Zeroizing temp values from ROM integrity check (#1329)

* Zeroizing temp values from ROM integrity check * Updating frozen ROM image
chipsalliance · Feb 16, 2024 · a334ea8 · a334ea8
1 parent 6505bc9
commit a334ea8
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 4 deletions.
diff --git a/FROZEN_IMAGES.sha384sum b/FROZEN_IMAGES.sha384sum
@@ -1,3 +1,3 @@
 # WARNING: Do not update this file without the approval of the Caliptra TAC
-eba9b65213e38e759588ec1783636e7fb978611a159699b458d94bb0461d8d4cea9642a315fca4455f3b5a3c692b1f1d  caliptra-rom-no-log.bin
-c52114044bbc4be3ef1bdbf87c5eb959df239d2c395f70679e34d04aaeaae84e8b9bcaa7ea61b585f141613abc2d0923  caliptra-rom-with-log.bin
+f6080d7e49109d4fca76968c625521909f4f304673890940592ca8cea33f5ee3758e364cf268937dc6fb6534448a5e43  caliptra-rom-no-log.bin
+43218fc89bfdfe94e74f8a9b998b318f0abd8494a59dfa3a8c6c60b2fae5770ba1555c726dbfbd6a2ce8e5087440e9f8  caliptra-rom-with-log.bin
diff --git a/rom/dev/src/main.rs b/rom/dev/src/main.rs
@@ -32,6 +32,7 @@ use caliptra_error::CaliptraResult;
 use caliptra_image_types::RomInfo;
 use caliptra_kat::KatsEnv;
 use rom_env::RomEnv;
+use zeroize::Zeroize;
 
 #[cfg(not(feature = "std"))]
 core::arch::global_asm!(include_str!(concat!(
@@ -210,12 +211,14 @@ fn rom_integrity_test(env: &mut KatsEnv, expected_digest: &[u32; 8]) -> Caliptra
     let rom_start = 0 as *const [u32; 16];
 
     let n_blocks = unsafe { &CALIPTRA_ROM_INFO as *const RomInfo as usize / 64 };
-    let digest = unsafe { env.sha256.digest_blocks_raw(rom_start, n_blocks)? };
+    let mut digest = unsafe { env.sha256.digest_blocks_raw(rom_start, n_blocks)? };
     cprintln!("ROM Digest: {}", HexBytes(&<[u8; 32]>::from(digest)));
     if digest.0 != *expected_digest {
+        digest.zeroize();
         cprintln!("ROM integrity test failed");
         return Err(CaliptraError::ROM_INTEGRITY_FAILURE);
     }
+    digest.zeroize();
     Ok(())
 }
 

diff --git a/runtime/src/fips.rs b/runtime/src/fips.rs
@@ -187,14 +187,16 @@ pub mod fips_self_test_cmd {
         let n_blocks =
             env.persistent_data.get().fht.rom_info_addr.get()? as *const RomInfo as usize / 64;
 
-        let digest = unsafe { env.sha256.digest_blocks_raw(rom_start, n_blocks)? };
+        let mut digest = unsafe { env.sha256.digest_blocks_raw(rom_start, n_blocks)? };
         cprintln!("ROM Digest: {}", HexBytes(&<[u8; 32]>::from(digest)));
         if digest.0 != rom_info.sha256_digest {
+            digest.zeroize();
             cprintln!("ROM integrity test failed");
             return Err(CaliptraError::ROM_INTEGRITY_FAILURE);
         } else {
             cfi_assert_eq_8_words(&digest.0, &rom_info.sha256_digest);
         }
+        digest.zeroize();
 
         // Run digest function and compare with expected hash.
         Ok(())