[sw,crypto] Fix build for cryptolib in new location.
Fix crypto library so that it builds in device/lib without
silicon_creator dependencies.
Signed-off-by: Jade Philipoom <jadep@google.com>
diff --git a/sw/device/lib/crypto/BUILD b/sw/device/lib/crypto/BUILD
index 8e6869e..5d3bd77 100644
--- a/sw/device/lib/crypto/BUILD
+++ b/sw/device/lib/crypto/BUILD
@@ -4,8 +4,6 @@
package(default_visibility = ["//visibility:public"])
-load("//rules:opentitan.bzl", "OPENTITAN_CPU")
-
cc_library(
name = "otbn_util",
srcs = ["otbn_util.c"],
diff --git a/sw/device/lib/crypto/drivers/otbn.h b/sw/device/lib/crypto/drivers/otbn.h
index c79c6aa..21643ca 100644
--- a/sw/device/lib/crypto/drivers/otbn.h
+++ b/sw/device/lib/crypto/drivers/otbn.h
@@ -46,7 +46,7 @@
/**
* Error codes for the OTBN driver.
*/
-typedef enum otbn_error_t {
+typedef enum otbn_error {
/** No errors. */
kOtbnErrorOk = 0,
/** Invalid argument provided to OTBN interface function. */
diff --git a/sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.c b/sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.c
index 345a617..21cab9b 100644
--- a/sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.c
+++ b/sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.c
@@ -2,11 +2,11 @@
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0
-#include "sw/device/silicon_creator/lib/crypto/ecdsa_p256/ecdsa_p256.h"
+#include "sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.h"
#include "sw/device/lib/base/hardened.h"
-#include "sw/device/silicon_creator/lib/drivers/otbn.h"
-#include "sw/device/silicon_creator/lib/otbn_util.h"
+#include "sw/device/lib/crypto/drivers/otbn.h"
+#include "sw/device/lib/crypto/otbn_util.h"
#include "hw/top_earlgrey/sw/autogen/top_earlgrey.h"
diff --git a/sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.h b/sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.h
index 96d58ec..7b2c996 100644
--- a/sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.h
+++ b/sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.h
@@ -2,14 +2,14 @@
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0
-#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_ECDSA_P256_ECDSA_P256_H_
-#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_ECDSA_P256_ECDSA_P256_H_
+#ifndef OPENTITAN_SW_DEVICE_LIB_CRYPTO_ECDSA_P256_ECDSA_P256_H_
+#define OPENTITAN_SW_DEVICE_LIB_CRYPTO_ECDSA_P256_ECDSA_P256_H_
#include <stddef.h>
#include <stdint.h>
#include "sw/device/lib/base/hardened.h"
-#include "sw/device/silicon_creator/lib/drivers/otbn.h"
+#include "sw/device/lib/crypto/drivers/otbn.h"
#ifdef __cplusplus
extern "C" {
@@ -104,4 +104,4 @@
} // extern "C"
#endif // __cplusplus
-#endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_ECDSA_P256_ECDSA_P256_H_
+#endif // OPENTITAN_SW_DEVICE_LIB_CRYPTO_ECDSA_P256_ECDSA_P256_H_
diff --git a/sw/device/lib/crypto/ecdsa_p256/meson.build b/sw/device/lib/crypto/ecdsa_p256/meson.build
index 5922262..138af9a 100644
--- a/sw/device/lib/crypto/ecdsa_p256/meson.build
+++ b/sw/device/lib/crypto/ecdsa_p256/meson.build
@@ -3,14 +3,14 @@
# SPDX-License-Identifier: Apache-2.0
# C wrapper for ECDSA sign/verify
-sw_silicon_creator_lib_crypto_ecdsa_p256 = declare_dependency(
+sw_lib_crypto_ecdsa_p256 = declare_dependency(
link_with: static_library(
- 'sw_silicon_creator_lib_crypto_ecdsa_p256',
+ 'sw_lib_crypto_ecdsa_p256',
sources: [
'ecdsa_p256.c',
],
dependencies: [
- sw_silicon_creator_lib_otbn_util,
+ sw_lib_crypto_otbn_util,
sw_otbn['p256_ecdsa']['rv32embed_dependency'],
],
),
diff --git a/sw/device/lib/crypto/meson.build b/sw/device/lib/crypto/meson.build
index b23edc6..1bd9344 100644
--- a/sw/device/lib/crypto/meson.build
+++ b/sw/device/lib/crypto/meson.build
@@ -16,3 +16,36 @@
]
)
)
+
+# Setup for building OTBN assembly. OTBN software is build with a separate
+# toolchain, which is called as an external target from Meson in
+# subdirectories.
