espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-04 21:24:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

test(hal/crypto): Add HMAC and DS using Key Manager key tests

Browse Source 
- Also updated the test app to use esp_crypto_periph_clk.h
This commit is contained in:
harshal.patil
2025-06-12 16:02:00 +05:30
parent 6ca4d621b5
commit ea322ee6ef
16 changed files with 762 additions and 429 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
components/hal/test_apps/crypto/main/aes/aes_block.c
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: CC0-1.0
*/
@@ -8,7 +8,7 @@
#include <stdlib.h>
#include <string.h>
#include "esp_private/esp_crypto_lock_internal.h"
#include "esp_crypto_periph_clk.h"
#include "hal/aes_types.h"
#include "hal/aes_hal.h"
#include "hal/aes_ll.h"
@@ -30,10 +30,7 @@ void aes_crypt_cbc_block(int mode,
uint32_t *iv_words = (uint32_t *)iv;
unsigned char temp[16];
AES_RCC_ATOMIC() {
aes_ll_enable_bus_clock(true);
aes_ll_reset_register();
}
esp_crypto_aes_enable_periph_clk(true);
/* Sets the key used for AES encryption/decryption */
aes_hal_setkey(key, key_bytes, mode);
@@ -71,9 +68,7 @@ void aes_crypt_cbc_block(int mode,
}
}
AES_RCC_ATOMIC() {
aes_ll_enable_bus_clock(false);
}
esp_crypto_aes_enable_periph_clk(false);
}
@@ -89,10 +84,7 @@ void aes_crypt_ctr_block(uint8_t key_bytes,
int c, i;
size_t n = *nc_off;
AES_RCC_ATOMIC() {
aes_ll_enable_bus_clock(true);
aes_ll_reset_register();
}
esp_crypto_aes_enable_periph_clk(true);
/* Sets the key used for AES encryption/decryption */
aes_hal_setkey(key, key_bytes, ESP_AES_ENCRYPT);
@@ -113,9 +105,7 @@ void aes_crypt_ctr_block(uint8_t key_bytes,
*nc_off = n;
AES_RCC_ATOMIC() {
aes_ll_enable_bus_clock(false);
}
esp_crypto_aes_enable_periph_clk(false);
}
#endif

47
components/hal/test_apps/crypto/main/ds/ds_types.h Normal file
View File

@@ -0,0 +1,47 @@
/*
* SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Unlicense OR CC0-1.0
*/
#include <stdint.h>
#include "soc/soc_caps.h"
#define ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL (0x1) /*!< HMAC peripheral problem */
#define ESP_ERR_HW_CRYPTO_DS_INVALID_KEY (0x2) /*!< given HMAC key isn't correct, HMAC peripheral problem */
#define ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST (0x4) /*!< message digest check failed, result is invalid */
#define ESP_ERR_HW_CRYPTO_DS_INVALID_PADDING (0x5) /*!< padding check failed, but result is produced anyway and can be read*/
#define ESP_DS_IV_BIT_LEN 128
#define ESP_DS_IV_LEN (ESP_DS_IV_BIT_LEN / 8)
#define ESP_DS_SIGNATURE_MAX_BIT_LEN SOC_RSA_MAX_BIT_LEN
#define ESP_DS_SIGNATURE_MD_BIT_LEN 256
#define ESP_DS_SIGNATURE_M_PRIME_BIT_LEN 32
#define ESP_DS_SIGNATURE_L_BIT_LEN 32
#define ESP_DS_SIGNATURE_PADDING_BIT_LEN 64
#define ESP_DS_C_LEN (((ESP_DS_SIGNATURE_MAX_BIT_LEN * 3 \
+ ESP_DS_SIGNATURE_MD_BIT_LEN \
+ ESP_DS_SIGNATURE_M_PRIME_BIT_LEN \
+ ESP_DS_SIGNATURE_L_BIT_LEN \
+ ESP_DS_SIGNATURE_PADDING_BIT_LEN) / 8))
typedef enum {
ESP_DS_RSA_1024 = (1024 / 32) - 1,
ESP_DS_RSA_2048 = (2048 / 32) - 1,
ESP_DS_RSA_3072 = (3072 / 32) - 1,
ESP_DS_RSA_4096 = (4096 / 32) - 1
} esp_digital_signature_length_t;
typedef struct esp_digital_signature_data {
esp_digital_signature_length_t rsa_length;
uint32_t iv[ESP_DS_IV_BIT_LEN / 32];
uint8_t c[ESP_DS_C_LEN];
} esp_ds_data_t;
typedef struct {
uint32_t Y[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32];
uint32_t M[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32];
uint32_t Rb[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32];
uint32_t M_prime;
uint32_t length;
} esp_ds_p_data_t;

