lowRISC · nasahlpa · Mar 22, 2024
@@ -245,7 +245,7 @@ static void aes_encrypt(const uint8_t *plaintext, size_t plaintext_len) {
   // Using the SecAesStartTriggerDelay hardware parameter, the AES unit is
   // configured to start operation 40 cycles after receiving the start trigger.
   // This allows Ibex to go to sleep in order to not disturb the capture.
-  sca_call_and_sleep(aes_manual_trigger, kIbexAesSleepCycles, false);
+  sca_call_and_sleep(aes_manual_trigger, kIbexAesSleepCycles, false, false);
 }
 
 /**

@@ -480,7 +480,7 @@ static void sha3_serial_absorb(const uint8_t *msg, size_t msg_len) {
   // configured to start operation 40 cycles after receiving the START and PROC
   // commands. This allows Ibex to go to sleep in order to not disturb the
   // capture.
-  sca_call_and_sleep(kmac_msg_proc, kIbexSha3SleepCycles, false);
+  sca_call_and_sleep(kmac_msg_proc, kIbexSha3SleepCycles, false, false);
 }
 
 /**

diff --git a/sw/device/sca/lib/BUILD b/sw/device/sca/lib/BUILD
@@ -55,6 +55,7 @@ cc_library(
         "//sw/device/lib/arch:device",
         "//sw/device/lib/base:bitfield",
         "//sw/device/lib/base:macros",
+        "//sw/device/lib/crypto/drivers:otbn",
         "//sw/device/lib/dif:clkmgr",
         "//sw/device/lib/dif:csrng",
         "//sw/device/lib/dif:edn",

@@ -8,6 +8,7 @@
 #include "sw/device/lib/arch/device.h"
 #include "sw/device/lib/base/bitfield.h"
 #include "sw/device/lib/base/macros.h"
+#include "sw/device/lib/crypto/drivers/otbn.h"
 #include "sw/device/lib/dif/dif_clkmgr.h"
 #include "sw/device/lib/dif/dif_entropy_src.h"
 #include "sw/device/lib/dif/dif_gpio.h"
@@ -310,7 +311,7 @@ void sca_set_trigger_low(void) {
 }
 
 void sca_call_and_sleep(sca_callee callee, uint32_t sleep_cycles,
-                        bool sw_trigger) {
+                        bool sw_trigger, bool otbn) {
   // Disable the IO_DIV4_PERI clock to reduce noise during the actual capture.
   // This also disables the UART(s) and GPIO modules required for
   // communication with the scope. Therefore, it has to be re-enabled after
@@ -337,6 +338,10 @@ void sca_call_and_sleep(sca_callee callee, uint32_t sleep_cycles,
 
   wait_for_interrupt();
 
+  if (otbn) {
+    otbn_busy_wait_for_done();
+  }
+
   if (sw_trigger) {
     sca_set_trigger_low();
   }

@@ -197,9 +197,10 @@ typedef void (*sca_callee)(void);
  * @param callee Function to call before putting Ibex to sleep.
  * @param sleep_cycles Number of cycles to sleep.
  * @param sw_trigger Raise trigger before calling the target function.
+ * @param otbn Wait until OTBN execution has finished.
  */
 void sca_call_and_sleep(sca_callee callee, uint32_t sleep_cycles,
-                        bool sw_trigger);
+                        bool sw_trigger, bool otbn);
 
 /**
  * Seeds the software LFSR usable e.g. for key masking.

@@ -204,7 +204,7 @@ static void p256_run_keygen(uint32_t mode, const uint32_t *share0,
 
   // Execute program.
   sca_set_trigger_high();
-  sca_call_and_sleep(otbn_manual_trigger, kIbexOtbnSleepCycles, false);
+  sca_call_and_sleep(otbn_manual_trigger, kIbexOtbnSleepCycles, false, false);
   SS_CHECK_STATUS_OK(otbn_busy_wait_for_done());
   sca_set_trigger_low();
 }

@@ -92,7 +92,7 @@ static void p256_run_modinv(uint32_t *k0, uint32_t *k1) {
 
   // Execute program.
   sca_set_trigger_high();
-  sca_call_and_sleep(otbn_manual_trigger, kIbexOtbnSleepCycles, false);
+  sca_call_and_sleep(otbn_manual_trigger, kIbexOtbnSleepCycles, false, false);
   otbn_busy_wait_for_done();
   sca_set_trigger_low();
 }

@@ -405,7 +405,7 @@ static void sha3_serial_absorb(const uint8_t *msg, size_t msg_len) {
   // configured to start operation 40 cycles after receiving the START and PROC
   // commands. This allows Ibex to go to sleep in order to not disturb the
   // capture.
-  sca_call_and_sleep(kmac_msg_proc, kIbexSha3SleepCycles, true);
+  sca_call_and_sleep(kmac_msg_proc, kIbexSha3SleepCycles, true, false);
 }
 
 /**

diff --git a/sw/device/tests/penetrationtests/firmware/BUILD b/sw/device/tests/penetrationtests/firmware/BUILD
@@ -19,6 +19,7 @@ FIRMWARE_DEPS_FPGA = [
     "//sw/device/tests/penetrationtests/firmware/sca:hmac_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:ibex_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:kmac_sca",
+    "//sw/device/tests/penetrationtests/firmware/sca:otbn_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:prng_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:sha3_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:trigger_sca",
@@ -57,6 +58,7 @@ FIRMWARE_DEPS_SCA = [
     "//sw/device/tests/penetrationtests/firmware/sca:hmac_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:ibex_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:kmac_sca",
+    "//sw/device/tests/penetrationtests/firmware/sca:otbn_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:prng_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:sha3_sca",
     "//sw/device/tests/penetrationtests/firmware/sca:trigger_sca",

