From 40902f4e8726d16847a8831009daf6e91a973265 Mon Sep 17 00:00:00 2001 From: Siemen Dhooghe Date: Fri, 31 Oct 2025 16:26:30 +0100 Subject: [PATCH 1/2] [pentest] Reformat cryptolib pentest functions Source format the python files in host penetrationtests. Signed-off-by: Siemen Dhooghe --- .../fi_asym_cryptolib_commands.py | 1 + .../fi_sym_cryptolib_commands.py | 23 +-- .../fi_asym_cryptolib_python_test.py | 1 - .../fi_sym_cryptolib_python_test.py | 1 - .../sca_asym_cryptolib_commands.py | 21 +-- .../sca_sym_cryptolib_commands.py | 1 + .../sca_asym_cryptolib_functions.py | 151 +++--------------- .../sca_sym_cryptolib_functions.py | 4 +- .../sca_asym_cryptolib_python_test.py | 1 - .../sca_sym_cryptolib_python_test.py | 1 - 10 files changed, 47 insertions(+), 158 deletions(-) diff --git a/sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py b/sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py index 9f8b793944082..5db64c28523f1 100644 --- a/sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py +++ b/sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py @@ -5,6 +5,7 @@ Communication with OpenTitan happens over the uJSON command interface. """ + import json import time from sw.host.penetrationtests.python.util import common_library diff --git a/sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py b/sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py index eb49e3a700478..3301fdc853212 100644 --- a/sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py +++ b/sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py @@ -5,6 +5,7 @@ Communication with OpenTitan happens over the uJSON command interface. """ + import json import time from sw.host.penetrationtests.python.util import common_library @@ -94,9 +95,7 @@ def handle_aes( } self.target.write(json.dumps(input_data).encode("ascii")) - def handle_cmac( - self, data, data_len, key, key_len, iv, cfg, trigger - ) -> None: + def handle_cmac(self, data, data_len, key, key_len, iv, cfg, trigger) -> None: """Call the cryptolib CMAC. Args: @@ -186,7 +185,15 @@ def handle_hmac( self.target.write(json.dumps(input_data).encode("ascii")) def handle_drbg_reseed( - self, entropy, entropy_len, nonce, nonce_len, reseed_interval, mode, cfg, trigger + self, + entropy, + entropy_len, + nonce, + nonce_len, + reseed_interval, + mode, + cfg, + trigger, ) -> None: """Call the cryptolib DRBG to reseed. @@ -240,9 +247,7 @@ def handle_drbg_generate( } self.target.write(json.dumps(input_data).encode("ascii")) - def handle_trng_init( - self, mode, cfg, trigger - ) -> None: + def handle_trng_init(self, mode, cfg, trigger) -> None: """Call the cryptolib TRNG to init. Args: @@ -259,9 +264,7 @@ def handle_trng_init( } self.target.write(json.dumps(input_data).encode("ascii")) - def handle_trng_generate( - self, cfg, trigger - ) -> None: + def handle_trng_generate(self, cfg, trigger) -> None: """Call the cryptolib TRNG to generate randomness. Args: diff --git a/sw/host/penetrationtests/python/fi/test_scripts/fi_asym_cryptolib_python_test.py b/sw/host/penetrationtests/python/fi/test_scripts/fi_asym_cryptolib_python_test.py index c66fe5335f6c0..480eb13b81340 100644 --- a/sw/host/penetrationtests/python/fi/test_scripts/fi_asym_cryptolib_python_test.py +++ b/sw/host/penetrationtests/python/fi/test_scripts/fi_asym_cryptolib_python_test.py @@ -38,7 +38,6 @@ class SymCryptolibFiTest(unittest.TestCase): - def test_init(self): asymfi = OTFIAsymCrypto(target) device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( diff --git a/sw/host/penetrationtests/python/fi/test_scripts/fi_sym_cryptolib_python_test.py b/sw/host/penetrationtests/python/fi/test_scripts/fi_sym_cryptolib_python_test.py index 80a920ddeb73c..ec9547dc687a4 100644 --- a/sw/host/penetrationtests/python/fi/test_scripts/fi_sym_cryptolib_python_test.py +++ b/sw/host/penetrationtests/python/fi/test_scripts/fi_sym_cryptolib_python_test.py @@ -37,7 +37,6 @@ class SymCryptolibFiTest(unittest.TestCase): - def test_init(self): symfi = OTFISymCrypto(target) device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( diff --git a/sw/host/penetrationtests/python/sca/communication/sca_asym_cryptolib_commands.py b/sw/host/penetrationtests/python/sca/communication/sca_asym_cryptolib_commands.py index ddb8539a01392..c74d205b56d5a 100644 --- a/sw/host/penetrationtests/python/sca/communication/sca_asym_cryptolib_commands.py +++ b/sw/host/penetrationtests/python/sca/communication/sca_asym_cryptolib_commands.py @@ -6,6 +6,7 @@ Communication with OpenTitan happens over the uJson command interface. """ + import json import time from sw.host.penetrationtests.python.util import common_library @@ -94,17 +95,7 @@ def handle_rsa_dec( self.target.write(json.dumps(input_data).encode("ascii")) def handle_rsa_sign( - self, - data, - data_len, - e, - n, - n_len, - d, - padding, - hashing, - cfg, - trigger + self, data, data_len, e, n, n_len, d, padding, hashing, cfg, trigger ) -> None: """Call the cryptolib RSA to sign. @@ -168,7 +159,7 @@ def handle_p256_base_mult_fvsr(self, scalar, cfg, trigger, num_iterations) -> No "scalar": scalar, "cfg": cfg, "trigger": trigger, - "num_iterations": num_iterations + "num_iterations": num_iterations, } self.target.write(json.dumps(input_data).encode("ascii")) @@ -187,7 +178,7 @@ def handle_p256_base_mult_daisy(self, scalar, cfg, trigger, num_iterations) -> N "scalar": scalar, "cfg": cfg, "trigger": trigger, - "num_iterations": num_iterations + "num_iterations": num_iterations, } self.target.write(json.dumps(input_data).encode("ascii")) @@ -269,7 +260,7 @@ def handle_p384_base_mult_fvsr(self, scalar, cfg, trigger, num_iterations) -> No "scalar": scalar, "cfg": cfg, "trigger": trigger, - "num_iterations": num_iterations + "num_iterations": num_iterations, } self.target.write(json.dumps(input_data).encode("ascii")) @@ -288,7 +279,7 @@ def handle_p384_base_mult_daisy(self, scalar, cfg, trigger, num_iterations) -> N "scalar": scalar, "cfg": cfg, "trigger": trigger, - "num_iterations": num_iterations + "num_iterations": num_iterations, } self.target.write(json.dumps(input_data).encode("ascii")) diff --git a/sw/host/penetrationtests/python/sca/communication/sca_sym_cryptolib_commands.py b/sw/host/penetrationtests/python/sca/communication/sca_sym_cryptolib_commands.py index fdde17fd8e77e..add557d2b4da6 100644 --- a/sw/host/penetrationtests/python/sca/communication/sca_sym_cryptolib_commands.py +++ b/sw/host/penetrationtests/python/sca/communication/sca_sym_cryptolib_commands.py @@ -6,6 +6,7 @@ Communication with OpenTitan happens over the uJson command interface. """ + import json import time from sw.host.penetrationtests.python.util import common_library diff --git a/sw/host/penetrationtests/python/sca/host_scripts/sca_asym_cryptolib_functions.py b/sw/host/penetrationtests/python/sca/host_scripts/sca_asym_cryptolib_functions.py index ed602dde3faad..4f5dae71afa7f 100644 --- a/sw/host/penetrationtests/python/sca/host_scripts/sca_asym_cryptolib_functions.py +++ b/sw/host/penetrationtests/python/sca/host_scripts/sca_asym_cryptolib_functions.py @@ -30,25 +30,13 @@ def char_rsa_dec( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) for _ in range(iterations): asymsca.handle_rsa_dec( - data, - data_len, - e, - n, - n_len, - d, - padding, - hashing, - mode, - cfg, - trigger + data, data_len, e, n, n_len, d, padding, hashing, mode, cfg, trigger ) response = target.read_response() return response @@ -75,25 +63,14 @@ def char_rsa_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) for _ in range(iterations): asymsca.handle_rsa_sign( - data, - data_len, - e, - n, - n_len, - d, - padding, - hashing, - cfg, - trigger + data, data_len, e, n, n_len, d, padding, hashing, cfg, trigger ) response = target.read_response() return response @@ -113,9 +90,7 @@ def char_prime_generation( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): asymsca.handle_prime_generation( e, @@ -141,20 +116,13 @@ def char_p256_base_mult_fvsr( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) for _ in range(iterations): - asymsca.handle_p256_base_mult_fvsr( - scalar, - cfg, - trigger, - num_iterations - ) + asymsca.handle_p256_base_mult_fvsr(scalar, cfg, trigger, num_iterations) response = target.read_response() return response @@ -174,16 +142,9 @@ def char_p256_base_mult_daisy( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): - asymsca.handle_p256_base_mult_daisy( - scalar, - cfg, - trigger, - num_iterations - ) + asymsca.handle_p256_base_mult_daisy(scalar, cfg, trigger, num_iterations) response = target.read_response() return response @@ -203,16 +164,9 @@ def char_p256_point_mult( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): - asymsca.handle_p256_point_mult( - scalar_alice, - scalar_bob, - cfg, - trigger - ) + asymsca.handle_p256_point_mult(scalar_alice, scalar_bob, cfg, trigger) response = target.read_response() return response @@ -233,17 +187,9 @@ def char_p256_ecdh( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): - asymsca.handle_p256_ecdh( - private_key, - public_x, - public_y, - cfg, - trigger - ) + asymsca.handle_p256_ecdh(private_key, public_x, public_y, cfg, trigger) response = target.read_response() return response @@ -265,18 +211,9 @@ def char_p256_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): - asymsca.handle_p256_sign( - scalar, - pubx, - puby, - message, - cfg, - trigger - ) + asymsca.handle_p256_sign(scalar, pubx, puby, message, cfg, trigger) response = target.read_response() return response @@ -296,19 +233,12 @@ def char_p384_base_mult_fvsr( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) for _ in range(iterations): - asymsca.handle_p384_base_mult_fvsr( - scalar, - cfg, - trigger, - num_iterations - ) + asymsca.handle_p384_base_mult_fvsr(scalar, cfg, trigger, num_iterations) response = target.read_response() return response @@ -328,16 +258,9 @@ def char_p384_base_mult_daisy( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): - asymsca.handle_p384_base_mult_daisy( - scalar, - cfg, - trigger, - num_iterations - ) + asymsca.handle_p384_base_mult_daisy(scalar, cfg, trigger, num_iterations) response = target.read_response() return response @@ -357,16 +280,9 @@ def char_p384_point_mult( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): - asymsca.handle_p384_point_mult( - scalar_alice, - scalar_bob, - cfg, - trigger - ) + asymsca.handle_p384_point_mult(scalar_alice, scalar_bob, cfg, trigger) response = target.read_response() return response @@ -387,17 +303,9 @@ def char_p384_ecdh( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): - asymsca.handle_p384_ecdh( - private_key, - public_x, - public_y, - cfg, - trigger - ) + asymsca.handle_p384_ecdh(private_key, public_x, public_y, cfg, trigger) response = target.read_response() return response @@ -419,17 +327,8 @@ def char_p384_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - asymsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() for _ in range(iterations): - asymsca.handle_p384_sign( - scalar, - pubx, - puby, - message, - cfg, - trigger - ) + asymsca.handle_p384_sign(scalar, pubx, puby, message, cfg, trigger) response = target.read_response() return response diff --git a/sw/host/penetrationtests/python/sca/host_scripts/sca_sym_cryptolib_functions.py b/sw/host/penetrationtests/python/sca/host_scripts/sca_sym_cryptolib_functions.py index f78924fbee477..0bb6633144e1d 100644 --- a/sw/host/penetrationtests/python/sca/host_scripts/sca_sym_cryptolib_functions.py +++ b/sw/host/penetrationtests/python/sca/host_scripts/sca_sym_cryptolib_functions.py @@ -351,9 +351,7 @@ def char_drbg( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = ( - symsca.init() - ) + device_id, owner_page, boot_log, boot_measurements, version = symsca.init() # In this test, we do not trigger the reseeding symsca.handle_drbg_reseed( entropy, entropy_len, nonce, nonce_len, reseed_interval, mode, 0, 0 diff --git a/sw/host/penetrationtests/python/sca/test_scripts/sca_asym_cryptolib_python_test.py b/sw/host/penetrationtests/python/sca/test_scripts/sca_asym_cryptolib_python_test.py index f070f401659f7..0678300d9e388 100644 --- a/sw/host/penetrationtests/python/sca/test_scripts/sca_asym_cryptolib_python_test.py +++ b/sw/host/penetrationtests/python/sca/test_scripts/sca_asym_cryptolib_python_test.py @@ -39,7 +39,6 @@ class AsymCryptoScaTest(unittest.TestCase): - def test_init(self): asymsca = OTAsymCrypto(target) device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() diff --git a/sw/host/penetrationtests/python/sca/test_scripts/sca_sym_cryptolib_python_test.py b/sw/host/penetrationtests/python/sca/test_scripts/sca_sym_cryptolib_python_test.py index 02336186dda36..c149d7391d9b7 100644 --- a/sw/host/penetrationtests/python/sca/test_scripts/sca_sym_cryptolib_python_test.py +++ b/sw/host/penetrationtests/python/sca/test_scripts/sca_sym_cryptolib_python_test.py @@ -36,7 +36,6 @@ class SymCryptoScaTest(unittest.TestCase): - def test_init(self): symsca = OTSymCrypto(target) device_id, owner_page, boot_log, boot_measurements, version = symsca.init() From 4bf2713e318cdc413f89323a359029ce509c549a Mon Sep 17 00:00:00 2001 From: Siemen Dhooghe Date: Fri, 31 Oct 2025 16:09:24 +0100 Subject: [PATCH 2/2] [pentest] Add crypto version Add the version of the crypto library to the pentest framework's readout for the crypto related init functions. In order to have the latest git hash be printed as the version, all commands or tests should be run with the --stamp flag in the Bazel command. Signed-off-by: Siemen Dhooghe --- .../tests/penetrationtests/firmware/fi/BUILD | 2 + .../firmware/fi/cryptolib_fi_asym.c | 15 +- .../firmware/fi/cryptolib_fi_sym.c | 15 +- .../tests/penetrationtests/firmware/sca/BUILD | 2 + .../firmware/sca/cryptolib_sca_asym.c | 15 +- .../firmware/sca/cryptolib_sca_sym.c | 15 +- .../fi_asym_cryptolib_commands.py | 2 + .../fi_sym_cryptolib_commands.py | 2 + .../fi_asym_cryptolib_functions.py | 182 ++++++++++++++---- .../fi_sym_cryptolib_functions.py | 78 ++++++-- .../fi_asym_cryptolib_python_test.py | 15 +- .../fi_sym_cryptolib_python_test.py | 15 +- .../sca_asym_cryptolib_commands.py | 10 +- .../sca_sym_cryptolib_commands.py | 10 +- .../sca_asym_cryptolib_functions.py | 126 ++++++++++-- .../sca_sym_cryptolib_functions.py | 81 +++++++- .../sca_asym_cryptolib_python_test.py | 11 +- .../sca_sym_cryptolib_python_test.py | 11 +- .../testvectors/data/fi_asym_cryptolib.json | 3 +- .../testvectors/data/fi_sym_cryptolib.json | 3 +- .../testvectors/data/sca_asym_cryptolib.json | 3 +- .../testvectors/data/sca_sym_cryptolib.json | 3 +- 22 files changed, 519 insertions(+), 100 deletions(-) diff --git a/sw/device/tests/penetrationtests/firmware/fi/BUILD b/sw/device/tests/penetrationtests/firmware/fi/BUILD index 761c83c66ab7f..49c8c3151e60d 100644 --- a/sw/device/tests/penetrationtests/firmware/fi/BUILD +++ b/sw/device/tests/penetrationtests/firmware/fi/BUILD @@ -76,6 +76,7 @@ cc_library( "//sw/device/lib/base:math", "//sw/device/lib/base:memory", "//sw/device/lib/base:status", + "//sw/device/lib/crypto/impl:cryptolib_build_info", "//sw/device/lib/crypto/impl:ecc_p256", "//sw/device/lib/crypto/impl:ecc_p384", "//sw/device/lib/crypto/impl:integrity", @@ -105,6 +106,7 @@ cc_library( "//sw/device/lib/base:status", "//sw/device/lib/crypto/impl:aes", "//sw/device/lib/crypto/impl:aes_gcm", + "//sw/device/lib/crypto/impl:cryptolib_build_info", "//sw/device/lib/crypto/impl:drbg", "//sw/device/lib/crypto/impl:hmac", "//sw/device/lib/crypto/impl:integrity", diff --git a/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_asym.c b/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_asym.c index 83d6324da6933..ae47501a5e446 100644 --- a/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_asym.c +++ b/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_asym.c @@ -6,6 +6,8 @@ #include "sw/device/lib/base/memory.h" #include "sw/device/lib/base/status.h" +#include "sw/device/lib/crypto/drivers/cryptolib_build_info.h" +#include "sw/device/lib/crypto/include/cryptolib_build_info.h" #include "sw/device/lib/runtime/log.h" #include "sw/device/lib/testing/test_framework/ottf_test_config.h" #include "sw/device/lib/testing/test_framework/ujson_ottf.h" @@ -509,7 +511,18 @@ status_t handle_cryptolib_fi_asym_init(ujson_t *uj) { TRY(pentest_send_sku_config(uj)); /////////////// STUB START /////////////// - // Add things like versioning. + uint32_t version; + bool released; + uint32_t build_hash_low; + uint32_t build_hash_high; + TRY(otcrypto_build_info(&version, &released, &build_hash_low, + &build_hash_high)); + char cryptolib_version[150]; + memset(cryptolib_version, '\0', sizeof(cryptolib_version)); + base_snprintf(cryptolib_version, sizeof(cryptolib_version), + "CRYPTO version %08x, released %s, hash %08x%08x", version, + released ? "true" : "false", build_hash_high, build_hash_low); + RESP_OK(ujson_serialize_string, uj, cryptolib_version); /////////////// STUB END /////////////// return OK_STATUS(); diff --git a/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym.c b/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym.c index 31e3887223d2e..fc531860b9386 100644 --- a/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym.c +++ b/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym.c @@ -6,6 +6,8 @@ #include "sw/device/lib/base/memory.h" #include "sw/device/lib/base/status.h" +#include "sw/device/lib/crypto/drivers/cryptolib_build_info.h" +#include "sw/device/lib/crypto/include/cryptolib_build_info.h" #include "sw/device/lib/runtime/log.h" #include "sw/device/lib/testing/test_framework/ottf_test_config.h" #include "sw/device/lib/testing/test_framework/ujson_ottf.h" @@ -223,7 +225,18 @@ status_t handle_cryptolib_fi_sym_init(ujson_t *uj) { TRY(pentest_send_sku_config(uj)); /////////////// STUB START /////////////// - // Add things like versioning. + uint32_t version; + bool released; + uint32_t build_hash_low; + uint32_t build_hash_high; + TRY(otcrypto_build_info(&version, &released, &build_hash_low, + &build_hash_high)); + char cryptolib_version[150]; + memset(cryptolib_version, '\0', sizeof(cryptolib_version)); + base_snprintf(cryptolib_version, sizeof(cryptolib_version), + "CRYPTO version %08x, released %s, hash %08x%08x", version, + released ? "true" : "false", build_hash_high, build_hash_low); + RESP_OK(ujson_serialize_string, uj, cryptolib_version); /////////////// STUB END /////////////// return OK_STATUS(); diff --git a/sw/device/tests/penetrationtests/firmware/sca/BUILD b/sw/device/tests/penetrationtests/firmware/sca/BUILD index bb9fb26f17f8e..e50ab8fc9c416 100644 --- a/sw/device/tests/penetrationtests/firmware/sca/BUILD +++ b/sw/device/tests/penetrationtests/firmware/sca/BUILD @@ -73,6 +73,7 @@ cc_library( "//sw/device/lib/base:math", "//sw/device/lib/base:memory", "//sw/device/lib/base:status", + "//sw/device/lib/crypto/impl:cryptolib_build_info", "//sw/device/lib/crypto/impl:ecc_p256", "//sw/device/lib/crypto/impl:ecc_p384", "//sw/device/lib/crypto/impl:integrity", @@ -102,6 +103,7 @@ cc_library( "//sw/device/lib/base:status", "//sw/device/lib/crypto/impl:aes", "//sw/device/lib/crypto/impl:aes_gcm", + "//sw/device/lib/crypto/impl:cryptolib_build_info", "//sw/device/lib/crypto/impl:drbg", "//sw/device/lib/crypto/impl:hmac", "//sw/device/lib/crypto/impl:integrity", diff --git a/sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_asym.c b/sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_asym.c index 6015e32802f1b..0bd2a1df92625 100644 --- a/sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_asym.c +++ b/sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_asym.c @@ -6,6 +6,8 @@ #include "sw/device/lib/base/memory.h" #include "sw/device/lib/base/status.h" +#include "sw/device/lib/crypto/drivers/cryptolib_build_info.h" +#include "sw/device/lib/crypto/include/cryptolib_build_info.h" #include "sw/device/lib/runtime/log.h" #include "sw/device/lib/testing/test_framework/ottf_test_config.h" #include "sw/device/lib/testing/test_framework/ujson_ottf.h" @@ -865,7 +867,18 @@ status_t handle_cryptolib_sca_asym_init(ujson_t *uj) { TRY(pentest_send_sku_config(uj)); /////////////// STUB START /////////////// - // Add things like versioning. + uint32_t version; + bool released; + uint32_t build_hash_low; + uint32_t build_hash_high; + TRY(otcrypto_build_info(&version, &released, &build_hash_low, + &build_hash_high)); + char cryptolib_version[150]; + memset(cryptolib_version, '\0', sizeof(cryptolib_version)); + base_snprintf(cryptolib_version, sizeof(cryptolib_version), + "CRYPTO version %08x, released %s, hash %08x%08x", version, + released ? "true" : "false", build_hash_high, build_hash_low); + RESP_OK(ujson_serialize_string, uj, cryptolib_version); /////////////// STUB END /////////////// return OK_STATUS(); diff --git a/sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_sym.c b/sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_sym.c index e6612f46dc6a4..90f6d3f8083a1 100644 --- a/sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_sym.c +++ b/sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_sym.c @@ -6,6 +6,8 @@ #include "sw/device/lib/base/memory.h" #include "sw/device/lib/base/status.h" +#include "sw/device/lib/crypto/drivers/cryptolib_build_info.h" +#include "sw/device/lib/crypto/include/cryptolib_build_info.h" #include "sw/device/lib/runtime/log.h" #include "sw/device/lib/testing/test_framework/ottf_test_config.h" #include "sw/device/lib/testing/test_framework/ujson_ottf.h" @@ -917,7 +919,18 @@ status_t handle_cryptolib_sca_sym_init(ujson_t *uj) { TRY(pentest_send_sku_config(uj)); /////////////// STUB