected]>

.github/workflow_metadata/pr_hash

@@ -1 +1 @@
-c8e06113e37e54e9876411db9113dde467573ddcdfa04c21e4aabed77398465566c22fc6db80017342843e5b55280e45
+7c0a50d75a42e1d849cc58053c0ab8a1be77e4cabd7a0b7003cd2b349fd5302ee61b6421fc89b916c5829d4d04c6f513

.github/workflow_metadata/pr_timestamp

@@ -1 +1 @@
-1734986966
+1736184745

src/ecc/formal/properties/fv_ecc_dsa_ctrl.sv

@@ -693,7 +693,7 @@ module fv_ecc_dsa_ctrl_m
             hwif_out.ECC_CTRL.PCR_SIGN.value 
             |->
             hwif_in.ECC_MSG[word].MSG.we == !(fv_zeroize) &&
-            hwif_in.ECC_PRIVKEY_IN[word].PRIVKEY_IN.next == pcr_signing_data.pcr_signing_privkey[word] &&
+            hwif_in.ECC_PRIVKEY_IN[word].PRIVKEY_IN.next == pcr_signing_data.pcr_ecc_signing_privkey[word] &&
             hwif_in.ECC_PRIVKEY_IN[word].PRIVKEY_IN.we == !(fv_zeroize)
             ;
         endproperty

src/ecc/rtl/ecc_dsa_ctrl.sv

@@ -357,7 +357,7 @@ module ecc_dsa_ctrl
             //don't store the private key generated in sw accessible register if it's going to keyvault
             privkey_reg[dword] = hwif_out.ECC_PRIVKEY_IN[11-dword].PRIVKEY_IN.value;
             hwif_in.ECC_PRIVKEY_IN[dword].PRIVKEY_IN.we = (pcr_sign_mode | (kv_privkey_write_en & (kv_privkey_write_offset == dword))) & !zeroize_reg;
-            hwif_in.ECC_PRIVKEY_IN[dword].PRIVKEY_IN.next = pcr_sign_mode       ? pcr_signing_data.pcr_signing_privkey[dword] : 
+            hwif_in.ECC_PRIVKEY_IN[dword].PRIVKEY_IN.next = pcr_sign_mode       ? pcr_signing_data.pcr_ecc_signing_privkey[dword] : 
                                                             kv_privkey_write_en ? kv_privkey_write_data : 
                                                                                   read_reg[11-dword];
             hwif_in.ECC_PRIVKEY_IN[dword].PRIVKEY_IN.hwclr = zeroize_reg | kv_key_data_present_reset | (kv_privkey_error == KV_READ_FAIL);

src/integration/rtl/caliptra_reg.h

@@ -4272,6 +4272,14 @@
 #define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_10                                                    (0x660)
 #define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_11                                                (0x10020664)
 #define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_11                                                    (0x664)
+#define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_12                                                (0x10020668)
+#define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_12                                                    (0x668)
+#define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_13                                                (0x1002066c)
+#define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_13                                                    (0x66c)
+#define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_14                                                (0x10020670)
+#define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_14                                                    (0x670)
+#define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_15                                                (0x10020674)
+#define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_15                                                    (0x674)
 #define CLP_SHA512_REG_INTR_BLOCK_RF_START                                                          (0x10020800)
 #define CLP_SHA512_REG_INTR_BLOCK_RF_GLOBAL_INTR_EN_R                                               (0x10020800)
 #define SHA512_REG_INTR_BLOCK_RF_GLOBAL_INTR_EN_R                                                   (0x800)
@@ -4542,6 +4550,8 @@
 #define MLDSA_REG_MLDSA_CTRL_CTRL_MASK                                                              (0x7)
 #define MLDSA_REG_MLDSA_CTRL_ZEROIZE_LOW                                                            (3)
 #define MLDSA_REG_MLDSA_CTRL_ZEROIZE_MASK                                                           (0x8)
+#define MLDSA_REG_MLDSA_CTRL_PCR_SIGN_LOW                                                           (4)
+#define MLDSA_REG_MLDSA_CTRL_PCR_SIGN_MASK                                                          (0x10)
 #define CLP_MLDSA_REG_MLDSA_STATUS                                                                  (0x10030014)
 #define MLDSA_REG_MLDSA_STATUS                                                                      (0x14)
 #define MLDSA_REG_MLDSA_STATUS_READY_LOW                                                            (0)

