[dv, csrng] Move part of kat implementation to testutils file The functions being moved by this commit will be shared with others csrng tests. Signed-off-by: Douglas Reis <doreis@lowrisc.org>

commit: 63f4597ebe49173cc29c6852aeabbf475d77da97 [log] [tgz]
author: Douglas Reis <doreis@lowrisc.org> Tue Aug 23 21:14:53 2022 +0100
committer: Douglas Reis <65042207+engdoreis@users.noreply.github.com> Fri Aug 26 15:43:00 2022 +0100
tree: f91a4b1f8a10056c075b2217dff3a853bcb42f34
parent: 63389beab508384c69c7ddd21a19afefa5b2e99b [diff]
diff --git a/sw/device/lib/testing/csrng_testutils.c b/sw/device/lib/testing/csrng_testutils.c
index 1b0a299..34c1ac9 100644
--- a/sw/device/lib/testing/csrng_testutils.c
+++ b/sw/device/lib/testing/csrng_testutils.c

@@ -27,3 +27,118 @@
 
   CHECK_DIF_OK(dif_csrng_generate_read(csrng, output, output_len));
 }
+
+void csrng_testutils_check_internal_state(
+    const dif_csrng_t *csrng, const dif_csrng_internal_state_t *expected) {
+  csrng_testutils_cmd_ready_wait(csrng);
+  dif_csrng_internal_state_t got;
+  CHECK_DIF_OK(
+      dif_csrng_get_internal_state(csrng, kCsrngInternalStateIdSw, &got));
+
+  CHECK(got.instantiated == expected->instantiated);
+  CHECK(got.reseed_counter == expected->reseed_counter);
+  CHECK(got.fips_compliance == expected->fips_compliance);
+
+  CHECK_ARRAYS_EQ(got.v, expected->v, ARRAYSIZE(expected->v),
+                  "CSRNG internal V buffer mismatch.");
+
+  CHECK_ARRAYS_EQ(got.key, expected->key, ARRAYSIZE(expected->key),
+                  "CSRNG internal K buffer mismatch.");
+}
+
+/**
+ * CTR DRBG Known-Answer-Tests (KATs).
+ *
+ * Test vector sourced from NIST's CAVP website:
+ * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/random-number-generators
+ *
+ * The number format in this docstring follows the CAVP format to simplify
+ * auditing of this test case.
+ *
+ * Test vector: CTR_DRBG AES-256 no DF.
+ *
+ * - EntropyInput =
+ * df5d73faa468649edda33b5cca79b0b05600419ccb7a879ddfec9db32ee494e5531b51de16a30f769262474c73bec010
+ * - Nonce = EMPTY
+ * - PersonalizationString = EMPTY
+ *
+ * Command: Instantiate
+ * - Key = 8c52f901632d522774c08fad0eb2c33b98a701a1861aecf3d8a25860941709fd
+ * - V   = 217b52142105250243c0b2c206b8f59e
+ *
+ * Command: Generate (first call):
+ * - Key = 72f4af5c93258eb3eeec8c0cacea6c1d1978a4fad44312725f1ac43b167f2d52
+ * - V   = e86f6d07dfb551cebad80e6bf6830ac4
+ *
+ * Command: Generate (second call):
+ * - Key = 1a1c6e5f1cccc6974436e5fd3f015bc8e9dc0f90053b73e3c19d4dfd66d1b85a
+ * - V   = 53c78ac61a0bac9d7d2e92b1e73e3392
+ * - ReturnedBits =
+ * d1c07cd95af8a7f11012c84ce48bb8cb87189e99d40fccb1771c619bdf82ab2280b1dc2f2581f39164f7ac0c510494b3a43c41b7db17514c87b107ae793e01c5
+ */
+void csrng_testutils_fips_instantiate_kat(const dif_csrng_t *csrng,
+                                          bool fail_expected) {
+  LOG_INFO("%s", __func__);
+
+  CHECK_DIF_OK(dif_csrng_uninstantiate(csrng));
+  const dif_csrng_seed_material_t kEntropyInput = {
+      .seed_material = {0x73bec010, 0x9262474c, 0x16a30f76, 0x531b51de,
+                        0x2ee494e5, 0xdfec9db3, 0xcb7a879d, 0x5600419c,
+                        0xca79b0b0, 0xdda33b5c, 0xa468649e, 0xdf5d73fa},
+      .seed_material_len = 12,
+  };
+  csrng_testutils_cmd_ready_wait(csrng);
+
+  CHECK_DIF_OK(dif_csrng_instantiate(csrng, kDifCsrngEntropySrcToggleDisable,
+                                     &kEntropyInput));
+
+  const dif_csrng_internal_state_t kExpectedState = {
+      .reseed_counter = 1,
+      .v = {0x06b8f59e, 0x43c0b2c2, 0x21052502, 0x217b5214},
+      .key = {0x941709fd, 0xd8a25860, 0x861aecf3, 0x98a701a1, 0x0eb2c33b,
+              0x74c08fad, 0x632d5227, 0x8c52f901},
+      .instantiated = true,
+      .fips_compliance = false,
+  };
+  const dif_csrng_internal_state_t kZeroState = {};
+
+  csrng_testutils_check_internal_state(
+      csrng, fail_expected ? &kZeroState : &kExpectedState);
+}
+
+/**
+ * CTR DRBG Known-Answer-Test (KAT) for GENERATE command.
+ */
+void csrng_testutils_fips_generate_kat(const dif_csrng_t *csrng) {
+  LOG_INFO("Generate KAT");
+
+  enum {
+    kExpectedOutputLen = 16,
+  };
+  uint32_t got[kExpectedOutputLen];
+
+  csrng_testutils_cmd_generate_run(csrng, got, kExpectedOutputLen);
+  csrng_testutils_cmd_generate_run(csrng, got, kExpectedOutputLen);
+  const dif_csrng_internal_state_t kExpectedState = {
+      .reseed_counter = 3,
+      .v = {0xe73e3392, 0x7d2e92b1, 0x1a0bac9d, 0x53c78ac6},
+
+      .key = {0x66d1b85a, 0xc19d4dfd, 0x053b73e3, 0xe9dc0f90, 0x3f015bc8,
+              0x4436e5fd, 0x1cccc697, 0x1a1c6e5f},
+      .instantiated = true,
+      .fips_compliance = false,
+  };
+  csrng_testutils_check_internal_state(csrng, &kExpectedState);
+
+  // TODO(#13342): csrng does not provide a linear output order. For example,
+  // note the test vector output word order: 12,13,14,15 8,9,10,11 4,5,6,7
+  // 0,1,2,3.
+  const uint32_t kExpectedOutput[kExpectedOutputLen] = {
+      0xe48bb8cb, 0x1012c84c, 0x5af8a7f1, 0xd1c07cd9, 0xdf82ab22, 0x771c619b,
+      0xd40fccb1, 0x87189e99, 0x510494b3, 0x64f7ac0c, 0x2581f391, 0x80b1dc2f,
+      0x793e01c5, 0x87b107ae, 0xdb17514c, 0xa43c41b7,
+  };
+
+  CHECK_ARRAYS_EQ(got, kExpectedOutput, kExpectedOutputLen,
+                  "Generate command KAT output mismatch");
+}