START /////////////// - // Add things like versioning. + uint32_t version; + bool released; + uint32_t build_hash_low; + uint32_t build_hash_high; + TRY(otcrypto_build_info(&version, &released, &build_hash_low, + &build_hash_high)); + char cryptolib_version[150]; + memset(cryptolib_version, '\0', sizeof(cryptolib_version)); + base_snprintf(cryptolib_version, sizeof(cryptolib_version), + "CRYPTO version %08x, released %s, hash %08x%08x", version, + released ? "true" : "false", build_hash_high, build_hash_low); + RESP_OK(ujson_serialize_string, uj, cryptolib_version); /////////////// STUB END /////////////// return OK_STATUS(); diff --git a/sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py b/sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py index 5db64c28523f1..ca7087762abb1 100644 --- a/sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py +++ b/sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py @@ -52,6 +52,7 @@ def init( boot_log = self.target.read_response() boot_measurements = self.target.read_response() version = self.target.read_response() + cryptolib_version = self.target.read_response() return ( device_id, sensors, @@ -60,6 +61,7 @@ def init( boot_log, boot_measurements, version, + cryptolib_version, ) def handle_rsa_enc( diff --git a/sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py b/sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py index 3301fdc853212..efdef9ebf25ec 100644 --- a/sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py +++ b/sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py @@ -52,6 +52,7 @@ def init( boot_log = self.target.read_response() boot_measurements = self.target.read_response() version = self.target.read_response() + cryptolib_version = self.target.read_response() return ( device_id, sensors, @@ -60,6 +61,7 @@ def init( boot_log, boot_measurements, version, + cryptolib_version, ) def handle_aes( diff --git a/sw/host/penetrationtests/python/fi/host_scripts/fi_asym_cryptolib_functions.py b/sw/host/penetrationtests/python/fi/host_scripts/fi_asym_cryptolib_functions.py index 734ab5465104d..9cb628572d779 100644 --- a/sw/host/penetrationtests/python/fi/host_scripts/fi_asym_cryptolib_functions.py +++ b/sw/host/penetrationtests/python/fi/host_scripts/fi_asym_cryptolib_functions.py @@ -31,9 +31,16 @@ def char_rsa_encrypt( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_rsa_enc( data, data_len, e, n, n_len, d, padding, hashing, mode, op_enc, cfg, trigger @@ -63,9 +70,16 @@ def char_rsa_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_rsa_sign( data, data_len, e, n, n_len, d, padding, hashing, cfg, trigger @@ -96,9 +110,16 @@ def char_rsa_verify( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_rsa_verify( data, @@ -124,9 +145,16 @@ def char_prime_generation(target, iterations, e, cfg, trigger, reset=False): # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_prime_generation(e, cfg, trigger) response = target.read_response() @@ -140,9 +168,16 @@ def char_p256_base_mult(target, iterations, scalar, cfg, trigger, reset=False): # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p256_base_mult(scalar, cfg, trigger) response = target.read_response() @@ -158,9 +193,16 @@ def char_p256_point_mult( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p256_point_mult(scalar_alice, scalar_bob, cfg, trigger) response = target.read_response() @@ -176,9 +218,16 @@ def char_p256_ecdh( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p256_ecdh(private_key, public_x, public_y, cfg, trigger) response = target.read_response() @@ -194,9 +243,16 @@ def char_p256_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p256_sign(scalar, pubx, puby, message, cfg, trigger) response = target.read_response() @@ -212,9 +268,16 @@ def char_p256_verify( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p256_verify(pubx, puby, r, s, message, cfg, trigger) response = target.read_response() @@ -228,9 +291,16 @@ def char_p384_base_mult(target, iterations, scalar, cfg, trigger, reset=False): # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p384_base_mult(scalar, cfg, trigger) response = target.read_response() @@ -246,9 +316,16 @@ def char_p384_point_mult( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p384_point_mult(scalar_alice, scalar_bob, cfg, trigger) response = target.read_response() @@ -264,9 +341,16 @@ def char_p384_ecdh( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p384_ecdh(private_key, public_x, public_y, cfg, trigger) response = target.read_response() @@ -282,9 +366,16 @@ def char_p384_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p384_sign(scalar, pubx, puby, message, cfg, trigger) response = target.read_response() @@ -300,9 +391,16 @@ def char_p384_verify( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): asymfi.handle_p384_verify(pubx, puby, r, s, message, cfg, trigger) response = target.read_response() diff --git a/sw/host/penetrationtests/python/fi/host_scripts/fi_sym_cryptolib_functions.py b/sw/host/penetrationtests/python/fi/host_scripts/fi_sym_cryptolib_functions.py index ad477f0339c0a..0436f02bd4c00 100644 --- a/sw/host/penetrationtests/python/fi/host_scripts/fi_sym_cryptolib_functions.py +++ b/sw/host/penetrationtests/python/fi/host_scripts/fi_sym_cryptolib_functions.py @@ -29,9 +29,16 @@ def