150
components/hal/test_apps/crypto/main/ds/test_ds.c
View File

@@ -13,84 +13,23 @@
#include "soc/soc_caps.h"
#include "esp_log.h"
#include "ds_types.h"
const static char *TAG = "test_ds";
#include "rom/efuse.h"
#if CONFIG_IDF_TARGET_ESP32S2
#include "esp32s2/rom/digital_signature.h"
#include "esp32s2/rom/aes.h"
#include "esp32s2/rom/sha.h"
#include "esp32s2/rom/hmac.h"
#include "soc/soc_memory_layout.h"
#elif CONFIG_IDF_TARGET_ESP32C3
#include "esp32c3/rom/digital_signature.h"
#include "esp32c3/rom/hmac.h"
#elif CONFIG_IDF_TARGET_ESP32S3
#include "esp32s3/rom/digital_signature.h"
#include "esp32s3/rom/aes.h"
#include "esp32s3/rom/sha.h"
#elif CONFIG_IDF_TARGET_ESP32C6
#include "esp32c6/rom/digital_signature.h"
#include "esp32c6/rom/aes.h"
#include "esp32c6/rom/sha.h"
#elif CONFIG_IDF_TARGET_ESP32H2
#include "esp32h2/rom/digital_signature.h"
#include "esp32h2/rom/aes.h"
#include "esp32h2/rom/sha.h"
#elif CONFIG_IDF_TARGET_ESP32P4
#include "esp32p4/rom/digital_signature.h"
#include "esp32p4/rom/aes.h"
#include "esp32p4/rom/sha.h"
#elif CONFIG_IDF_TARGET_ESP32C5
#include "esp32c5/rom/digital_signature.h"
#include "esp32c5/rom/aes.h"
#include "esp32c5/rom/sha.h"
#elif CONFIG_IDF_TARGET_ESP32H21
#include "esp32h21/rom/digital_signature.h"
#include "esp32h21/rom/aes.h"
#include "esp32h21/rom/sha.h"
#include "rom/sha.h"
#include "rom/digital_signature.h"
#include "rom/aes.h"
#include "rom/hmac.h"
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY
#include "hal/key_mgr_ll.h"
#endif
#define ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL (0x1) /*!< HMAC peripheral problem */
#define ESP_ERR_HW_CRYPTO_DS_INVALID_KEY (0x2) /*!< given HMAC key isn't correct, HMAC peripheral problem */
#define ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST (0x4) /*!< message digest check failed, result is invalid */
#define ESP_ERR_HW_CRYPTO_DS_INVALID_PADDING (0x5) /*!< padding check failed, but result is produced anyway and can be read*/
#define ESP_DS_IV_BIT_LEN 128
#define ESP_DS_IV_LEN (ESP_DS_IV_BIT_LEN / 8)
#define ESP_DS_SIGNATURE_MAX_BIT_LEN SOC_RSA_MAX_BIT_LEN
#define ESP_DS_SIGNATURE_MD_BIT_LEN 256
#define ESP_DS_SIGNATURE_M_PRIME_BIT_LEN 32
#define ESP_DS_SIGNATURE_L_BIT_LEN 32
#define ESP_DS_SIGNATURE_PADDING_BIT_LEN 64
#define ESP_DS_C_LEN (((ESP_DS_SIGNATURE_MAX_BIT_LEN * 3 \
+ ESP_DS_SIGNATURE_MD_BIT_LEN \
+ ESP_DS_SIGNATURE_M_PRIME_BIT_LEN \
+ ESP_DS_SIGNATURE_L_BIT_LEN \
+ ESP_DS_SIGNATURE_PADDING_BIT_LEN) / 8))
typedef enum {
ESP_DS_RSA_1024 = (1024 / 32) - 1,
ESP_DS_RSA_2048 = (2048 / 32) - 1,
ESP_DS_RSA_3072 = (3072 / 32) - 1,
ESP_DS_RSA_4096 = (4096 / 32) - 1
} esp_digital_signature_length_t;
typedef struct esp_digital_signature_data {
esp_digital_signature_length_t rsa_length;
uint32_t iv[ESP_DS_IV_BIT_LEN / 32];
uint8_t c[ESP_DS_C_LEN];
} esp_ds_data_t;
typedef struct {
uint32_t Y[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32];
uint32_t M[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32];
uint32_t Rb[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32];
uint32_t M_prime;
uint32_t length;
} esp_ds_p_data_t;
#if CONFIG_IDF_TARGET_ESP32S2
#include "soc/soc_memory_layout.h"
#endif
#define NUM_RESULTS 10
@@ -128,43 +67,23 @@ _Static_assert(NUM_RESULTS == NUM_MESSAGES, "expected_results size should be the
#include "hal/hmac_hal.h"
#include "hal/hmac_ll.h"
#include "hal/sha_ll.h"
#include "esp_crypto_periph_clk.h"
static void ds_acquire_enable(void)
{
HMAC_RCC_ATOMIC() {
hmac_ll_enable_bus_clock(true);
hmac_ll_reset_register();
}
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(true);
sha_ll_reset_register();
}
DS_RCC_ATOMIC() {
ds_ll_enable_bus_clock(true);
ds_ll_reset_register();
}
hmac_hal_start();
// We also enable SHA and HMAC here. SHA is used by HMAC, HMAC is used by DS.
esp_crypto_hmac_enable_periph_clk(true);
esp_crypto_sha_enable_periph_clk(true);
esp_crypto_mpi_enable_periph_clk(true);
esp_crypto_ds_enable_periph_clk(true);
}
static void ds_disable_release(void)
{
ds_hal_finish();
DS_RCC_ATOMIC() {
ds_ll_enable_bus_clock(false);
}
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(false);
}
HMAC_RCC_ATOMIC() {
hmac_ll_enable_bus_clock(false);
}
esp_crypto_mpi_enable_periph_clk(false);
esp_crypto_sha_enable_periph_clk(false);
esp_crypto_hmac_enable_periph_clk(false);
esp_crypto_ds_enable_periph_clk(false);
}
@@ -172,11 +91,22 @@ static esp_err_t esp_ds_start_sign(const void *message, const esp_ds_data_t *dat
{
ds_acquire_enable();
uint32_t conf_error = hmac_hal_configure(HMAC_OUTPUT_DS, key_id);
if (conf_error) {
ds_disable_release();
return ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL;
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY
if (key_id == HMAC_KEY_KM) {
ds_hal_set_key_source(DS_KEY_SOURCE_KEY_MGR);
} else {
ds_hal_set_key_source(DS_KEY_SOURCE_EFUSE);
#endif
hmac_hal_start();
uint32_t conf_error = hmac_hal_configure(HMAC_OUTPUT_DS, key_id);
if (conf_error) {
ds_disable_release();
ESP_LOGE(TAG, "HMAC configure failed");
return ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL;
}
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY
}
#endif
ds_hal_start();
@@ -211,13 +141,13 @@ static esp_err_t esp_ds_finish_sign(void *signature, const esp_ds_data_t *data)
}
hmac_hal_clean();
ds_hal_finish();
ds_disable_release();
return return_value;
}
static esp_err_t esp_ds_sign(const void *message,
esp_err_t esp_ds_sign(const void *message,
const esp_ds_data_t *data,
uint32_t key_id,
void *signature)
@@ -287,8 +217,8 @@ static void ds_disable_release(void)
}
static esp_err_t esp_ds_start_sign(const void *message,
const esp_ds_data_t *data,
uint32_t key_id)
const esp_ds_data_t *data,
uint32_t key_id)
{
ds_acquire_enable();

50
components/hal/test_apps/crypto/main/ecc/test_ecc.c
View File

@@ -9,7 +9,7 @@
#include <string.h>
#include <sys/param.h>
#include "sdkconfig.h"
#include "esp_private/esp_crypto_lock_internal.h"
#include "esp_crypto_periph_clk.h"
#include "esp_log.h"
#include "ecc_params.h"
#include "soc/soc_caps.h"
@@ -43,24 +43,6 @@ static void ecc_be_to_le(const uint8_t* be_point, uint8_t *le_point, uint8_t len
}
}
static void ecc_enable_and_reset(void)
{
ECC_RCC_ATOMIC() {
ecc_ll_enable_bus_clock(true);
ecc_ll_power_up();
ecc_ll_reset_register();
}
}
static void ecc_disable(void)
{
ECC_RCC_ATOMIC() {
ecc_ll_enable_bus_clock(false);
ecc_ll_power_down();
}
}
TEST_GROUP(ecc);
TEST_SETUP(ecc)
@@ -79,7 +61,7 @@ TEST_TEAR_DOWN(ecc)
static void ecc_point_mul(const uint8_t *k_le, const uint8_t *x_le, const uint8_t *y_le, uint8_t len, bool verify_first,
uint8_t *res_x_le, uint8_t *res_y_le)
{
ecc_enable_and_reset();
esp_crypto_ecc_enable_periph_clk(true);
ecc_hal_write_mul_param(k_le, x_le, y_le, len);
if (verify_first) {
@@ -95,7 +77,7 @@ static void ecc_point_mul(const uint8_t *k_le, const uint8_t *x_le, const uint8_
}
ecc_hal_read_mul_result(res_x_le, res_y_le, len);
ecc_disable();
esp_crypto_ecc_enable_periph_clk(false);
}
static void test_ecc_point_mul_inner(bool verify_first)
@@ -161,7 +143,7 @@ TEST(ecc, ecc_point_multiplication_on_SECP192R1_and_SECP256R1)
#if SOC_ECC_CONSTANT_TIME_POINT_MUL
#define CONST_TIME_DEVIATION_PERCENT 0.002
#define CONST_TIME_DEVIATION_PERCENT 0.0025
static void test_ecc_point_mul_inner_constant_time(void)
{
@@ -237,7 +219,7 @@ TEST(ecc, ecc_point_multiplication_const_time_check_on_SECP192R1_and_SECP256R1)
#if SOC_ECC_SUPPORT_POINT_VERIFY && !defined(SOC_ECC_SUPPORT_POINT_VERIFY_QUIRK)
static int ecc_point_verify(const uint8_t *x_le, const uint8_t *y_le, uint8_t len)
{
ecc_enable_and_reset();
esp_crypto_ecc_enable_periph_clk(true);
ecc_hal_write_verify_param(x_le, y_le, len);
ecc_hal_set_mode(ECC_MODE_VERIFY);
@@ -248,7 +230,7 @@ static int ecc_point_verify(const uint8_t *x_le, const uint8_t *y_le, uint8_t le
}
int ret = ecc_hal_read_verify_result();
ecc_disable();
esp_crypto_ecc_enable_periph_clk(false);
return ret;
}
@@ -297,7 +279,7 @@ TEST(ecc, ecc_point_verification_and_multiplication_on_SECP192R1_and_SECP256R1)
#if SOC_ECC_SUPPORT_POINT_DIVISION
static void ecc_point_inv_mul(const uint8_t *num_le, const uint8_t *deno_le, uint8_t len, uint8_t *res_le)
{
ecc_enable_and_reset();
esp_crypto_ecc_enable_periph_clk(true);
uint8_t zero[32] = {0};
ecc_hal_write_mul_param(zero, num_le, deno_le, len);
@@ -311,7 +293,7 @@ static void ecc_point_inv_mul(const uint8_t *num_le, const uint8_t *deno_le, uin
}
ecc_hal_read_mul_result(zero, res_le, len);
ecc_disable();
esp_crypto_ecc_enable_periph_clk(false);
}
TEST(ecc, ecc_inverse_multiplication_or_mod_division_using_SECP192R1_and_SECP256R1_order_of_curve)
@@ -329,7 +311,7 @@ TEST(ecc, ecc_inverse_multiplication_or_mod_division_using_SECP192R1_and_SECP256
static void ecc_jacob_mul(uint8_t *k_le, uint8_t *x_le, uint8_t *y_le, uint8_t len, bool verify_first,
uint8_t *res_x_le, uint8_t *res_y_le, uint8_t *res_z_le)
{
ecc_enable_and_reset();
esp_crypto_ecc_enable_periph_clk(true);
ecc_hal_write_mul_param(k_le, x_le, y_le, len);
if (verify_first) {
@@ -344,7 +326,7 @@ static void ecc_jacob_mul(uint8_t *k_le, uint8_t *x_le, uint8_t *y_le, uint8_t l
}
ecc_hal_read_jacob_mul_result(res_x_le, res_y_le, res_z_le, len);
ecc_disable();
esp_crypto_ecc_enable_periph_clk(false);
}
static void test_ecc_jacob_mul_inner(bool verify_first)
@@ -393,7 +375,7 @@ TEST(ecc, ecc_jacobian_point_multiplication_on_SECP192R1_and_SECP256R1)
#if SOC_ECC_SUPPORT_JACOB_POINT_VERIFY
static int ecc_jacob_verify(const uint8_t *x_le, const uint8_t *y_le, const uint8_t *z_le, uint8_t len)
{
ecc_enable_and_reset();
esp_crypto_ecc_enable_periph_clk(true);
ecc_hal_write_jacob_verify_param(x_le, y_le, z_le, len);
@@ -406,7 +388,7 @@ static int ecc_jacob_verify(const uint8_t *x_le, const uint8_t *y_le, const uint
}
int ret = ecc_hal_read_verify_result();
ecc_disable();
esp_crypto_ecc_enable_periph_clk(false);
return ret;
}
@@ -436,7 +418,7 @@ static void ecc_point_addition(uint8_t *px_le, uint8_t *py_le, uint8_t *qx_le, u
uint8_t len, bool jacob_output,
uint8_t *x_res_le, uint8_t *y_res_le, uint8_t *z_res_le)
{
ecc_enable_and_reset();
esp_crypto_ecc_enable_periph_clk(true);
ecc_hal_write_point_add_param(px_le, py_le, qx_le, qy_le, qz_le, len);
@@ -449,7 +431,7 @@ static void ecc_point_addition(uint8_t *px_le, uint8_t *py_le, uint8_t *qx_le, u
}
ecc_hal_read_point_add_result(x_res_le, y_res_le, z_res_le, len, jacob_output);
ecc_disable();
esp_crypto_ecc_enable_periph_clk(false);
}
TEST(ecc, ecc_point_addition_on_SECP192R1_and_SECP256R1)
@@ -508,7 +490,7 @@ TEST(ecc, ecc_point_addition_on_SECP192R1_and_SECP256R1)
#if SOC_ECC_SUPPORT_MOD_ADD || SOC_ECC_SUPPORT_MOD_SUB || SOC_ECC_SUPPORT_MOD_MUL
static void ecc_mod_op(ecc_mode_t mode, const uint8_t *a, const uint8_t *b, uint8_t len, uint8_t *res_le)
{
ecc_enable_and_reset();
esp_crypto_ecc_enable_periph_clk(true);
ecc_hal_write_mod_op_param(a, b, len);
@@ -521,7 +503,7 @@ static void ecc_mod_op(ecc_mode_t mode, const uint8_t *a, const uint8_t *b, uint
}
ecc_hal_read_mod_op_result(res_le, len);
ecc_disable();
esp_crypto_ecc_enable_periph_clk(false);
}
#endif