+
+prog_otbn_build = meson.source_root() / 'util/otbn_build.py'
+
+otbn_build_command = [
+ prog_env,
+ 'OTBN_AS=@0@'.format(prog_otbn_as),
+ 'OTBN_LD=@0@'.format(prog_otbn_ld),
+ 'RV32_TOOL_OBJCOPY=@0@'.format(prog_objcopy.path()),
+ 'RV32_TOOL_AS=@0@'.format(prog_as.path()),
+ 'RV32_TOOL_LD=@0@'.format(prog_ld.path()),
+ prog_python,
+ prog_otbn_build,
+ '--out-dir',
+ '@OUTDIR@',
+ '@INPUT@',
+]
+otbn_build_depend_files = [
+ prog_otbn_as,
+ prog_otbn_ld,
+ prog_objcopy.path(),
+ prog_as.path(),
+ prog_ld.path(),
+ prog_otbn_build,
+]
+
+# Subdirectories with OTBN files or dependencies must come after the OTBN setup.
+
+subdir('ecdsa_p256')
+subdir('rsa_3072')
diff --git a/sw/device/lib/crypto/rsa_3072/meson.build b/sw/device/lib/crypto/rsa_3072/meson.build
index bde488a..bef4569 100644
--- a/sw/device/lib/crypto/rsa_3072/meson.build
+++ b/sw/device/lib/crypto/rsa_3072/meson.build
@@ -3,14 +3,14 @@
# SPDX-License-Identifier: Apache-2.0
# C wrapper for RSA-3072 verify
-sw_silicon_creator_lib_crypto_rsa_3072_verify = declare_dependency(
+sw_lib_crypto_rsa_3072_verify = declare_dependency(
link_with: static_library(
- 'sw_silicon_creator_lib_crypto_rsa_3072_verify',
+ 'sw_lib_crypto_rsa_3072_verify',
sources: [
'rsa_3072_verify.c',
],
dependencies: [
- sw_silicon_creator_lib_otbn_util,
+ sw_lib_crypto_otbn_util,
sw_otbn['run_rsa_verify_3072']['rv32embed_dependency'],
],
),
diff --git a/sw/device/lib/crypto/rsa_3072/rsa_3072_verify.c b/sw/device/lib/crypto/rsa_3072/rsa_3072_verify.c
index 9af384d..d936f2e 100644
--- a/sw/device/lib/crypto/rsa_3072/rsa_3072_verify.c
+++ b/sw/device/lib/crypto/rsa_3072/rsa_3072_verify.c
@@ -2,15 +2,14 @@
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0
-#include "sw/device/silicon_creator/lib/crypto/rsa_3072/rsa_3072_verify.h"
+#include "sw/device/lib/crypto/rsa_3072/rsa_3072_verify.h"
#include "sw/device/lib/base/hardened.h"
#include "sw/device/lib/base/macros.h"
#include "sw/device/lib/base/memory.h"
-#include "sw/device/silicon_creator/lib/drivers/hmac.h"
-#include "sw/device/silicon_creator/lib/drivers/otbn.h"
-#include "sw/device/silicon_creator/lib/error.h"
-#include "sw/device/silicon_creator/lib/otbn_util.h"
+#include "sw/device/lib/crypto/drivers/hmac.h"
+#include "sw/device/lib/crypto/drivers/otbn.h"
+#include "sw/device/lib/crypto/otbn_util.h"
#include "hw/top_earlgrey/sw/autogen/top_earlgrey.h"
@@ -49,7 +48,8 @@
static const uint32_t kOtbnRsaModeConstants = 1;
static const uint32_t kOtbnRsaModeModexp = 2;
-rom_error_t rsa_3072_encode_sha256(const uint8_t *msg, size_t msgLen,
+// TODO: Change the error type here to a crypto_error_t once that type exists.