diff --git a/sw/device/lib/testing/csrng_testutils.h b/sw/device/lib/testing/csrng_testutils.h
index 406e223..79da93f 100644
--- a/sw/device/lib/testing/csrng_testutils.h
+++ b/sw/device/lib/testing/csrng_testutils.h

@@ -23,4 +23,29 @@
 void csrng_testutils_cmd_generate_run(const dif_csrng_t *csrng,
                                       uint32_t *output, size_t output_len);
 
+/**
+ * Checks the CSRNG internal state against `expected` values.
+ *
+ * @param csrng A CSRNG handle.
+ * @param expected Expected CSRNG internal state.
+ */
+void csrng_testutils_check_internal_state(
+    const dif_csrng_t *csrng, const dif_csrng_internal_state_t *expected);
+
+/**
+ * CTR DRBG Known-Answer-Test (KAT) for INSTANTIATE command.
+ *
+ * @param csrng Handle.
+ * @param fail_expected Expected fail.
+ */
+void csrng_testutils_fips_instantiate_kat(const dif_csrng_t *csrng,
+                                          bool fail_expected);
+
+/**
+ * CTR DRBG Known-Answer-Test (KAT) for GENERATE command.
+ *
+ * @param csrng Handle.
+ */
+void csrng_testutils_fips_generate_kat(const dif_csrng_t *csrng);
+
 #endif  // OPENTITAN_SW_DEVICE_LIB_TESTING_CSRNG_TESTUTILS_H_

diff --git a/sw/device/tests/csrng_kat_test.c b/sw/device/tests/csrng_kat_test.c
index 784a848..cfc8e50 100644
--- a/sw/device/tests/csrng_kat_test.c
+++ b/sw/device/tests/csrng_kat_test.c

@@ -14,95 +14,6 @@
 
 OTTF_DEFINE_TEST_CONFIG();
 
