[update] MLDSA support for Authorization Manifest

Author: mhatrevi

Cargo.lock

@@ -1238,7 +1238,7 @@ pub struct SetAuthManifestReq {
     pub manifest: [u8; SetAuthManifestReq::MAX_MAN_SIZE],
 }
 impl SetAuthManifestReq {
-    pub const MAX_MAN_SIZE: usize = 17 * 1024;
+    pub const MAX_MAN_SIZE: usize = 34 * 1024;
 
     pub fn as_bytes_partial(&self) -> CaliptraResult<&[u8]> {
         if self.manifest_size as usize > Self::MAX_MAN_SIZE {

api/src/mailbox.rs

@@ -5,24 +5,32 @@ ecc_pub_key = "vnd-pub-key-3.pem"
 ecc_priv_key = "vnd-priv-key-3.pem"
 lms_pub_key = "vnd-lms-pub-key-3.pem"
 lms_priv_key = "vnd-lms-priv-key-3.pem"
+mldsa_pub_key = "vnd-mldsa-pub-key-3.bin"
+mldsa_priv_key = "vnd-mldsa-priv-key-3.bin"
 
 [vendor_man_key_config]
 ecc_pub_key = "vnd-pub-key-3.pem"
 ecc_priv_key = "vnd-priv-key-3.pem"
 lms_pub_key = "vnd-lms-pub-key-3.pem"
 lms_priv_key = "vnd-lms-priv-key-3.pem"
+mldsa_pub_key = "vnd-mldsa-pub-key-3.bin"
+mldsa_priv_key = "vnd-mldsa-priv-key-3.bin"
 
 [owner_fw_key_config]
 ecc_pub_key = "own-pub-key.pem"
 ecc_priv_key = "own-priv-key.pem"
 lms_pub_key = "own-lms-pub-key.pem"
 lms_priv_key = "own-lms-priv-key.pem"
+mldsa_pub_key = "own-mldsa-pub-key.bin"
+mldsa_priv_key = "own-mldsa-priv-key.bin"
 
 [owner_man_key_config]
 ecc_pub_key = "own-pub-key.pem"
 ecc_priv_key = "own-priv-key.pem"
 lms_pub_key = "own-lms-pub-key.pem"
 lms_priv_key = "own-lms-priv-key.pem"
+mldsa_pub_key = "own-mldsa-pub-key.bin"
+mldsa_priv_key = "own-mldsa-priv-key.bin"
 
 [[image_metadata_list]]
 digest = "C120EED0004B4CF6C344B00F5F501E7B7167C7010B6EA1D36AEE20CC90F1AE373DF1EC91C9AD9E0A5A969326A54E2517"

auth-manifest/app/src/auth-man.toml

@@ -14,8 +14,10 @@ Abstract:
 
 use anyhow::Context;
 use caliptra_auth_man_gen::AuthManifestGeneratorKeyConfig;
-use caliptra_auth_man_types::{Addr64, AuthManifestImageMetadata, AuthManifestPrivKeys};
-use caliptra_auth_man_types::{AuthManifestPubKeys, ImageMetadataFlags};
+use caliptra_auth_man_types::ImageMetadataFlags;
+use caliptra_auth_man_types::{
+    Addr64, AuthManifestImageMetadata, AuthManifestPrivKeysConfig, AuthManifestPubKeysConfig,
+};
 #[cfg(feature = "openssl")]
 use caliptra_image_crypto::OsslCrypto as Crypto;
 #[cfg(feature = "rustcrypto")]
@@ -35,6 +37,10 @@ pub(crate) struct AuthManifestKeyConfigFromFile {
     pub lms_pub_key: String,
 
     pub lms_priv_key: Option<String>,
+
+    pub mldsa_pub_key: String,
+
+    pub mldsa_priv_key: Option<String>,
 }
 
 #[derive(Serialize, Deserialize)]
@@ -81,7 +87,7 @@ fn key_config_from_file(
     config: &AuthManifestKeyConfigFromFile,
 ) -> anyhow::Result<AuthManifestGeneratorKeyConfig> {
     // Get the Private Keys.
-    let mut priv_keys = AuthManifestPrivKeys::default();
+    let mut priv_keys = AuthManifestPrivKeysConfig::default();
     if let Some(pem_file) = &config.ecc_priv_key {
         let priv_key_path = path.join(pem_file);
         priv_keys.ecc_priv_key = Crypto::ecc_priv_key_from_pem(&priv_key_path)?;
@@ -93,9 +99,10 @@ fn key_config_from_file(
     }
 