35
components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c
View File

@@ -10,7 +10,7 @@
#include "esp_crypto_lock.h"
#include "esp_efuse_chip.h"
#include "esp_private/esp_crypto_lock_internal.h"
#include "esp_crypto_periph_clk.h"
#include "esp_random.h"
#include "esp_err.h"
#include "esp_efuse.h"
@@ -35,41 +35,20 @@ __attribute__((unused)) static const char * TAG = "crypto_test";
static void ecdsa_enable_and_reset(void)
{
ECDSA_RCC_ATOMIC() {
ecdsa_ll_enable_bus_clock(true);
ecdsa_ll_reset_register();
}
ECC_RCC_ATOMIC() {
ecc_ll_enable_bus_clock(true);
ecc_ll_power_up();
ecc_ll_reset_register();
}
esp_crypto_ecdsa_enable_periph_clk(true);
esp_crypto_ecc_enable_periph_clk(true);
#ifdef SOC_ECDSA_USES_MPI
MPI_RCC_ATOMIC() {
mpi_ll_enable_bus_clock(true);
mpi_ll_reset_register();
}
esp_crypto_mpi_enable_periph_clk(true);
#endif
}
static void ecdsa_disable(void)
{
#ifdef SOC_ECDSA_USES_MPI
MPI_RCC_ATOMIC() {
mpi_ll_enable_bus_clock(false);
}
esp_crypto_mpi_enable_periph_clk(false);
#endif
ECC_RCC_ATOMIC() {
ecc_ll_enable_bus_clock(false);
ecc_ll_power_down();
}
ECDSA_RCC_ATOMIC() {
ecdsa_ll_enable_bus_clock(false);
}
esp_crypto_ecc_enable_periph_clk(false);
esp_crypto_ecdsa_enable_periph_clk(false);
}
static void ecc_be_to_le(const uint8_t* be_point, uint8_t *le_point, uint8_t len)

37
components/hal/test_apps/crypto/main/hmac/test_hmac.c
View File

@@ -1,11 +1,11 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <string.h>
#include "esp_private/esp_crypto_lock_internal.h"
#include "esp_crypto_periph_clk.h"
#include "esp_log.h"
#include "memory_checks.h"
#include "unity_fixture.h"
@@ -61,24 +61,13 @@ static void write_and_padd(uint8_t *block, const uint8_t *data, uint16_t data_le
bzero(block + data_len + 1, SHA256_BLOCK_SZ - data_len - 1);
}
static esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t message_len, uint8_t *hmac)
esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t message_len, uint8_t *hmac)
{
const uint8_t *message_bytes = (const uint8_t *)message;
HMAC_RCC_ATOMIC() {
hmac_ll_enable_bus_clock(true);
hmac_ll_reset_register();
}
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(true);
sha_ll_reset_register();
}
DS_RCC_ATOMIC() {
ds_ll_enable_bus_clock(true);
ds_ll_reset_register();
}
esp_crypto_hmac_enable_periph_clk(true);
esp_crypto_sha_enable_periph_clk(true);
esp_crypto_ds_enable_periph_clk(true);
hmac_hal_start();
@@ -130,17 +119,9 @@ static esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t mes
hmac_hal_read_result_256(hmac);
DS_RCC_ATOMIC() {
ds_ll_enable_bus_clock(false);
}
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(false);
}
HMAC_RCC_ATOMIC() {
hmac_ll_enable_bus_clock(false);
}
esp_crypto_hmac_enable_periph_clk(false);
esp_crypto_sha_enable_periph_clk(false);
esp_crypto_ds_enable_periph_clk(false);
return ESP_OK;
}

5
components/hal/test_apps/crypto/main/key_manager/ecdsa_256_key.pem Normal file
View File

@@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEICySt/VCEPFi962COuQDE+cXD3Bz8XjZy2O5SM1LsHsGoAoGCCqGSM49
AwEHoUQDQgAEBYu5KXarLURySNNaeZcxtBTxC0vJAM/evz9NC01IjCVQlOLJ4Y6i
3UviK3bgk+3FqpJBM+SQCqeDgd7ktPtr9Q==
-----END EC PRIVATE KEY-----

