[cert] correct hash sizes in cert templates

A SHA256 hash is 32 bytes, not 20. Signed-off-by: Tim Trippel <[email protected]>
lowRISC · Jan 23, 2024 · c4b6c2e · c4b6c2e
1 parent 0b11f09
commit c4b6c2e
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 11 deletions.
diff --git a/sw/device/silicon_creator/lib/cert/cdi_0.hjson b/sw/device/silicon_creator/lib/cert/cdi_0.hjson
@@ -28,15 +28,15 @@
             type: "byte-array",
             size: 20,
         },
-        // Hash of the ROM_EXT.
+        // Hash of the ROM_EXT (SHA256).
         rom_ext_hash: {
             type: "byte-array",
-            size: 20,
+            size: 32,
         },
-        // Hash of the ownership manifest.
+        // Hash of the ownership manifest (SHA256).
         ownership_manifest_hash: {
             type: "byte-array",
-            size: 20,
+            size: 32,
         },
         // ROM_EXT security version, used to prevent rollback.
         rom_ext_security_version: {

diff --git a/sw/device/silicon_creator/lib/cert/cdi_1.hjson b/sw/device/silicon_creator/lib/cert/cdi_1.hjson
@@ -28,10 +28,10 @@
             type: "byte-array",
             size: 20,
         },
-        // Hash of the owner stage firmware.
+        // Hash of the owner stage firmware (SHA256).
         owner_firmware_hash: {
             type: "byte-array",
-            size: 20,
+            size: 32,
         },
         // Owner security version, used to prevent rollback.
         owner_security_version: {

diff --git a/sw/device/silicon_creator/lib/cert/generic.hjson b/sw/device/silicon_creator/lib/cert/generic.hjson
@@ -51,11 +51,11 @@
         },
         hash_1: {
             type: "byte-array",
-            size: 20,
+            size: 32,
         },
         hash_2: {
             type: "byte-array",
-            size: 20,
+            size: 32,
         },
         security_version: {
             type: "integer",

diff --git a/sw/device/silicon_creator/lib/cert/uds.hjson b/sw/device/silicon_creator/lib/cert/uds.hjson
@@ -32,17 +32,17 @@
         // Hash of the creator_sw_cfg OTP partition (SHA256).
         otp_creator_sw_cfg_hash: {
             type: "byte-array",
-            size: 20,
+            size: 32,
         },
         // Hash of the owner_sw_cfg OTP partition (SHA256).
         otp_owner_sw_cfg_hash: {
             type: "byte-array",
-            size: 20,
+            size: 32,
         },
         // Hash of the hw_cfg OTP partition (SHA256).
         otp_hw_cfg_hash: {
             type: "byte-array",
-            size: 20,
+            size: 32,
         },
     },