+hmac_error_t rsa_3072_encode_sha256(const uint8_t *msg, size_t msgLen,
rsa_3072_int_t *result) {
enum { kSha256DigestNumWords = 8 };
@@ -78,11 +78,18 @@
// Compute the SHA-256 message digest.
hmac_sha256_init();
+ hmac_error_t err;
if (msg != NULL) {
- RETURN_IF_ERROR(hmac_sha256_update(msg, msgLen));
+ err = hmac_sha256_update(msg, msgLen);
+ if (err != kHmacOk) {
+ return err;
+ }
}
hmac_digest_t digest;
- RETURN_IF_ERROR(hmac_sha256_final(&digest));
+ err = hmac_sha256_final(&digest);
+ if (err != kHmacOk) {
+ return err;
+ }
// Copy the message digest into the least significant end of the result.
memcpy(result->data, digest.digest, sizeof(digest.digest));
@@ -94,7 +101,7 @@
result->data[kSha256DigestNumWords + 3] = 0x0d060960;
result->data[kSha256DigestNumWords + 4] = 0x00303130;
- return kErrorOk;
+ return kHmacOk;
}
/**
diff --git a/sw/device/lib/crypto/rsa_3072/rsa_3072_verify.h b/sw/device/lib/crypto/rsa_3072/rsa_3072_verify.h
index 4f7d0d4..eeea42a 100644
--- a/sw/device/lib/crypto/rsa_3072/rsa_3072_verify.h
+++ b/sw/device/lib/crypto/rsa_3072/rsa_3072_verify.h
@@ -2,15 +2,15 @@
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0
-#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_RSA_3072_RSA_3072_VERIFY_H_
-#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_RSA_3072_RSA_3072_VERIFY_H_
+#ifndef OPENTITAN_SW_DEVICE_LIB_CRYPTO_RSA_3072_RSA_3072_VERIFY_H_
+#define OPENTITAN_SW_DEVICE_LIB_CRYPTO_RSA_3072_RSA_3072_VERIFY_H_
#include <stddef.h>
#include <stdint.h>
#include "sw/device/lib/base/hardened.h"
-#include "sw/device/silicon_creator/lib/error.h"
-#include "sw/device/silicon_creator/lib/otbn_util.h"
+#include "sw/device/lib/crypto/drivers/hmac.h"
+#include "sw/device/lib/crypto/otbn_util.h"
#ifdef __cplusplus
extern "C" {
@@ -103,7 +103,7 @@
* @param result Resulting 3072-bit message representative
* @return Result of the operation (OK or error).
*/
-rom_error_t rsa_3072_encode_sha256(const uint8_t *msg, size_t msgLen,
+hmac_error_t rsa_3072_encode_sha256(const uint8_t *msg, size_t msgLen,
rsa_3072_int_t *result);
/**
@@ -125,4 +125,4 @@
} // extern "C"
#endif // __cplusplus
-#endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_RSA_3072_RSA_3072_VERIFY_H_
+#endif // OPENTITAN_SW_DEVICE_LIB_CRYPTO_RSA_3072_RSA_3072_VERIFY_H_
diff --git a/sw/device/silicon_creator/lib/crypto/meson.build b/sw/device/silicon_creator/lib/crypto/meson.build
deleted file mode 100644
index 8b8ec83..0000000
--- a/sw/device/silicon_creator/lib/crypto/meson.build
+++ /dev/null
@@ -1,35 +0,0 @@
-# Copyright lowRISC contributors.
-# Licensed under the Apache License, Version 2.0, see LICENSE for details.
-# SPDX-License-Identifier: Apache-2.0
-
-# Setup for building OTBN assembly. OTBN software is build with a separate
-# toolchain, which is called as an external target from Meson in
-# subdirectories.
