[sw/silicon_creator] Update sigverify unit tests for OTP and OTBN
Signed-off-by: Alphan Ulusoy <alphan@google.com>
diff --git a/sw/device/silicon_creator/lib/sigverify_unittest.cc b/sw/device/silicon_creator/lib/sigverify_unittest.cc
index eef792c..f21507e 100644
--- a/sw/device/silicon_creator/lib/sigverify_unittest.cc
+++ b/sw/device/silicon_creator/lib/sigverify_unittest.cc
@@ -88,19 +88,36 @@
class SigVerifyTest : public mask_rom_test::MaskRomTest {
protected:
+ void ExpectSha256() {
+ EXPECT_CALL(hmac_, sha256_init());
+ EXPECT_CALL(hmac_,
+ sha256_update(kSignedRegion.data(), sizeof(kSignedRegion)))
+ .WillOnce(Return(kErrorOk));
+ EXPECT_CALL(hmac_, sha256_final(NotNull()))
+ .WillOnce(DoAll(SetArgPointee<0>(kTestDigest), Return(kErrorOk)));
+ }
+
mask_rom_test::MockSigverifyModExpIbex sigverify_mod_exp_ibex_;
+ mask_rom_test::MockSigverifyModExpOtbn sigverify_mod_exp_otbn_;
mask_rom_test::MockHmac hmac_;
mask_rom_test::MockOtp otp_;
// The content of this key is not significant since we use mocks.
sigverify_rsa_key_t key_{};
};
-TEST_F(SigVerifyTest, GoodSignature) {
- EXPECT_CALL(hmac_, sha256_init());
- EXPECT_CALL(hmac_, sha256_update(kSignedRegion.data(), sizeof(kSignedRegion)))
- .WillOnce(Return(kErrorOk));
- EXPECT_CALL(hmac_, sha256_final(NotNull()))
- .WillOnce(DoAll(SetArgPointee<0>(kTestDigest), Return(kErrorOk)));
+TEST_F(SigVerifyTest, BadOtpValue) {
+ ExpectSha256();
+ EXPECT_CALL(otp_,
+ read32(OTP_CTRL_PARAM_CREATOR_SW_CFG_USE_SW_RSA_VERIFY_OFFSET))
+ .WillOnce(Return(0xA5A5A5A5));
+
+ EXPECT_EQ(sigverify_rsa_verify(kSignedRegion.data(), sizeof(kSignedRegion),
+ &kSignature, &key_),
+ kErrorSigverifyBadOtpValue);
+}
+
+TEST_F(SigVerifyTest, GoodSignatureIbex) {
+ ExpectSha256();
EXPECT_CALL(otp_,
read32(OTP_CTRL_PARAM_CREATOR_SW_CFG_USE_SW_RSA_VERIFY_OFFSET))
.WillOnce(Return(kHardenedBoolTrue));
@@ -112,6 +129,19 @@
kErrorOk);
}
+TEST_F(SigVerifyTest, GoodSignatureOtbn) {
+ ExpectSha256();
+ EXPECT_CALL(otp_,
+ read32(OTP_CTRL_PARAM_CREATOR_SW_CFG_USE_SW_RSA_VERIFY_OFFSET))
+ .WillOnce(Return(kHardenedBoolFalse));
+ EXPECT_CALL(sigverify_mod_exp_otbn_, mod_exp(&key_, &kSignature, NotNull()))
+ .WillOnce(DoAll(SetArgPointee<2>(kEncMsg), Return(kErrorOk)));
+
+ EXPECT_EQ(sigverify_rsa_verify(kSignedRegion.data(), sizeof(kSignedRegion),
+ &kSignature, &key_),
+ kErrorOk);
+}
+
TEST_F(SigVerifyTest, BadSignature) {
// Corrupt the words of the encoded message by flipping their bits and check
// that signature verification fails.
@@ -119,12 +149,7 @@
auto bad_enc_msg = kEncMsg;
bad_enc_msg.data[i] = ~bad_enc_msg.data[i];
- EXPECT_CALL(hmac_, sha256_init());
- EXPECT_CALL(hmac_,
- sha256_update(kSignedRegion.data(), sizeof(kSignedRegion)))
- .WillOnce(Return(kErrorOk));
- EXPECT_CALL(hmac_, sha256_final(NotNull()))
- .WillOnce(DoAll(SetArgPointee<0>(kTestDigest), Return(kErrorOk)));
+ ExpectSha256();
EXPECT_CALL(otp_,
read32(OTP_CTRL_PARAM_CREATOR_SW_CFG_USE_SW_RSA_VERIFY_OFFSET))
.WillOnce(Return(kHardenedBoolTrue));
