[provisioning] Log data from provisionging as json

sw/host/opentitanlib/src/dif/lc_ctrl.rs

@@ -10,7 +10,7 @@ use serde::{Deserialize, Serialize};
 use crate::with_unknown;
 
 with_unknown! {
-    pub enum DifLcCtrlState: u32 {
+    pub enum DifLcCtrlState: u32 [default = Self::StateInvalid] {
         Raw = bindgen::dif::dif_lc_ctrl_state_kDifLcCtrlStateRaw ,
         TestUnlocked0 = bindgen::dif::dif_lc_ctrl_state_kDifLcCtrlStateTestUnlocked0 ,
         TestLocked0 = bindgen::dif::dif_lc_ctrl_state_kDifLcCtrlStateTestLocked0 ,

sw/host/ot_certs/src/lib.rs

@@ -23,9 +23,10 @@ pub mod template;
 pub mod x509;
 
 use clap::ValueEnum;
+use serde::{Deserialize, Serialize};
 
 /// Supported OpenTitan certificate formats.
-#[derive(Clone, Debug, ValueEnum)]
+#[derive(Clone, Debug, ValueEnum, Serialize, Deserialize)]
 pub enum CertFormat {
     X509,
     Cwt,

sw/host/provisioning/cert_lib/src/lib.rs

@@ -13,7 +13,7 @@ use num_bigint_dig::BigUint;
 use openssl::ecdsa::EcdsaSig;
 use p256::ecdsa::SigningKey;
 use p256::NistP256;
-use serde::Deserialize;
+use serde::{Deserialize, Serialize};
 
 use opentitanlib::crypto::sha256::sha256;
 use opentitanlib::util::tmpfilename;
@@ -224,7 +224,7 @@ fn write_cert_to_temp_pem_file(der_cert_bytes: &[u8], base_filename: &str) -> Re
 /// This is used to pass a collection of endorsed certificates, along with metadata,
 /// to various functions that check the certificates validate properly with third-party
 /// tools.
-#[derive(Clone, Debug)]
+#[derive(Clone, Debug, Serialize)]
 pub struct EndorsedCert {
     pub format: CertFormat,
     pub name: String,

sw/host/provisioning/ft/BUILD

@@ -26,6 +26,7 @@ package(default_visibility = ["//visibility:public"])
             "@crate_index//:humantime",
             "@crate_index//:log",
             "@crate_index//:p256",
+            "@crate_index//:serde_json",
             "@lowrisc_serde_annotate//serde_annotate",
         ],
     )

sw/host/provisioning/ft/src/main.rs

@@ -4,7 +4,7 @@
 
 use std::collections::HashMap;
 use std::path::PathBuf;
-use std::time::Duration;
+use std::time::{Duration, Instant};
 
 use anyhow::{bail, Context, Result};
 use clap::{Args, Parser};
@@ -13,6 +13,7 @@ use elliptic_curve::SecretKey;
 use p256::NistP256;
 
 use cert_lib::{CaConfig, CaKey, CaKeyType};
+use ft_lib::response::PersonalizeResponse;
 use ft_lib::{
     check_rom_ext_boot_up, run_ft_personalize, run_sram_ft_individualize, test_exit, test_unlock,
 };
@@ -103,6 +104,8 @@ fn main() -> Result<()> {
     let opts = Opts::parse();
     opts.init.init_logging();
 
+    let mut response = PersonalizeResponse::default();
+
     // We call the below functions, instead of calling `opts.init.init_target()` since we do not
     // want to perform bootstrap yet.
     let transport = backend::create(&opts.init.backend_opts)?;
@@ -171,24 +174,27 @@ fn main() -> Result<()> {
     };
 
