Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: chipsalliance/caliptra-sw
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 3614d01a25588d45bfd0bd5f745cdfe1100ef319
Choose a base ref
..
head repository: chipsalliance/caliptra-sw
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: cbcbfba98730e03cc97b234e9370832691fcb23c
Choose a head ref
Showing with 5 additions and 5 deletions.
  1. +5 −5 auth-manifest/README.md
10 changes: 5 additions & 5 deletions auth-manifest/README.md
Original file line number Diff line number Diff line change
@@ -21,10 +21,10 @@ The Caliptra SOC manifest has two main components:
| Owner LMS Public Key | 48 | Owner LMS public key used to verify the IMC Signature. <br> **tree_type:** LMS Algorithm Type (4 bytes) <br> **otstype:** LMS Ots Algorithm Type (4 bytes) <br> **id:** (16 bytes) <br> **digest:** (24 bytes) <br> Note: If LMS validation is not required, this should field should be zeroed out.|
| Owner ECC Signature | 96 | Owner ECDSA P-384 signature of the Owner ECC and LMS public keys, hashed using SHA2-384. <br> **R-Coordinate:** Random Point (48 bytes) <br> **S-Coordinate:** Proof (48 bytes) |
| Owner LMS Signature | 1620 | Owner LMS signature of the Owner ECC and LMS public keys, hashed using SHA2-384. <br> **q:** Leaf of the Merkle tree where the OTS public key appears (4 bytes) <br> **ots:** Lmots Signature (1252 bytes) <br> **tree_type:** Lms Algorithm Type (4 bytes) <br> **tree_path:** Path through the tree from the leaf associated with the LM-OTS signature to the root. (360 bytes) <br> Note: If LMS validation is not required, this should field should be zeroed out.|
| IMC Vendor ECC Signature | 96 | Vendor ECDSA P-384 Signature of the Image Metadata Collection hashed using SHA2-384.<br />**X-Coordinate:** Public Key X-Coordinate (48 bytes)<br />**Y-Coordinate:** Public Key Y-Coordinate(48bytes) |
| IMC Vendor LMS Signature | 1620 | Vendor LMOTS-SHA192-W4 signature of the Image Metadata Collection hashed using SHA2-384.<br />**q:** Leaf of the Merkle tree where the OTS public key appears (4 bytes)<br />**ots:** Lmots Signature (1252 bytes)<br />**tree_type:** Lms Algorithm Type (4 bytes)<br />**tree_path:** Path through the tree from the leaf associated with the LM-OTS signature to the root. (360 bytes)<br />Note: If LMS validation is not required, this field should be zeroed out. |
| IMC Owner ECC Signature | 96 | Owner ECDSA P-384 Signature of the Image Metadata Collection hashed using SHA2-384.<br />**X-Coordinate:** Public Key X-Coordinate (48 bytes)<br />**Y-Coordinate:** Public Key Y-Coordinate(48bytes) |
| IMC Owner LMS Signature | 1620 | Owner LMOTS-SHA192-W4 signature of the Image Metadata Collection hashed using SHA2-384<br />**q:** Leaf of the Merkle tree where the OTS public key appears (4 bytes)<br />**ots:** Lmots Signature (1252 bytes)<br /> **tree_type:** Lms Algorithm Type (4 bytes)<br /> **tree_path:** Path through the tree from the leaf associated with the LM-OTS signature to the root. (360 bytes)<br /> Note: If LMS validation is not required, this field should be zeroed out. |
| IMC Vendor ECC Signature | 96 | Vendor ECDSA P-384 Signature of the Image Metadata Collection hashed using SHA2-384.<br />**X-Coordinate:** Public Key X-Coordinate (48 bytes)<br />**Y-Coordinate:** Public Key Y-Coordinate(48bytes) |
| IMC Vendor LMS Signature | 1620 | Vendor LMOTS-SHA192-W4 signature of the Image Metadata Collection hashed using SHA2-384.<br />**q:** Leaf of the Merkle tree where the OTS public key appears (4 bytes)<br />**ots:** Lmots Signature (1252 bytes)<br />**tree_type:** Lms Algorithm Type (4 bytes)<br />**tree_path:** Path through the tree from the leaf associated with the LM-OTS signature to the root. (360 bytes)<br />Note: If LMS validation is not required, this field should be zeroed out. |
| IMC Owner ECC Signature | 96 | Owner ECDSA P-384 Signature of the Image Metadata Collection hashed using SHA2-384.<br />**X-Coordinate:** Public Key X-Coordinate (48 bytes)<br />**Y-Coordinate:** Public Key Y-Coordinate(48bytes) |
| IMC Owner LMS Signature | 1620 | Owner LMOTS-SHA192-W4 signature of the Image Metadata Collection hashed using SHA2-384<br />**q:** Leaf of the Merkle tree where the OTS public key appears (4 bytes)<br />**ots:** Lmots Signature (1252 bytes)<br /> **tree_type:** Lms Algorithm Type (4 bytes)<br /> **tree_path:** Path through the tree from the leaf associated with the LM-OTS signature to the root. (360 bytes)<br /> Note: If LMS validation is not required, this field should be zeroed out. |

- ### **Image Metadata Entry**
| Field | Size (bytes) | Description |
@@ -40,7 +40,7 @@ The Caliptra SOC manifest has two main components:
| Ignore Auth Check | 1 | If set, the image digest is not compared for the firmware id |

- ### **Image Metadata Collection**
The Image Metadata Collection (IMC) is a collection of Image Metadata entries (IME). Each IME has a hash that matches a SOC images. The manifest vendor and owner private keys sign the IMC. The Preamble holds the IMC signatures. The manifest IMC vendor signatures are optional and are validated only if the FLAGS field Bit 0 = 1. Up to sixteen image hashes are supported.
The Image Metadata Collection (IMC) is a collection of Image Metadata entries (IME). Each IME has a hash that matches a SOC images. The manifest vendor and owner private keys sign the IMC. The Preamble holds the IMC signatures. The manifest IMC vendor signatures are optional and are validated only if the FLAGS field Bit 0 = 1. Up to 127 image hashes are supported.

| Field | Size (bytes) | Description|
|-------|--------------|------------|