From ea322ee6ef5decd50e62e2e449034e248a414043 Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Thu, 12 Jun 2025 16:02:00 +0530 Subject: [PATCH] test(hal/crypto): Add HMAC and DS using Key Manager key tests - Also updated the test app to use esp_crypto_periph_clk.h --- .../hal/test_apps/crypto/main/aes/aes_block.c | 22 +- .../hal/test_apps/crypto/main/ds/ds_types.h | 47 ++ .../hal/test_apps/crypto/main/ds/test_ds.c | 150 ++----- .../hal/test_apps/crypto/main/ecc/test_ecc.c | 50 +-- .../test_apps/crypto/main/ecdsa/test_ecdsa.c | 35 +- .../test_apps/crypto/main/hmac/test_hmac.c | 37 +- .../crypto/main/key_manager/ecdsa_256_key.pem | 5 + .../key_manager/gen_key_manager_test_cases.py | 289 ++++++++++-- .../crypto/main/key_manager/init_key.bin | 1 + .../test_apps/crypto/main/key_manager/k1.bin | 1 + .../crypto/main/key_manager/k1_64.bin | Bin 0 -> 64 bytes .../test_apps/crypto/main/key_manager/k2.bin | 1 + .../main/key_manager/key_manager_test_cases.h | 98 ++-- .../crypto/main/key_manager/rand_num.bin | 1 + .../main/key_manager/test_key_manager.c | 425 +++++++++++++----- .../hal/test_apps/crypto/main/sha/sha_block.c | 29 +- 16 files changed, 762 insertions(+), 429 deletions(-) create mode 100644 components/hal/test_apps/crypto/main/ds/ds_types.h create mode 100644 components/hal/test_apps/crypto/main/key_manager/ecdsa_256_key.pem create mode 100644 components/hal/test_apps/crypto/main/key_manager/init_key.bin create mode 100644 components/hal/test_apps/crypto/main/key_manager/k1.bin create mode 100644 components/hal/test_apps/crypto/main/key_manager/k1_64.bin create mode 100644 components/hal/test_apps/crypto/main/key_manager/k2.bin create mode 100644 components/hal/test_apps/crypto/main/key_manager/rand_num.bin diff --git a/components/hal/test_apps/crypto/main/aes/aes_block.c b/components/hal/test_apps/crypto/main/aes/aes_block.c index d64beb007d..15de815e8c 100644 --- a/components/hal/test_apps/crypto/main/aes/aes_block.c +++ b/components/hal/test_apps/crypto/main/aes/aes_block.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: CC0-1.0 */ @@ -8,7 +8,7 @@ #include #include -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "hal/aes_types.h" #include "hal/aes_hal.h" #include "hal/aes_ll.h" @@ -30,10 +30,7 @@ void aes_crypt_cbc_block(int mode, uint32_t *iv_words = (uint32_t *)iv; unsigned char temp[16]; - AES_RCC_ATOMIC() { - aes_ll_enable_bus_clock(true); - aes_ll_reset_register(); - } + esp_crypto_aes_enable_periph_clk(true); /* Sets the key used for AES encryption/decryption */ aes_hal_setkey(key, key_bytes, mode); @@ -71,9 +68,7 @@ void aes_crypt_cbc_block(int mode, } } - AES_RCC_ATOMIC() { - aes_ll_enable_bus_clock(false); - } + esp_crypto_aes_enable_periph_clk(false); } @@ -89,10 +84,7 @@ void aes_crypt_ctr_block(uint8_t key_bytes, int c, i; size_t n = *nc_off; - AES_RCC_ATOMIC() { - aes_ll_enable_bus_clock(true); - aes_ll_reset_register(); - } + esp_crypto_aes_enable_periph_clk(true); /* Sets the key used for AES encryption/decryption */ aes_hal_setkey(key, key_bytes, ESP_AES_ENCRYPT); @@ -113,9 +105,7 @@ void aes_crypt_ctr_block(uint8_t key_bytes, *nc_off = n; - AES_RCC_ATOMIC() { - aes_ll_enable_bus_clock(false); - } + esp_crypto_aes_enable_periph_clk(false); } #endif diff --git a/components/hal/test_apps/crypto/main/ds/ds_types.h b/components/hal/test_apps/crypto/main/ds/ds_types.h new file mode 100644 index 0000000000..6b82bf20fe --- /dev/null +++ b/components/hal/test_apps/crypto/main/ds/ds_types.h @@ -0,0 +1,47 @@ +/* + * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Unlicense OR CC0-1.0 + */ +#include +#include "soc/soc_caps.h" + +#define ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL (0x1) /*!< HMAC peripheral problem */ +#define ESP_ERR_HW_CRYPTO_DS_INVALID_KEY (0x2) /*!< given HMAC key isn't correct, HMAC peripheral problem */ +#define ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST (0x4) /*!< message digest check failed, result is invalid */ +#define ESP_ERR_HW_CRYPTO_DS_INVALID_PADDING (0x5) /*!