diff options
author | Vincent Palatin <vpalatin@chromium.org> | 2017-06-15 10:51:33 +0200 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-06-15 13:24:29 -0700 |
commit | 5dcff8b0798c2432f570a63a2c03b067c2d9de7f (patch) | |
tree | 5cb86878e4c1b0dcfb164cb7e7a0317399583cb7 /chip/g/system.c | |
parent | a9364ca5d413d9946cfe2ee0c5ee9b954cd4adc5 (diff) | |
download | chrome-ec-5dcff8b0798c2432f570a63a2c03b067c2d9de7f.tar.gz |
g: add chip unique id generation
Implement system_get_chip_unique_id() for the g hardware.
It includes the hardware revision, the chip device id and
the read-only key id.
The key-id is included because this unique id is used as serial number
inside certificates and for security reason, we want a different id if
the RO has changed (e.g Node locked firmware).
The id is also 32-byte long for convenience reason when used for
certificates, but the high 16 bytes are currently zeros.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=cr50
BUG=b:35545754
TEST=dump the x.509 individual attestation certificate which includes
the unique id as serial number.
Change-Id: If24597d0de696d2700122d425724f14703fc5256
Reviewed-on: https://chromium-review.googlesource.com/536774
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Diffstat (limited to 'chip/g/system.c')
-rw-r--r-- | chip/g/system.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/chip/g/system.c b/chip/g/system.c index 625bde28a5..f1b45c802e 100644 --- a/chip/g/system.c +++ b/chip/g/system.c @@ -218,6 +218,24 @@ const char *system_get_chip_revision(void) return revision_str; } +int system_get_chip_unique_id(uint8_t **id) +{ + static uint32_t cached[8]; + + if (!cached[3]) { /* generate it if it doesn't exist yet */ + const struct SignedHeader *ro_hdr = (const void *) + get_program_memory_addr(system_get_ro_image_copy()); + const char *rev = get_revision_str(); + + cached[0] = ro_hdr->keyid; + cached[1] = GREG32(FUSE, DEV_ID0); + cached[2] = GREG32(FUSE, DEV_ID1); + strncpy((char *)&cached[3], rev, sizeof(cached[3])); + } + *id = (uint8_t *)cached; + return sizeof(cached); +} + int system_battery_cutoff_support_required(void) { switch (get_fuse_set_id()) |