feat(tbor): implement SdSealingKeyGen (masked sealing key)#536
Conversation
There was a problem hiding this comment.
Pull request overview
Implements the firmware-side TBOR SdSealingKeyGen command (opcode 0x09) end-to-end across firmware, host types, docs, and emu tests. The command generates a fresh P-384 sealing keypair and returns a masked private key blob plus the public key (with scope-gated masking key selection), rather than persisting the private key on-device.
Changes:
- Add the firmware handler and wire the opcode into session control classification + TBOR dispatcher known/in-session/cross-check gates.
- Update TBOR schemas/host wrappers to return
(masked_key[180], pub_key[96])and introduceUnsupportedKeyScopestatus/error for unimplemented scope backing keys. - Extend vault key-kind enums + key length tables (std PAL + Uno key_vault) and add emu integration tests and documentation updates.
Reviewed changes
Copilot reviewed 14 out of 14 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| fw/core/lib/src/ddi/tbor/sd_sealing_key_gen.rs | New firmware handler that generates a P-384 keypair, masks the private scalar under a scope MK, and encodes the response. |
| fw/core/lib/src/ddi/tbor/mod.rs | Registers the new handler and classifies the opcode as known/in-session/needs session-id cross-check. |
| fw/core/lib/src/op.rs | Classifies SD_SEALING_KEY_GEN as SessionCtrl::InSession. |
| fw/pal/traits/src/error.rs | Adds HsmError::UnsupportedKeyScope for well-formed but not-yet-supported scopes. |
| ddi/tbor/types/src/status.rs | Adds TborStatus::UnsupportedKeyScope mirroring the new firmware error. |
| fw/core/ddi/tbor/types/src/sd_sealing_key_gen.rs | Updates firmware-side TBOR schema to return masked key + public key; exports pinned length consts and tests them. |
| ddi/tbor/types/src/sd_sealing_key_gen.rs | Updates host-side wrapper schema/response to return fixed-size masked key + public key arrays. |
| fw/pal/traits/src/vault.rs | Adds HsmVaultKeyKind::SdSealing and documents the sealing-key kind. |
| fw/plat/std/pal/src/drivers/vault.rs | Adds size mapping + tests for SdSealing (48-byte P-384 scalar). |
| fw/plat/uno/fw/crates/key_vault/src/kind.rs | Extends Uno key-kind length table + tests for SdSealing. |
| ddi/tbor/types/tests/commands/sd_sealing_key_gen.rs | Adds emulator integration tests covering happy paths, unsupported scopes, pre-finalize reject, CU reject, and default-PSK gate. |
| ddi/tbor/types/tests/commands/mod.rs | Exposes the new command test module. |
| docs/tbor-ddi/README.md | Marks SdSealingKeyGen as implemented (not schema-only). |
| docs/tbor-ddi/commands/sd_sealing_key_gen.md | Updates command documentation to match masked-key response and new gating/errors. |
2c3425c to
152754c
Compare
152754c to
a67ca71
Compare
a67ca71 to
b8212fe
Compare
b8212fe to
a144d5c
Compare
a144d5c to
34d2dcc
Compare
34d2dcc to
e833504
Compare
|
@copilot resolve the merge conflicts in this pull request |
Co-authored-by: vsonims <39780523+vsonims@users.noreply.github.com>
Resolved the merge conflict and merged |
|
@copilot resolve the merge conflicts in this pull request |
Co-authored-by: vsonims <39780523+vsonims@users.noreply.github.com>
Resolved the new merge conflicts and merged the current |
Summary
Implement the firmware TBOR
SdSealingKeyGencommand (previously schema-only). Within an active Crypto-Officer session on an Initialized partition, it generates a fresh P-384 ECC sealing keypair for ECDH key agreement and returns the masked private key plus the public key. Maps to manticoreCreateSDSealingKey -> ..., MaskedSDSealingKey.The private key is not stored on the device: it is masked (AEAD-GCM-256) under the masking key associated with the requested
KeyScope, and the masked blob is returned so the caller re-imports it (unmask-on-use) when the key is later needed. Because nothing is persisted, the command records no rollback (no undo-log dependency).Handler (
fw/core/lib/src/ddi/tbor/sd_sealing_key_gen.rs)InvalidPermissions); sessionActive; partitionInitialized(the scope masking keys are provisioned byPartFinal).Ephemeral → PartitionEphemeralMaskingKey,Local → PartitionLocalMaskingKey.SessionandSecurityDomain(and any other) are rejected with the newUnsupportedKeyScopeerror until their masking keys exist (session-key masking /CreateSD's SDKMK).(masked_key 180 B, pub_key 96 B). TheSdSealingvault kind is retained as the masked blob's metadatakey_kind; it is no longer stored.generate_sealing_keypair/mask_sealing_private_key/encode_sealing_response.Schema + dispatch
masked_key(180 B AEAD envelope) replaceskey_handlein both the firmware and host crates; addMASKED_SEALING_KEY_LEN.HsmError::UnsupportedKeyScope(0x08700102) +TborStatusmirror.SD_SEALING_KEY_GEN(0x09) into the opcode table, dispatcher,is_known_opcode/is_in_session/ session-id cross-check classifiers.SdSealingvault key kind (P-384 private) to the PAL traits enum, std PAL, and Uno key_vault length tables.Tests + docs
ddi/tbor/types): happy-path roundtrip for Ephemeral + Local (distinct keypair per call, non-zero 180 B masked key + 96 B pub key), unsupported-scope reject (Session/SecurityDomain), before-finalize reject (InvalidArg), CU-session reject (InvalidPermissions), and default-PSK gate reject.docs/tbor-ddi/commands/sd_sealing_key_gen.md.Notes
main(PartFinal feat(tbor): add PartFinal command handler (FinalizePart) #497 / SD schemas feat(tbor): Security-Domain command schemas (SdCreate/Reseal/Restore) #496 / key-masking are all merged); no undo-log (feat(undo): unified lock-free rollback for host commands #504) dependency.Validation
SdSealingKeyGentests).-D warnings+ nightly fmt clean.