< padding check failed, but result is produced anyway and can be read*/ + +#define ESP_DS_IV_BIT_LEN 128 +#define ESP_DS_IV_LEN (ESP_DS_IV_BIT_LEN / 8) +#define ESP_DS_SIGNATURE_MAX_BIT_LEN SOC_RSA_MAX_BIT_LEN +#define ESP_DS_SIGNATURE_MD_BIT_LEN 256 +#define ESP_DS_SIGNATURE_M_PRIME_BIT_LEN 32 +#define ESP_DS_SIGNATURE_L_BIT_LEN 32 +#define ESP_DS_SIGNATURE_PADDING_BIT_LEN 64 + +#define ESP_DS_C_LEN (((ESP_DS_SIGNATURE_MAX_BIT_LEN * 3 \ + + ESP_DS_SIGNATURE_MD_BIT_LEN \ + + ESP_DS_SIGNATURE_M_PRIME_BIT_LEN \ + + ESP_DS_SIGNATURE_L_BIT_LEN \ + + ESP_DS_SIGNATURE_PADDING_BIT_LEN) / 8)) + +typedef enum { + ESP_DS_RSA_1024 = (1024 / 32) - 1, + ESP_DS_RSA_2048 = (2048 / 32) - 1, + ESP_DS_RSA_3072 = (3072 / 32) - 1, + ESP_DS_RSA_4096 = (4096 / 32) - 1 +} esp_digital_signature_length_t; + +typedef struct esp_digital_signature_data { + esp_digital_signature_length_t rsa_length; + uint32_t iv[ESP_DS_IV_BIT_LEN / 32]; + uint8_t c[ESP_DS_C_LEN]; +} esp_ds_data_t; + +typedef struct { + uint32_t Y[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32]; + uint32_t M[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32]; + uint32_t Rb[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32]; + uint32_t M_prime; + uint32_t length; +} esp_ds_p_data_t; diff --git a/components/hal/test_apps/crypto/main/ds/test_ds.c b/components/hal/test_apps/crypto/main/ds/test_ds.c index ab8654623b..e56d2f3c57 100644 --- a/components/hal/test_apps/crypto/main/ds/test_ds.c +++ b/components/hal/test_apps/crypto/main/ds/test_ds.c @@ -13,84 +13,23 @@ #include "soc/soc_caps.h" #include "esp_log.h" +#include "ds_types.h" const static char *TAG = "test_ds"; #include "rom/efuse.h" -#if CONFIG_IDF_TARGET_ESP32S2 -#include "esp32s2/rom/digital_signature.h" -#include "esp32s2/rom/aes.h" -#include "esp32s2/rom/sha.h" -#include "esp32s2/rom/hmac.h" -#include "soc/soc_memory_layout.h" -#elif CONFIG_IDF_TARGET_ESP32C3 -#include "esp32c3/rom/digital_signature.h" -#include "esp32c3/rom/hmac.h" -#elif CONFIG_IDF_TARGET_ESP32S3 -#include "esp32s3/rom/digital_signature.h" -#include "esp32s3/rom/aes.h" -#include "esp32s3/rom/sha.h" -#elif CONFIG_IDF_TARGET_ESP32C6 -#include "esp32c6/rom/digital_signature.h" -#include "esp32c6/rom/aes.h" -#include "esp32c6/rom/sha.h" -#elif CONFIG_IDF_TARGET_ESP32H2 -#include "esp32h2/rom/digital_signature.h" -#include "esp32h2/rom/aes.h" -#include "esp32h2/rom/sha.h" -#elif CONFIG_IDF_TARGET_ESP32P4 -#include "esp32p4/rom/digital_signature.h" -#include "esp32p4/rom/aes.h" -#include "esp32p4/rom/sha.h" -#elif CONFIG_IDF_TARGET_ESP32C5 -#include "esp32c5/rom/digital_signature.h" -#include "esp32c5/rom/aes.h" -#include "esp32c5/rom/sha.h" -#elif CONFIG_IDF_TARGET_ESP32H21 -#include "esp32h21/rom/digital_signature.h" -#include "esp32h21/rom/aes.h" -#include "esp32h21/rom/sha.h" +#include "rom/sha.h" +#include "rom/digital_signature.h" +#include "rom/aes.h" +#include "rom/hmac.h" + +#if SOC_KEY_MANAGER_DS_KEY_DEPLOY +#include "hal/key_mgr_ll.h" #endif -#define ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL (0x1) /*!< HMAC peripheral problem */ -#define ESP_ERR_HW_CRYPTO_DS_INVALID_KEY (0x2) /*!< given HMAC key isn't correct, HMAC peripheral problem */ -#define ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST (0x4) /*!< message digest check failed, result is invalid */ -#define ESP_ERR_HW_CRYPTO_DS_INVALID_PADDING (0x5) /*!< padding check failed, but result is produced anyway and can be read*/ - -#define ESP_DS_IV_BIT_LEN 128 -#define ESP_DS_IV_LEN (ESP_DS_IV_BIT_LEN / 8) -#define ESP_DS_SIGNATURE_MAX_BIT_LEN SOC_RSA_MAX_BIT_LEN -#define ESP_DS_SIGNATURE_MD_BIT_LEN 256 -#define ESP_DS_SIGNATURE_M_PRIME_BIT_LEN 32 -#define ESP_DS_SIGNATURE_L_BIT_LEN 32 -#define ESP_DS_SIGNATURE_PADDING_BIT_LEN 64 - -#define ESP_DS_C_LEN (((ESP_DS_SIGNATURE_MAX_BIT_LEN * 3 \ - + ESP_DS_SIGNATURE_MD_BIT_LEN \ - + ESP_DS_SIGNATURE_M_PRIME_BIT_LEN \ - + ESP_DS_SIGNATURE_L_BIT_LEN \ - + ESP_DS_SIGNATURE_PADDING_BIT_LEN) / 8)) - -typedef enum { - ESP_DS_RSA_1024 = (1024 / 32) - 1, - ESP_DS_RSA_2048 = (2048 / 32) - 1, - ESP_DS_RSA_3072 = (3072 / 32) - 1, - ESP_DS_RSA_4096 = (4096 / 32) - 1 -} esp_digital_signature_length_t; - -typedef struct esp_digital_signature_data { - esp_digital_signature_length_t rsa_length; - uint32_t iv[ESP_DS_IV_BIT_LEN / 32]; - uint8_t c[ESP_DS_C_LEN]; -} esp_ds_data_t; - -typedef struct { - uint32_t Y[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32]; - uint32_t M[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32]; - uint32_t Rb[ESP_DS_SIGNATURE_MAX_BIT_LEN / 32]; - uint32_t M_prime; - uint32_t length; -} esp_ds_p_data_t; +#if CONFIG_IDF_TARGET_ESP32S2 +#include "soc/soc_memory_layout.h" +#endif #define NUM_RESULTS 10 @@ -128,43 +67,23 @@ _Static_assert(NUM_RESULTS == NUM_MESSAGES, "expected_results size should be the #include "hal/hmac_hal.h" #include "hal/hmac_ll.h" #include "hal/sha_ll.h" - +#include "esp_crypto_periph_clk.h" static void