commit d396422a35b73ebca8c98088f5902e7bfdc2ed32
author Alphan Ulusoy <alphan@google.com> Fri Jul 16 10:36:11 2021 -0400
committer Alphan Ulusoy <alphan@google.com> Fri Jul 23 13:50:04 2021 -0400
tree edcf8e403512648c628f4907e8c54fa33fcec4b6
parent cebce29b123ee7d3bad80d13efb6f2e53138042c

[sw/silicon_creator] Scaffolding for sigverify_mod_exp_otbn

Signed-off-by: Alphan Ulusoy <alphan@google.com>

sw/device/silicon_creator/lib/meson.build

diff --git a/sw/device/silicon_creator/lib/meson.build b/sw/device/silicon_creator/lib/meson.build
index 4b4c74c..5e90be0 100644
--- a/sw/device/silicon_creator/lib/meson.build
+++ b/sw/device/silicon_creator/lib/meson.build
@@ -51,6 +51,7 @@
     'sw_silicon_creator_lib_sigverify',
     sources: [
       'sigverify_mod_exp_ibex.c',
+      'sigverify_mod_exp_otbn.c',
       'sigverify.c',
       hw_ip_otp_ctrl_reg_h,
     ],

sw/device/silicon_creator/lib/mock_sigverify_mod_exp_ibex.h

diff --git a/sw/device/silicon_creator/lib/mock_sigverify_mod_exp.h b/sw/device/silicon_creator/lib/mock_sigverify_mod_exp_ibex.h
similarity index 76%
rename from sw/device/silicon_creator/lib/mock_sigverify_mod_exp.h
rename to sw/device/silicon_creator/lib/mock_sigverify_mod_exp_ibex.h
index 554c544..624d8b1 100644
--- a/sw/device/silicon_creator/lib/mock_sigverify_mod_exp.h
+++ b/sw/device/silicon_creator/lib/mock_sigverify_mod_exp_ibex.h
@@ -2,8 +2,8 @@
 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
 // SPDX-License-Identifier: Apache-2.0
 
-#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_H_
-#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_H_
+#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_IBEX_H_
+#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_IBEX_H_
 
 #include "sw/device/lib/testing/mask_rom_test.h"
 #include "sw/device/silicon_creator/lib/sigverify_mod_exp.h"
@@ -12,30 +12,30 @@
 namespace internal {
 
 /**
- * Mock class for sigverify_mod_exp.h
+ * Mock class for sigverify_mod_exp_ibex.c
  */
-class MockSigverifyModExp {
+class MockSigverifyModExpIbex {
  public:
-  MOCK_METHOD(rom_error_t, ibex,
+  MOCK_METHOD(rom_error_t, mod_exp,
               (const sigverify_rsa_key_t *, const sigverify_rsa_buffer_t *,
                sigverify_rsa_buffer_t *));
-  virtual ~MockSigverifyModExp() {}
+  virtual ~MockSigverifyModExpIbex() {}
 };
 
 }  // namespace internal
 
-using MockSigverifyModExp =
-    GlobalMock<testing::StrictMock<internal::MockSigverifyModExp>>;
+using MockSigverifyModExpIbex =
+    GlobalMock<testing::StrictMock<internal::MockSigverifyModExpIbex>>;
 
 extern "C" {
 
 rom_error_t sigverify_mod_exp_ibex(const sigverify_rsa_key_t *key,
                                    const sigverify_rsa_buffer_t *sig,
                                    sigverify_rsa_buffer_t *result) {
-  return MockSigverifyModExp::Instance().ibex(key, sig, result);
+  return MockSigverifyModExpIbex::Instance().mod_exp(key, sig, result);
 }
 
 }  // extern "C"
 }  // namespace mask_rom_test
 
-#endif  // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_H_
+#endif  // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_IBEX_H_

sw/device/silicon_creator/lib/mock_sigverify_mod_exp_otbn.h

diff --git a/sw/device/silicon_creator/lib/mock_sigverify_mod_exp.h b/sw/device/silicon_creator/lib/mock_sigverify_mod_exp_otbn.h
similarity index 71%
copy from sw/device/silicon_creator/lib/mock_sigverify_mod_exp.h
copy to sw/device/silicon_creator/lib/mock_sigverify_mod_exp_otbn.h
index 554c544..bda1832 100644
--- a/sw/device/silicon_creator/lib/mock_sigverify_mod_exp.h
+++ b/sw/device/silicon_creator/lib/mock_sigverify_mod_exp_otbn.h
@@ -2,8 +2,8 @@
 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
 // SPDX-License-Identifier: Apache-2.0
 
-#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_H_
-#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_H_
+#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_OTBN_H_
+#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_OTBN_H_
 
 #include "sw/device/lib/testing/mask_rom_test.h"
 #include "sw/device/silicon_creator/lib/sigverify_mod_exp.h"
@@ -12,30 +12,30 @@
 namespace internal {
 
