sw/device/tests/crypto/README.md - 3p/lowrisc/opentitan - Git at Google

 # Crypto Library Tests

 This folder contains test data and infrastructure for the OpenTitan
 cryptographic library. Tests come from a variety of sources, including:
 - Our own hard-coded tests and regression tests
 - [wycheproof](https://github.com/google/wycheproof)
 - Random tests
 - Coming soon: FIPS tests!

 The primary way of running crypto tests is to use the custom
 `autogen_cryptotest_...` Bazel rules, which create build targets specialized to
 different test sets.

 ## Setup

 Each algorithm has a C test file (ending in `_functest.c`) which reads test
 data from a header file (ending in `_testvectors.h`) and runs a set of tests on
 each test vector. By default, the header file contains a small set of
 hard-coded test vectors. If all you want to do is sanity-check, then simply run
 `ninja` and run the `_functest` target (e.g.
 `sw_lib_crypto_rsa_3072_verify_functest`) on your desired
 platform.

 However, if you want to run a set of test vectors from an external source, a
 custom set of tests, or random tests, you'll need to populate the
 `*_testvectors.h` header file with the tests you want to run. There is a Python
 script for this for each algorithm, ending in `set_testvectors.py` (e.g.
 `rsa_3072_verify_set_testvectors.py`). It reads an HJSON file containing your
 test vectors, and writes a C header file containing the data in the format
 expected from `*_testvectors.h". For test vectors from an external source, you
 may need an extra script to parse the test vectors into the shared HJSON
 format.

 For example, here's the setup for just one algorithm, RSA-3072 verify:
 ```
 tests/
   rsa_3072_verify_functest.c                 # Main test file
   rsa_3072_verify_set_testvectors.py         # Generates header from HJSON
   rsa_3072_verify_gen_random_testvectors.py  # Generates random test vectors
   testvectors/
     rsa_3072_verify_hardcoded.hjson          # Limited set of hard-coded tests
     wycheproof/
       rsa_3072_verify_parse_testvectors.py   # Parses raw test data to HJSON
     ...
 ```

 ### Adding New Hardcoded Tests

 To add a new hardcoded test for some algorithm, simply edit the
 `testvectors/{algorithm}_hardcoded.hjson` file. Bazel rules based on the
 hardcoded tests will automatically pick up the changes.

 ### Adding New External Tests

 If an external test data dependency such as wycheproof has been updated, there
 should be no action required here unless file names have changed. The build
 rules are designed to directly read external data from `sw/vendor` at build
 time.

 To add an entirely new test set, create a new folder under `testvectors/` and
 write a script that reads the external data and translates tests into the
 standardized HJSON format for that algorithm. Pass the script and input data to
 an `autogen_cryptotest_hjson_external` build target.

 ### Example Direct Usage

 To run the tests locally and manually (as opposed to via Bazel), see the
 following examples.

 Set up RSA-3072 test to run hardcoded test vectors:
 ```
 $ ./rsa_3072_verify_set_testvectors.py testvectors/rsa_3072_verify_hardcoded.hjson
 ```
 After this step, you can run `ninja` to re-build and then run the
 `sw_lib_crypto_rsa_3072_verify_functest` target to run the
 tests. The same applies to all other examples here.

 Set up RSA-3072 test to run 20 random test vectors:
 ```
 $ ./rsa_3072_verify_gen_random_testvectors.py 20 testvectors/rsa_3072_verify_random.hjson
 $ ./rsa_3072_verify_set_testvectors.py testvectors/rsa_3072_verify_random.hjson rsa_3072_verify_testvectors.h
 ```

 Set up RSA-3072 test to run a custom set of test vectors:
 ```
 $ vim testvectors/custom_testvecs.hjson # write test vectors in HJSON format
 $ ./rsa_3072_verify_set_testvectors.py testvectors/custom_testvecs.hjson
 ```

 Set up RSA-3072 test to run all wycheproof test vectors:
 ```
 $ testvectors/wycheproof/rsa_3072_verify_parse_testvectors.py\
   $REPO_TOP/sw/vendor/wycheproof/testvectors/rsa_signature_3072_sha256_test.json\
   testvectors/rsa_3072_verify_wycheproof.hjson
 $ ./rsa_3072_verify_set_testvectors.py testvectors/rsa_3072_verify_wycheproof.hjson rsa_3072_verify_testvectors.h
 ```
	# Crypto Library Tests

	This folder contains test data and infrastructure for the OpenTitan
	cryptographic library. Tests come from a variety of sources, including:
	- Our own hard-coded tests and regression tests
	- [wycheproof](https://github.com/google/wycheproof)
	- Random tests
	- Coming soon: FIPS tests!