ds_acquire_enable(void) { - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(true); - hmac_ll_reset_register(); - } - - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(true); - sha_ll_reset_register(); - } - - DS_RCC_ATOMIC() { - ds_ll_enable_bus_clock(true); - ds_ll_reset_register(); - } - - hmac_hal_start(); + // We also enable SHA and HMAC here. SHA is used by HMAC, HMAC is used by DS. + esp_crypto_hmac_enable_periph_clk(true); + esp_crypto_sha_enable_periph_clk(true); + esp_crypto_mpi_enable_periph_clk(true); + esp_crypto_ds_enable_periph_clk(true); } static void ds_disable_release(void) { - ds_hal_finish(); - - DS_RCC_ATOMIC() { - ds_ll_enable_bus_clock(false); - } - - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(false); - } - - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(false); - } + esp_crypto_mpi_enable_periph_clk(false); + esp_crypto_sha_enable_periph_clk(false); + esp_crypto_hmac_enable_periph_clk(false); + esp_crypto_ds_enable_periph_clk(false); } @@ -172,11 +91,22 @@ static esp_err_t esp_ds_start_sign(const void *message, const esp_ds_data_t *dat { ds_acquire_enable(); - uint32_t conf_error = hmac_hal_configure(HMAC_OUTPUT_DS, key_id); - if (conf_error) { - ds_disable_release(); - return ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL; +#if SOC_KEY_MANAGER_DS_KEY_DEPLOY + if (key_id == HMAC_KEY_KM) { + ds_hal_set_key_source(DS_KEY_SOURCE_KEY_MGR); + } else { + ds_hal_set_key_source(DS_KEY_SOURCE_EFUSE); +#endif + hmac_hal_start(); + uint32_t conf_error = hmac_hal_configure(HMAC_OUTPUT_DS, key_id); + if (conf_error) { + ds_disable_release(); + ESP_LOGE(TAG, "HMAC configure failed"); + return ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL; + } +#if SOC_KEY_MANAGER_DS_KEY_DEPLOY } +#endif ds_hal_start(); @@ -211,13 +141,13 @@ static esp_err_t esp_ds_finish_sign(void *signature, const esp_ds_data_t *data) } hmac_hal_clean(); - + ds_hal_finish(); ds_disable_release(); return return_value; } -static esp_err_t esp_ds_sign(const void *message, +esp_err_t esp_ds_sign(const void *message, const esp_ds_data_t *data, uint32_t key_id, void *signature) @@ -287,8 +217,8 @@ static void ds_disable_release(void) } static esp_err_t esp_ds_start_sign(const void *message, - const esp_ds_data_t *data, - uint32_t key_id) + const esp_ds_data_t *data, + uint32_t key_id) { ds_acquire_enable(); diff --git a/components/hal/test_apps/crypto/main/ecc/test_ecc.c b/components/hal/test_apps/crypto/main/ecc/test_ecc.c index 433915e575..603771d081 100644 --- a/components/hal/test_apps/crypto/main/ecc/test_ecc.c +++ b/components/hal/test_apps/crypto/main/ecc/test_ecc.c @@ -9,7 +9,7 @@ #include #include #include "sdkconfig.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "esp_log.h" #include "ecc_params.h" #include "soc/soc_caps.h" @@ -43,24 +43,6 @@ static void ecc_be_to_le(const uint8_t* be_point, uint8_t *le_point, uint8_t len } } -static void ecc_enable_and_reset(void) -{ - ECC_RCC_ATOMIC() { - ecc_ll_enable_bus_clock(true); - ecc_ll_power_up(); - ecc_ll_reset_register(); - } -} - -static void ecc_disable(void) -{ - ECC_RCC_ATOMIC() { - ecc_ll_enable_bus_clock(false); - ecc_ll_power_down(); - } -} - - TEST_GROUP(ecc); TEST_SETUP(ecc) @@ -79,7 +61,7 @@ TEST_TEAR_DOWN(ecc) static void ecc_point_mul(const uint8_t *k_le, const uint8_t *x_le, const uint8_t *y_le, uint8_t len, bool verify_first, uint8_t *res_x_le, uint8_t *res_y_le) { - ecc_enable_and_reset(); + esp_crypto_ecc_enable_periph_clk(true); ecc_hal_write_mul_param(k_le, x_le, y_le, len); if (verify_first) { @@ -95,7 +77,7 @@ static void ecc_point_mul(const uint8_t *k_le, const uint8_t *x_le, const uint8_ } ecc_hal_read_mul_result(res_x_le, res_y_le, len); - ecc_disable(); + esp_crypto_ecc_enable_periph_clk(false); } static void test_ecc_point_mul_inner(bool verify_first) @@ -161,7 +143,7 @@ TEST(ecc, ecc_point_multiplication_on_SECP192R1_and_SECP256R1) #if SOC_ECC_CONSTANT_TIME_POINT_MUL -#define CONST_TIME_DEVIATION_PERCENT 0.002 +#define CONST_TIME_DEVIATION_PERCENT 0.0025 static void test_ecc_point_mul_inner_constant_time(void) { @@ -237,7 +219,7 @@ TEST(ecc, ecc_point_multiplication_const_time_check_on_SECP192R1_and_SECP256R1) #if SOC_ECC_SUPPORT_POINT_VERIFY && !defined(SOC_ECC_SUPPORT_POINT_VERIFY_QUIRK) static int ecc_point_verify(const uint8_t *x_le, const uint8_t *y_le, uint8_t len) { - ecc_enable_and_reset(); + esp_crypto_ecc_enable_periph_clk(true); ecc_hal_write_verify_param(x_le, y_le, len); ecc_hal_set_mode(ECC_MODE_VERIFY); @@ -248,7 +230,7 @@ static int ecc_point_verify(const uint8_t *x_le, const uint8_t *y_le, uint8_t le } int ret = ecc_hal_read_verify_result(); - ecc_disable(); + esp_crypto_ecc_enable_periph_clk(false); return ret; } @@ -297,7 +279,7 @@ TEST(ecc, ecc_point_verification_and_multiplication_on_SECP192R1_and_SECP256R1) #if SOC_ECC_SUPPORT_POINT_DIVISION static void ecc_point_inv_mul(const uint8_t *num_le, const uint8_t *deno_le, uint8_t len, uint8_t *res_le) { - ecc_enable_and_reset(); + esp_crypto_ecc_enable_periph_clk(true); uint8_t zero[32] = {0}; ecc_hal_write_mul_param(zero, num_le, deno_le, len); @@ -311,7 +293,7 @@ static void ecc_point_inv_mul(const uint8_t *num_le, const uint8_t *deno_le, uin } ecc_hal_read_mul_result(zero, res_le, len); - ecc_disable(); + esp_crypto_ecc_enable_periph_clk(false); } TEST(ecc, ecc_inverse_multiplication_or_mod_division_using_SECP192R1_and_SECP256R1_order_of_curve) @@ -329,7 +311,7 @@ TEST(ecc, ecc_inverse_multiplication_or_mod_division_using_SECP192R1_and_SECP256 static void ecc_jacob_mul(uint8_t *k_le, uint8_t *x_le, uint8_t *y_le, uint8_t len, bool verify_first, uint8_t *res_x_le, uint8_t *res_y_le, uint8_t *res_z_le) { - ecc_enable_and_reset(); + esp_crypto_ecc_enable_periph_clk(true); ecc_hal_write_mul_param(k_le, x_le, y_le, len); if (verify_first) { @@ -344,7 +326,7 @@ static void ecc_jacob_mul(uint8_t *k_le, uint8_t *x_le, uint8_t *y_le, uint8_t l } ecc_hal_read_jacob_mul_result(res_x_le, res_y_le, res_z_le, len); - ecc_disable(); + esp_crypto_ecc_enable_periph_clk(false); } static void test_ecc_jacob_mul_inner(bool verify_first) @@ -393,7 +375,7 @@ TEST(ecc, ecc_jacobian_point_multiplication_on_SECP192R1_and_SECP256R1) #if SOC_ECC_SUPPORT_JACOB_POINT_VERIFY static int ecc_jacob_verify(const uint8_t *x_le, const uint8_t *y_le, const uint8_t *z_le, uint8_t len) { - ecc_enable_and_reset(); + esp_crypto_ecc_enable_periph_clk(true); ecc_hal_write_jacob_verify_param(x_le, y_le, z_le, len); @@ -406,7 +388,7 @@ static int ecc_jacob_verify(const uint8_t *x_le, const uint8_t *y_le, const uint } int ret = ecc_hal_read_verify_result(); - ecc_disable(); + esp_crypto_ecc_enable_periph_clk(false); return ret; } @@ -436,7 +418,7 @@ static void ecc_point_addition(uint8_t *px_le, uint8_t *py_le, uint8_t *qx_le, u uint8_t len, bool jacob_output, uint8_t *x_res_le, uint8_t *y_res_le, uint8_t *z_res_le) { - ecc_enable_and_reset(); + esp_crypto_ecc_enable_periph_clk(true); ecc_hal_write_point_add_param(px_le, py_le, qx_le, qy_le, qz_le, len); @@ -449,7 +431,7 @@ static void ecc_point_addition(uint8_t *px_le, uint8_t *py_le, uint8_t *qx_le, u } ecc_hal_read_point_add_result(x_res_le, y_res_le, z_res_le, len, jacob_output); - ecc_disable(); + esp_crypto_ecc_enable_periph_clk(false); } TEST(ecc, ecc_point_addition_on_SECP192R1_and_SECP256R1) @@ -508,7 +490,7 @@ TEST(ecc, ecc_point_addition_on_SECP192R1_and_SECP256R1) #if SOC_ECC_SUPPORT_MOD_ADD || SOC_ECC_SUPPORT_MOD_SUB || SOC_ECC_SUPPORT_MOD_MUL static void ecc_mod_op(ecc_mode_t mode, const uint8_t *a, const uint8_t *b, uint8_t len, uint8_t *res_le) { - ecc_enable_and_reset(); + esp_crypto_ecc_enable_periph_clk(true); ecc_hal_write_mod_op_param(a, b, len); @@ -521,7 +503,7 @@ static void ecc_mod_op(ecc_mode_t mode, const uint8_t *a, const uint8_t *b, uint } ecc_hal_read_mod_op_result(res_le, len); - ecc_disable(); + esp_crypto_ecc_enable_periph_clk(false); } #endif diff --git a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c index f8bec33c46..6438ede5a5 100644 --- a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c +++ b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c @@ -10,7 +10,7 @@ #include "esp_crypto_lock.h" #include "esp_efuse_chip.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "esp_random.h" #include "esp_err.h" #include "esp_efuse.h" @@ -35,41 +35,20 @@ __attribute__((unused)) static const char * TAG = "crypto_test"; static void ecdsa_enable_and_reset(void) { - ECDSA_RCC_ATOMIC() { - ecdsa_ll_enable_bus_clock(true); - ecdsa_ll_reset_register(); - } - - ECC_RCC_ATOMIC() { - ecc_ll_enable_bus_clock(true); - ecc_ll_power_up(); - ecc_ll_reset_register(); - } - + esp_crypto_ecdsa_enable_periph_clk(true); + esp_crypto_ecc_enable_periph_clk(true); #ifdef SOC_ECDSA_USES_MPI - MPI_RCC_ATOMIC() { - mpi_ll_enable_bus_clock(true); - mpi_ll_reset_register(); - } + esp_crypto_mpi_enable_periph_clk(true); #endif } static void ecdsa_disable(void) { #ifdef SOC_ECDSA_USES_MPI - MPI_RCC_ATOMIC() { - mpi_ll_enable_bus_clock(false); - } + esp_crypto_mpi_enable_periph_clk(false); #endif - - ECC_RCC_ATOMIC() { - ecc_ll_enable_bus_clock(false); - ecc_ll_power_down(); - } - - ECDSA_RCC_ATOMIC() { - ecdsa_ll_enable_bus_clock(false); - } + esp_crypto_ecc_enable_periph_clk(false); + esp_crypto_ecdsa_enable_periph_clk(false); } static