blob: 2d8a62c67ce4ddc65530ef904781a77030f66f2c [file] [log] [blame]
// Copyright lowRISC contributors.
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0
#include "sw/device/lib/base/memory.h"
#include "sw/device/lib/testing/test_framework/check.h"
#include "sw/device/silicon_creator/lib/base/sec_mmio.h"
#include "sw/device/silicon_creator/lib/drivers/hmac.h"
#include "sw/device/silicon_creator/lib/sigverify/sigverify.h"
#include "sw/device/silicon_creator/lib/test_main.h"
// The autogen rule that creates this header creates it in a directory named
// after the rule, then manipulates the include path in the
// cc_compilation_context to include that directory, so the compiler will find
// the version of this file matching the Bazel rule under test.
#include "sigverify_testvectors.h"
// Index of the test vector currently under test
static uint32_t test_index;
rom_error_t sigverify_test(void) {
sigverify_test_vector_t testvec = sigverify_tests[test_index];
// Extract the digest from the encoded message
hmac_digest_t digest;
memcpy(digest.digest, testvec.encoded_msg,
kHmacDigestNumWords * sizeof(uint32_t));
uint32_t flash_exec = 0;
rom_error_t result = sigverify_rsa_verify(&testvec.sig, &testvec.key, &digest,
kLcStateRma, &flash_exec);
rom_error_t test_result;
if (testvec.valid) {
CHECK(flash_exec == kSigverifyFlashExec);
if (result == kErrorOk) {
test_result = kErrorOk;
} else {
// Signature verification failed when it was expected to pass.
LOG_ERROR("Error while attempting to verify a valid signature.");
LOG_INFO("Test notes: %s", testvec.comment);
test_result = result;
}
} else {
CHECK(flash_exec == UINT32_MAX);
if (result == kErrorOk) {
// Signature verification passed when it was expected to fail.
LOG_ERROR("Invalid signature passed verification.");
LOG_INFO("Test notes: %s", testvec.comment);
test_result = kErrorUnknown;
} else {
test_result = kErrorOk;
}
}
return test_result;
}
OTTF_DEFINE_TEST_CONFIG();
bool test_main(void) {
rom_error_t result = kErrorOk;
// The definition of `RULE_NAME` comes from the autogen Bazel rule.
LOG_INFO("Starting sigverify_dynamic_functest:%s", RULE_NAME);
for (uint32_t i = 0; i < SIGVERIFY_NUM_TESTS; i++) {
LOG_INFO("Starting test vector %d of %d...", i + 1, SIGVERIFY_NUM_TESTS);
test_index = i;
EXECUTE_TEST(result, sigverify_test);
}
LOG_INFO("Finished sigverify_dynamic_functest:%s", RULE_NAME);
return result == kErrorOk;
}