	The primary way of running crypto tests is to use the custom
	`autogen_cryptotest_...` Bazel rules, which create build targets specialized to
	different test sets.

	## Setup

	Each algorithm has a C test file (ending in `_functest.c`) which reads test
	data from a header file (ending in `_testvectors.h`) and runs a set of tests on
	each test vector. By default, the header file contains a small set of
	hard-coded test vectors. If all you want to do is sanity-check, then simply run
	`ninja` and run the `_functest` target (e.g.
	`sw_lib_crypto_rsa_3072_verify_functest`) on your desired
	platform.

	However, if you want to run a set of test vectors from an external source, a
	custom set of tests, or random tests, you'll need to populate the
	`*_testvectors.h` header file with the tests you want to run. There is a Python
	script for this for each algorithm, ending in `set_testvectors.py` (e.g.
	`rsa_3072_verify_set_testvectors.py`). It reads an HJSON file containing your
	test vectors, and writes a C header file containing the data in the format
	expected from `*_testvectors.h". For test vectors from an external source, you
	may need an extra script to parse the test vectors into the shared HJSON
	format.

	For example, here's the setup for just one algorithm, RSA-3072 verify:
	```
	tests/
	rsa_3072_verify_functest.c # Main test file
	rsa_3072_verify_set_testvectors.py # Generates header from HJSON
	rsa_3072_verify_gen_random_testvectors.py # Generates random test vectors
	testvectors/
	rsa_3072_verify_hardcoded.hjson # Limited set of hard-coded tests
	wycheproof/
	rsa_3072_verify_parse_testvectors.py # Parses raw test data to HJSON
	...
	```

	### Adding New Hardcoded Tests

	To add a new hardcoded test for some algorithm, simply edit the
	`testvectors/{algorithm}_hardcoded.hjson` file. Bazel rules based on the
	hardcoded tests will automatically pick up the changes.

	### Adding New External Tests

	If an external test data dependency such as wycheproof has been updated, there
	should be no action required here unless file names have changed. The build
	rules are designed to directly read external data from `sw/vendor` at build
	time.

	To add an entirely new test set, create a new folder under `testvectors/` and
	write a script that reads the external data and translates tests into the
	standardized HJSON format for that algorithm. Pass the script and input data to
	an `autogen_cryptotest_hjson_external` build target.

	### Example Direct Usage

	To run the tests locally and manually (as opposed to via Bazel), see the
	following examples.

	Set up RSA-3072 test to run hardcoded test vectors:
	```
	$ ./rsa_3072_verify_set_testvectors.py testvectors/rsa_3072_verify_hardcoded.hjson
	```
	After this step, you can run `ninja` to re-build and then run the
	`sw_lib_crypto_rsa_3072_verify_functest` target to run the
	tests. The same applies to all other examples here.

	Set up RSA-3072 test to run 20 random test vectors:
	```
	$ ./rsa_3072_verify_gen_random_testvectors.py 20 testvectors/rsa_3072_verify_random.hjson
	$ ./rsa_3072_verify_set_testvectors.py testvectors/rsa_3072_verify_random.hjson rsa_3072_verify_testvectors.h
	```

	Set up RSA-3072 test to run a custom set of test vectors:
	```
	$ vim testvectors/custom_testvecs.hjson # write test vectors in HJSON format
	$ ./rsa_3072_verify_set_testvectors.py testvectors/custom_testvecs.hjson
	```

	Set up RSA-3072 test to run all wycheproof test vectors:
	```
	$ testvectors/wycheproof/rsa_3072_verify_parse_testvectors.py\
	$REPO_TOP/sw/vendor/wycheproof/testvectors/rsa_signature_3072_sha256_test.json\
	testvectors/rsa_3072_verify_wycheproof.hjson
	$ ./rsa_3072_verify_set_testvectors.py testvectors/rsa_3072_verify_wycheproof.hjson rsa_3072_verify_testvectors.h
	```