     Ok(AuthManifestGeneratorKeyConfig {
-        pub_keys: AuthManifestPubKeys {
+        pub_keys: AuthManifestPubKeysConfig {
             ecc_pub_key: Crypto::ecc_pub_key_from_pem(&path.join(&config.ecc_pub_key))?,
             lms_pub_key: lms_pub_key_from_pem(&path.join(&config.lms_pub_key))?,
+            mldsa_pub_key: Crypto::mldsa_pub_key_from_file(&path.join(&config.mldsa_pub_key))?,
         },
 
         priv_keys: Some(priv_keys),

auth-manifest/app/src/config.rs

@@ -19,6 +19,7 @@ use caliptra_auth_man_types::AuthManifestFlags;
 use caliptra_image_crypto::OsslCrypto as Crypto;
 #[cfg(feature = "rustcrypto")]
 use caliptra_image_crypto::RustCrypto as Crypto;
+use caliptra_image_types::FwVerificationPqcKeyType;
 use clap::ArgMatches;
 use clap::{arg, value_parser, Command};
 use std::io::Write;
@@ -82,6 +83,15 @@ pub(crate) fn run_auth_man_cmd(args: &ArgMatches) -> anyhow::Result<()> {
             .with_context(|| "flags arg not specified")?,
     );
 
+    let pqc_key_type: &u32 = args
+        .get_one::<u32>("pqc-key-type")
+        .with_context(|| "Type of PQC key validation: 1: MLDSA; 3: LMS")?;
+    let pqc_key_type = match *pqc_key_type {
+        1 => FwVerificationPqcKeyType::MLDSA,
+        3 => FwVerificationPqcKeyType::LMS,
+        _ => return Err(anyhow::anyhow!("Invalid PQC key type")),
+    };
+
     let config_path: &PathBuf = args
         .get_one::<PathBuf>("config")
         .with_context(|| "config arg not specified")?;
@@ -109,6 +119,7 @@ pub(crate) fn run_auth_man_cmd(args: &ArgMatches) -> anyhow::Result<()> {
     let gen_config = AuthManifestGeneratorConfig {
         version: *version,
         flags,
+        pqc_key_type,
         vendor_man_key_info: config::vendor_config_from_file(
             key_dir,
             &config.vendor_man_key_config,

auth-manifest/app/src/main.rs

@@ -16,4 +16,5 @@ caliptra-image-gen.workspace = true
 caliptra-auth-man-types = { workspace = true, features = ["std"] }
 caliptra-lms-types.workspace = true
 memoffset.workspace = true
-zerocopy.workspace = true
+zerocopy.workspace = true
+fips204.workspace = true

auth-manifest/gen/Cargo.toml

@@ -13,6 +13,12 @@ Abstract:
 --*/
 
 use caliptra_image_gen::ImageGeneratorCrypto;
+use caliptra_image_types::{
+    ImageDigest512, ImageMldsaPrivKey, ImageMldsaSignature, MLDSA87_MSG_BYTE_SIZE,
+    MLDSA87_PRIV_KEY_BYTE_SIZE,
+};
+use fips204::ml_dsa_87::{PrivateKey, SIG_LEN};
+use fips204::traits::{SerDes, Signer};
 use zerocopy::IntoBytes;
 
 use crate::*;
@@ -56,7 +62,21 @@ impl<Crypto: ImageGeneratorCrypto> AuthManifestGenerator<Crypto> {
         auth_manifest.preamble.flags = config.flags.bits();
 
         // Sign the vendor manifest public keys.
-        auth_manifest.preamble.vendor_pub_keys = config.vendor_man_key_info.pub_keys;
+        auth_manifest.preamble.vendor_pub_keys.ecc_pub_key =
+            config.vendor_man_key_info.pub_keys.ecc_pub_key;
+        let pqc_pub_key = match config.pqc_key_type {
+            FwVerificationPqcKeyType::LMS => {
+                config.vendor_man_key_info.pub_keys.lms_pub_key.as_bytes()
+            }
+            FwVerificationPqcKeyType::MLDSA => config
+                .vendor_man_key_info
+                .pub_keys
+                .mldsa_pub_key
+                .0
+                .as_bytes(),
+        };
+        auth_manifest.preamble.vendor_pub_keys.pqc_pub_key.0[..pqc_pub_key.len()]
+            .copy_from_slice(pqc_pub_key);
 
         let range = AuthManifestPreamble::vendor_signed_data_range();
 
@@ -70,25 +90,53 @@ impl<Crypto: ImageGeneratorCrypto> AuthManifestGenerator<Crypto> {
                 "Failed to get vendor signed data range length"
             ))?;
 