     // Only run test unlock operation if we are in a locked LC state.
-    match read_lc_state(
+    response.lc_state.initial = read_lc_state(
         &transport,
         &opts.init.jtag_params,
         opts.init.bootstrap.options.reset_delay,
-    )? {
+    )?;
+    match response.lc_state.initial {
         DifLcCtrlState::TestLocked0
         | DifLcCtrlState::TestLocked1
         | DifLcCtrlState::TestLocked2
         | DifLcCtrlState::TestLocked3
         | DifLcCtrlState::TestLocked4
         | DifLcCtrlState::TestLocked5
         | DifLcCtrlState::TestLocked6 => {
+            let t0 = Instant::now();
             test_unlock(
                 &transport,
                 &opts.init.jtag_params,
                 opts.init.bootstrap.options.reset_delay,
                 &_test_unlock_token,
             )?;
+            response.stats.log_elapsed_time("test-unlock", t0);
         }
         _ => {
             log::info!("Skipping test unlock operation. Device is already unlocked.");
@@ -197,11 +203,12 @@ fn main() -> Result<()> {
 
     // Only run the SRAM individualize program in a test unlocked state. If we have transitioned to
     // a mission state already, then we can skip this step.
-    match read_lc_state(
+    response.lc_state.unlocked = read_lc_state(
         &transport,
         &opts.init.jtag_params,
         opts.init.bootstrap.options.reset_delay,
-    )? {
+    )?;
+    match response.lc_state.unlocked {
         DifLcCtrlState::TestUnlocked0 => {
             bail!("FT stage cannot be run from test unlocked 0. Run CP stage first.");
         }
@@ -212,6 +219,8 @@ fn main() -> Result<()> {
         | DifLcCtrlState::TestUnlocked5
         | DifLcCtrlState::TestUnlocked6
         | DifLcCtrlState::TestUnlocked7 => {
+            response.lc_state.individualize = Some(response.lc_state.unlocked);
+            let t0 = Instant::now();
             run_sram_ft_individualize(
                 &transport,
                 &opts.init.jtag_params,
@@ -221,13 +230,18 @@ fn main() -> Result<()> {
                 opts.timeout,
                 &spi_console_device,
             )?;
+            response.stats.log_elapsed_time("ft-individualize", t0);
+            let t0 = Instant::now();
             test_exit(
                 &transport,
                 &opts.init.jtag_params,
                 opts.init.bootstrap.options.reset_delay,
                 &_test_exit_token,
                 opts.provisioning_data.target_mission_mode_lc_state,
             )?;
+            response.lc_state.mission_mode =
+                Some(opts.provisioning_data.target_mission_mode_lc_state);
+            response.stats.log_elapsed_time("test-exit", t0);
         }
         _ => {
             log::info!("Skipping individualize operation. Device is already in a mission mode.");
@@ -248,10 +262,13 @@ fn main() -> Result<()> {
         opts.second_bootstrap,
         &spi_console_device,
         opts.timeout,
+        &mut response,
     )?;
 
-    check_rom_ext_boot_up(&transport, &opts.init, opts.timeout)?;
+    check_rom_ext_boot_up(&transport, &opts.init, opts.timeout, &mut response)?;
     log::info!("Provisioning Done");
+    let doc = serde_json::to_string(&response)?;
+    println!("PROVISIONING_DATA: {doc}");
 
     Ok(())
 }

sw/host/provisioning/ft_lib/BUILD

@@ -10,7 +10,10 @@ package(default_visibility = ["//visibility:public"])
 [
     rust_library(
         name = "ft_lib_{}".format(sku),
-        srcs = ["src/lib.rs"],
+        srcs = [
+            "src/lib.rs",
+            "src/response.rs",
+        ],
         crate_name = "ft_lib",
         deps = [
             "//sw/host/opentitanlib",
@@ -24,6 +27,7 @@ package(default_visibility = ["//visibility:public"])
             "@crate_index//:arrayvec",
             "@crate_index//:clap",
             "@crate_index//:hex",
+            "@crate_index//:indexmap",
             "@crate_index//:log",
             "@crate_index//:serde",
             "@crate_index//:serde_json",