From 001630f06d84091845fbb5b5cd994fba85d6767e Mon Sep 17 00:00:00 2001
From: Vishal Mhatre <38512878+mhatrevi@users.noreply.github.com>
Date: Fri, 3 Jan 2025 13:13:44 -0800
Subject: [PATCH 1/2] [fix] Plumb MLDSA vendor key revocation fuse (#1875)

---
 api/src/soc_mgr.rs        | 3 +++
 hw-model/types/src/lib.rs | 1 +
 2 files changed, 4 insertions(+)

diff --git a/api/src/soc_mgr.rs b/api/src/soc_mgr.rs
index 29cf550bba..7c7aedf85c 100644
--- a/api/src/soc_mgr.rs
+++ b/api/src/soc_mgr.rs
@@ -155,6 +155,9 @@ pub trait SocManager {
         self.soc_ifc()
             .fuse_lms_revocation()
             .write(|_| fuses.fuse_lms_revocation);
+        self.soc_ifc()
+            .fuse_mldsa_revocation()
+            .write(|_| fuses.fuse_mldsa_revocation.into());
         self.soc_ifc()
             .fuse_soc_stepping_id()
             .write(|w| w.soc_stepping_id(fuses.soc_stepping_id.into()));
diff --git a/hw-model/types/src/lib.rs b/hw-model/types/src/lib.rs
index b290bb6af0..2e054442e1 100644
--- a/hw-model/types/src/lib.rs
+++ b/hw-model/types/src/lib.rs
@@ -131,6 +131,7 @@ impl std::fmt::Debug for FusesWrapper {
             )
             .field("life_cycle", &self.0.life_cycle)
             .field("fuse_lms_revocation", &self.0.fuse_lms_revocation)
+            .field("fuse_mldsa_revocation", &self.0.fuse_mldsa_revocation)
             .field("soc_stepping_id", &self.0.soc_stepping_id)
             .finish()
     }

From b79c7a9a8d2fe87fd8df45049c300578a2459dd5 Mon Sep 17 00:00:00 2001
From: Max Timkovich <mtimkovich@gmail.com>
Date: Fri, 3 Jan 2025 14:37:09 -0800
Subject: [PATCH 2/2] MLDSA revocation tests (#1873)

---
 .../test_image_validation.rs                  | 57 +++++++++++++++++++
 test/tests/fips_test_suite/fw_load.rs         | 28 +++++++++
 2 files changed, 85 insertions(+)

diff --git a/rom/dev/tests/rom_integration_tests/test_image_validation.rs b/rom/dev/tests/rom_integration_tests/test_image_validation.rs
index 1b5402f237..f6acb0599c 100644
--- a/rom/dev/tests/rom_integration_tests/test_image_validation.rs
+++ b/rom/dev/tests/rom_integration_tests/test_image_validation.rs
@@ -300,6 +300,63 @@ fn test_preamble_vendor_lms_pubkey_revocation() {
     }
 }
 
+#[test]
+fn test_preamble_vendor_mldsa_pubkey_revocation() {
+    let rom = caliptra_builder::build_firmware_rom(firmware::rom_from_env()).unwrap();
+    const LAST_KEY_IDX: u32 = VENDOR_MLDSA_MAX_KEY_COUNT - 1;
+
+    for idx in 0..VENDOR_MLDSA_MAX_KEY_COUNT {
+        let vendor_config = ImageGeneratorVendorConfig {
+            pqc_key_idx: idx,
+            ..VENDOR_CONFIG_KEY_0
+        };
+
+        let image_options = ImageOptions {
+            vendor_config,
+            pqc_key_type: FwVerificationPqcKeyType::MLDSA,
+            ..Default::default()
+        };
+
+        let key_idx = image_options.vendor_config.pqc_key_idx;
+
+        let fuses = caliptra_hw_model::Fuses {
+            fuse_mldsa_revocation: 1u32 << key_idx,
+            ..Default::default()
+        };
+
+        let mut hw = caliptra_hw_model::new(
+            InitParams {
+                rom: &rom,
+                ..Default::default()
+            },
+            BootParams {
+                fuses,
+                ..Default::default()
+            },
+        )
+        .unwrap();
+
+        let image_bundle =
+            caliptra_builder::build_and_sign_image(&FMC_WITH_UART, &APP_WITH_UART, image_options)
+                .unwrap();
+
+        if key_idx == LAST_KEY_IDX {
+            // Last key is never revoked.
+            hw.upload_firmware(&image_bundle.to_bytes().unwrap())
+                .unwrap();
+            hw.step_until_boot_status(u32::from(ColdResetComplete), true);
+        } else {
+            assert_eq!(
+                ModelError::MailboxCmdFailed(
+                    CaliptraError::IMAGE_VERIFIER_ERR_VENDOR_PQC_PUB_KEY_REVOKED.into()
+                ),
+                hw.upload_firmware(&image_bundle.to_bytes().unwrap())
+                    .unwrap_err()
+            );
+        }
+    }
+}
+
 #[test]
 fn test_preamble_vendor_ecc_pubkey_out_of_bounds() {
     let (mut hw, mut image_bundle) =
diff --git a/test/tests/fips_test_suite/fw_load.rs b/test/tests/fips_test_suite/fw_load.rs
index 2f80615d61..a48c66e5ae 100755
--- a/test/tests/fips_test_suite/fw_load.rs
+++ b/test/tests/fips_test_suite/fw_load.rs
@@ -1113,6 +1113,34 @@ fn fw_load_error_vendor_lms_pub_key_revoked() {
     );
 }
 
+#[test]
+fn fw_load_error_vendor_mldsa_pub_key_revoked() {
+    let vendor_config = ImageGeneratorVendorConfig {
+        pqc_key_idx: 2,
+        ..VENDOR_CONFIG_KEY_0
+    };
+    let image_options = ImageOptions {
+        vendor_config,
+        pqc_key_type: FwVerificationPqcKeyType::MLDSA,
+        ..Default::default()
+    };
+
+    // Set fuses
+    let fuses = caliptra_hw_model::Fuses {
+        fuse_mldsa_revocation: 1u32 << image_options.vendor_config.pqc_key_idx,
+        ..Default::default()
+    };
+
+    // Generate image
+    let fw_image = build_fw_image(image_options);
+
+    fw_load_error_flow(
+        Some(fw_image),
+        Some(fuses),
+        CaliptraError::IMAGE_VERIFIER_ERR_VENDOR_PQC_PUB_KEY_REVOKED.into(),
+    );
+}
+
 #[test]
 fn fw_load_error_fmc_size_zero() {
     // Generate image