Skip to content

Security hardening: erase LDevID root keys before ROM→FMC handoff#3664

Draft
mhatrevi with Copilot wants to merge 2 commits into
mainfrom
copilot/security-hardening-key-clearing
Draft

Security hardening: erase LDevID root keys before ROM→FMC handoff#3664
mhatrevi with Copilot wants to merge 2 commits into
mainfrom
copilot/security-hardening-key-clearing

Conversation

Copilot AI commented Apr 27, 2026

Copy link
Copy Markdown

LDevID private keys (ECC and MLDSA) were left in the Key Vault when ROM handed control to FMC, exposing them to ROM glitch attacks where an attacker causes ROM to skip verification and jump to FMC with root keys still accessible.

Changes

  • rom/dev/src/main.rs — In launch_fmc(), erase KEY_ID_LDEVID_ECDSA_PRIV_KEY (KeyId5) and KEY_ID_LDEVID_MLDSA_KEYPAIR_SEED (KeyId4) from the Key Vault immediately before transferring control to FMC. Any erasure failure triggers a fatal error.
// Erase LDevID private keys before launching FMC.
// These root keys must not be accessible to FMC or later firmware stages,
// protecting against ROM glitch attacks.
if let Err(e) = env.key_vault.erase_key(KEY_ID_LDEVID_ECDSA_PRIV_KEY) {
    handle_fatal_error(e.into());
}
if let Err(e) = env.key_vault.erase_key(KEY_ID_LDEVID_MLDSA_KEYPAIR_SEED) {
    handle_fatal_error(e.into());
}

Notes

  • Erasure runs on all reset types (cold/warm/update). After the first cold boot the slots are already empty on subsequent boots, so the call is idempotent.
  • FMC→RT transition (FMC CDI KeyId6, ECC KeyId7, MLDSA KeyId8): the existing set_key_use_lock() approach is preserved. Erasing these keys before RT runs would break firmware update reset—FMC must re-sign the RT alias certificate on each update reset using the same cold-boot-derived keys, which are restored when the hardware clears USE_LOCK on reset. A proper erasure-based solution here requires ROM to re-derive FMC keys on update reset and is a separate effort.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/repos/benjamindoron/byteorder/commits/struct_aware-1.4.3
    • Triggering command: /home/REDACTED/.rustup/toolchains/1.85-x86_64-REDACTED-linux-gnu/bin/cargo /home/REDACTED/.rustup/toolchains/1.85-x86_64-REDACTED-linux-gnu/bin/cargo metadata --format-version 1 --all-features --manifest-path /home/REDACTED/work/caliptra-sw/caliptra-sw/image/verify/fuzz/Cargo.toml --filter-platform x86_64-REDACTED-linux-gnu --lockfile-path /tmp/rust-analyzerdd3e-6/Cargo.lock -Zunstable-options n/ru�� tests-085d826a63debuginfo=2 tests-085d826a63--cfg /debug/build/calfeature="arbitrary" /debug/build/calgit /debug/build/calrev-parse /debug/build/calHEAD /debug/build/calfeature="default" (http block)
    • Triggering command: /home/REDACTED/.rustup/toolchains/1.85-x86_64-REDACTED-linux-gnu/bin/cargo /home/REDACTED/.rustup/toolchains/1.85-x86_64-REDACTED-linux-gnu/bin/cargo check --quiet --workspace --message-format=json --manifest-path /home/REDACTED/work/caliptra-sw/caliptra-sw/image/verify/fuzz/Cargo.toml --target-dir /tmp/codeql-scratch-dcfb536374eacc37/dbs/rust/working/target --lockfile-path /tmp/rust-analyzerdd3e-8/Cargo.lock --all-features --keep-going -Zunstable-options /debug/deps/caliptra_fmc-6889d70/home/REDACTED/work/caliptra-sw/caliptra-sw/target/debug/deps/rom_- own-linux-gnu/bin/rustc /debug/deps/caligit /debug/deps/calirev-parse /debug/deps/caliHEAD own-linux-gnu/bin/rustc (http block)
    • Triggering command: /home/REDACTED/.rustup/toolchains/1.85-x86_64-REDACTED-linux-gnu/bin/cargo /home/REDACTED/.rustup/toolchains/1.85-x86_64-REDACTED-linux-gnu/bin/cargo metadata --format-version 1 --all-features --manifest-path /home/REDACTED/work/caliptra-sw/caliptra-sw/drivers/fuzz/Cargo.toml --filter-platform x86_64-REDACTED-linux-gnu --lockfile-path /tmp/rust-analyzerdd3e-2f/Cargo.lock -Zunstable-options rev-�� HEAD git ndor/bin/git HEAD inux-gnu /usr/bin/git git (http block)
  • https://api.github.com/repos/benjamindoron/zerocopy/commits/struct_aware-v0.6.3
    • Triggering command: REDACTED, pid is -1 (http block)

If you need me to access, download, or install something from one of these locations, you can either:

@linux-foundation-easycla

linux-foundation-easycla Bot commented Apr 27, 2026

Copy link
Copy Markdown

CLA Not Signed

Copilot AI changed the title [WIP] Implement key clearing for ROM to FMC and FMC to RT transitions Security hardening: erase LDevID root keys before ROM→FMC handoff Apr 27, 2026
Copilot AI requested a review from mhatrevi April 27, 2026 18:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Security hardening (2.2 Caliptra core ROM): Key Clearing & Handoff between ROM -> FMC -> RT

2 participants