Google, AMD, NVIDIA neMicrosoft, sechikamu cheCalitra purojekiti, vakagadzira yakavhurika chip dhizaini block (IP block) yekumisikidza maturusi ekugadzira akavimbika hardware zvikamu (RoT, Root of Trust) mumachipi. Caliptra iyi yakasarudzika hardware unit ine yayo yekurangarira, processor uye kuitiswa kwekriptographic primitives, iyo inopa kuoneswa kweiyo boot process, iyo firmware inoshandiswa uye iyo mudziyo dhizaini yakachengetwa mune isiri-inotenderera ndangariro.
Calitra inogona kushandiswa kubatanidza yakazvimirira hardware unit mumachipi akasiyana siyana, ayo anotarisa kutendeseka uye anovimbisa kushandiswa kweiyo firmware yakasimbiswa uye yakabvumidzwa nemugadziri mumudziyo. Calitra inogona kurerutsa uye kubatanidza kubatanidzwa kweakamisikidzwa hardware cryptographic verification maitiro muCPUs, GPUs, SoCs, ASICs, network adapter, SSD madhiraivha uye zvimwe zvishandiso.
Iyo cryptographic kutendeseka uye yechokwadi verification maturusi anopihwa nepuratifomu achachengetedza zvikamu zvehardware kubva pakuunzwa kwekuchinja kwakashata kune firmware uye kuchengetedza maitiro ekurodha nekuchengetedza zvigadziriso kudzivirira iyo huru sisitimu kubva mukukanganiswa nekuda kwekurwiswa kwezvinhu zvehardware kana. kutsiviwa kwekuchinja kwakashata mumaketani ekupa chip. Caliptra inopawo kugona kuonesa huchokwadi hwekuvandudzwa kwe firmware uye data rine chekuita nepuratifomu (RTU, Root of Trust for Update), kuona yakakuvadzwa firmware uye yakakosha data (RTD, Root of Trust for Detection), dzosera yakakuvadzwa firmware uye data (RTRec). , Mudzi Wekuvimbwa Nekupora).
Caliptra iri kuvandudzwa panzvimbo yeOpen Compute joint project, yakanangana nekugadzira yakavhurika hardware zvirevo zvekushongedza nzvimbo dzedata. Madimikira ane chekuita neCaliptra anogovaniswa pachishandiswa Open Web Foundation Agreement (OWFa), yakagadzirirwa kugoverwa kwemazinga akazaruka (akafanana nerezinesi rakavhurika sosi yezvido). Iko kushandiswa kweOWFa kunoita kuti zvikwanisike kugadzira zvigadzirwa zvavo uye zvinobuda mukuita zvichibva pane zvakatemwa pasina kubhadhara mari uye inobvumira chero sangano kutora chikamu mukuvandudza kweiyo yakatarwa.
Kuitwa kwekutanga kweIP block yakavakirwa pakavhurika RISC-V processor SWeRV EL2 uye ine 384KB ye RAM (128KB DCCM, 128KB ICCM0 uye 128KB SRAM) uye 32KB ROM. Inotsigirwa cryptographic algorithms inosanganisira SHA256, SHA384, SHA512 ECC Secp384r1, HMAC-DRBG, HMAC SHA384, AES256-ECB, AES256-CBC uye AES256-GCM.
Source: opennet.ru