void ecc_be_to_le(const uint8_t* be_point, uint8_t *le_point, uint8_t len) diff --git a/components/hal/test_apps/crypto/main/hmac/test_hmac.c b/components/hal/test_apps/crypto/main/hmac/test_hmac.c index 3cffb6b8af..930d2a6566 100644 --- a/components/hal/test_apps/crypto/main/hmac/test_hmac.c +++ b/components/hal/test_apps/crypto/main/hmac/test_hmac.c @@ -1,11 +1,11 @@ /* - * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ #include -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "esp_log.h" #include "memory_checks.h" #include "unity_fixture.h" @@ -61,24 +61,13 @@ static void write_and_padd(uint8_t *block, const uint8_t *data, uint16_t data_le bzero(block + data_len + 1, SHA256_BLOCK_SZ - data_len - 1); } -static esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t message_len, uint8_t *hmac) +esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t message_len, uint8_t *hmac) { const uint8_t *message_bytes = (const uint8_t *)message; - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(true); - hmac_ll_reset_register(); - } - - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(true); - sha_ll_reset_register(); - } - - DS_RCC_ATOMIC() { - ds_ll_enable_bus_clock(true); - ds_ll_reset_register(); - } + esp_crypto_hmac_enable_periph_clk(true); + esp_crypto_sha_enable_periph_clk(true); + esp_crypto_ds_enable_periph_clk(true); hmac_hal_start(); @@ -130,17 +119,9 @@ static esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t mes hmac_hal_read_result_256(hmac); - DS_RCC_ATOMIC() { - ds_ll_enable_bus_clock(false); - } - - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(false); - } - - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(false); - } + esp_crypto_hmac_enable_periph_clk(false); + esp_crypto_sha_enable_periph_clk(false); + esp_crypto_ds_enable_periph_clk(false); return ESP_OK; } diff --git a/components/hal/test_apps/crypto/main/key_manager/ecdsa_256_key.pem b/components/hal/test_apps/crypto/main/key_manager/ecdsa_256_key.pem new file mode 100644 index 0000000000..5e4dc4d806 --- /dev/null +++ b/components/hal/test_apps/crypto/main/key_manager/ecdsa_256_key.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEICySt/VCEPFi962COuQDE+cXD3Bz8XjZy2O5SM1LsHsGoAoGCCqGSM49 +AwEHoUQDQgAEBYu5KXarLURySNNaeZcxtBTxC0vJAM/evz9NC01IjCVQlOLJ4Y6i +3UviK3bgk+3FqpJBM+SQCqeDgd7ktPtr9Q== +-----END EC PRIVATE KEY----- diff --git a/components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py b/components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py index 12161bd699..3853455e1e 100644 --- a/components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py +++ b/components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py @@ -1,17 +1,26 @@ # SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD # SPDX-License-Identifier: Unlicense OR CC0-1.0 +import argparse +import hashlib +import hmac import os +import random import struct from typing import Any from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import ec +from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.hazmat.primitives.ciphers import algorithms from cryptography.hazmat.primitives.ciphers import modes +from cryptography.utils import int_to_bytes from ecdsa.curves import NIST256p +supported_targets = {'esp32p4', 'esp32c5'} +supported_ds_key_size = {'esp32p4': [4096, 3072, 2048, 1024], 'esp32c5': [3072, 2048, 1024]} + # Constants TEST_COUNT = 5 STORAGE_PARTITION_OFFSET = 0x160000 @@ -137,18 +146,119 @@ def generate_k1_G(key_file_path: str) -> tuple: return k1_G, k1_G +def generate_hmac_test_data(key: bytes) -> tuple: + hmac_message = ( + 'Deleniti voluptas explicabo et assumenda. Sed et aliquid minus quis. ' + 'Praesentium cupiditate quia nemo est. Laboriosam pariatur ut distinctio tenetur. ' + 'Sunt architecto iure aspernatur soluta ut recusandae. ' + 'Ut quibusdam occaecati ut qui sit dignissimos eaque..' + ).encode('utf-8') + hmac_result = hmac.HMAC(key, hmac_message, hashlib.sha256).digest() + return hmac_message, hmac_result + + +def number_as_bytes(number, pad_bits=0): # type: (int, int) -> bytes + """ + Given a number, format as a little endian array of bytes + """ + result = int_to_bytes(number)[::-1] # type: bytes + while pad_bits != 0 and len(result) < (pad_bits // 8): + result += b'\x00' + return result + + +def number_as_bignum_words(number): # type: (int) -> str + """ + Given a number, format result as a C array of words + (little-endian, same