src/integration/rtl/caliptra_reg_defines.svh

@@ -4272,6 +4272,14 @@
 `define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_10                                                    (32'h660)
 `define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_11                                                (32'h10020664)
 `define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_11                                                    (32'h664)
+`define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_12                                                (32'h10020668)
+`define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_12                                                    (32'h668)
+`define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_13                                                (32'h1002066c)
+`define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_13                                                    (32'h66c)
+`define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_14                                                (32'h10020670)
+`define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_14                                                    (32'h670)
+`define CLP_SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_15                                                (32'h10020674)
+`define SHA512_REG_SHA512_GEN_PCR_HASH_DIGEST_15                                                    (32'h674)
 `define CLP_SHA512_REG_INTR_BLOCK_RF_START                                                          (32'h10020800)
 `define CLP_SHA512_REG_INTR_BLOCK_RF_GLOBAL_INTR_EN_R                                               (32'h10020800)
 `define SHA512_REG_INTR_BLOCK_RF_GLOBAL_INTR_EN_R                                                   (32'h800)
@@ -4542,6 +4550,8 @@
 `define MLDSA_REG_MLDSA_CTRL_CTRL_MASK                                                              (32'h7)
 `define MLDSA_REG_MLDSA_CTRL_ZEROIZE_LOW                                                            (3)
 `define MLDSA_REG_MLDSA_CTRL_ZEROIZE_MASK                                                           (32'h8)
+`define MLDSA_REG_MLDSA_CTRL_PCR_SIGN_LOW                                                           (4)
+`define MLDSA_REG_MLDSA_CTRL_PCR_SIGN_MASK                                                          (32'h10)
 `define CLP_MLDSA_REG_MLDSA_STATUS                                                                  (32'h10030014)
 `define MLDSA_REG_MLDSA_STATUS                                                                      (32'h14)
 `define MLDSA_REG_MLDSA_STATUS_READY_LOW                                                            (0)

src/integration/rtl/caliptra_top.sv

@@ -973,23 +973,24 @@ mldsa_top #(
     .AHB_DATA_WIDTH(`CALIPTRA_AHB_HDATA_SIZE),
     .AHB_ADDR_WIDTH(`CALIPTRA_SLAVE_ADDR_WIDTH(`CALIPTRA_SLAVE_SEL_MLDSA))
 ) mldsa (
-     .clk           (clk_cg),
-     .rst_b         (cptra_noncore_rst_b),
+     .clk               (clk_cg),
+     .rst_b             (cptra_noncore_rst_b),
      //TODO: pwrgood
-     .haddr_i       (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].haddr[`CALIPTRA_SLAVE_ADDR_WIDTH(`CALIPTRA_SLAVE_SEL_MLDSA)-1:0]),
-     .hwdata_i      (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hwdata),
-     .hsel_i        (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hsel),
-     .hwrite_i      (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hwrite),
-     .hready_i      (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hready),
-     .htrans_i      (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].htrans),
-     .hsize_i       (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hsize),
-     .hresp_o       (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hresp),
-     .hreadyout_o   (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hreadyout),
-     .hrdata_o      (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hrdata),
-     .kv_read       (kv_read[2]),
-     .kv_rd_resp    (kv_rd_resp[2]),
-     .error_intr    (mldsa_error_intr),
-     .notif_intr    (mldsa_notif_intr)
+     .haddr_i           (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].haddr[`CALIPTRA_SLAVE_ADDR_WIDTH(`CALIPTRA_SLAVE_SEL_MLDSA)-1:0]),
+     .hwdata_i          (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hwdata),
+     .hsel_i            (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hsel),
+     .hwrite_i          (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hwrite),
+     .hready_i          (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hready),
+     .htrans_i          (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].htrans),
+     .hsize_i           (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hsize),
+     .hresp_o           (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hresp),
+     .hreadyout_o       (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hreadyout),
+     .hrdata_o          (responder_inst[`CALIPTRA_SLAVE_SEL_MLDSA].hrdata),
+     .kv_read           (kv_read[2]),
+     .kv_rd_resp        (kv_rd_resp[2]),
+     .pcr_signing_data  (pcr_signing_data),
+     .error_intr        (mldsa_error_intr),
+     .notif_intr        (mldsa_notif_intr)
 );
 
