Calitra ndeye yakavhurika yakatarwa yekusanganisa nzira dzekuchengetedza mumachipisi.
Munguva pfupi yapfuura Google, AMD, NVIDIA uye Microsoft yakaziviswa kuburikidza ne blog post, nhau dzepurojekiti yose «calyptra», yavakasimukira nayo yakavhurika chip design block (IP block) yekumisikidza maturusi pamachipisi kugadzira zvinhu zvakavimbika zvehardware (RoT, Mudzi weKuvimba).
calyptra iyo yakasarudzika hardware unit ine yayo yekurangarira, processor, uye kuita ye cryptographic primitives, iyo inopa kusimbiswa kweiyo boot process, iyo firmware inoshandiswa, uye chigadziriso chemudziyo chakachengetwa mundangariro dzisiri-inotenderera.
Calitra inogona kushandiswa kubatanidza yakaparadzana hardware unit mune akawanda machipisi iyo inoita cheki yekuvimbika uye inovimbisa kuti mudziyo unoshandisa firmware yakasimbiswa uye yakabvumidzwa nemugadziri. calyptra inogona kurerutsa zvakanyanya uye kubatanidza kubatanidzwa kwenzira dzekusimbisa Hardware cryptography yakavakirwa muCPUs, GPUs, SoCs, ASICs, network adapter, SSDs, uye zvimwe zvishandiso.
Iko kusevenzesa kweiyo IP block yakavakirwa pane yakavhurika RISC-V SWeRV EL2 processor uye ine 384 KB ye RAM (128 KB DCCM, 128 KB ICCM0 uye 128 KB SRAM) uye 32 KB yeROM. Inotsigirwa cryptographic algorithms inosanganisira SHA256, SHA384, SHA512 ECC Secp384r1, HMAC-DRBG, HMAC SHA384, AES256-ECB, AES256-CBC, uye AES256-GCM.
Iyo purojekiti Caliptra inotenderera nekumisikidza mudzi wekuvimba (RoT)Vaka zvitubu zvekuchengetedza musilicon kuitira kuti data ivharwe uye isafumurwe paunenge uchifamba munzvimbo dzedata kana mugore.
"Nhasi inocherekedza nhanho huru mukubatana kwekuchengetedza indasitiri nekuburitswa kweCaliptra 0.5 yakatarwa neOCP uye kuwanikwa kweCaliptra 0.5 RTL kuburikidza neCHIPS Alliance. AMD icharamba ichitora chikamu muCaliptra uye Open Compute Project. mukutsigira vatengi vedu uye vatinoshanda navo mukati meecosystem. " Mark Papermaster, CTO uye Mutevedzeri Mukuru weTekinoroji neUinjiniya ku AMD
"Vyakavhurika ecosystems nemapurojekiti ndiwo musimboti webhizinesi reGoogle uye zvavepo kubva pazuva rekutanga," akadaro Partha Ranganathan, Mutevedzeri weMutungamiriri uye Nhengo yeInjiniya, Google Cloud uye OCP Board Member. "NeCaliptra, tiri kuunza kukurumidza kwekusimudzira kuchengetedzwa kwezvivakwa, tichibvumira nharaunda kusimbisa pamwe chete nhare yakasimba yeIP iyo isu tese tinogona kuvimba nayo kune dzakasiyana seti yesilicon inopa."
"Kuwedzera kujeka uye kuenderana mune yakaderera-level chengetedzo yehardware inodiwa. Tiri kuvhura Caliptra nevatinoshanda navo kuti tigadzirise zvinodiwa izvi. " Mark Russinovich, CTO uye Technical Fellow kuMicrosoft Azure.
Nzira dzekriptographic verification yekuvimbika uye yechokwadi inopiwa nepuratifomu ichadzivirira zvinhu zvehardware kubva pakuunzwa kwehuipi firmware shanduko uye ivo vanozochengetedza iyo yekumisikidza kurodha uye kuchengetedza maitiro kudzivirira iyo huru sisitimu kubva mukukanganiswa nekuda kwekurwiswa kwezvinhu zvehardware kana kutsiviwa kwekuchinja kwakashata mumaketani ekupa chip.
calyptra inopawo kugona kwechokwadi firmware zvigadziriso uye data rakabatana nepuratifomu (RTU, Root of Trust for Update), tarisa huwori hwe firmware uye data yakakosha (RTD, Root of Trust for Detection), dzorera yakaora firmware uye data (RTRec, Root of Trust for Recovery).
Caliptra iri kuvandudzwa papuratifomu yeOpen Comput joint project, iyo ine chinangwa chekuvandudza zvakavhurika zvemichina yekushongedza nzvimbo dzedata.
Iwo maratidziro Zvinoenderana neCaliptra inogoverwa kuburikidza neOpen Web Foundation Agreement (OWFa), yakagadzirirwa kusimudzira yakavhurika zviyero (yakafanana neyakavhurika sosi rezenisi kune zvakatemwa). Kushandiswa kweOWFa inoita kuti zvikwanise kugadzira zvigadzirwa zvako uye zvakatorwa mashandisirwo zvichibva pane zvakatemwa pasina kubvisa royalties uye inobvumira chero sangano kuti ritore chikamu mukuvandudzwa kweiyo yakatarwa.
Chekupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.