289
components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py
View File

@@ -1,17 +1,26 @@
# SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
# SPDX-License-Identifier: Unlicense OR CC0-1.0
import argparse
import hashlib
import hmac
import os
import random
import struct
from typing import Any
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives.ciphers import Cipher
from cryptography.hazmat.primitives.ciphers import algorithms
from cryptography.hazmat.primitives.ciphers import modes
from cryptography.utils import int_to_bytes
from ecdsa.curves import NIST256p
supported_targets = {'esp32p4', 'esp32c5'}
supported_ds_key_size = {'esp32p4': [4096, 3072, 2048, 1024], 'esp32c5': [3072, 2048, 1024]}
# Constants
TEST_COUNT = 5
STORAGE_PARTITION_OFFSET = 0x160000
@@ -137,18 +146,119 @@ def generate_k1_G(key_file_path: str) -> tuple:
return k1_G, k1_G
def generate_hmac_test_data(key: bytes) -> tuple:
hmac_message = (
'Deleniti voluptas explicabo et assumenda. Sed et aliquid minus quis. '
'Praesentium cupiditate quia nemo est. Laboriosam pariatur ut distinctio tenetur. '
'Sunt architecto iure aspernatur soluta ut recusandae. '
'Ut quibusdam occaecati ut qui sit dignissimos eaque..'
).encode('utf-8')
hmac_result = hmac.HMAC(key, hmac_message, hashlib.sha256).digest()
return hmac_message, hmac_result
def number_as_bytes(number, pad_bits=0): # type: (int, int) -> bytes
"""
Given a number, format as a little endian array of bytes
"""
result = int_to_bytes(number)[::-1] # type: bytes
while pad_bits != 0 and len(result) < (pad_bits // 8):
result += b'\x00'
return result
def number_as_bignum_words(number): # type: (int) -> str
"""
Given a number, format result as a C array of words
(little-endian, same as ESP32 RSA peripheral or mbedTLS)
"""
result = []
while number != 0:
result.append('0x%08x' % (number & 0xFFFFFFFF))
number >>= 32
return '{ ' + ', '.join(result) + ' }'
def generate_ds_encrypted_input_params(aes_key: bytes, target: str) -> tuple:
iv = os.urandom(16)
max_key_size = max(supported_ds_key_size[target])
key_size = max_key_size
private_key = rsa.generate_private_key(public_exponent=65537, key_size=key_size, backend=default_backend())
priv_numbers = private_key.private_numbers()
pub_numbers = private_key.public_key().public_numbers()
Y = priv_numbers.d
M = pub_numbers.n
rr = 1 << (key_size * 2)
rinv = rr % pub_numbers.n
mprime = -rsa._modinv(M, 1 << 32)
mprime &= 0xFFFFFFFF
length = key_size // 32 - 1
# calculate MD from preceding values and IV
# Y_max_key_size || M_max_key_size || Rb_max_key_size || M_prime32 || LENGTH32 || IV128
md_in = (
number_as_bytes(Y, max_key_size)
+ number_as_bytes(M, max_key_size)
+ number_as_bytes(rinv, max_key_size)
+ struct.pack('<II', mprime, length)
+ iv
)
md = hashlib.sha256(md_in).digest()
# generate expected C value from P bitstring
#
# Y_max_key_size || M_max_key_size || Rb_max_key_size || M_prime32 || LENGTH32 || 0x08*8
# E.g. for C3: Y3072 || M3072 || Rb3072 || M_prime32 || LENGTH32 || MD256 || 0x08*8
p = (
number_as_bytes(Y, max_key_size)
+ number_as_bytes(M, max_key_size)
+ number_as_bytes(rinv, max_key_size)
+ md
+ struct.pack('<II', mprime, length)
+ b'\x08' * 8
)
# expected_len = max_len_Y + max_len_M + max_len_rinv + md (32 bytes)
# + (mprime + length packed (8bytes)) + padding (8 bytes)
expected_len = (max_key_size / 8) * 3 + 32 + 8 + 8
assert len(p) == expected_len
cipher = Cipher(algorithms.AES(aes_key), modes.CBC(iv), backend=default_backend())
encryptor = cipher.encryptor()
ds_encrypted_input_params = encryptor.update(p) + encryptor.finalize()
mask = (1 << key_size) - 1 # truncate messages if needed
ds_message = random.randrange(0, 1 << max_key_size)
ds_result = number_as_bytes(pow(ds_message & mask, Y, M))
return number_as_bytes(ds_message), ds_encrypted_input_params, iv, key_size, ds_result
def write_to_c_header(
init_key: bytes,
k1: bytes,
k2_info: bytes,
k1_encrypted_32: list,
k1_encrypted_32_reversed: list,
test_data_xts_aes_128: list,
k1_encrypted_64: list,
k1_encrypted_64_reversed: list,
xts_test_data_xts_aes_256: list,
pubx: bytes,
puby: bytes,
k1_G_0: bytes,
k1_G_1: bytes,
hmac_message: bytes,
hmac_result: bytes,
ds_message: bytes,
ds_encrypted_input_params: bytes,
ds_encrypted_input_params_iv: bytes,
ds_key_size: int,
ds_result: bytes,
) -> None:
with open('key_manager_test_cases.h', 'w', encoding='utf-8') as file:
header_content = """#include <stdint.h>
@@ -166,13 +276,30 @@ typedef struct test_ecdsa_data {
uint8_t puby[32];
} test_ecdsa_data_t;
typedef struct test_hmac_data {
uint8_t message[%d];
uint8_t hmac_result[32];
} test_hmac_data_t;
typedef struct test_ds_data {
uint8_t ds_message[%d / 8];
uint8_t ds_encrypted_input_params[%d];
uint8_t ds_encrypted_input_params_iv[16];
size_t ds_key_size;
uint8_t ds_result[%d];
} test_ds_data_t;
typedef struct test_data {
uint8_t init_key[32];
uint8_t k2_info[64];
uint8_t k1_encrypted[2][32]; // For both 256-bit and 512-bit keys
uint8_t plaintext_data[128];
test_xts_data_t xts_test_data[TEST_COUNT];
test_ecdsa_data_t ecdsa_test_data;
union {
test_xts_data_t xts_test_data[TEST_COUNT];
test_ecdsa_data_t ecdsa_test_data;
test_hmac_data_t hmac_test_data;
test_ds_data_t ds_test_data;
};
} test_data_aes_mode_t;
typedef struct test_data_ecdh0 {
@@ -189,9 +316,13 @@ test_data_aes_mode_t test_data_xts_aes_128 = {
.plaintext_data = { %s },
.xts_test_data = {
""" % (
len(hmac_message),
ds_key_size,
len(ds_encrypted_input_params),
len(ds_result),
key_to_c_format(init_key),
key_to_c_format(k2_info),
key_to_c_format(k1_encrypted_32[0]),
key_to_c_format(k1_encrypted_32_reversed[0]),
key_to_c_format(bytes(range(1, 129))),
)
@@ -209,8 +340,8 @@ test_data_aes_mode_t test_data_xts_aes_128 = {
header_content += f'\t.init_key = {{{key_to_c_format(init_key)}}},\n'
header_content += f'\t.k2_info = {{{key_to_c_format(k2_info)}}},\n'
header_content += (
f'\t.k1_encrypted = {{{{{key_to_c_format(k1_encrypted_64[0])}}}, '
f'{{{key_to_c_format(k1_encrypted_64[1])}}}}},\n'
f'\t.k1_encrypted = {{{{{key_to_c_format(k1_encrypted_64_reversed[0])}}}, '
f'{{{key_to_c_format(k1_encrypted_64_reversed[1])}}}}},\n'
)
header_content += f'\t.plaintext_data = {{{key_to_c_format(bytes(range(1, 129)))}}},\n'
header_content += ' .xts_test_data = {\n'
@@ -221,7 +352,7 @@ test_data_aes_mode_t test_data_xts_aes_128 = {
f'.data_offset = 0x{flash_address:x}, '
f'.ciphertext = {{{key_to_c_format(ciphertext)}}}}},\n'
)
header_content += '\t}\n};\n\n'
header_content += '\t}\n};\n'
header_content += """
test_data_aes_mode_t test_data_ecdsa = {
@@ -236,10 +367,11 @@ test_data_aes_mode_t test_data_ecdsa = {
""" % (
key_to_c_format(init_key),
key_to_c_format(k2_info),
key_to_c_format(k1_encrypted_32[0]),
key_to_c_format(k1_encrypted_32_reversed[0]),
key_to_c_format(pubx),
key_to_c_format(puby),
)
header_content += """
test_data_ecdh0_mode_t test_data_ecdh0 = {
.plaintext_data = { %s },
@@ -252,7 +384,6 @@ test_data_ecdh0_mode_t test_data_ecdh0 = {
{ %s },
}
};\n
""" % (
key_to_c_format(bytes(range(1, 129))),
key_to_c_format(k1),
@@ -261,50 +392,124 @@ test_data_ecdh0_mode_t test_data_ecdh0 = {
key_to_c_format(k1_G_1),
)
header_content += """
test_data_aes_mode_t test_data_hmac = {
.init_key = { %s },
.k2_info = { %s },
.k1_encrypted = { { %s }, { } },
.hmac_test_data = {
.message = { %s },
.hmac_result = { %s }
}
};\n
""" % (
key_to_c_format(init_key),
key_to_c_format(k2_info),
key_to_c_format(k1_encrypted_32[0]),
key_to_c_format(hmac_message),
key_to_c_format(hmac_result),
)
header_content += """
test_data_aes_mode_t test_data_ds = {
.init_key = { %s },
.k2_info = { %s },
.k1_encrypted = { { %s }, { } },
.ds_test_data = {
.ds_message = { %s },
.ds_encrypted_input_params = { %s },
.ds_encrypted_input_params_iv = { %s },
.ds_key_size = %d,
.ds_result = { %s }
}
};\n
""" % (
key_to_c_format(init_key),
key_to_c_format(k2_info),
key_to_c_format(k1_encrypted_32_reversed[0]),
key_to_c_format(ds_message),
key_to_c_format(ds_encrypted_input_params),
key_to_c_format(ds_encrypted_input_params_iv),
ds_key_size,
key_to_c_format(ds_result),
)
file.write(header_content)
# Main script logic follows as per your provided structure
init_key = key_from_file_or_generate('init_key.bin', 32)
k2 = key_from_file_or_generate('k2.bin', 32)
rand_num = key_from_file_or_generate('rand_num.bin', 32)
def generate_tests_cases(target: str) -> None:
# Main script logic follows as per your provided structure
init_key = key_from_file_or_generate('init_key.bin', 32)
k2 = key_from_file_or_generate('k2.bin', 32)
rand_num = key_from_file_or_generate('rand_num.bin', 32)
temp_result_inner = calculate_aes_cipher(k2, rand_num)
temp_result_outer = calculate_aes_cipher(temp_result_inner + rand_num, init_key)
k2_info = temp_result_outer
temp_result_inner = calculate_aes_cipher(k2, rand_num)
temp_result_outer = calculate_aes_cipher(temp_result_inner + rand_num, init_key)
k2_info = temp_result_outer
k1_32 = key_from_file_or_generate('k1.bin', 32)
k1_64 = key_from_file_or_generate('k1_64.bin', 64)
k1_32 = key_from_file_or_generate('k1.bin', 32)
k1_64 = key_from_file_or_generate('k1_64.bin', 64)
k1_32_reversed = k1_32[::-1]
k1_32_reversed = k1_32[::-1]
k1_64_reversed = k1_64[::-1]
k1_64_1 = k1_64[:32]
k1_64_1_reversed = k1_64_1[::-1]
k1_64_2 = k1_64[32:]
k1_64_2_reversed = k1_64_2[::-1]
k1_64_1 = k1_64[:32]
k1_64_1_reversed = k1_64_1[::-1]
k1_64_2 = k1_64[32:]
k1_64_2_reversed = k1_64_2[::-1]
k1_encrypted_32 = [calculate_aes_cipher(k1_32, k2)]
k1_encrypted_64 = [calculate_aes_cipher(k1_64_1, k2), calculate_aes_cipher(k1_64_2, k2)]
k1_encrypted_32 = [calculate_aes_cipher(k1_32_reversed, k2)]
k1_encrypted_64 = [calculate_aes_cipher(k1_64_1_reversed, k2), calculate_aes_cipher(k1_64_2_reversed, k2)]
k1_encrypted_32_reversed = [calculate_aes_cipher(k1_32_reversed, k2)]
k1_encrypted_64_reversed = [calculate_aes_cipher(k1_64_1_reversed, k2), calculate_aes_cipher(k1_64_2_reversed, k2)]
test_data_xts_aes_128 = generate_xts_test_data(k1_32)
xts_test_data_xts_aes_256 = generate_xts_test_data(k1_64)
test_data_xts_aes_128 = generate_xts_test_data(k1_32)
xts_test_data_xts_aes_256 = generate_xts_test_data(k1_64)
pubx, puby = generate_ecdsa_256_key_and_pub_key('k1.bin')
pubx, puby = generate_ecdsa_256_key_and_pub_key('k1.bin')
k1_G_0, k1_G_1 = generate_k1_G('k1.bin')
k1_G_0, k1_G_1 = generate_k1_G('k1.bin')
write_to_c_header(
init_key,
k1_32,
k2_info,
k1_encrypted_32,
test_data_xts_aes_128,
k1_encrypted_64,
xts_test_data_xts_aes_256,
pubx,
puby,
k1_G_0,
k1_G_1,
)
hmac_message, hmac_result = generate_hmac_test_data(k1_32)
ds_message, ds_encrypted_input_params, ds_encrypted_input_params_iv, ds_key_size, ds_result = (
generate_ds_encrypted_input_params(k1_32, target)
)
write_to_c_header(
init_key,
k1_32,
k2_info,
k1_encrypted_32,
k1_encrypted_32_reversed,
test_data_xts_aes_128,
k1_encrypted_64,
k1_encrypted_64_reversed,
xts_test_data_xts_aes_256,
pubx,
puby,
k1_G_0,
k1_G_1,
hmac_message,
hmac_result,
ds_message,
ds_encrypted_input_params,
ds_encrypted_input_params_iv,
ds_key_size,
ds_result,
)
if __name__ == '__main__':
parser = argparse.ArgumentParser(description="""Generates Digital Signature Test Cases""")
parser.add_argument(
'--target',
required=True,
choices=supported_targets,
help='Target to generate test cases for, different targets support different max key length',
)
args = parser.parse_args()
generate_tests_cases(args.target)

