First Draft of Caliptra Trademark Audit #175
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,72 @@ | ||
|
|
||
| # Caliptra Trademark Auditing Process | ||
|
|
||
| This document will describe the specific requirements to be reviewed by a 3rd party and attest to Caliptra TAC that the requirements have been met. | ||
|
|
||
| The goal of a Caliptra Trademark Audit would be to be compliant with OCP Safe Level 2 requirements using an OCP Safe approved auditor. | ||
|
|
||
| Currently, this is a list of Topics to review for Trademark Compliance. Specific testable requirements will need to be spelled out subsequently. | ||
|
|
||
| * Each of these topics will have to be reviewed for an integration to get approval of Trademark Usage | ||
|
There was a problem hiding this comment. I think "approval for TM usage" but English is my second language |
||
|
|
||
| ## Caliptra IP | ||
|
|
||
|
There was a problem hiding this comment. Preface sentence. "A compliant integration must show:"
|
||
| * Show how the RTL was integrated into the device environment | ||
| * Show a Run of the tool to verify the RTL Release Hash (in development) | ||
|
There was a problem hiding this comment. TODO here? Replace to link for source code of tool when ready |
||
| * Show the ROM hash from a release ROM hash | ||
|
There was a problem hiding this comment. the ROM hash maps to a verifiable build of a tagged ROM release |
||
| * Show the internal Caliptra FW signing process used to sign Caliptra FW | ||
|
There was a problem hiding this comment. redundant, remove the first "Caliptra FW" |
||
| * Show what options were used to synthesize the RTL | ||
| * Show input wires to RTL | ||
|
There was a problem hiding this comment. We have an integration guide. Can we reference the sections in said guide? Same for options used to synthesize |
||
| * Clock | ||
| * Reset | ||
| * Power Good, Ready for fuses, Ready for FW, etc. | ||
| * Show how the Generic input/output wires are addressed | ||
|
|
||
| ## Caliptra Wrapper | ||
|
|
||
| * Show how the Obfuscation key is provided and ensure that it is not available to any FW. | ||
| * Describe the noise source for the RNG (indicating if Internal RNG or external RNG) | ||
| * External RNG description should be shown | ||
| * Show error handling integration | ||
| * Show how debugging will be enabled/disabled in production | ||
| * Show SRAM zeroization | ||
|
There was a problem hiding this comment. process for SRAM zeroization |
||
|
|
||
| ## HSM Support | ||
|
|
||
| * Show how the FW signing key is created and protected | ||
| * If applicable, show LMS sign keys derivations and how HSM protects them | ||
| * If applicable, prove LMS verify. | ||
|
|
||
| ## Fusing | ||
|
|
||
| * Show how the fuses are loaded into the Caliptra IP | ||
| * Show how the Security State is provided to Caliptra IP | ||
| * Show the fuse recipe that is expected to used for Caliptra | ||
| * Ensure the Public Key Hash is fused | ||
| * Ensure that the security state is fused | ||
|
|
||
| ## Manufacturing | ||
|
|
||
| * Indicate how the manufacturing process will flow. | ||
| * Show the UDS Seed creation | ||
| * Show the CSR extraction and signing | ||
|
|
||
| ## Cert Chain Verify | ||
|
|
||
| * Show that a part can have IDevID Signed Cert. | ||
| * Create a valid Caliptra cert chain with IDevID, LDevID, FMC Alias and R-TAlias cert. Prove that the cert chain verifies. | ||
|
|
||
| ## SOC Root of Trust | ||
|
|
||
| * Show that SOC RoT is sending SOC FMC measurements to Caliptra before running FMC. | ||
| * Show the design for the SOC ROT Storage and fetching of Caliptra FW | ||
| * Describe how Caliptra PA_USER management will be used. | ||
|
|
||
| ## SOC Run-Time | ||
|
|
||
| * Show how SVNs fuses will be incremented. | ||
| * Show how keys revoke bits can be revoked. | ||
|
There was a problem hiding this comment. Typo, key revoke bits |
||
| * Show how Run-Time Entropy will be fused. | ||
| * Show how owner key hash will be fused. | ||
|
|
||
| * Show how the IDevID Cert gets recreated on part. | ||
|
There was a problem hiding this comment. on part? Is this sentence incomplete? |
||
| * Show how external entities would interact with Calitpra (path through Security processor, direct access, etc.) | ||
|
There was a problem hiding this comment. Do we need a specific PAUSER requirement. Show those are not spoofed and correctly bound to callers |
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
An additional goal of a ....
s/would/is/
s/Safe/S.A.F.E./