-
-prog_otbn_build = meson.source_root() / 'util/otbn_build.py'
-
-otbn_build_command = [
- prog_env,
- 'OTBN_AS=@0@'.format(prog_otbn_as),
- 'OTBN_LD=@0@'.format(prog_otbn_ld),
- 'RV32_TOOL_OBJCOPY=@0@'.format(prog_objcopy.path()),
- 'RV32_TOOL_AS=@0@'.format(prog_as.path()),
- 'RV32_TOOL_LD=@0@'.format(prog_ld.path()),
- prog_python,
- prog_otbn_build,
- '--out-dir',
- '@OUTDIR@',
- '@INPUT@',
-]
-otbn_build_depend_files = [
- prog_otbn_as,
- prog_otbn_ld,
- prog_objcopy.path(),
- prog_as.path(),
- prog_ld.path(),
- prog_otbn_build,
-]
-
-subdir('ecdsa_p256')
-subdir('rsa_3072')
-subdir('tests')
diff --git a/sw/device/silicon_creator/lib/meson.build b/sw/device/silicon_creator/lib/meson.build
index 27f2d73..a097108 100644
--- a/sw/device/silicon_creator/lib/meson.build
+++ b/sw/device/silicon_creator/lib/meson.build
@@ -17,9 +17,6 @@
),
)
-# Must be declared after otbn_util, which is used in the crypto library.
-subdir('crypto')
-
# Mask ROM fake dependencies. These are temporary dependencies until we
# refactor or copy the other libraries we need (e.g. `runtime`).
sw_silicon_creator_lib_fake_deps = declare_dependency(
diff --git a/sw/device/tests/crypto/README.md b/sw/device/tests/crypto/README.md
index ad5a163..351c4ba 100644
--- a/sw/device/tests/crypto/README.md
+++ b/sw/device/tests/crypto/README.md
@@ -14,7 +14,7 @@
each test vector. By default, the header file contains a small set of
hard-coded test vectors. If all you want to do is sanity-check, then simply run
`ninja` and run the `_functest` target (e.g.
-`sw_silicon_creator_lib_crypto_rsa_3072_verify_functest`) on your desired
+`sw_lib_crypto_rsa_3072_verify_functest`) on your desired
platform.
However, if you want to run a set of test vectors from an external source, a
@@ -48,7 +48,7 @@
$ ./rsa_3072_verify_set_testvectors.py testvectors/rsa_3072_verify_hardcoded.hjson
```
After this step, you can run `ninja` to re-build and then run the
-`sw_silicon_creator_lib_crypto_rsa_3072_verify_functest` target to run the
+`sw_lib_crypto_rsa_3072_verify_functest` target to run the
tests. The same applies to all other examples here.
Set up RSA-3072 test to run 20 random test vectors:
diff --git a/sw/device/tests/crypto/ecdsa_p256_functest.c b/sw/device/tests/crypto/ecdsa_p256_functest.c
index 0125763..c9e07dc 100644
--- a/sw/device/tests/crypto/ecdsa_p256_functest.c
+++ b/sw/device/tests/crypto/ecdsa_p256_functest.c
@@ -5,12 +5,11 @@
#include "sw/device/lib/runtime/log.h"
#include "sw/device/lib/testing/check.h"
#include "sw/device/lib/testing/entropy_testutils.h"
-#include "sw/device/silicon_creator/lib/crypto/ecdsa_p256/ecdsa_p256.h"
-#include "sw/device/silicon_creator/lib/drivers/hmac.h"
-#include "sw/device/silicon_creator/lib/drivers/otbn.h"
-#include "sw/device/silicon_creator/lib/error.h"
-#include "sw/device/silicon_creator/lib/otbn_util.h"
-#include "sw/device/silicon_creator/lib/test_main.h"
+#include "sw/device/lib/crypto/ecdsa_p256/ecdsa_p256.h"
+#include "sw/device/lib/crypto/drivers/hmac.h"
+#include "sw/device/lib/crypto/drivers/otbn.h"
+#include "sw/device/lib/crypto/otbn_util.h"