 /**
- * Mock class for sigverify_mod_exp.h
+ * Mock class for sigverify_mod_exp_otbn.c
  */
-class MockSigverifyModExp {
+class MockSigverifyModExpOtbn {
  public:
-  MOCK_METHOD(rom_error_t, ibex,
+  MOCK_METHOD(rom_error_t, mod_exp,
               (const sigverify_rsa_key_t *, const sigverify_rsa_buffer_t *,
                sigverify_rsa_buffer_t *));
-  virtual ~MockSigverifyModExp() {}
+  virtual ~MockSigverifyModExpOtbn() {}
 };
 
 }  // namespace internal
 
-using MockSigverifyModExp =
-    GlobalMock<testing::StrictMock<internal::MockSigverifyModExp>>;
+using MockSigverifyModExpOtbn =
+    GlobalMock<testing::StrictMock<internal::MockSigverifyModExpOtbn>>;
 
 extern "C" {
 
-rom_error_t sigverify_mod_exp_ibex(const sigverify_rsa_key_t *key,
+rom_error_t sigverify_mod_exp_otbn(const sigverify_rsa_key_t *key,
                                    const sigverify_rsa_buffer_t *sig,
                                    sigverify_rsa_buffer_t *result) {
-  return MockSigverifyModExp::Instance().ibex(key, sig, result);
+  return MockSigverifyModExpOtbn::Instance().mod_exp(key, sig, result);
 }
 
 }  // extern "C"
 }  // namespace mask_rom_test
 
-#endif  // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_H_
+#endif  // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_MOCK_SIGVERIFY_MOD_EXP_OTBN_H_

sw/device/silicon_creator/lib/sigverify.c

diff --git a/sw/device/silicon_creator/lib/sigverify.c b/sw/device/silicon_creator/lib/sigverify.c
index e679103..12a0bf3 100644
--- a/sw/device/silicon_creator/lib/sigverify.c
+++ b/sw/device/silicon_creator/lib/sigverify.c
@@ -87,7 +87,7 @@
       RETURN_IF_ERROR(sigverify_mod_exp_ibex(key, signature, &enc_msg));
       break;
     case kHardenedBoolFalse:
-      // FIXME: OTBN modular exponentiation.
+      RETURN_IF_ERROR(sigverify_mod_exp_otbn(key, signature, &enc_msg));
       break;
     default:
       return kErrorSigverifyBadOtpValue;

sw/device/silicon_creator/lib/sigverify_mod_exp.h

diff --git a/sw/device/silicon_creator/lib/sigverify_mod_exp.h b/sw/device/silicon_creator/lib/sigverify_mod_exp.h
index b081b80..d8c11f1 100644
--- a/sw/device/silicon_creator/lib/sigverify_mod_exp.h
+++ b/sw/device/silicon_creator/lib/sigverify_mod_exp.h
@@ -16,7 +16,7 @@
 #endif  // __cplusplus
 
 /**
- * Computes the modular exponentiation of an RSA signature.
+ * Computes the modular exponentiation of an RSA signature on Ibex.
  *
  * Given an RSA public key and sig, this function computes sig^e mod n using
  * Montgomery multiplication, where
@@ -26,12 +26,29 @@
  * @param key An RSA public key.
  * @param sig Buffer that holds the signature, little-endian.
  * @param result Buffer to write the result to, little-endian.
- * @return True if successful, false otherwise.
+ * @return The result of the operation.
  */
 rom_error_t sigverify_mod_exp_ibex(const sigverify_rsa_key_t *key,
                                    const sigverify_rsa_buffer_t *sig,
                                    sigverify_rsa_buffer_t *result);
 
+/**
+ * Computes the modular exponentiation of an RSA signature on OTBN.
+ *
+ * Given an RSA public key and sig, this function computes sig^e mod n using
+ * Montgomery multiplication, where
+ * - sig is an RSA signature,
+ * - e and n are the exponent and the modulus of the key, respectively.
+ *
+ * @param key An RSA public key.
+ * @param sig Buffer that holds the signature, little-endian.
+ * @param result Buffer to write the result to, little-endian.
+ * @return The result of the operation.
+ */
+rom_error_t sigverify_mod_exp_otbn(const sigverify_rsa_key_t *key,
+                                   const sigverify_rsa_buffer_t *sig,
+                                   sigverify_rsa_buffer_t *result);
+
 #ifdef __cplusplus
 }  // extern "C"
 #endif  // __cplusplus

