| // Copyright lowRISC contributors. |
| // Licensed under the Apache License, Version 2.0, see LICENSE for details. |
| // SPDX-License-Identifier: Apache-2.0 |
| { |
| name: "keymgr" |
| import_testplans: ["hw/dv/tools/dvsim/testplans/csr_testplan.hjson", |
| "hw/dv/tools/dvsim/testplans/intr_test_testplan.hjson", |
| "hw/dv/tools/dvsim/testplans/alert_test_testplan.hjson", |
| "hw/dv/tools/dvsim/testplans/tl_device_access_types_testplan.hjson", |
| "hw/dv/tools/dvsim/testplans/shadow_reg_errors_testplan.hjson", |
| "hw/dv/tools/dvsim/testplans/sec_cm_count_testplan.hjson", |
| "hw/dv/tools/dvsim/testplans/sec_cm_fsm_testplan.hjson", |
| "hw/dv/tools/dvsim/testplans/stress_all_with_reset_testplan.hjson", |
| "keymgr_sec_cm_testplan.hjson"] |
| testpoints: [ |
| { |
| name: smoke |
| desc: ''' |
| Smoke test accessing a major datapath within the keymgr. |
| Test operations (advance, gen-id and gen-sw-out) in every state |
| |
| Stimulus: |
| - Go through state from `StReset` to `StDisabled`. |
| - Issue gen-id, gen-sw-output operation in each state, including invalid operations in |
| states other than normal operating states (`StCreatorRootKey`, `StOwnerIntKey` and |
| `StOwnerRootKey`). |
| - Randomize `CDI_SEL` and `DEST_SEL`. |
| - Use default/fixed values for HW/SW inputs. |
| |
| Checks: |
| - Check STATUS reg for each operation. |
| - Check interrupts `op_done` is triggered when operation is done. |
| - Check `err` and alert `recov_operation_err` are triggered after invalid operation. |
| - Check KMAC key, KMAC data and output SW data for correctness. |
| - For invalid operations, check KMAC key, KMAC data and output SW data don't match to |
| any of saved meaningful data, which are collected from valid operations. This |
| checking method is also applied to other error cases. |
| ''' |
| stage: V1 |
| tests: ["keymgr_smoke"] |
| } |
| { |
| name: random |
| desc: ''' |
| Extend from smoke to randomize all SW input data |
| - Fully randomize SW inputs: rom_ext_desc_*, software_binding_*, salt_*, max_*_key_ver, |
| *_key_ver_regwen. |
| - Randomize key_version any value less than max_*_key_ver, to avoid triggerring |
| `invalid_kmac_input` error. |
| - Fully randomize HW inputs from flash, otp and life cycle. |
| - Randomize *sw_binding_regwen. Ensure this gates the *_sw_binding and it will |
| be cleared after a successful advance operation. |
| |
| Most of other sequences are derived from this to have similar init and sequence. |
| |
| Stimulus and checks are the same as smoke. |
| ''' |
| stage: V1 |
| tests: ["keymgr_random"] |
| } |
| { |
| name: cfgen_during_op |
| desc: ''' |
| `cfg_regwen` is RO reg and it gates bunch of write access of other registers, which is |
| not tested in common CSR tests. |
| |
| Stimulus and checks: |
| Test command and reg access gated by `cfg_regwen` is ignored during operation. |
| ''' |
| stage: V2 |
| tests: ["keymgr_cfg_regwen"] |
| } |
| { |
| name: sideload |
| desc: ''' |
| Keymgr contains HW sideload interfaces to output keys for KMAC, AES, OTBN. |
| |
| Stimulus: |
| - Generate a keymgr output to HW sideload interface, exercising all the sideload |
| interfaces. |
| - Randomly program any value to Sideload_clear after any operation. |
| |
| Checks: |
| Verify the sideload data and status for correctness. |
| ''' |
| stage: V2 |
| tests: ["keymgr_sideload", "keymgr_sideload_kmac", |
| "keymgr_sideload_aes", "keymgr_sideload_otbn"] |
| } |
| { |
| name: direct_to_disabled_state |
| desc: ''' |
| Stimulus and checks: |
| Directly go to `StDisabled` from any state and check `StDisabled` is entered correctly. |
| ''' |
| stage: V2 |
| tests: ["keymgr_direct_to_disabled"] |
| } |
| { |
| name: lc_disable |
| desc: ''' |
| Life cycle can disable keymgr and let keymgr wipe secret immediately. |
| |
| Stimulus: |
| Test life cycle disables keymgr in any state. |
| |
| Checks: |
| - If keymgr is not initialized, check it can't be initialized until life cycle enables |
| keymgr. |
| - If keymgr is in a valid state after `StReset`, key output to KMAC is wiped immediately |
| and SW output will be invalid after OP is done. |
| - If keymgr in disabled state, check the behavior is consistent with normal behavior. |
| ''' |
| stage: V2 |
| tests: ["keymgr_lc_disable"] |
| } |
| { |
| name: kmac_error_response |
| desc: ''' |
| Verify `keymgr` behavior on error response received from `KMAC` after sending data to |
| it. |
| |
| Stimulus: |
| - Drive error from KMAC interface when VALID is high. |
| - Or drive all 0s or 1s as KMAC input digest data |
| |
| Checks: |
| Same as above entry - "invalid_cmd". |
| ''' |
| stage: V2 |
| tests: ["keymgr_kmac_rsp_err"] |
| } |
| { |
| name: invalid_sw_input |
| desc: ''' |
| Verify `keymgr` behavior with invalid key version. |
| |
| Stimulus: |
| Randomize KEY_VERSION and MAX_*_VER registers. |
