Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
timothytrippel opened a pull request on lowRISC/opentitan
[cherry-pick] #24955 to `earlgrey_1.0.0` to support endorsing certs with various CAs in FT
Manual cherry-pick of #24955 to `earlgrey_1.0.0`.
timothytrippel created a branch on timothytrippel/opentitan
cp-ca-refactor - OpenTitan: Open source silicon root of trust
timothytrippel pushed 3 commits to master timothytrippel/opentitan
- [manuf] refactor CA args to personalization flow This creates a CaConfig struct with CA args, and moves it into the ... e67eec9
- [manuf] send additional CA key ID to host during perso This updates the ManufCertgenInputs ujson data payload sent t... 7a90b60
- [manuf] add CA for endorsing certs in perso extension This CA should have a pathlen of 0. This fixes #24955. Signed... c534d13
timothytrippel closed an issue on lowRISC/opentitan
[manuf] enable use of multiple CA keys in perso flow
Currently, a single CA key is used to endorse all certificates, including: 1. the UDS DICE cert, and 2. all SKU-specific certs. However, the some SKU-specific certs have requirements over the `pat...
timothytrippel pushed 3 commits to master lowRISC/opentitan
- [manuf] refactor CA args to personalization flow This creates a CaConfig struct with CA args, and moves it into the ... e67eec9
- [manuf] send additional CA key ID to host during perso This updates the ManufCertgenInputs ujson data payload sent t... 7a90b60
- [manuf] add CA for endorsing certs in perso extension This CA should have a pathlen of 0. This fixes #24955. Signed... c534d13
timothytrippel closed a pull request on lowRISC/opentitan
[manuf] enable use of two different root CAs during perso
This fixes #24955 by enabling the use of two different CAs during personalization: - one for endorsing the UDS cert (i.e., the root of the DICE chain), and - one for endorsing all SKU-specific ce...
timothytrippel pushed 15 commits to master timothytrippel/opentitan
- [sival, crypto] Fix typos in testplan Signed-off-by: Noah Moroze <[email protected]> 827d4a2
- [crypto] Fix copy-paste error in comment Signed-off-by: Noah Moroze <[email protected]> 71c4f45
- [rom_ext] Do not bind to `manuf_state_creator` The ROM_EXT does not need to be bound to `manuf_state_creator`. That... f9724d2
- [sival, keymgr] Fix assertion failure in keymgr key derivation vseq `chip_sw_keymgr_key_derivation_vseq` provides ba... 11d86df
- [sival, keymgr] Fix keymgr sealing/attestation test in unmasked envs The `chip_sw_keymgr_derive_{sealing,attestation... 096be43
- [sival/aes] Add aes_prng_reseed,aes_prng_force_reseed This commit introduces the AES PRNG reseed test (chip_sw_aes_p... 036c58a
- [pwm,dv] Exclude impossible toggle coverage in u_reg.u_chk Honestly, this isn't really a pwm-specific change so we'l... 5bc3cd3
- [bazel] Remove legacy opentitan_test.bzl No longer used. Signed-off-by: James Wainwright <james.wainwright@lowrisc.... 9fb3ee7
- [bazel] Remove legacy `opentitan.bzl` All features are now moved to the `rules/opentitan` directory. Signed-off-by:... a717259
- [sival,hmac] Update HMAC testplan - Remove KMAC test target - Specify testing all HMAC-SHA2 modes - Add test targets... d225b70
- [sival,kmac] Update KMAC testplan - Add cSHAKE KAT tests - Remove mentions of XOF from KMAC testpoint. These are cov... a16bc91
- [sival,kmac] Add SHA3 NIST CAVP KAT tests Signed-off-by: Miles Dai <[email protected]> c26e56b
- [ci] remove stale workflows These workflows are no longer working and haven't been updated for a long time. Remove t... 6f62366
- [ci] cleanup Azure pipelines Signed-off-by: Gary Guo <[email protected]> 039fa69
- [ci, doc] update reference of Azure Pipelines Signed-off-by: Gary Guo <[email protected]> 8a1a5fe
timothytrippel created a review comment on a pull request on lowRISC/opentitan
I thought about that, however, in the future, we aim to support other DICE CWT profiles (see RFC: https://docs.google.com/document/d/1zBudM3YyasCoYhchRDLJUKKDEtlCQ4Yc5dx9HEE45HU/edit?usp=sharing), ...
timothytrippel created a review comment on a pull request on lowRISC/opentitan
The way I wrote it is slightly faster, since we only iterate over 32 byte array once.