1
components/hal/test_apps/crypto/main/key_manager/init_key.bin Normal file
View File

@@ -0,0 +1 @@
<EFBFBD><<3C>C<EFBFBD><43>K%[~<7E>W<EFBFBD><57>E<>v<EFBFBD>N.U<>%<25><>

1
components/hal/test_apps/crypto/main/key_manager/k1.bin Normal file
View File

@@ -0,0 +1 @@
,<2C><><EFBFBD>B<10>b<EFBFBD><62><EFBFBD>:<3A><13>ps<70>x<EFBFBD><78>c<EFBFBD>H<EFBFBD>K<EFBFBD>{

BIN
components/hal/test_apps/crypto/main/key_manager/k1_64.bin Normal file
View File

Binary file not shown.

1
components/hal/test_apps/crypto/main/key_manager/k2.bin Normal file
View File

@@ -0,0 +1 @@
!<21>V1,J<>8~f<>*<2A>D<EFBFBD>_<EFBFBD>*<2A>B+<2B>(7<><16>X(<28>

98
components/hal/test_apps/crypto/main/key_manager/key_manager_test_cases.h
View File

File diff suppressed because one or more lines are too long

1
components/hal/test_apps/crypto/main/key_manager/rand_num.bin Normal file
View File

@@ -0,0 +1 @@
<EFBFBD>y/<2F>A╙<08>fI<0E>B<EFBFBD>XR<10>Fn&<26>S&6l<36><6C>V

425
components/hal/test_apps/crypto/main/key_manager/test_key_manager.c
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Unlicense OR CC0-1.0
*/
@@ -25,9 +25,17 @@
#include "key_manager_test_cases.h"
#include "esp_log.h"
// For ECDSA tests
#include "hal/ecdsa_hal.h"
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
#include "hal/ecdsa_types.h"
#endif
#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY
#include "hal/hmac_types.h"
#endif
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY
#include "ds/ds_types.h"
#endif
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY
const esp_partition_t *get_test_storage_partition(void)
{
/* This finds "storage" partition defined partition table */
@@ -35,32 +43,26 @@ const esp_partition_t *get_test_storage_partition(void)
ESP_PARTITION_SUBTYPE_ANY, "storage");
if (!result) {
/* means partition table set wrong */
printf("ERROR in obtaining storage partition");
ESP_LOGE("", "ERROR in obtaining storage partition");
return NULL;
}
return result;
}
static void print_data_in_hex(const uint8_t *data, int size, const char *info_str)
{
printf("%s: 0x", info_str);
for(int i = 0 ; i < size; i++) {
printf("%02x", data[i]);
}
printf("\n");
}
static void test_xts_aes_key_aes_mode(test_data_aes_mode_t *test_data)
{
const esp_partition_t *partition = get_test_storage_partition();
ESP_ERROR_CHECK(esp_partition_erase_range(partition, 0, partition->size));
uint8_t read_data[128];
for (int i = 0; i < TEST_COUNT; i++) {
memset(read_data, 0, sizeof(read_data));
uint32_t address = test_data->xts_test_data[i].data_offset;
uint32_t data_size = test_data->xts_test_data[i].data_size;
ESP_ERROR_CHECK(esp_flash_write_encrypted(NULL, address, test_data->plaintext_data, data_size));
static uint8_t read_data[128];
ESP_ERROR_CHECK(esp_flash_read(NULL, read_data, address, data_size));
TEST_ASSERT_EQUAL_HEX8_ARRAY(test_data->xts_test_data[i].ciphertext, read_data, data_size);
}
}
@@ -70,18 +72,20 @@ static void test_xts_aes_key_ecdh0_mode(test_data_ecdh0_mode_t *test_data)
const esp_partition_t *partition = get_test_storage_partition();
ESP_ERROR_CHECK(esp_partition_erase_range(partition, 0, partition->size));
uint8_t read_data[128] = { 0 };
uint32_t address = partition->address;
uint32_t data_size = 32;
print_data_in_hex(test_data->plaintext_data, data_size, "Plaintext data");
ESP_LOG_BUFFER_HEXDUMP("Plaintext data", test_data->plaintext_data, data_size, ESP_LOG_DEBUG);
ESP_ERROR_CHECK(esp_flash_write_encrypted(NULL, address, test_data->plaintext_data, data_size));
static uint8_t read_data[128];
ESP_ERROR_CHECK(esp_flash_read(NULL, read_data, address, data_size));
print_data_in_hex(read_data, data_size, "Encrypted data");
ESP_LOG_BUFFER_HEXDUMP("Encrypted data", read_data, data_size, ESP_LOG_DEBUG);
}
static void key_mgr_test_xts_aes_128(void)
#if SOC_FLASH_ENCRYPTION_XTS_AES_128
static void key_mgr_test_xts_aes_128_aes_mode(void)
{
static esp_key_mgr_aes_key_config_t key_config;
memcpy(key_config.k2_info, (uint8_t*) test_data_xts_aes_128.k2_info, KEY_MGR_K2_INFO_SIZE);
@@ -95,9 +99,27 @@ static void key_mgr_test_xts_aes_128(void)
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_aes_mode(&test_data_xts_aes_128);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_xts_aes_128_ecdh0_mode(void)
{
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
key_config.key_type = ESP_KEY_MGR_XTS_AES_128_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
ESP_LOG_BUFFER_HEXDUMP("K2_G", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_ecdh0_mode(&test_data_ecdh0);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */
#if SOC_FLASH_ENCRYPTION_XTS_AES_256
static void key_mgr_test_xts_aes_256_aes_mode(void)
{
static esp_key_mgr_aes_key_config_t key_config;
@@ -115,11 +137,80 @@ static void key_mgr_test_xts_aes_256_aes_mode(void)
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
static void key_mgr_test_xts_aes_256_ecdh0_mode(void)
{
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
memcpy(key_config.k1_G[1], (uint8_t*) test_data_ecdh0.k1_G[1], KEY_MGR_ECDH0_INFO_SIZE);
key_config.key_type = ESP_KEY_MGR_XTS_AES_256_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
ESP_LOG_BUFFER_HEXDUMP("K2_G_0", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
ESP_LOG_BUFFER_HEXDUMP("K2_G_1", ecdh0_info.k2_G[1], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_ecdh0_mode(&test_data_ecdh0);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */
#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
static void test_xts_aes_key_random_mode(void)
{
const esp_partition_t *partition = get_test_storage_partition();
ESP_ERROR_CHECK(esp_partition_erase_range(partition, 0, partition->size));
uint8_t plaintext_data[1024] = {[0 ... 1023] = 0xBE};
const int write_size = 16;
for (int i = 0; i < sizeof(plaintext_data) / write_size; i++) {
ESP_LOGI("", " i = %d", i);
ESP_ERROR_CHECK(esp_flash_write_encrypted(NULL, partition->address + (i * write_size), plaintext_data, write_size));
static uint8_t read_data[128];
ESP_ERROR_CHECK(esp_partition_read(partition, write_size * i, read_data, write_size));
TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext_data + (i * write_size), read_data, write_size);
}
}
#if SOC_FLASH_ENCRYPTION_XTS_AES_128
static void key_mgr_test_xts_aes_128_random_mode(void)
{
static esp_key_mgr_random_key_config_t key_config;
key_config.key_type = ESP_KEY_MGR_XTS_AES_128_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_random_mode();
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */
#if SOC_FLASH_ENCRYPTION_XTS_AES_256
static void key_mgr_test_xts_aes_256_random_mode(void)
{
static esp_key_mgr_random_key_config_t key_config;
key_config.key_type = ESP_KEY_MGR_XTS_AES_256_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_random_mode();
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */
#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
#if SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
extern void test_ecdsa_export_pubkey(bool is_p256, uint8_t *ecdsa_pub_x, uint8_t *ecdsa_pub_y, bool use_km_key);