char_aes( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): symfi.handle_aes( data, data_len, key, key_len, iv, padding, mode, op_enc, cfg, trigger @@ -49,9 +56,16 @@ def char_cmac( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): symfi.handle_cmac(data, data_len, key, key_len, iv, cfg, trigger) response = target.read_response() @@ -80,9 +94,16 @@ def char_gcm( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): symfi.handle_gcm( data, data_len, key, key_len, aad, aad_len, tag, tag_len, iv, cfg, trigger @@ -110,9 +131,16 @@ def char_hmac( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) for _ in range(iterations): symfi.handle_hmac(data, data_len, key, key_len, padding, mode, cfg, trigger) response = target.read_response() @@ -139,9 +167,16 @@ def char_drbg( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) # In this test, we do not trigger the reseeding symfi.handle_drbg_reseed( entropy, entropy_len, nonce, nonce_len, reseed_interval, mode, 0, 0 @@ -161,9 +196,16 @@ def char_trng(target, iterations, mode, cfg, trigger, reset=False): # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) # In this test, we do not trigger the init symfi.handle_trng_init(mode, 0, 0) response = target.read_response() diff --git a/sw/host/penetrationtests/python/fi/test_scripts/fi_asym_cryptolib_python_test.py b/sw/host/penetrationtests/python/fi/test_scripts/fi_asym_cryptolib_python_test.py index 480eb13b81340..99b64cab8496a 100644 --- a/sw/host/penetrationtests/python/fi/test_scripts/fi_asym_cryptolib_python_test.py +++ b/sw/host/penetrationtests/python/fi/test_scripts/fi_asym_cryptolib_python_test.py @@ -40,9 +40,16 @@ class SymCryptolibFiTest(unittest.TestCase): def test_init(self): asymfi = OTFIAsymCrypto(target) - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymfi.init(alert_config=common_library.default_fpga_friendly_alert_config) device_id_json = json.loads(device_id) sensors_json = json.loads(sensors) alerts_json = json.loads(alerts) @@ -143,6 +150,8 @@ def test_init(self): self.assertIn("PENTEST", version) + self.assertIn("CRYPTO", cryptolib_version) + def test_char_rsa_encrypt(self): n_len = 256 key = RSA.generate(2048) diff --git a/sw/host/penetrationtests/python/fi/test_scripts/fi_sym_cryptolib_python_test.py b/sw/host/penetrationtests/python/fi/test_scripts/fi_sym_cryptolib_python_test.py index ec9547dc687a4..a121685518943 100644 --- a/sw/host/penetrationtests/python/fi/test_scripts/fi_sym_cryptolib_python_test.py +++ b/sw/host/penetrationtests/python/fi/test_scripts/fi_sym_cryptolib_python_test.py @@ -39,9 +39,16 @@ class SymCryptolibFiTest(unittest.TestCase): def test_init(self): symfi = OTFISymCrypto(target) - device_id, sensors, alerts, owner_page, boot_log, boot_measurements, version = ( - symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) - ) + ( + device_id, + sensors, + alerts, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symfi.init(alert_config=common_library.default_fpga_friendly_alert_config) device_id_json = json.loads(device_id) sensors_json = json.loads(sensors) alerts_json = json.loads(alerts) @@ -142,6 +149,8 @@ def test_init(self): self.assertIn("PENTEST", version) + self.assertIn("CRYPTO", cryptolib_version) + def test_char_aes(self): for _ in range(repetitions): # For testing, we just take a multiple of the block size diff --git a/sw/host/penetrationtests/python/sca/communication/sca_asym_cryptolib_commands.py b/sw/host/penetrationtests/python/sca/communication/sca_asym_cryptolib_commands.py index c74d205b56d5a..e4a19288bb16f 100644 --- a/sw/host/penetrationtests/python/sca/communication/sca_asym_cryptolib_commands.py +++ b/sw/host/penetrationtests/python/sca/communication/sca_asym_cryptolib_commands.py @@ -46,7 +46,15 @@ def init( boot_log = self.target.read_response() boot_measurements = self.target.read_response() version = self.target.read_response() - return device_id, owner_page, boot_log, boot_measurements, version + cryptolib_version = self.target.read_response() + return ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) def handle_rsa_dec( self, diff --git a/sw/host/penetrationtests/python/sca/communication/sca_sym_cryptolib_commands.py b/sw/host/penetrationtests/python/sca/communication/sca_sym_cryptolib_commands.py index add557d2b4da6..4baa5df121eb2 100644 --- a/sw/host/penetrationtests/python/sca/communication/sca_sym_cryptolib_commands.py +++ b/sw/host/penetrationtests/python/sca/communication/sca_sym_cryptolib_commands.py @@ -46,7 +46,15 @@ def init( boot_log = self.target.read_response() boot_measurements = self.target.read_response() version = self.target.read_response() - return device_id, owner_page, boot_log, boot_measurements, version + cryptolib_version = self.target.read_response() + return ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) def handle_aes_fvsr_plaintext( self, diff --git a/sw/host/penetrationtests/python/sca/host_scripts/sca_asym_cryptolib_functions.py b/sw/host/penetrationtests/python/sca/host_scripts/sca_asym_cryptolib_functions.py index 4f5dae71afa7f..c97a61c727c26 100644 --- a/sw/host/penetrationtests/python/sca/host_scripts/sca_asym_cryptolib_functions.py +++ b/sw/host/penetrationtests/python/sca/host_scripts/sca_asym_cryptolib_functions.py @@ -30,7 +30,14 @@ def char_rsa_dec( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) @@ -63,7 +70,14 @@ def char_rsa_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) @@ -90,7 +104,14 @@ def