Skip to content

Commit

Permalink
[perso] fix bug in SHA256 measurement computation
Browse files Browse the repository at this point in the history
A SHA256 measurement of the owner FW and owner configuration block had
not been completed before using the measurement.

Signed-off-by: Tim Trippel <[email protected]>
  • Loading branch information
timothytrippel committed Nov 8, 2024
1 parent 993188b commit c0945f9
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions sw/device/silicon_creator/manuf/base/ft_personalize.c
Original file line number Diff line number Diff line change
Expand Up @@ -311,6 +311,8 @@ static void compute_keymgr_owner_binding(manuf_certgen_inputs_t *inputs) {
kDiceMeasurementSizeInBytes);
hmac_sha256_update((unsigned char *)inputs->owner_manifest_measurement,
kDiceMeasurementSizeInBytes);
hmac_sha256_process();
hmac_sha256_final(&combined_measurements);
memcpy(attestation_binding_value.data, combined_measurements.digest,
kDiceMeasurementSizeInBytes);
memset(sealing_binding_value.data, 0, kDiceMeasurementSizeInBytes);
Expand Down

0 comments on commit c0945f9

Please sign in to comment.