as ESP32 RSA peripheral or mbedTLS) + """ + result = [] + while number != 0: + result.append('0x%08x' % (number & 0xFFFFFFFF)) + number >>= 32 + return '{ ' + ', '.join(result) + ' }' + + +def generate_ds_encrypted_input_params(aes_key: bytes, target: str) -> tuple: + iv = os.urandom(16) + max_key_size = max(supported_ds_key_size[target]) + key_size = max_key_size + private_key = rsa.generate_private_key(public_exponent=65537, key_size=key_size, backend=default_backend()) + + priv_numbers = private_key.private_numbers() + pub_numbers = private_key.public_key().public_numbers() + Y = priv_numbers.d + M = pub_numbers.n + + rr = 1 << (key_size * 2) + rinv = rr % pub_numbers.n + mprime = -rsa._modinv(M, 1 << 32) + mprime &= 0xFFFFFFFF + length = key_size // 32 - 1 + + # calculate MD from preceding values and IV + # Y_max_key_size || M_max_key_size || Rb_max_key_size || M_prime32 || LENGTH32 || IV128 + md_in = ( + number_as_bytes(Y, max_key_size) + + number_as_bytes(M, max_key_size) + + number_as_bytes(rinv, max_key_size) + + struct.pack(' None: with open('key_manager_test_cases.h', 'w', encoding='utf-8') as file: header_content = """#include @@ -166,13 +276,30 @@ typedef struct test_ecdsa_data { uint8_t puby[32]; } test_ecdsa_data_t; +typedef struct test_hmac_data { + uint8_t message[%d]; + uint8_t hmac_result[32]; +} test_hmac_data_t; + +typedef struct test_ds_data { + uint8_t ds_message[%d / 8]; + uint8_t ds_encrypted_input_params[%d]; + uint8_t ds_encrypted_input_params_iv[16]; + size_t ds_key_size; + uint8_t ds_result[%d]; +} test_ds_data_t; + typedef struct test_data { uint8_t init_key[32]; uint8_t k2_info[64]; uint8_t k1_encrypted[2][32]; // For both 256-bit and 512-bit keys uint8_t plaintext_data[128]; - test_xts_data_t xts_test_data[TEST_COUNT]; - test_ecdsa_data_t ecdsa_test_data; + union { + test_xts_data_t xts_test_data[TEST_COUNT]; + test_ecdsa_data_t ecdsa_test_data; + test_hmac_data_t hmac_test_data; + test_ds_data_t ds_test_data; + }; } test_data_aes_mode_t; typedef struct test_data_ecdh0 { @@ -189,9 +316,13 @@ test_data_aes_mode_t test_data_xts_aes_128 = { .plaintext_data = { %s }, .xts_test_data = { """ % ( + len(hmac_message), + ds_key_size, + len(ds_encrypted_input_params), + len(ds_result), key_to_c_format(init_key), key_to_c_format(k2_info), - key_to_c_format(k1_encrypted_32[0]), + key_to_c_format(k1_encrypted_32_reversed[0]), key_to_c_format(bytes(range(1, 129))), ) @@ -209,8 +340,8 @@ test_data_aes_mode_t test_data_xts_aes_128 = { header_content += f'\t.init_key = {{{key_to_c_format(init_key)}}},\n' header_content += f'\t.k2_info = {{{key_to_c_format(k2_info)}}},\n' header_content += ( - f'\t.k1_encrypted = {{{{{key_to_c_format(k1_encrypted_64[0])}}}, ' - f'{{{key_to_c_format(k1_encrypted_64[1])}}}}},\n' + f'\t.k1_encrypted = {{{{{key_to_c_format(k1_encrypted_64_reversed[0])}}}, ' + f'{{{key_to_c_format(k1_encrypted_64_reversed[1])}}}}},\n' ) header_content += f'\t.plaintext_data = {{{key_to_c_format(bytes(range(1, 129)))}}},\n' header_content += ' .xts_test_data = {\n' @@ -221,7 +352,7 @@ test_data_aes_mode_t test_data_xts_aes_128 = { f'.data_offset = 0x{flash_address:x}, ' f'.ciphertext = {{{key_to_c_format(ciphertext)}}}}},\n' ) - header_content += '\t}\n};\n\n' + header_content += '\t}\n};\n' header_content += """ test_data_aes_mode_t test_data_ecdsa = { @@ -236,10 +367,11 @@ test_data_aes_mode_t test_data_ecdsa = { """ % ( key_to_c_format(init_key), key_to_c_format(k2_info), - key_to_c_format(k1_encrypted_32[0]), + key_to_c_format(k1_encrypted_32_reversed[0]), key_to_c_format(pubx), key_to_c_format(puby), ) + header_content += """ test_data_ecdh0_mode_t test_data_ecdh0 = { .plaintext_data = { %s }, @@ -252,7 +384,6 @@ test_data_ecdh0_mode_t test_data_ecdh0 = { { %s }, } };\n - """ % ( key_to_c_format(bytes(range(1, 129))), key_to_c_format(k1), @@ -261,50 +392,124 @@ test_data_ecdh0_mode_t test_data_ecdh0 = { key_to_c_format(k1_G_1), ) + header_content += """ +test_data_aes_mode_t test_data_hmac = { + .init_key = { %s }, + .k2_info = { %s }, + .k1_encrypted = { { %s }, { } }, + .hmac_test_data = { + .message = { %s }, + .hmac_result = { %s } + } +};\n +""" % ( + key_to_c_format(init_key), + key_to_c_format(k2_info), + key_to_c_format(k1_encrypted_32[0]), + key_to_c_format(hmac_message), + key_to_c_format(hmac_result), + ) + + header_content += """ +test_data_aes_mode_t test_data_ds = { + .init_key = { %s }, + .k2_info = { %s }, + .k1_encrypted = { { %s }, { } }, + .ds_test_data = { + .ds_message = { %s }, + .ds_encrypted_input_params = { %s }, + .ds_encrypted_input_params_iv = { %s }, + .ds_key_size = %d, + .ds_result = { %s } + } +};\n +""" % ( + key_to_c_format(init_key), + key_to_c_format(k2_info), + key_to_c_format(k1_encrypted_32_reversed[0]), + key_to_c_format(ds_message), + key_to_c_format(ds_encrypted_input_params), + key_to_c_format(ds_encrypted_input_params_iv), + ds_key_size, + key_to_c_format(ds_result), + ) + file.write(header_content) -# Main script logic follows as per your provided structure -init_key = key_from_file_or_generate('init_key.bin', 32) -k2 = key_from_file_or_generate('k2.bin', 32) -rand_num = key_from_file_or_generate('rand_num.bin', 32) +def generate_tests_cases(target: str) -> None: + # Main script logic follows as per your provided structure + init_key = key_from_file_or_generate('init_key.bin', 32) + k2 = key_from_file_or_generate('k2.bin', 32) + rand_num = key_from_file_or_generate('rand_num.bin', 32) -temp_result_inner = calculate_aes_cipher(k2, rand_num) -temp_result_outer = calculate_aes_cipher(temp_result_inner + rand_num, init_key) -k2_info = temp_result_outer + temp_result_inner = calculate_aes_cipher(k2, rand_num) + temp_result_outer = calculate_aes_cipher(temp_result_inner + rand_num, init_key) + k2_info = temp_result_outer -k1_32 = key_from_file_or_generate('k1.bin', 32) -k1_64 = key_from_file_or_generate('k1_64.bin', 64) + k1_32 = key_from_file_or_generate('k1.bin', 32) + k1_64 = key_from_file_or_generate('k1_64.bin', 64) -k1_32_reversed = k1_32[::-1] + k1_32_reversed = k1_32[::-1] -k1_64_reversed = k1_64[::-1] + k1_64_1 = k1_64[:32] + k1_64_1_reversed = k1_64_1[::-1] + k1_64_2 = k1_64[32:] + k1_64_2_reversed = k1_64_2[::-1] -k1_64_1 = k1_64[:32] -k1_64_1_reversed = k1_64_1[::-1] -k1_64_2 = k1_64[32:] -k1_64_2_reversed = k1_64_2[::-1] + k1_encrypted_32 = [calculate_aes_cipher(k1_32, k2)] + k1_encrypted_64 = [calculate_aes_cipher(k1_64_1, k2), calculate_aes_cipher(k1_64_2, k2)] -k1_encrypted_32 = [calculate_aes_cipher(k1_32_reversed, k2)] -k1_encrypted_64 = [calculate_aes_cipher(k1_64_1_reversed, k2), calculate_aes_cipher(k1_64_2_reversed, k2)] + k1_encrypted_32_reversed = [calculate_aes_cipher(k1_32_reversed, k2)] + k1_encrypted_64_reversed = [calculate_aes_cipher(k1_64_1_reversed, k2), calculate_aes_cipher(k1_64_2_reversed, k2)] -test_data_xts_aes_128 = generate_xts_test_data(k1_32) -xts_test_data_xts_aes_256 = generate_xts_test_data(k1_64) + test_data_xts_aes_128 = generate_xts_test_data(k1_32) + xts_test_data_xts_aes_256 = generate_xts_test_data(k1_64) -pubx, puby = generate_ecdsa_256_key_and_pub_key('k1.bin') + pubx, puby = generate_ecdsa_256_key_and_pub_key('k1.bin') -k1_G_0, k1_G_1 = generate_k1_G('k1.bin') + k1_G_0, k1_G_1 = generate_k1_G('k1.bin') -write_to_c_header( - init_key, - k1_32, - k2_info, - k1_encrypted_32, - test_data_xts_aes_128, - k1_encrypted_64, - xts_test_data_xts_aes_256, - pubx, - puby, - k1_G_0, - k1_G_1, -) + hmac_message, hmac_result = generate_hmac_test_data(k1_32) + + ds_message, ds_encrypted_input_params, ds_encrypted_input_params_iv, ds_key_size, ds_result = ( + generate_ds_encrypted_input_params(k1_32, target) + ) + + write_to_c_header( + init_key, + k1_32, + k2_info, + k1_encrypted_32, + k1_encrypted_32_reversed, + test_data_xts_aes_128, + k1_encrypted_64, + k1_encrypted_64_reversed, + xts_test_data_xts_aes_256, + pubx, + puby, + k1_G_0, + k1_G_1, + hmac_message, + hmac_result, + ds_message, + ds_encrypted_input_params, + ds_encrypted_input_params_iv, + ds_key_size, + ds_result, + ) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser(description="""Generates Digital Signature Test Cases""") + + parser.add_argument( + '--target', + required=True, + choices=supported_targets, + help='Target to generate test cases for, different targets support different max key length', + ) + + args = parser.parse_args() + + generate_tests_cases(args.target) diff --git a/components/hal/test_apps/crypto/main/key_manager/init_key.bin b/components/hal/test_apps/crypto/main/key_manager/init_key.bin new file mode 100644 index 0000000000..726a088171 --- /dev/null +++ b/components/hal/test_apps/crypto/main/key_manager/init_key.bin @@ -0,0 +1 @@ +Ú<ŠCƒ©K%[~ñW¸èE‡vîN.U§%á” \ No newline at end of file diff --git a/components/hal/test_apps/crypto/main/key_manager/k1.bin b/components/hal/test_apps/crypto/main/key_manager/k1.bin new file mode 100644 index 0000000000..33b9a09e2b --- /dev/null +++ b/components/hal/test_apps/crypto/main/key_manager/k1.bin @@ -0,0 +1 @@ +,’·õBñb÷­‚:äçpsñxÙËc¹HÍK°{ \ No newline at end of file diff --git