extern void test_ecdsa_export_pubkey_inner(bool is_p256, uint8_t *exported_pub_x, uint8_t *exported_pub_y, bool use_km_key, uint16_t *len);
#endif
extern void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, bool use_km_key, ecdsa_sign_type_t k_type);
extern int test_ecdsa_verify(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, uint8_t *pub_x, uint8_t *pub_y);
extern void test_ecdsa_sign_and_verify(bool is_p256, uint8_t* sha, uint8_t* pub_x, uint8_t* pub_y, bool use_km_key, ecdsa_sign_type_t k_type);
/*
@@ -137,11 +228,6 @@ void test_ecdsa_key_aes_mode(test_data_aes_mode_t *ecdsa_test_data, ecdsa_sign_t
#endif
}
extern void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, bool use_km_key, ecdsa_sign_type_t k_type);
extern int test_ecdsa_verify(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, uint8_t *pub_x, uint8_t *pub_y);
void key_mgr_test_ecdsa_key(bool is_p256, ecdsa_sign_type_t k_type)
{
uint8_t pub_x[32] = {};
@@ -151,18 +237,17 @@ void key_mgr_test_ecdsa_key(bool is_p256, ecdsa_sign_type_t k_type)
test_ecdsa_sign(is_p256, sha256_digest, r_le, s_le, 1, k_type);
print_data_in_hex(sha256_digest, sizeof(sha256_digest), "ECDSA message sha256 digest");
print_data_in_hex(r_le, sizeof(r_le), "ECDSA signature r_le");
print_data_in_hex(s_le, sizeof(s_le), "ECDSA signature s_le");
ESP_LOG_BUFFER_HEXDUMP("ECDSA message sha256 digest", sha256_digest, sizeof(sha256_digest), ESP_LOG_DEBUG);
ESP_LOG_BUFFER_HEXDUMP("ECDSA signature r_le", r_le, sizeof(r_le), ESP_LOG_DEBUG);
ESP_LOG_BUFFER_HEXDUMP("ECDSA signature s_le", s_le, sizeof(s_le), ESP_LOG_DEBUG);
// Export the pubkey from ECDSA peripheral
uint16_t pubkey_len = 0;
test_ecdsa_export_pubkey_inner(is_p256, pub_x, pub_y, 1, &pubkey_len);
print_data_in_hex(pub_x, pubkey_len, "ECDSA key pubx");
print_data_in_hex(pub_y, pubkey_len, "ECDSA key puby");
ESP_LOG_BUFFER_HEXDUMP("ECDSA key pubx", pub_x, pubkey_len, ESP_LOG_DEBUG);
ESP_LOG_BUFFER_HEXDUMP("ECDSA key puby", pub_y, pubkey_len, ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(0, test_ecdsa_verify(is_p256, sha256_digest, r_le, s_le, pub_x, pub_y));
}
static void key_mgr_test_ecdsa_p256_aes_mode(void)
@@ -185,47 +270,8 @@ static void key_mgr_test_ecdsa_p256_aes_mode(void)
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_xts_aes_128_ecdh0_mode(void)
{
printf("\nKey Manager ECDH0 deployment: XTS_AES_128 key\n");
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
key_config.key_type = ESP_KEY_MGR_XTS_AES_128_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
print_data_in_hex(ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, "K2_G");
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_ecdh0_mode(&test_data_ecdh0);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_xts_aes_256_ecdh0_mode(void)
{
printf("\nKey Manager ECDH0 deployment: XTS_AES_256 key\n");
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
memcpy(key_config.k1_G[1], (uint8_t*) test_data_ecdh0.k1_G[1], KEY_MGR_ECDH0_INFO_SIZE);
key_config.key_type = ESP_KEY_MGR_XTS_AES_256_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
print_data_in_hex(ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, "K2_G_0");
print_data_in_hex(ecdh0_info.k2_G[1], KEY_MGR_ECDH0_INFO_SIZE, "K2_G_1");
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_ecdh0_mode(&test_data_ecdh0);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_ecdsa_ecdh0_mode(void)
{
printf("\nKey Manager ECDH0 deployment: ECDSA_256 key\n");
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
key_config.key_type = ESP_KEY_MGR_ECDSA_256_KEY;
@@ -233,8 +279,7 @@ static void key_mgr_test_ecdsa_ecdh0_mode(void)
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
print_data_in_hex(ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, "K2_G");
ESP_LOG_BUFFER_HEXDUMP("K2_G", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
@@ -246,7 +291,6 @@ static void key_mgr_test_ecdsa_ecdh0_mode(void)
static void key_mgr_test_ecdsa_random_mode(void)
{
printf("\nKey Manager Random deployment: ECDSA_256 key\n");
static esp_key_mgr_random_key_config_t key_config;
key_config.key_type = ESP_KEY_MGR_ECDSA_256_KEY;
@@ -254,57 +298,128 @@ static void key_mgr_test_ecdsa_random_mode(void)
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
key_mgr_test_ecdsa_key(1, ECDSA_K_TYPE_DETERMINISITIC);
#endif
key_mgr_test_ecdsa_key(1, ECDSA_K_TYPE_TRNG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */
#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY
extern esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t message_len, uint8_t *hmac);
static void test_xts_aes_key_random_mode(void)
static void key_mgr_test_hmac_key_aes_mode(test_data_aes_mode_t *test_data)
{
const esp_partition_t *partition = get_test_storage_partition();
ESP_ERROR_CHECK(esp_partition_erase_range(partition, 0, partition->size));
uint8_t plaintext_data[1024] = {[0 ... 1023] = 0xBE};
const int write_size = 16;
for (int i = 0; i < sizeof(plaintext_data) / write_size; i++) {
printf("\n i = %d\n", i);
ESP_ERROR_CHECK(esp_flash_write_encrypted(NULL, partition->address + (i * write_size), plaintext_data, write_size));
static uint8_t read_data[128];
ESP_ERROR_CHECK(esp_partition_read(partition, write_size * i, read_data, write_size));
TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext_data + (i * write_size), read_data, write_size);
}
uint8_t hmac[32] = {0};
TEST_ASSERT_EQUAL(ESP_OK, hmac_calculate(HMAC_KEY_KM, test_data->hmac_test_data.message, sizeof(test_data->hmac_test_data.message), hmac));
TEST_ASSERT_EQUAL_HEX8_ARRAY(test_data->hmac_test_data.hmac_result, hmac, sizeof(test_data->hmac_test_data.hmac_result));
}
static void key_mgr_test_hmac_key_ecdh0_mode(const uint8_t *message, size_t message_len)
{
uint8_t hmac[32] = {0};
TEST_ASSERT_EQUAL(ESP_OK, hmac_calculate(HMAC_KEY_KM, message, message_len, hmac));
// We cannot verify the result here as the HMAC key deployed is unknown.
}
static void key_mgr_test_hmac_key_aes_random_mode(const uint8_t *message, size_t message_len)
{
uint8_t hmac[32] = {0};
TEST_ASSERT_EQUAL(ESP_OK, hmac_calculate(HMAC_KEY_KM, message, message_len, hmac));
// We cannot verify the result here as the HMAC key deployed is unknown.
}
static void key_mgr_test_xts_aes_128_random_mode(void)
static void key_mgr_test_hmac_aes_mode(void)
{
static esp_key_mgr_random_key_config_t key_config;
key_config.key_type = ESP_KEY_MGR_XTS_AES_128_KEY;
static esp_key_mgr_aes_key_config_t key_config;
memcpy(key_config.k2_info, (uint8_t*) test_data_hmac.k2_info, KEY_MGR_K2_INFO_SIZE);
memcpy(key_config.k1_encrypted, (uint8_t*) test_data_hmac.k1_encrypted, KEY_MGR_K1_ENCRYPTED_SIZE);
memcpy(key_config.sw_init_key, (uint8_t*) test_data_hmac.init_key, KEY_MGR_SW_INIT_KEY_SIZE);
key_config.use_pre_generated_sw_init_key = 1;
key_config.key_type = ESP_KEY_MGR_HMAC_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_random_mode();
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_aes_mode(&key_config, &key_recovery_info));
ESP_LOG_BUFFER_HEXDUMP("key_info", key_recovery_info.key_info, sizeof(esp_key_mgr_key_info_t), ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
