Struct lpc55::protected_flash::Keystore

pub struct Keystore {
    pub header: KeystoreHeader,
    pub puf_discharge_time_milliseconds: u32,
    pub activation_code: ActivationCode,
    pub secure_boot_kek: Keycode,
    pub user_key: Keycode,
    pub unique_device_secret: Keycode,
    pub prince_region_0: Keycode,
    pub prince_region_1: Keycode,
    pub prince_region_2: Keycode,
}

All the keys :)

We “unroll” the prince_regions array to be able to serialize_with hex_serialize.

Fields

header: KeystoreHeader

The Excel spreadsheet says “Valid Key Sore Header : 0x95959595u”.

Empirically, this value 2509608341 appears as header in the PFR as soon as PUF is enrolled, regardless of number of key codes stored.

UM 11126 says: “Marker. A value of 0x95959595 means that Activation code is valid.”

puf_discharge_time_milliseconds: u32

Excel spreadsheet specifies this interpretation.

Seems this can’t be actually set anywhere.

activation_code: ActivationCode

1192 bytes of data, generated when PUF is enrolled.

secure_boot_kek: Keycode

KEK for secure boot, aka SBKEK.

This is an actual “key encryption key”. The SB2.1 container format uses two “random” firmware encryption and MAC keys, which are stored via AES keywrap with this SBKEK in the container.

user_key: Keycode

unique_device_secret: Keycode

Key intended for use with the “DICE” algorithm, which is a Microsoft standard to ensure devices and their firmware are authentic; based on symmetric cryptography.

prince_region_0: Keycode

Key used when PRINCE is activated for the first PRINCE region (first 256K flash)

prince_region_1: Keycode

Key used when PRINCE is activated for the first PRINCE region (second 256K flash)

prince_region_2: Keycode

Key used when PRINCE is activated for the first PRINCE region (last 128K flash, or more precisely, 119.5K – excluding PFR itself)

Implementations

impl Keystore

pub fn to_bytes(&self) -> [u8; 1536]

Trait Implementations

impl Clone for Keystore

fn clone(&self) -> Keystore

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Keystore

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Keystore

fn default() -> Keystore

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for Keystore

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
    __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Hash for Keystore

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)where
    H: Hasher,
    Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Ord for Keystore

fn cmp(&self, other: &Keystore) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Selfwhere
    Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Selfwhere
    Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Selfwhere
    Self: Sized + PartialOrd<Self>,

Restrict a value to a certain interval.

impl PartialEq<Keystore> for Keystore

fn eq(&self, other: &Keystore) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd<Keystore> for Keystore

fn partial_cmp(&self, other: &Keystore) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

This method tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

This method tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator.

impl Serialize for Keystore

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>where
    __S: Serializer,

Serialize this value into the given Serde serializer.

impl TryFrom<&[u8]> for Keystore

type Error = ()

The type returned in the event of a conversion error.

fn try_from(input: &[u8]) -> Result<Self, Self::Error>

Performs the conversion.

impl Copy for Keystore

impl Eq for Keystore

impl StructuralEq for Keystore

impl StructuralPartialEq for Keystore