-        let digest = self.crypto.sha384_digest(data)?;
+        let digest_sha384 = self.crypto.sha384_digest(data)?;
+        let digest_sha512 = if config.pqc_key_type == FwVerificationPqcKeyType::MLDSA {
+            let digest = self.crypto.sha512_digest(data)?;
+            Some(digest)
+        } else {
+            None
+        };
 
         if let Some(priv_keys) = config.vendor_fw_key_info.priv_keys {
             let sig = self.crypto.ecdsa384_sign(
-                &digest,
+                &digest_sha384,
                 &priv_keys.ecc_priv_key,
                 &config.vendor_fw_key_info.pub_keys.ecc_pub_key,
             )?;
             auth_manifest.preamble.vendor_pub_keys_signatures.ecc_sig = sig;
 
-            let lms_sig = self.crypto.lms_sign(&digest, &priv_keys.lms_priv_key)?;
-            auth_manifest.preamble.vendor_pub_keys_signatures.lms_sig = lms_sig;
+            if config.pqc_key_type == FwVerificationPqcKeyType::LMS {
+                let lms_sig = self
+                    .crypto
+                    .lms_sign(&digest_sha384, &priv_keys.lms_priv_key)?;
+                let sig = lms_sig.as_bytes();
+                auth_manifest.preamble.vendor_pub_keys_signatures.pqc_sig.0[..sig.len()]
+                    .copy_from_slice(sig);
+            } else {
+                let mldsa_sig =
+                    self.mldsa_sign(&digest_sha512.unwrap(), &priv_keys.mldsa_priv_key)?;
+
+                let sig = mldsa_sig.as_bytes();
+                auth_manifest.preamble.vendor_pub_keys_signatures.pqc_sig.0[..sig.len()]
+                    .copy_from_slice(sig);
+            }
         }
 
         // Sign the owner manifest public keys.
         if let (Some(owner_fw_config), Some(owner_man_config)) =
             (&config.owner_fw_key_info, &config.owner_man_key_info)
         {
-            auth_manifest.preamble.owner_pub_keys = owner_man_config.pub_keys;
+            auth_manifest.preamble.owner_pub_keys.ecc_pub_key =
+                owner_man_config.pub_keys.ecc_pub_key;
+            let pqc_pub_key = match config.pqc_key_type {
+                FwVerificationPqcKeyType::LMS => owner_man_config.pub_keys.lms_pub_key.as_bytes(),
+                FwVerificationPqcKeyType::MLDSA => {
+                    owner_man_config.pub_keys.mldsa_pub_key.0.as_bytes()
+                }
+            };
+            auth_manifest.preamble.owner_pub_keys.pqc_pub_key.0[..pqc_pub_key.len()]
+                .copy_from_slice(pqc_pub_key);
 
             let digest = self
                 .crypto
@@ -101,10 +149,24 @@ impl<Crypto: ImageGeneratorCrypto> AuthManifestGenerator<Crypto> {
                     &owner_fw_config.pub_keys.ecc_pub_key,
                 )?;
                 auth_manifest.preamble.owner_pub_keys_signatures.ecc_sig = sig;
-                let lms_sig = self
-                    .crypto
-                    .lms_sign(&digest, &owner_fw_priv_keys.lms_priv_key)?;
-                auth_manifest.preamble.owner_pub_keys_signatures.lms_sig = lms_sig;
+
+                if config.pqc_key_type == FwVerificationPqcKeyType::LMS {
+                    let lms_sig = self
+                        .crypto
+                        .lms_sign(&digest, &owner_fw_priv_keys.lms_priv_key)?;
+                    let sig = lms_sig.as_bytes();
+                    auth_manifest.preamble.owner_pub_keys_signatures.pqc_sig.0[..sig.len()]
+                        .copy_from_slice(sig);
+                } else {
+                    let digest = self
+                        .crypto
+                        .sha512_digest(auth_manifest.preamble.owner_pub_keys.as_bytes())?;
+
+                    let mldsa_sig = self.mldsa_sign(&digest, &owner_fw_priv_keys.mldsa_priv_key)?;
+                    let sig = mldsa_sig.as_bytes();
+                    auth_manifest.preamble.owner_pub_keys_signatures.pqc_sig.0[..sig.len()]
+                        .copy_from_slice(sig);
+                }
             }
         }
 
@@ -129,13 +191,32 @@ impl<Crypto: ImageGeneratorCrypto> AuthManifestGenerator<Crypto> {
                     .vendor_image_metdata_signatures
                     .ecc_sig = sig;
 