+#include "sw/device/lib/testing/test_framework/ottf.h"
// Message
static const char kMessage[] = "test message";
@@ -33,49 +32,57 @@
0xf46c0bda, 0x7abbe68f, 0xb7a04555},
};
-rom_error_t compute_digest(void) {
+hmac_error_t compute_digest(void) {
hmac_digest_t act_digest;
uint32_t i;
hmac_sha256_init();
- RETURN_IF_ERROR(hmac_sha256_update(&kMessage, sizeof(kMessage) - 1));
- RETURN_IF_ERROR(hmac_sha256_final(&act_digest));
+ hmac_error_t err = hmac_sha256_update(&kMessage, sizeof(kMessage) - 1);
+ if (err != kHmacOk) {
+ return err;
+ }
+ err = hmac_sha256_final(&act_digest);
+ if (err != kHmacOk) {
+ return err;
+ }
for (i = 0; i < kP256ScalarNumWords; i++) {
digest.h[i] = act_digest.digest[i];
};
- return kErrorOk;
+ return kHmacOk;
}
-rom_error_t sign_then_verify_test(void) {
+bool sign_then_verify_test(void) {
ecdsa_p256_signature_t signature;
hardened_bool_t verificationResult;
// Generate a signature for the message
LOG_INFO("Signing...");
- FOLD_OTBN_ERROR(ecdsa_p256_sign(&digest, &kPrivateKey, &signature));
+ otbn_error_t err = ecdsa_p256_sign(&digest, &kPrivateKey, &signature);
+ if (err != kOtbnOk) {
+ return false;
+ }
// Verify the signature
LOG_INFO("Verifying...");
- FOLD_OTBN_ERROR(
- ecdsa_p256_verify(&signature, &digest, &kPublicKey, &verificationResult));
+ err = ecdsa_p256_verify(&signature, &digest, &kPublicKey, &verificationResult);
+ if (err != kOtbnOk) {
+ return false;
+ }
// Signature verification is expected to succeed
CHECK(verificationResult == kHardenedBoolTrue);
- return kErrorOk;
+ return true;
}
const test_config_t kTestConfig;
bool test_main(void) {
- rom_error_t result = kErrorOk;
-
entropy_testutils_boot_mode_init();
- CHECK(compute_digest() == kErrorOk);
+ CHECK(compute_digest() == kHmacOk);
- EXECUTE_TEST(result, sign_then_verify_test);
- return result == kErrorOk;
+ return sign_then_verify_test();
}
diff --git a/sw/device/tests/crypto/meson.build b/sw/device/tests/crypto/meson.build
index 690b47d..ec7eb7f 100644
--- a/sw/device/tests/crypto/meson.build
+++ b/sw/device/tests/crypto/meson.build
@@ -2,42 +2,42 @@
# Licensed under the Apache License, Version 2.0, see LICENSE for details.
# SPDX-License-Identifier: Apache-2.0
-sw_silicon_creator_lib_crypto_ecdsa_p256_functest = declare_dependency(
+sw_lib_crypto_ecdsa_p256_functest_lib = declare_dependency(
link_with: static_library(
- 'sw_silicon_creator_lib_crypto_ecdsa_p256_functest',
+ 'sw_lib_crypto_ecdsa_p256_functest_lib',
sources: [
'ecdsa_p256_functest.c'
],
dependencies: [
- sw_silicon_creator_lib_crypto_ecdsa_p256,
- sw_silicon_creator_lib_driver_hmac,
+ sw_lib_crypto_ecdsa_p256,
+ sw_lib_driver_hmac,
sw_lib_testing_entropy_testutils,
],
),
)
-mask_rom_tests += {
- 'sw_silicon_creator_lib_crypto_ecdsa_p256_functest': {
- 'library': sw_silicon_creator_lib_crypto_ecdsa_p256_functest,
+sw_tests += {
+ 'sw_lib_crypto_ecdsa_p256_functest': {
+ 'library': sw_lib_crypto_ecdsa_p256_functest_lib,
}
}
# Tests for RSA-3072 verify
-sw_silicon_creator_lib_crypto_rsa_3072_verify_functest = declare_dependency(
+sw_lib_crypto_rsa_3072_verify_functest_lib = declare_dependency(