key_mgr_test_hmac_key_aes_mode(&test_data_hmac);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_xts_aes_256_random_mode(void)
static void key_mgr_test_hmac_ecdh0_mode(void)
{
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
key_config.key_type = ESP_KEY_MGR_HMAC_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
ESP_LOG_BUFFER_HEXDUMP("K2_G", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
key_mgr_test_hmac_key_ecdh0_mode(test_data_hmac.hmac_test_data.message, sizeof(test_data_hmac.hmac_test_data.message));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_hmac_random_mode(void)
{
static esp_key_mgr_random_key_config_t key_config;
key_config.key_type = ESP_KEY_MGR_XTS_AES_256_KEY;
key_config.key_type = ESP_KEY_MGR_HMAC_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_random_mode();
key_mgr_test_hmac_key_aes_random_mode(test_data_hmac.hmac_test_data.message, sizeof(test_data_hmac.hmac_test_data.message));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif
#endif /* SOC_KEY_MANAGER_HMAC_KEY_DEPLOY */
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY
extern esp_err_t esp_ds_sign(const void *message,
const esp_ds_data_t *data,
uint32_t key_id,
void *signature);
static void key_mgr_test_ds_key_aes_mode(test_data_aes_mode_t *test_data)
{
esp_ds_data_t esp_ds_data = {0};
esp_ds_data.rsa_length = test_data->ds_test_data.ds_key_size / 32 - 1;
memcpy(esp_ds_data.iv, test_data->ds_test_data.ds_encrypted_input_params_iv, sizeof(esp_ds_data.iv));
memcpy(esp_ds_data.c, test_data->ds_test_data.ds_encrypted_input_params, sizeof(esp_ds_data.c));
uint8_t signature[4096 / 8] = {0}; // Max possible RSA signature size
esp_err_t ds_r = esp_ds_sign(test_data->ds_test_data.ds_message,
&esp_ds_data,
HMAC_KEY_KM,
signature);
TEST_ASSERT_EQUAL(ESP_OK, ds_r);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test_data->ds_test_data.ds_result, signature, sizeof(test_data->ds_test_data.ds_result));
}
static void key_mgr_test_ds_aes_mode(void)
{
static esp_key_mgr_aes_key_config_t key_config;
memcpy(key_config.k2_info, (uint8_t*) test_data_ds.k2_info, KEY_MGR_K2_INFO_SIZE);
memcpy(key_config.k1_encrypted, (uint8_t*) test_data_ds.k1_encrypted, KEY_MGR_K1_ENCRYPTED_SIZE);
memcpy(key_config.sw_init_key, (uint8_t*) test_data_ds.init_key, KEY_MGR_SW_INIT_KEY_SIZE);
key_config.use_pre_generated_sw_init_key = 1;
key_config.key_type = ESP_KEY_MGR_DS_KEY;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_aes_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
key_mgr_test_ds_key_aes_mode(&test_data_ds);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_KEY_MANAGER_DS_KEY_DEPLOY */
TEST_GROUP(key_manager);
@@ -320,56 +435,124 @@ TEST_TEAR_DOWN(key_manager)
test_utils_get_leak_level(ESP_LEAK_TYPE_CRITICAL, ESP_COMP_LEAK_ALL));
}
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY
#if SOC_FLASH_ENCRYPTION_XTS_AES_128
TEST(key_manager, xts_aes_128_key_aes_deployment)
{
key_mgr_test_xts_aes_128();
key_mgr_test_xts_aes_128_aes_mode();
}
TEST(key_manager, xts_key_128_ecdh0_deployment)
{
key_mgr_test_xts_aes_128_ecdh0_mode();
}
#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
TEST(key_manager, xts_key_128_random_deployment)
{
key_mgr_test_xts_aes_128_random_mode();
}
#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */
#if SOC_FLASH_ENCRYPTION_XTS_AES_256
TEST(key_manager, xts_aes_256_key_aes_deployment)
{
key_mgr_test_xts_aes_256_aes_mode();
}
TEST(key_manager, ecdsa_key_aes_deployment)
TEST(key_manager, xts_key_256_ecdh0_deployment)
{
key_mgr_test_xts_aes_256_ecdh0_mode();
}
#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
TEST(key_manager, xts_key_256_random_deployment)
{
key_mgr_test_xts_aes_256_random_mode();
}
#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
TEST(key_manager, ecdsa_p256_key_aes_deployment)
{
key_mgr_test_ecdsa_p256_aes_mode();
}
TEST(key_manager, xts_key_ecdh0_deployment)
{
key_mgr_test_xts_aes_128_ecdh0_mode();
key_mgr_test_xts_aes_256_ecdh0_mode();
}
TEST(key_manager, ecdsa_key_ecdh0_deployment)
TEST(key_manager, ecdsa_p256_key_ecdh0_deployment)
{
key_mgr_test_ecdsa_ecdh0_mode();
}
TEST(key_manager, ecdsa_key_random_deployment)
TEST(key_manager, ecdsa_p256_key_random_deployment)
{
key_mgr_test_ecdsa_random_mode();
}
#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */
#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
TEST(key_manager, xts_key_random_deployment)
#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY
TEST(key_manager, hmac_key_aes_deployment)
{
key_mgr_test_xts_aes_128_random_mode();
key_mgr_test_xts_aes_256_random_mode();
key_mgr_test_hmac_aes_mode();
}
#endif
TEST(key_manager, hmac_key_ecdh0_deployment)
{
key_mgr_test_hmac_ecdh0_mode();
}
TEST(key_manager, hmac_key_random_deployment)
{
key_mgr_test_hmac_random_mode();
}
#endif /* SOC_KEY_MANAGER_HMAC_KEY_DEPLOY */
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY
TEST(key_manager, ds_key_aes_deployment)
{
key_mgr_test_ds_aes_mode();
}
#endif /* SOC_KEY_MANAGER_DS_KEY_DEPLOY */
TEST_GROUP_RUNNER(key_manager)
{
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY
#if SOC_FLASH_ENCRYPTION_XTS_AES_128
RUN_TEST_CASE(key_manager, xts_aes_128_key_aes_deployment);
RUN_TEST_CASE(key_manager, xts_aes_256_key_aes_deployment);
RUN_TEST_CASE(key_manager, ecdsa_key_aes_deployment);
RUN_TEST_CASE(key_manager, xts_key_ecdh0_deployment);
RUN_TEST_CASE(key_manager, ecdsa_key_ecdh0_deployment);
RUN_TEST_CASE(key_manager, ecdsa_key_random_deployment);
RUN_TEST_CASE(key_manager, xts_key_128_ecdh0_deployment);
#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
// This tests expects Flash encryption to be enabled as the test compares the decrypted flash data with the plaintext data
RUN_TEST_CASE(key_manager, xts_key_random_deployment);
#endif
RUN_TEST_CASE(key_manager, xts_key_128_random_deployment);
#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */
#if SOC_FLASH_ENCRYPTION_XTS_AES_256
RUN_TEST_CASE(key_manager, xts_aes_256_key_aes_deployment);
RUN_TEST_CASE(key_manager, xts_key_256_ecdh0_deployment);
#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
RUN_TEST_CASE(key_manager, xts_key_256_random_deployment);
#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
RUN_TEST_CASE(key_manager, ecdsa_p256_key_aes_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p256_key_ecdh0_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p256_key_random_deployment);
#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */
#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY
RUN_TEST_CASE(key_manager, hmac_key_aes_deployment);
RUN_TEST_CASE(key_manager, hmac_key_ecdh0_deployment);
RUN_TEST_CASE(key_manager, hmac_key_random_deployment);
#endif /* SOC_KEY_MANAGER_HMAC_KEY_DEPLOY */
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY
RUN_TEST_CASE(key_manager, ds_key_aes_deployment);
// Verifying deployment of a DS key using the ECDH0 and Random mode of the Key Manager
// is not possible as the deployed DS key is not known to user in these modes to
// pre-generate the ciphertext input data.
#endif /* SOC_KEY_MANAGER_DS_KEY_DEPLOY */
}