timothytrippel pushed 21 commits to earlgrey_1.0.0 timothytrippel/opentitan
- [bazel] Replace Bazel test suites in testplans with targets Some testpoints in the Bazel testplans would link to man... 305dd7c
- [bazel] Remove unnecessary LC coverage from `rv_dm_jtag_tap_sel` According to the testpoint description, we get no e... a3f36b8
- [sival] Add ibex testplan to top_earlgrey plan Signed-off-by: James Wainwright <[email protected]> fdab5fc
- [sival, crypto] Fix typos in testplan Signed-off-by: Noah Moroze <[email protected]> (cherry picked from commit 1c2... 27215b6
- [crypto] Fix copy-paste error in comment Signed-off-by: Noah Moroze <[email protected]> (cherry picked from commit ... 2b90053
- [i2c,sival] Reduce I2C bitbanging flakiness by separating SDA and SCL write This commit reduces the flakiness seen i... b754bfe
- [Sival, sensor_ctrl] Rename file for consistency Signed-off-by: Douglas Reis <[email protected]> (cherry picked fro... 1e9c3b7
- Fix chip_sw_sensor_ctrl_ast_alerts for SiVal silicon Clear prior events to start from a clean slate and prevent the ... 3d8a7ab
- [SiVal, sensor_ctrl] Map test chip_sw_pwrmgr_sleep_sensor_ctrl_alert_wakeup Signed-off-by: Douglas Reis <doreis@lowr... 2c832d4
- [kmac,sival] Enable KMAC error conditions test to partially run on CW310 This commit enables the KMAC error conditio... 9187aeb
- [ci] Update quick-lint & CI scripts after site move After the building of the site / landing page was moved to a sep... 7f2bb28
- [verilator,tests] Mark failing Verilator test targets as broken Marks all Verilator test targets that are explicitly... 8dc158b
- [verilator,tests] Mark timed-out verilator targets as manual All of these Verilator test targets were run on public ... c7ef722
- [verilator,tests] Fix missing positional argument in mem ujcmd test Passes in firmware-elf as a positional argument ... b90a7a2
- [bazel] Replace incorrect execution environment paths This commit replaces erroneous occurrences of the environment ... 2ee4728
- [bazel] Remove sim envs for usbdev_aon_wake_reset_test Removes the `sim_dv` and `sim_verilator` execution environmen... 842aa2e
- [verilator,spi] Reduce SPI clock frequency on Verilator tests Fixes the `spi_host_irq_test` test target which was fa... 144b505
- [bazel] Mark broken/manual verilator target environments This commit addresses three tests: - For `spi_host_winbond_... 8e9301d
- [sival,testplans] Update testplans for cpu and alert info tests Fixes #25026 Signed-off-by: Guillermo Maturana <mat... e22f7de
- [rom_ext] Eliminate extra debug print An extra `dbg_print_epmp` call got added to the ROM_EXT. Remove it. Signed-o... ddfd314
- and 1 more ...
timothytrippel created a comment on a pull request on lowRISC/opentitan
Thanks @jwnrt @andreaskurth; I discussed offline with @andreaskurth : I am OK with the commit message if there is a way for a git hook to automatically apply it based on what branch I am working on...
timothytrippel created a comment on a pull request on lowRISC/opentitan
I would voice the opinion that having a special commit message for commit messages that originate on the `earlgrey_1.0.0` branch is overkill, provides little value, and is going to cause a lot of t...
timothytrippel pushed 4 commits to build-multiple-rom-exts timothytrippel/opentitan
- [perso] Initialize ownership during perso 1. Initialize the ownership sealing key during the UDS stage of keymgr ... 945df20
- [rom_ext] build multiple ROM_EXTs with different cert formats This builds two different base ROM_EXTs to support dif... c0c6088
- [dice,rom_ext] support CWT CDI_* cert updates This complete the implementation of the `dice_cert_check_valid()` func... 31859f8
- [manuf] only verify X.509 DICE chain with openssl DICE certs can be generated in X.509 or CWT format during perso. O... 1db24c5
timothytrippel pushed 1 commit to earlgrey_1.0.0 timothytrippel/opentitan
- [perso] Initialize ownership during perso 1. Initialize the ownership sealing key during the UDS stage of keymgr ... 945df20
timothytrippel opened a pull request on lowRISC/opentitan
[rom_ext,dice] build ROM_EXT with DICE CWT cert format support
This updates the ROM_EXT build configuration to build multiple ROM_EXTs that support each DICE cert format: X.509 and CWT. Additionally, this updates the `dice_cwt` lib to implement the `dice_cert_...
timothytrippel created a branch on timothytrippel/opentitan
build-multiple-rom-exts - OpenTitan: Open source silicon root of trust
timothytrippel pushed 1 commit to earlgrey_1.0.0 lowRISC/opentitan
- [perso] Initialize ownership during perso 1. Initialize the ownership sealing key during the UDS stage of keymgr ... 945df20
timothytrippel closed a pull request on lowRISC/opentitan
[perso] Initialize ownership during perso
1. Initialize the ownership sealing key during the UDS stage of keymgr setup. 2. Call the `sku_creator_owner_init` function to initialize the ownership INFO page. 3. Link in the per-sku `<sku>_ow...
timothytrippel pushed 1 commit to master lowRISC/opentitan
- [rom_ext] Do not bind to `manuf_state_creator` The ROM_EXT does not need to be bound to `manuf_state_creator`. That... f9724d2
timothytrippel created a review comment on a pull request on lowRISC/opentitan
Fixed. Went with serde_annotate for most flexibility in the future.