link_with: static_library(
- 'sw_silicon_creator_lib_crypto_rsa_3072_verify_functest',
+ 'sw_lib_crypto_rsa_3072_verify_functest_lib',
sources: [
'rsa_3072_verify_functest.c',
'rsa_3072_verify_testvectors.h'
],
dependencies: [
- sw_silicon_creator_lib_crypto_rsa_3072_verify,
- sw_silicon_creator_lib_driver_hmac,
+ sw_lib_crypto_rsa_3072_verify,
+ sw_lib_driver_hmac,
sw_lib_testing_entropy_testutils,
],
),
)
-mask_rom_tests += {
- 'sw_silicon_creator_lib_crypto_rsa_3072_verify_functest': {
- 'library': sw_silicon_creator_lib_crypto_rsa_3072_verify_functest,
+sw_tests += {
+ 'sw_lib_crypto_rsa_3072_verify_functest': {
+ 'library': sw_lib_crypto_rsa_3072_verify_functest_lib,
}
}
diff --git a/sw/device/tests/crypto/rsa_3072_verify_functest.c b/sw/device/tests/crypto/rsa_3072_verify_functest.c
index 2264e0b..2e3e8be 100644
--- a/sw/device/tests/crypto/rsa_3072_verify_functest.c
+++ b/sw/device/tests/crypto/rsa_3072_verify_functest.c
@@ -6,26 +6,38 @@
#include "sw/device/lib/runtime/log.h"
#include "sw/device/lib/testing/check.h"
#include "sw/device/lib/testing/entropy_testutils.h"
-#include "sw/device/silicon_creator/lib/crypto/rsa_3072/rsa_3072_verify.h"
-#include "sw/device/silicon_creator/lib/crypto/tests/rsa_3072_verify_testvectors.h"
-#include "sw/device/silicon_creator/lib/drivers/otbn.h"
-#include "sw/device/silicon_creator/lib/test_main.h"
+#include "sw/device/lib/crypto/rsa_3072/rsa_3072_verify.h"
+#include "sw/device/lib/crypto/tests/rsa_3072_verify_testvectors.h"
+#include "sw/device/lib/drivers/otbn.h"
+#include "sw/device/lib/testing/test_framework/ottf.h"
-rom_error_t rsa_3072_verify_test(const rsa_3072_verify_test_vector_t *testvec) {
+bool rsa_3072_verify_test(const rsa_3072_verify_test_vector_t *testvec) {
rsa_3072_constants_t constants;
rsa_3072_int_t encodedMessage;
hardened_bool_t result;
// Encode message
- RETURN_IF_ERROR(
- rsa_3072_encode_sha256(testvec->msg, testvec->msgLen, &encodedMessage));
+ hmac_error_t err =
+ rsa_3072_encode_sha256(testvec->msg, testvec->msgLen, &encodedMessage);
+ if (err != kHmacOk) {
+ LOG_ERROR("Error from HMAC during message encoding: 0x%08x.", err);
+ return false;
+ }
// Precompute Montgomery constants
- FOLD_OTBN_ERROR(rsa_3072_compute_constants(&testvec->publicKey, &constants));
+ otbn_error_t err = rsa_3072_compute_constants(&testvec->publicKey, &constants);
+ if (err != kOtbnOk) {
+ LOG_ERROR("Error from OTBN while computing constants: 0x%08x.", err);
+ return false;
+ }
// Attempt to verify signature
- FOLD_OTBN_ERROR(rsa_3072_verify(&testvec->signature, &encodedMessage,
- &testvec->publicKey, &constants, &result));
+ err = rsa_3072_verify(&testvec->signature, &encodedMessage,
+ &testvec->publicKey, &constants, &result);
+ if (err != kOtbnOk) {
+ LOG_ERROR("Error from OTBN during signature verification: 0x%08x.", err);
+ return false;
+ }
if (testvec->valid) {
CHECK(result == kHardenedBoolTrue);
@@ -33,13 +45,14 @@
CHECK(result == kHardenedBoolFalse);
}
- return kErrorOk;
+ return true;
}
const test_config_t kTestConfig;
bool test_main(void) {
- rom_error_t result = kErrorOk;
+ // Stays true only if all tests pass.