char_prime_generation( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): asymsca.handle_prime_generation( e, @@ -116,12 +137,20 @@ def char_p256_base_mult_fvsr( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) for _ in range(iterations): + asymsca.handle_p256_base_mult_fvsr(scalar, cfg, trigger, num_iterations) asymsca.handle_p256_base_mult_fvsr(scalar, cfg, trigger, num_iterations) response = target.read_response() return response @@ -142,8 +171,16 @@ def char_p256_base_mult_daisy( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): + asymsca.handle_p256_base_mult_daisy(scalar, cfg, trigger, num_iterations) asymsca.handle_p256_base_mult_daisy(scalar, cfg, trigger, num_iterations) response = target.read_response() return response @@ -164,8 +201,16 @@ def char_p256_point_mult( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): + asymsca.handle_p256_point_mult(scalar_alice, scalar_bob, cfg, trigger) asymsca.handle_p256_point_mult(scalar_alice, scalar_bob, cfg, trigger) response = target.read_response() return response @@ -187,7 +232,14 @@ def char_p256_ecdh( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): asymsca.handle_p256_ecdh(private_key, public_x, public_y, cfg, trigger) response = target.read_response() @@ -211,8 +263,16 @@ def char_p256_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): + asymsca.handle_p256_sign(scalar, pubx, puby, message, cfg, trigger) asymsca.handle_p256_sign(scalar, pubx, puby, message, cfg, trigger) response = target.read_response() return response @@ -233,11 +293,19 @@ def char_p384_base_mult_fvsr( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) for _ in range(iterations): + asymsca.handle_p384_base_mult_fvsr(scalar, cfg, trigger, num_iterations) asymsca.handle_p384_base_mult_fvsr(scalar, cfg, trigger, num_iterations) response = target.read_response() return response @@ -258,8 +326,16 @@ def char_p384_base_mult_daisy( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): + asymsca.handle_p384_base_mult_daisy(scalar, cfg, trigger, num_iterations) asymsca.handle_p384_base_mult_daisy(scalar, cfg, trigger, num_iterations) response = target.read_response() return response @@ -280,8 +356,16 @@ def char_p384_point_mult( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): + asymsca.handle_p384_point_mult(scalar_alice, scalar_bob, cfg, trigger) asymsca.handle_p384_point_mult(scalar_alice, scalar_bob, cfg, trigger) response = target.read_response() return response @@ -303,8 +387,16 @@ def char_p384_ecdh( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): + asymsca.handle_p384_ecdh(private_key, public_x, public_y, cfg, trigger) asymsca.handle_p384_ecdh(private_key, public_x, public_y, cfg, trigger) response = target.read_response() return response @@ -327,8 +419,16 @@ def char_p384_sign( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() for _ in range(iterations): + asymsca.handle_p384_sign(scalar, pubx, puby, message, cfg, trigger) asymsca.handle_p384_sign(scalar, pubx, puby, message, cfg, trigger) response = target.read_response() return response diff --git a/sw/host/penetrationtests/python/sca/host_scripts/sca_sym_cryptolib_functions.py b/sw/host/penetrationtests/python/sca/host_scripts/sca_sym_cryptolib_functions.py index 0bb6633144e1d..97ab1828a48c0 100644 --- a/sw/host/penetrationtests/python/sca/host_scripts/sca_sym_cryptolib_functions.py +++ b/sw/host/penetrationtests/python/sca/host_scripts/sca_sym_cryptolib_functions.py @@ -30,7 +30,14 @@ def char_aes_fvsr_plaintext( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) @@ -74,7 +81,14 @@ def char_aes_daisy( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() for _ in range(iterations): symsca.handle_aes_daisy( @@ -113,7 +127,14 @@ def char_cmac_fvsr_plaintext( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) @@ -151,7 +172,14 @@ def char_cmac_daisy( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() for _ in range(iterations): symsca.handle_cmac_daisy( @@ -189,7 +217,14 @@ def char_gcm_fvsr_plaintext( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) @@ -231,7 +266,14 @@ def char_gcm_daisy( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() for _ in range(iterations): symsca.handle_gcm_daisy( @@ -270,7 +312,14 @@ def char_hmac_fvsr_plaintext( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) @@ -310,7 +359,14 @@ def char_hmac_daisy( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() # Set the internal prng ot_prng = OTPRNG(target=target) ot_prng.seed_prng([1, 0, 0, 0]) @@ -351,7 +407,14 @@ def char_drbg( # Clear the output from the reset target.dump_all() # Initialize our chip and catch its output - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() # In this test, we do not trigger the reseeding symsca.handle_drbg_reseed( entropy, entropy_len, nonce, nonce_len, reseed_interval, mode, 0, 0 diff --git a/sw/host/penetrationtests/python/sca/test_scripts/sca_asym_cryptolib_python_test.py b/sw/host/penetrationtests/python/sca/test_scripts/sca_asym_cryptolib_python_test.py index 0678300d9e388..0e25263a2a784 100644 --- a/sw/host/penetrationtests/python/sca/test_scripts/sca_asym_cryptolib_python_test.py +++ b/sw/host/penetrationtests/python/sca/test_scripts/sca_asym_cryptolib_python_test.py @@ -41,7 +41,14 @@ class AsymCryptoScaTest(unittest.TestCase): def test_init(self): asymsca = OTAsymCrypto(target) - device_id, owner_page, boot_log, boot_measurements, version = asymsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = asymsca.init() device_id_json = json.loads(device_id) owner_page_json = json.loads(owner_page) boot_log_json = json.loads(boot_log) @@ -118,6 +125,8 @@ def test_init(self): self.assertIn("PENTEST", version) + self.assertIn("CRYPTO", cryptolib_version) + def test_char_rsa_sign(self): n_len = 256 key = RSA.generate(2048) diff --git a/sw/host/penetrationtests/python/sca/test_scripts/sca_sym_cryptolib_python_test.py b/sw/host/penetrationtests/python/sca/test_scripts/sca_sym_cryptolib_python_test.py index c149d7391d9b7..d2391330d1d70 100644 --- a/sw/host/penetrationtests/python/sca/test_scripts/sca_sym_cryptolib_python_test.py +++ b/sw/host/penetrationtests/python/sca/test_scripts/sca_sym_cryptolib_python_test.py @@ -38,7 +38,14 @@ class SymCryptoScaTest(unittest.TestCase): def test_init(self): symsca = OTSymCrypto(target) - device_id, owner_page, boot_log, boot_measurements, version = symsca.init() + ( + device_id, + owner_page, + boot_log, + boot_measurements, + version, + cryptolib_version, + ) = symsca.init() device_id_json = json.loads(device_id) owner_page_json = json.loads(owner_page) boot_log_json = json.loads(boot_log) @@ -115,6 +122,8 @@ def test_init(self): self.assertIn("PENTEST", version) + self.assertIn("CRYPTO", cryptolib_version) + def test_char_aes_fvsr_plaintext(self): for num_segments in num_segments_list: # For testing, we just take a multiple of the block size diff --git a/sw/host/penetrationtests/testvectors/data/fi_asym_cryptolib.json b/sw/host/penetrationtests/testvectors/data/fi_asym_cryptolib.json index bc4ea67fa05ee..214c2dba96354 100644 --- a/sw/host/penetrationtests/testvectors/data/fi_asym_cryptolib.json +++ b/sw/host/penetrationtests/testvectors/data/fi_asym_cryptolib.json @@ -12,7 +12,8 @@ "{\"config_version\":1,\"sram_exec_mode\":0,\"ownership_key_alg\":0,\"update_mode\":0,\"min_security_version_bl0\":0,\"lock_constraint\":0}", "{\"digest\":[0,0,0,0,0,0,0,0],\"identifier\":0,\"scm_revision_low\":0,\"scm_revision_high\":0,\"rom_ext_slot\":0,\"rom_ext_major\":0,\"rom_ext_minor\":1,\"rom_ext_size\":0,\"bl0_slot\":0,\"ownership_state\":0,\"ownership_transfers\":0,\"rom_ext_min_sec_ver\":0,\"bl0_min_sec_ver\":0,\"primary_bl0_slot\":16000078145,\"retention_ram_initialized\":0}", "{\"bl0\":[0,0,0,0,0,0,0,0],\"rom_ext\":[0,0,0,0,0,0,0,0]}", - "PENTEST: v0.1.0"] + "PENTEST: v0.1.0", + "CRYPTO:"] }, { "test_case_id": 2, diff --git a/sw/host/penetrationtests/testvectors/data/fi_sym_cryptolib.json b/sw/host/penetrationtests/testvectors/data/fi_sym_cryptolib.json index f47cfe0a3bc4b..8a1b6444643d9 100644 --- a/sw/host/penetrationtests/testvectors/data/fi_sym_cryptolib.json +++ b/sw/host/penetrationtests/testvectors/data/fi_sym_cryptolib.json @@ -12,7 +12,8 @@ "{\"config_version\":1,\"sram_exec_mode\":0,\"ownership_key_alg\":0,\"update_mode\":0,\"min_security_version_bl0\":0,\"lock_constraint\":0}", "{\"digest\":[0,0,0,0,0,0,0,0],\"identifier\":0,\"scm_revision_low\":0,\"scm_revision_high\":0,\"rom_ext_slot\":0,\"rom_ext_major\":0,\"rom_ext_minor\":1,\"rom_ext_size\":0,\"bl0_slot\":0,\"ownership_state\":0,\"ownership_transfers\":0,\"rom_ext_min_sec_ver\":0,\"bl0_min_sec_ver\":0,\"primary_bl0_slot\":16000078145,\"retention_ram_initialized\":0}", "{\"bl0\":[0,0,0,0,0,0,0,0],\"rom_ext\":[0,0,0,0,0,0,0,0]}", - "PENTEST: v0.1.0"] + "PENTEST: v0.1.0", + "CRYPTO:"] }, { "test_case_id": 2, diff --git a/sw/host/penetrationtests/testvectors/data/sca_asym_cryptolib.json b/sw/host/penetrationtests/testvectors/data/sca_asym_cryptolib.json index 092c02419025f..558f4fe6a9bf8 100644 --- a/sw/host/penetrationtests/testvectors/data/sca_asym_cryptolib.json +++ b/sw/host/penetrationtests/testvectors/data/sca_asym_cryptolib.json @@ -9,7 +9,8 @@ "{\"config_version\":1,\"sram_exec_mode\":0,\"ownership_key_alg\":0,\"update_mode\":0,\"min_security_version_bl0\":0,\"lock_constraint\":0}", "{\"digest\":[0,0,0,0,0,0,0,0],\"identifier\":0,\"scm_revision_low\":0,\"scm_revision_high\":0,\"rom_ext_slot\":0,\"rom_ext_major\":0,\"rom_ext_minor\":1,\"rom_ext_size\":0,\"bl0_slot\":0,\"ownership_state\":0,\"ownership_transfers\":0,\"rom_ext_min_sec_ver\":0,\"bl0_min_sec_ver\":0,\"primary_bl0_slot\":16000078145,\"retention_ram_initialized\":0}", "{\"bl0\":[0,0,0,0,0,0,0,0],\"rom_ext\":[0,0,0,0,0,0,0,0]}", - "PENTEST: v0.1.0"] + "PENTEST: v0.1.0", + "CRYPTO:"] }, { "test_case_id": 2, diff --git a/sw/host/penetrationtests/testvectors/data/sca_sym_cryptolib.json b/sw/host/penetrationtests/testvectors/data/sca_sym_cryptolib.json index 278889a23466a..552f102bcc3e2 100644 --- a/sw/host/penetrationtests/testvectors/data/sca_sym_cryptolib.json +++ b/sw/host/penetrationtests/testvectors/data/sca_sym_cryptolib.json @@ -9,7 +9,8 @@ "{\"config_version\":1,\"sram_exec_mode\":0,\"ownership_key_alg\":0,\"update_mode\":0,\"min_security_version_bl0\":0,\"lock_constraint\":0}", "{\"digest\":[0,0,0,0,0,0,0,0],\"identifier\":0,\"scm_revision_low\":0,\"scm_revision_high\":0,\"rom_ext_slot\":0,\"rom_ext_major\":0,\"rom_ext_minor\":1,\"rom_ext_size\":0,\"bl0_slot\":0,\"ownership_state\":0,\"ownership_transfers\":0,\"rom_ext_min_sec_ver\":0,\"bl0_min_sec_ver\":0,\"primary_bl0_slot\":16000078145,\"retention_ram_initialized\":0}", "{\"bl0\":[0,0,0,0,0,0,0,0],\"rom_ext\":[0,0,0,0,0,0,0,0]}", - "PENTEST: v0.1.0"] + "PENTEST: v0.1.0", + "CRYPTO:"] }, { "test_case_id": 2,