Can firmware stash a random ECC key in KV, then later use that key in an ECDH operation and export the shared secret to memory?

[bluegate010]

No description provided.

[mojtaba-bisheh]

we the current architecture, to store a new random key into KV, one needs to run the HMAC by using one of the existing keys in KV, and then run ECDH.
KV_slotB = HMAC(KV_slotA, random_input_msg)
KV_slotC = ECDH_keygen(KV_slotB, random_entropy)
KV_slotD = ECDH_sharedkey(KV_slotC, other_party_pubKey)

However, the ECDH shared key is restricted to the KV boundary.

[bluegate010]

From chipsalliance/caliptra-sw#2017 it appears that even if the private key comes from KV, the shared secret can be exported to firmware. So the answer to the question posted in the issue title seems to be "yes".

[mojtaba-bisheh]

I don't think so. When the private key is retrieved from KV, the shared key write_enable API is disabled, and the firmware has no way to read the shared key.