+ bool result = true;
entropy_testutils_boot_mode_init();
@@ -47,17 +60,17 @@
LOG_INFO("Starting rsa_3072_verify_test on test vector %d of %d...", i + 1,
RSA_3072_VERIFY_NUM_TESTS);
rsa_3072_verify_test_vector_t testvec = rsa_3072_verify_tests[i];
- rom_error_t localErr = rsa_3072_verify_test(&testvec);
- if (localErr == kErrorOk) {
+ bool local_result = rsa_3072_verify_test(&testvec);
+ if (local_result) {
LOG_INFO("Finished rsa_3072_verify_test on test vector %d : ok", i + 1);
} else {
LOG_ERROR(
- "Finished rsa_3072_verify_test on test vector %d : error 0x%08x.",
- i + 1, localErr);
+ "Finished rsa_3072_verify_test on test vector %d : error",
+ i + 1);
LOG_INFO("Test notes: %s", testvec.comment);
- result = localErr;
}
+ result &= local_result;
}
- return result == kErrorOk;
+ return result;
}
diff --git a/sw/device/tests/crypto/rsa_3072_verify_testvectors.h b/sw/device/tests/crypto/rsa_3072_verify_testvectors.h
index 165e420..1155226 100644
--- a/sw/device/tests/crypto/rsa_3072_verify_testvectors.h
+++ b/sw/device/tests/crypto/rsa_3072_verify_testvectors.h
@@ -5,10 +5,10 @@
// AUTOGENERATED. Do not edit this file by hand.
// See the crypto/tests README for details.
-#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_TESTS_RSA_3072_VERIFY_TESTVECTORS_H_
-#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_TESTS_RSA_3072_VERIFY_TESTVECTORS_H_
+#ifndef OPENTITAN_SW_DEVICE_TESTS_CRYPTO_RSA_3072_VERIFY_TESTVECTORS_H_
+#define OPENTITAN_SW_DEVICE_TESTS_CRYPTO_RSA_3072_VERIFY_TESTVECTORS_H_
-#include "sw/device/silicon_creator/lib/crypto/rsa_3072/rsa_3072_verify.h"
+#include "sw/device/lib/crypto/rsa_3072/rsa_3072_verify.h"
#ifdef __cplusplus
extern "C" {
@@ -161,4 +161,4 @@
} // extern "C"
#endif // __cplusplus
-#endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_TESTS_RSA_3072_VERIFY_TESTVECTORS_H_
+#endif // OPENTITAN_SW_DEVICE_TESTS_CRYPTO_RSA_3072_VERIFY_TESTVECTORS_H_
diff --git a/sw/device/tests/crypto/rsa_3072_verify_testvectors.h.tpl b/sw/device/tests/crypto/rsa_3072_verify_testvectors.h.tpl
index 18f0d3a..222a02d 100644
--- a/sw/device/tests/crypto/rsa_3072_verify_testvectors.h.tpl
+++ b/sw/device/tests/crypto/rsa_3072_verify_testvectors.h.tpl
@@ -5,10 +5,10 @@
// AUTOGENERATED. Do not edit this file by hand.
// See the crypto/tests README for details.
-#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_TESTS_RSA_3072_VERIFY_TESTVECTORS_H_
-#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_TESTS_RSA_3072_VERIFY_TESTVECTORS_H_
+#ifndef OPENTITAN_SW_DEVICE_TESTS_CRYPTO_RSA_3072_VERIFY_TESTVECTORS_H_
+#define OPENTITAN_SW_DEVICE_TESTS_CRYPTO_RSA_3072_VERIFY_TESTVECTORS_H_
-#include "sw/device/silicon_creator/lib/crypto/rsa_3072/rsa_3072_verify.h"
+#include "sw/device/lib/crypto/rsa_3072/rsa_3072_verify.h"
#ifdef __cplusplus
extern "C" {
@@ -71,4 +71,4 @@
} // extern "C"
#endif // __cplusplus
-#endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_CRYPTO_TESTS_RSA_3072_VERIFY_TESTVECTORS_H_
+#endif // OPENTITAN_SW_DEVICE_TESTS_CRYPTO_RSA_3072_VERIFY_TESTVECTORS_H_