29
components/hal/test_apps/crypto/main/sha/sha_block.c
View File

@@ -12,7 +12,7 @@
#include "soc/periph_defs.h"
#include "esp_private/periph_ctrl.h"
#include "esp_private/esp_crypto_lock_internal.h"
#include "esp_crypto_periph_clk.h"
#include "hal/sha_hal.h"
#include "hal/sha_ll.h"
#include "sha_block.h"
@@ -68,10 +68,7 @@ static void sha1_update_block(sha1_ctx* ctx, esp_sha_type sha_type, const unsign
if ( (ilen >= 64) || local_len) {
/* Enable peripheral module */
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(true);
sha_ll_reset_register();
}
esp_crypto_sha_enable_periph_clk(true);
sha_hal_wait_idle();
sha_hal_set_mode(sha_type);
@@ -103,9 +100,7 @@ static void sha1_update_block(sha1_ctx* ctx, esp_sha_type sha_type, const unsign
sha_hal_read_digest(sha_type, ctx->state);
/* Disable peripheral module */
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(false);
}
esp_crypto_sha_enable_periph_clk(false);
}
if ( ilen > 0 ) {
@@ -172,10 +167,7 @@ static void sha256_update_block(sha256_ctx* ctx, esp_sha_type sha_type, const un
if ( (ilen >= 64) || local_len) {
/* Enable peripheral module */
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(true);
sha_ll_reset_register();
}
esp_crypto_sha_enable_periph_clk(true);
sha_hal_wait_idle();
sha_hal_set_mode(sha_type);
@@ -207,9 +199,7 @@ static void sha256_update_block(sha256_ctx* ctx, esp_sha_type sha_type, const un
sha_hal_read_digest(sha_type, ctx->state);
/* Disable peripheral module */
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(false);
}
esp_crypto_sha_enable_periph_clk(false);
}
if ( ilen > 0 ) {
@@ -321,10 +311,7 @@ static void sha512_update_block(sha512_ctx* ctx, esp_sha_type sha_type, const un
if ( (ilen >= 128) || local_len) {
/* Enable peripheral module */
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(true);
sha_ll_reset_register();
}
esp_crypto_sha_enable_periph_clk(true);
sha_hal_wait_idle();
sha_hal_set_mode(sha_type);
@@ -360,9 +347,7 @@ static void sha512_update_block(sha512_ctx* ctx, esp_sha_type sha_type, const un
sha_hal_read_digest(sha_type, ctx->state);
/* Disable peripheral module */
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(false);
}
esp_crypto_sha_enable_periph_clk(false);
}
if ( ilen > 0 ) {