-enum {
-  kExpectedOutputLen = 16,
-};
-
-/**
- * Checks the CSRNG internal state against `expected` values.
- *
- * @param csrng A CSRNG handle.
- * @param expected Expected CSRNG internal state.
- */
-static void check_internal_state(const dif_csrng_t *csrng,
-                                 const dif_csrng_internal_state_t *expected) {
-  csrng_testutils_cmd_ready_wait(csrng);
-  dif_csrng_internal_state_t got;
-  CHECK_DIF_OK(
-      dif_csrng_get_internal_state(csrng, kCsrngInternalStateIdSw, &got));
-
-  CHECK(got.instantiated == expected->instantiated);
-  CHECK(got.reseed_counter == expected->reseed_counter);
-  CHECK(got.fips_compliance == expected->fips_compliance);
-
-  CHECK_ARRAYS_EQ(got.v, expected->v, ARRAYSIZE(expected->v),
-                  "CSRNG internal V buffer mismatch.");
-
-  CHECK_ARRAYS_EQ(got.key, expected->key, ARRAYSIZE(expected->key),
-                  "CSRNG internal K buffer mismatch.");
-}
-
-/**
- * CTR DRBG Known-Answer-Test (KAT) for INSTANTIATE command.
- */
-static void fips_instantiate_kat(const dif_csrng_t *csrng) {
-  LOG_INFO("Instantiate KAT");
-
-  const dif_csrng_seed_material_t kEntropyInput = {
-      .seed_material = {0x73bec010, 0x9262474c, 0x16a30f76, 0x531b51de,
-                        0x2ee494e5, 0xdfec9db3, 0xcb7a879d, 0x5600419c,
-                        0xca79b0b0, 0xdda33b5c, 0xa468649e, 0xdf5d73fa},
-      .seed_material_len = 12,
-  };
-  csrng_testutils_cmd_ready_wait(csrng);
-
-  CHECK_DIF_OK(dif_csrng_instantiate(csrng, kDifCsrngEntropySrcToggleDisable,
-                                     &kEntropyInput));
-  const dif_csrng_internal_state_t kExpectedState = {
-      .reseed_counter = 1,
-      .v = {0x06b8f59e, 0x43c0b2c2, 0x21052502, 0x217b5214},
-      .key = {0x941709fd, 0xd8a25860, 0x861aecf3, 0x98a701a1, 0x0eb2c33b,
-              0x74c08fad, 0x632d5227, 0x8c52f901},
-      .instantiated = true,
-      .fips_compliance = false,
-  };
-  check_internal_state(csrng, &kExpectedState);
-}
-
-/**
- * CTR DRBG Known-Answer-Test (KAT) for GENERATE command.
- */
-static void fips_generate_kat(const dif_csrng_t *csrng) {
-  LOG_INFO("Generate KAT");
-
-  uint32_t got[kExpectedOutputLen];
-
-  csrng_testutils_cmd_generate_run(csrng, got, kExpectedOutputLen);
-  csrng_testutils_cmd_generate_run(csrng, got, kExpectedOutputLen);
-  const dif_csrng_internal_state_t kExpectedState = {
-      .reseed_counter = 3,
-      .v = {0xe73e3392, 0x7d2e92b1, 0x1a0bac9d, 0x53c78ac6},
-
-      .key = {0x66d1b85a, 0xc19d4dfd, 0x053b73e3, 0xe9dc0f90, 0x3f015bc8,
-              0x4436e5fd, 0x1cccc697, 0x1a1c6e5f},
-      .instantiated = true,
-      .fips_compliance = false,
-  };
-  check_internal_state(csrng, &kExpectedState);
-
-  // TODO(#13342): csrng does not provide a linear output order. For example,
-  // note the test vector output word order: 12,13,14,15 8,9,10,11 4,5,6,7
-  // 0,1,2,3.
-  const uint32_t kExpectedOutput[kExpectedOutputLen] = {
-      0xe48bb8cb, 0x1012c84c, 0x5af8a7f1, 0xd1c07cd9, 0xdf82ab22, 0x771c619b,
-      0xd40fccb1, 0x87189e99, 0x510494b3, 0x64f7ac0c, 0x2581f391, 0x80b1dc2f,
-      0x793e01c5, 0x87b107ae, 0xdb17514c, 0xa43c41b7,
-  };
-
-  CHECK_ARRAYS_EQ(got, kExpectedOutput, kExpectedOutputLen,
-                  "Generate command KAT output mismatch");
-}
-
 /**
  * Run CTR DRBG Known-Answer-Tests (KATs).
  *
@@ -135,8 +46,8 @@
  */
 void test_ctr_drbg_ctr0(const dif_csrng_t *csrng) {
   CHECK_DIF_OK(dif_csrng_uninstantiate(csrng));
-  fips_instantiate_kat(csrng);
-  fips_generate_kat(csrng);
+  csrng_testutils_fips_instantiate_kat(csrng, /*fail_expected=*/false);
+  csrng_testutils_fips_generate_kat(csrng);
 }
 
 bool test_main(void) {
commit	63f4597ebe49173cc29c6852aeabbf475d77da97	[log] [tgz]
author	Douglas Reis <doreis@lowrisc.org>	Tue Aug 23 21:14:53 2022 +0100
committer	Douglas Reis <65042207+engdoreis@users.noreply.github.com>	Fri Aug 26 15:43:00 2022 +0100
tree	f91a4b1f8a10056c075b2217dff3a853bcb42f34
parent	63389beab508384c69c7ddd21a19afefa5b2e99b [diff]