 aes_clp_wrapper #(
@@ -1052,7 +1053,8 @@ key_vault1
     .kv_write             (kv_write),
     .kv_rd_resp           (kv_rd_resp),
     .kv_wr_resp           (kv_wr_resp),
-    .pcr_signing_key      (pcr_signing_data.pcr_signing_privkey)
+    .pcr_ecc_signing_key  (pcr_signing_data.pcr_ecc_signing_privkey),
+    .pcr_mldsa_signing_key  (pcr_signing_data.pcr_mldsa_signing_seed)
 );
 
 pv #(

src/integration/tb/caliptra_top_tb_services.sv

@@ -444,21 +444,29 @@ module caliptra_top_tb_services
                     //inject privkey value to key reg
                     else if((WriteData[7:0] == 8'h90) && mailbox_write) begin
                         inject_ecc_privkey <= 1'b1;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_SIGNING].dest_valid.we = 1'b1;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_SIGNING].dest_valid.next = 5'b1000;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_SIGNING].last_dword.we = 1'b1;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_SIGNING].last_dword.next = 'd11;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_SIGNING][dword_i].data.we = 1'b1;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_SIGNING][dword_i].data.next = ecc_privkey_tb[dword_i][31 : 0];
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_ECC_SIGNING].dest_valid.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_ECC_SIGNING].dest_valid.next = 5'b1000;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_ECC_SIGNING].last_dword.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_ECC_SIGNING].last_dword.next = 'd11;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_ECC_SIGNING][dword_i].data.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_ECC_SIGNING][dword_i].data.next = ecc_privkey_tb[dword_i][31 : 0];
+
+                        inject_mldsa_seed <= 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_MLDSA_SIGNING].dest_valid.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_MLDSA_SIGNING].dest_valid.next = 5'b100;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_MLDSA_SIGNING].last_dword.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_MLDSA_SIGNING].last_dword.next = 'd7;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_MLDSA_SIGNING][dword_i].data.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_MLDSA_SIGNING][dword_i].data.next = mldsa_seed_tb[dword_i][31 : 0];
                     end
                     else if((WriteData[7:0] == 8'h91) && mailbox_write) begin
                         inject_ecc_privkey <= 1'b1;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_SIGNING].dest_valid.we = 1'b1;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_SIGNING].dest_valid.next = 5'b1000;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_SIGNING].last_dword.we = 1'b1;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_SIGNING].last_dword.next = 'd11;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_SIGNING][dword_i].data.we = 1'b1;
-                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_SIGNING][dword_i].data.next = ecc_privkey_random[dword_i][31 : 0];
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_ECC_SIGNING].dest_valid.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_ECC_SIGNING].dest_valid.next = 5'b1000;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_ECC_SIGNING].last_dword.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_CTRL[KV_ENTRY_FOR_ECC_SIGNING].last_dword.next = 'd11;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_ECC_SIGNING][dword_i].data.we = 1'b1;
+                        force caliptra_top_dut.key_vault1.kv_reg_hwif_in.KEY_ENTRY[KV_ENTRY_FOR_ECC_SIGNING][dword_i].data.next = ecc_privkey_random[dword_i][31 : 0];
                     end
                     //inject valid hmac_key dest and zero hmac_key value to key reg
                     else if(((WriteData[7:0]) == 8'ha8) && mailbox_write) begin
@@ -1072,17 +1080,20 @@ endgenerate //IV_NO
         end
     endtask
 