| |
| Checks: |
| when KEY_VERSION > MAX_*_VER |
| - Check interrupts `err` is triggered. |
| - Check alert `recov_operation_err` is triggered and err_code is `INVALID_KMAC_INPUT`. |
| - Check KMAC output key is corrupted and working state remains the same. |
| ''' |
| stage: V2 |
| tests: ["keymgr_sw_invalid_input"] |
| } |
| { |
| name: invalid_hw_input |
| desc: ''' |
| Verify `keymgr` behavior with invalid data patterns. |
| |
| Stimulus: |
| - Drive all 0s or 1s on any of these inputs - flash seeds, otp_key, diversification ID, |
| Rom digest etc. |
| - Make sure all cases are covered in `csr_debug_cg`. |
| |
| Checks: |
| - Check interrupts `err` is triggered. |
| - Check alert `recov_operation_err` is triggered and err_code is `INVALID_KMAC_DATA`. |
| - Check SW output isn't updated and working state remains the same. |
| ''' |
| stage: V2 |
| tests: ["keymgr_hwsw_invalid_input"] |
| } |
| { |
| name: sync_async_fault_cross |
| desc: ''' |
| Verify `keymgr` behavior with invalid data patterns. |
| |
| Stimulus: |
| Create these 2 direct tests: |
| - Sync (transactional) fault occurs followed by async (non-transactional) fault. |
| - Async (non-transactional) fault occurs followed by sync (transactional) fault. |
| |
| Checks: |
| - Check interrupts `err` is triggered. |
| - Check alert `fatal_fault_err` is triggered. |
| - Check `fault_status` is updated correctly. |
| ''' |
| stage: V2 |
| tests: ["keymgr_sync_async_fault_cross"] |
| } |
| { |
| name: stress_all |
| desc: ''' |
| - Combine above sequences in one test to run sequentially, except csr sequence and |
| keymgr_cfg_regwen (requires zero_delays). |
| - Randomly add reset between each sequence. |
| ''' |
| stage: V2 |
| tests: ["keymgr_stress_all"] |
| } |
| { |
| name: sec_cm_additional_check |
| desc: ''' |
| Verify the outcome of injecting faults to security countermeasures. |
| |
| Stimulus: |
| As mentioned in `prim_count_check`, `prim_one_hot_check` and `prim_fsm_check`. |
| |
| Checks: |
| - Besides checking alert and `fault_status`, issue an operation after injecting faults, |
| then ensure that `op_status` is failed and design enters `StInvalid`. |
| ''' |
| stage: V2S |
| tests: ["keymgr_sec_cm"] |
| } |
| ] |
| covergroups: [ |
| { |
| name: state_and_op_cg |
| desc: ''' |
| - Cover all operations with `cdi_sel`, `dest_sel` and `op_status` (only fail or success) |
| at any of all working_states. |
| - This is sampled once an operation is done.''' |
| } |
| { |
| name: lc_disable_cg |
| desc: ''' |
| - Cover LC disable occurs at any of all the states or during any of all the |
| operations. |
| - This is sampled once LC disables keymgr.''' |
| } |
| { |
| name: sideload_clear_cg |
| desc: ''' |
| - Cover all the `sideload_clear` values are used after any of all the operations and in |
| any of all the states. |
| - Cover `sideload_clear` with any combination of availability of 3 sideload interfaces. |
| - This is sampled once sideload_clear is programmed after an operation.''' |
| } |
| { |
| name: reseed_interval_cg |
| desc: ''' |
| - Cover small values of reseed_interval are used, so that TB can actually check EDN |
| request is sent in the right interval. |
| - Also Cover some large values to ensure all bits are toggled.''' |
| } |
| { |
| name: keymgr_sw_input_cg |
| desc: ''' |
| - Cover all bits of SW inputs are toggled. |
| - SW input includes these CSRS: `*_sw_binding`, `salt`, `key_version`, `max_*_key_ver*`. |
| - Cross with the corresponding regwen.''' |
| } |
| { |
| name: err_code_cg |
| desc: ''' |
| - Cover `err_codes` values except `invalid_shadow_update` as that is tested in a common |
| direct test. |
| - This is sampled when `err_codes` is read.''' |
| } |
| { |
| name: hw_invalid_input_cg |
| desc: ''' |
| Cover all HW invalid inputs, including |
| - all ones/zeros on OTP root key. |
| - OTP root key valid is low. |
| - all ones/zeros on LC keymgr health state. |
| - all ones/zeros on ROM degist. |
| - ROM degist valid is low. |
| - all ones/zeros on flash creator seeds. |
| - all ones/zeros on flash owner seeds.''' |
| } |
| { |
| name: key_version_compare_cg |
| desc: ''' |
| - Cover comparison results (equal, less, greater) of key_version and current max value. |
| - Cross with state and operation (gen-sw-out or gen-hw-out).''' |
| } |
| { |
| name: fault_status_cg |
| desc: ''' |
| - Cover `fault_status` values except `REGFILE_INTG` and `SHADOW` as they are tested in |
| a common direct test. |
| - This is sampled when `fault_status` is read.''' |
| } |
| { |
| name: sync_async_fault_cross_cg |
| desc: ''' |
| - Cover sync and async fault cross with each other, including 2 cases - sync fault |
| occurs first and async fault occurs first. |
| - This is sampled after `fault_status` is read in the sequence.''' |
| } |
| ] |
| } |