-                let lms_sig = self
-                    .crypto
-                    .lms_sign(&digest, &vendor_man_priv_keys.lms_priv_key)?;
-                auth_manifest
-                    .preamble
-                    .vendor_image_metdata_signatures
-                    .lms_sig = lms_sig;
+                if config.pqc_key_type == FwVerificationPqcKeyType::LMS {
+                    let lms_sig = self
+                        .crypto
+                        .lms_sign(&digest, &vendor_man_priv_keys.lms_priv_key)?;
+                    let sig = lms_sig.as_bytes();
+                    auth_manifest
+                        .preamble
+                        .vendor_image_metdata_signatures
+                        .pqc_sig
+                        .0[..sig.len()]
+                        .copy_from_slice(sig);
+                } else {
+                    let digest = self
+                        .crypto
+                        .sha512_digest(auth_manifest.image_metadata_col.as_bytes())?;
+
+                    let mldsa_sig =
+                        self.mldsa_sign(&digest, &vendor_man_priv_keys.mldsa_priv_key)?;
+                    let sig = mldsa_sig.as_bytes();
+                    auth_manifest
+                        .preamble
+                        .vendor_image_metdata_signatures
+                        .pqc_sig
+                        .0[..sig.len()]
+                        .copy_from_slice(sig);
+                }
             }
         }
 
@@ -152,16 +233,75 @@ impl<Crypto: ImageGeneratorCrypto> AuthManifestGenerator<Crypto> {
                     .owner_image_metdata_signatures
                     .ecc_sig = sig;
 
-                let lms_sig = self
-                    .crypto
-                    .lms_sign(&digest, &owner_man_priv_keys.lms_priv_key)?;
-                auth_manifest
-                    .preamble
-                    .owner_image_metdata_signatures
-                    .lms_sig = lms_sig;
+                if config.pqc_key_type == FwVerificationPqcKeyType::LMS {
+                    let lms_sig = self
+                        .crypto
+                        .lms_sign(&digest, &owner_man_priv_keys.lms_priv_key)?;
+
+                    let sig = lms_sig.as_bytes();
+                    auth_manifest
+                        .preamble
+                        .owner_image_metdata_signatures
+                        .pqc_sig
+                        .0[..sig.len()]
+                        .copy_from_slice(sig);
+                } else {
+                    let digest = self
+                        .crypto
+                        .sha512_digest(auth_manifest.image_metadata_col.as_bytes())?;
+
+                    let mldsa_sig =
+                        self.mldsa_sign(&digest, &owner_man_priv_keys.mldsa_priv_key)?;
+                    let sig = mldsa_sig.as_bytes();
+                    auth_manifest
+                        .preamble
+                        .owner_image_metdata_signatures
+                        .pqc_sig
+                        .0[..sig.len()]
+                        .copy_from_slice(sig);
+                }
             }
         }
 
         Ok(auth_manifest)
     }
+
+    // [TODO][CAP2] Make this a common function in the crypto library.
+    fn mldsa_sign(
+        &self,
+        digest: &ImageDigest512,
+        priv_key: &ImageMldsaPrivKey,
+    ) -> anyhow::Result<ImageMldsaSignature> {
+        // Private key is received in hw format which is also the library format.
+        // Unlike ECC, no reversal of the DWORD endianess needed.
+        let priv_key_bytes: [u8; MLDSA87_PRIV_KEY_BYTE_SIZE] = priv_key
+            .0
+            .as_bytes()
+            .try_into()
+            .map_err(|_| anyhow::anyhow!("Invalid private key size"))?;
+        let priv_key = { PrivateKey::try_from_bytes(priv_key_bytes).unwrap() };
+
+        // Digest is received in hw format. Since the library and hardware format are the same, no endianess conversion needed.
+        let digest: [u8; MLDSA87_MSG_BYTE_SIZE] = digest
+            .as_bytes()
+            .try_into()
+            .map_err(|_| anyhow::anyhow!("Invalid digest size"))?;
+
+        let signature = priv_key
+            .try_sign_with_seed(&[0u8; 32], &digest, &[])
+            .unwrap();
+        let signature_extended = {
+            let mut sig = [0u8; SIG_LEN + 1];
+            sig[..SIG_LEN].copy_from_slice(&signature);
+            sig
+        };
+
+        // Return the signature in hw format (which is also the library format)
+        // Unlike ECC, no reversal of the DWORD endianess needed.
+        let mut sig: ImageMldsaSignature = ImageMldsaSignature::default();
+        for (i, chunk) in signature_extended.chunks(4).enumerate() {
+            sig.0[i] = u32::from_le_bytes(chunk.try_into().unwrap());
+        }
+        Ok(sig)
+    }
 }