-    logic [0:11][31:0]   ecc_msg_tb    = 384'hC8F518D4F3AA1BD46ED56C1C3C9E16FB800AF504DB98843548C5F623EE115F73D4C62ABC06D303B5D90D9A175087290D;
+    logic [0:15][31:0]   pcr_to_be_signed    = 512'h_C8F518D4F3AA1BD46ED56C1C3C9E16FB800AF504DB98843548C5F623EE115F73D4C62ABC06D303B5D90D9A175087290D_16e6009644e2a5f2c41fed22e703fb78;
+    logic [0:15][31:0]   ecc_random_msg;
+    always_comb ecc_random_msg = {ecc_test_vector.hashed_msg, 128'h00000000000000000000000000000000};
+
     generate 
-        for (genvar dword = 0; dword < 12; dword++) begin
+        for (genvar dword = 0; dword < 16; dword++) begin
             always@(posedge clk) begin
                 if((WriteData[7:0] == 8'h90) && mailbox_write) begin
                     force caliptra_top_dut.sha512.sha512_inst.pcr_sign_we = 1'b1;
-                    force caliptra_top_dut.sha512.sha512_inst.pcr_sign[dword] = ecc_msg_tb[11-dword][31 : 0];
+                    force caliptra_top_dut.sha512.sha512_inst.pcr_sign[dword] = pcr_to_be_signed[15-dword][31 : 0];
                 end
                 else if((WriteData[7:0] == 8'h91) && mailbox_write) begin
                     force caliptra_top_dut.sha512.sha512_inst.pcr_sign_we = 1'b1;
-                    force caliptra_top_dut.sha512.sha512_inst.pcr_sign[dword] = ecc_test_vector.hashed_msg[11-dword][31 : 0];
+                    force caliptra_top_dut.sha512.sha512_inst.pcr_sign[dword] = ecc_random_msg[15-dword][31 : 0];
                 end
                 else begin
                     release caliptra_top_dut.sha512.sha512_inst.pcr_sign_we;

src/integration/test_suites/libs/mldsa/mldsa.c

@@ -39,6 +39,11 @@ void wait_for_mldsa_intr(){
 void mldsa_zeroize(){
     printf("MLDSA zeroize flow.\n");
     lsu_write_32(CLP_MLDSA_REG_MLDSA_CTRL, (1 << MLDSA_REG_MLDSA_CTRL_ZEROIZE_LOW) & MLDSA_REG_MLDSA_CTRL_ZEROIZE_MASK);
+
+    // wait for MLDSA to be ready
+    printf("Waiting for mldsa status ready\n");
+    while((lsu_read_32(CLP_MLDSA_REG_MLDSA_STATUS) & MLDSA_REG_MLDSA_STATUS_READY_MASK) == 0);
+
 }
 
 

src/integration/test_suites/pv_hash_and_sign/caliptra_isr.h

@@ -236,7 +236,20 @@ inline void service_sha512_acc_notif_intr() {
 }
 
 inline void service_mldsa_error_intr() {return;}
-inline void service_mldsa_notif_intr() {return;}
+inline void service_mldsa_notif_intr() {
+    uint32_t * reg = (uint32_t *) (CLP_MLDSA_REG_INTR_BLOCK_RF_NOTIF_INTERNAL_INTR_R);
+    uint32_t sts = *reg;
+    /* Write 1 to Clear the pending interrupt */
+    if (sts & MLDSA_REG_INTR_BLOCK_RF_NOTIF_INTERNAL_INTR_R_NOTIF_CMD_DONE_STS_MASK) {
+        *reg = MLDSA_REG_INTR_BLOCK_RF_NOTIF_INTERNAL_INTR_R_NOTIF_CMD_DONE_STS_MASK;
+        cptra_intr_rcv.mldsa_notif |= MLDSA_REG_INTR_BLOCK_RF_NOTIF_INTERNAL_INTR_R_NOTIF_CMD_DONE_STS_MASK;
+    }
+    if (sts == 0) {
+        VPRINTF(ERROR,"bad mldsa_notif_intr sts:%x\n", sts);
+        SEND_STDOUT_CTRL(0x1);
+        while(1);
+    }
+}
 inline void service_axi_dma_error_intr() {return;}
 inline void service_axi_dma_notif_intr() {return;}