@@ -20,6 +20,7 @@
 #include "sw/device/tests/penetrationtests/json/ibex_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/kmac_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/otbn_fi_commands.h"
+#include "sw/device/tests/penetrationtests/json/otbn_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/prng_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/sha3_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/trigger_sca_commands.h"
@@ -33,6 +34,7 @@
 #include "sca/hmac_sca.h"
 #include "sca/ibex_sca.h"
 #include "sca/kmac_sca.h"
+#include "sca/otbn_sca.h"
 #include "sca/prng_sca.h"
 #include "sca/sha3_sca.h"
 #include "sca/trigger_sca.h"
@@ -65,6 +67,9 @@ status_t process_cmd(ujson_t *uj) {
       case kPenetrationtestCommandKmacSca:
         RESP_ERR(uj, handle_kmac_sca(uj));
         break;
+      case kPenetrationtestCommandOtbnSca:
+        RESP_ERR(uj, handle_otbn_sca(uj));
+        break;
       case kPenetrationtestCommandOtbnFi:
         RESP_ERR(uj, handle_otbn_fi(uj));
         break;

@@ -16,6 +16,7 @@
 #include "sw/device/tests/penetrationtests/json/hmac_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/ibex_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/kmac_sca_commands.h"
+#include "sw/device/tests/penetrationtests/json/otbn_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/prng_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/sha3_sca_commands.h"
 #include "sw/device/tests/penetrationtests/json/trigger_sca_commands.h"
@@ -26,6 +27,7 @@
 #include "sca/hmac_sca.h"
 #include "sca/ibex_sca.h"
 #include "sca/kmac_sca.h"
+#include "sca/otbn_sca.h"
 #include "sca/prng_sca.h"
 #include "sca/sha3_sca.h"
 #include "sca/trigger_sca.h"
@@ -52,6 +54,9 @@ status_t process_cmd(ujson_t *uj) {
       case kPenetrationtestCommandKmacSca:
         RESP_ERR(uj, handle_kmac_sca(uj));
         break;
+      case kPenetrationtestCommandOtbnSca:
+        RESP_ERR(uj, handle_otbn_sca(uj));
+        break;
       case kPenetrationtestCommandPrngSca:
         RESP_ERR(uj, handle_prng_sca(uj));
         break;

diff --git a/sw/device/tests/penetrationtests/firmware/sca/BUILD b/sw/device/tests/penetrationtests/firmware/sca/BUILD
@@ -24,6 +24,46 @@ cc_library(
     ],
 )
 
+cc_library(
+    name = "ecc256_keygen_sca",
+    srcs = ["ecc256_keygen_sca.c"],
+    hdrs = ["ecc256_keygen_sca.h"],
+    deps = [
+        "//hw/top_earlgrey/sw/autogen:top_earlgrey",
+        "//sw/device/lib/base:abs_mmio",
+        "//sw/device/lib/base:memory",
+        "//sw/device/lib/crypto/drivers:otbn",
+        "//sw/device/lib/runtime:ibex",
+        "//sw/device/lib/runtime:log",
+        "//sw/device/lib/testing/test_framework:ottf_main",
+        "//sw/device/lib/testing/test_framework:ujson_ottf",
+        "//sw/device/lib/ujson",
+        "//sw/device/sca/lib:prng",
+        "//sw/device/sca/lib:sca",
+        "//sw/device/tests/penetrationtests/json:otbn_sca_commands",
+        "//sw/otbn/crypto:p256_key_from_seed_sca",
+    ],
+)
+
+cc_library(
+    name = "otbn_sca",
+    srcs = ["otbn_sca.c"],
+    hdrs = ["otbn_sca.h"],
+    deps = [
+        ":ecc256_keygen_sca",
+        "//sw/device/lib/base:memory",
+        "//sw/device/lib/base:status",
+        "//sw/device/lib/crypto/impl:status",
+        "//sw/device/lib/runtime:log",
+        "//sw/device/lib/testing/test_framework:ujson_ottf",
+        "//sw/device/lib/ujson",
+        "//sw/device/sca/lib:prng",
+        "//sw/device/sca/lib:sca",
+        "//sw/device/tests/penetrationtests/firmware/lib:sca_lib",
+        "//sw/device/tests/penetrationtests/json:otbn_sca_commands",
+    ],
+)
+
 cc_library(
     name = "hmac_sca",
     srcs = ["hmac_sca.c"],

@@ -250,12 +250,12 @@ static aes_sca_error_t aes_encrypt(const uint8_t *plaintext,
   // Start AES operation (this triggers the capture) and go to sleep.
   if (fpga_mode) {
     // On the FPGA, the AES block automatically sets and unsets the trigger.
-    sca_call_and_sleep(aes_manual_trigger, kIbexAesSleepCycles, false);
+    sca_call_and_sleep(aes_manual_trigger, kIbexAesSleepCycles, false, false);
   } else {
     // On the chip, we need to manually set and unset the trigger. This is done
     // in this function to have the trigger as close as possible to the AES
     // operation.
-    sca_call_and_sleep(aes_manual_trigger, kIbexAesSleepCycles, true);
+    sca_call_and_sleep(aes_manual_trigger, kIbexAesSleepCycles, true, false);
   }
 
   return aesScaOk;