sw/device/silicon_creator/lib/sigverify_mod_exp_otbn.c

diff --git a/sw/device/silicon_creator/lib/sigverify_mod_exp_otbn.c b/sw/device/silicon_creator/lib/sigverify_mod_exp_otbn.c
new file mode 100644
index 0000000..bc70bc3
--- /dev/null
+++ b/sw/device/silicon_creator/lib/sigverify_mod_exp_otbn.c
@@ -0,0 +1,12 @@
+// Copyright lowRISC contributors.
+// Licensed under the Apache License, Version 2.0, see LICENSE for details.
+// SPDX-License-Identifier: Apache-2.0
+
+#include "sw/device/silicon_creator/lib/sigverify_mod_exp.h"
+
+rom_error_t sigverify_mod_exp_otbn(const sigverify_rsa_key_t *key,
+                                   const sigverify_rsa_buffer_t *sig,
+                                   sigverify_rsa_buffer_t *result) {
+  // TODO(#7347): Implement this.
+  return kErrorSigverifyBadExponent;
+}

sw/device/silicon_creator/lib/sigverify_unittest.cc

diff --git a/sw/device/silicon_creator/lib/sigverify_unittest.cc b/sw/device/silicon_creator/lib/sigverify_unittest.cc
index b8e44aa..eef792c 100644
--- a/sw/device/silicon_creator/lib/sigverify_unittest.cc
+++ b/sw/device/silicon_creator/lib/sigverify_unittest.cc
@@ -10,7 +10,8 @@
 #include "sw/device/lib/base/hardened.h"
 #include "sw/device/silicon_creator/lib/drivers/mock_hmac.h"
 #include "sw/device/silicon_creator/lib/drivers/mock_otp.h"
-#include "sw/device/silicon_creator/lib/mock_sigverify_mod_exp.h"
+#include "sw/device/silicon_creator/lib/mock_sigverify_mod_exp_ibex.h"
+#include "sw/device/silicon_creator/lib/mock_sigverify_mod_exp_otbn.h"
 
 #include "hw/top_earlgrey/sw/autogen/top_earlgrey.h"
 #include "otp_ctrl_regs.h"
@@ -87,7 +88,7 @@
 
 class SigVerifyTest : public mask_rom_test::MaskRomTest {
  protected:
-  mask_rom_test::MockSigverifyModExp sigverify_mod_exp_;
+  mask_rom_test::MockSigverifyModExpIbex sigverify_mod_exp_ibex_;
   mask_rom_test::MockHmac hmac_;
   mask_rom_test::MockOtp otp_;
   // The content of this key is not significant since we use mocks.
@@ -103,7 +104,7 @@
   EXPECT_CALL(otp_,
               read32(OTP_CTRL_PARAM_CREATOR_SW_CFG_USE_SW_RSA_VERIFY_OFFSET))
       .WillOnce(Return(kHardenedBoolTrue));
-  EXPECT_CALL(sigverify_mod_exp_, ibex(&key_, &kSignature, NotNull()))
+  EXPECT_CALL(sigverify_mod_exp_ibex_, mod_exp(&key_, &kSignature, NotNull()))
       .WillOnce(DoAll(SetArgPointee<2>(kEncMsg), Return(kErrorOk)));
 
   EXPECT_EQ(sigverify_rsa_verify(kSignedRegion.data(), sizeof(kSignedRegion),
@@ -127,7 +128,7 @@
     EXPECT_CALL(otp_,
                 read32(OTP_CTRL_PARAM_CREATOR_SW_CFG_USE_SW_RSA_VERIFY_OFFSET))
         .WillOnce(Return(kHardenedBoolTrue));
-    EXPECT_CALL(sigverify_mod_exp_, ibex(&key_, &kSignature, NotNull()))
+    EXPECT_CALL(sigverify_mod_exp_ibex_, mod_exp(&key_, &kSignature, NotNull()))
         .WillOnce(DoAll(SetArgPointee<2>(bad_enc_msg), Return(kErrorOk)));
 
     EXPECT_EQ(sigverify_rsa_verify(kSignedRegion.data(), sizeof(kSignedRegion),

sw/device/silicon_creator/mask_rom/sigverify_keys_unittest.cc

diff --git a/sw/device/silicon_creator/mask_rom/sigverify_keys_unittest.cc b/sw/device/silicon_creator/mask_rom/sigverify_keys_unittest.cc
index d0c8a68..c74e075 100644
--- a/sw/device/silicon_creator/mask_rom/sigverify_keys_unittest.cc
+++ b/sw/device/silicon_creator/mask_rom/sigverify_keys_unittest.cc
@@ -13,6 +13,7 @@
 #include "sw/device/silicon_creator/lib/drivers/mock_hmac.h"
 #include "sw/device/silicon_creator/lib/drivers/mock_otp.h"
 #include "sw/device/silicon_creator/lib/error.h"
+#include "sw/device/silicon_creator/lib/mock_sigverify_mod_exp_otbn.h"
 #include "sw/device/silicon_creator/lib/sigverify.h"
 #include "sw/device/silicon_creator/lib/sigverify_mod_exp.h"