a/components/hal/test_apps/crypto/main/key_manager/k1_64.bin b/components/hal/test_apps/crypto/main/key_manager/k1_64.bin new file mode 100644 index 0000000000000000000000000000000000000000..ed2a74627765f23ddb8813b978490855e4007305 GIT binary patch literal 64 zcmXqgk{g#9rEL7eVB*f#)5KLH+rO_rJ?qBFUA1$R)ZH7H;{>JFcTL}*d2QS5gNx(C W^X-B-size)); + uint8_t read_data[128]; for (int i = 0; i < TEST_COUNT; i++) { + memset(read_data, 0, sizeof(read_data)); uint32_t address = test_data->xts_test_data[i].data_offset; uint32_t data_size = test_data->xts_test_data[i].data_size; + ESP_ERROR_CHECK(esp_flash_write_encrypted(NULL, address, test_data->plaintext_data, data_size)); - static uint8_t read_data[128]; ESP_ERROR_CHECK(esp_flash_read(NULL, read_data, address, data_size)); + TEST_ASSERT_EQUAL_HEX8_ARRAY(test_data->xts_test_data[i].ciphertext, read_data, data_size); } } @@ -70,18 +72,20 @@ static void test_xts_aes_key_ecdh0_mode(test_data_ecdh0_mode_t *test_data) const esp_partition_t *partition = get_test_storage_partition(); ESP_ERROR_CHECK(esp_partition_erase_range(partition, 0, partition->size)); + uint8_t read_data[128] = { 0 }; uint32_t address = partition->address; uint32_t data_size = 32; - print_data_in_hex(test_data->plaintext_data, data_size, "Plaintext data"); + ESP_LOG_BUFFER_HEXDUMP("Plaintext data", test_data->plaintext_data, data_size, ESP_LOG_DEBUG); ESP_ERROR_CHECK(esp_flash_write_encrypted(NULL, address, test_data->plaintext_data, data_size)); - static uint8_t read_data[128]; ESP_ERROR_CHECK(esp_flash_read(NULL, read_data, address, data_size)); - print_data_in_hex(read_data, data_size, "Encrypted data"); + + ESP_LOG_BUFFER_HEXDUMP("Encrypted data", read_data, data_size, ESP_LOG_DEBUG); } -static void key_mgr_test_xts_aes_128(void) +#if SOC_FLASH_ENCRYPTION_XTS_AES_128 +static void key_mgr_test_xts_aes_128_aes_mode(void) { static esp_key_mgr_aes_key_config_t key_config; memcpy(key_config.k2_info, (uint8_t*) test_data_xts_aes_128.k2_info, KEY_MGR_K2_INFO_SIZE); @@ -95,9 +99,27 @@ static void key_mgr_test_xts_aes_128(void) TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); test_xts_aes_key_aes_mode(&test_data_xts_aes_128); TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); - } +static void key_mgr_test_xts_aes_128_ecdh0_mode(void) +{ + static esp_key_mgr_ecdh0_key_config_t key_config; + memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE); + key_config.key_type = ESP_KEY_MGR_XTS_AES_128_KEY; + + static esp_key_mgr_key_recovery_info_t key_recovery_info; + static esp_key_mgr_ecdh0_info_t ecdh0_info; + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info)); + + ESP_LOG_BUFFER_HEXDUMP("K2_G", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG); + + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); + test_xts_aes_key_ecdh0_mode(&test_data_ecdh0); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); +} +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */ + +#if SOC_FLASH_ENCRYPTION_XTS_AES_256 static void key_mgr_test_xts_aes_256_aes_mode(void) { static esp_key_mgr_aes_key_config_t key_config; @@ -115,11 +137,80 @@ static void key_mgr_test_xts_aes_256_aes_mode(void) TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); } -#ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY +static void key_mgr_test_xts_aes_256_ecdh0_mode(void) +{ + static esp_key_mgr_ecdh0_key_config_t key_config; + memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE); + memcpy(key_config.k1_G[1], (uint8_t*) test_data_ecdh0.k1_G[1], KEY_MGR_ECDH0_INFO_SIZE); + key_config.key_type = ESP_KEY_MGR_XTS_AES_256_KEY; + + static esp_key_mgr_key_recovery_info_t key_recovery_info; + static esp_key_mgr_ecdh0_info_t ecdh0_info; + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info)); + + ESP_LOG_BUFFER_HEXDUMP("K2_G_0", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG); + ESP_LOG_BUFFER_HEXDUMP("K2_G_1", ecdh0_info.k2_G[1], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG); + + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); + test_xts_aes_key_ecdh0_mode(&test_data_ecdh0); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); +} +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */ + +#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS +static void test_xts_aes_key_random_mode(void) +{ + const esp_partition_t *partition = get_test_storage_partition(); + ESP_ERROR_CHECK(esp_partition_erase_range(partition, 0, partition->size)); + uint8_t plaintext_data[1024] = {[0 ... 1023] = 0xBE}; + const int write_size = 16; + for (int i = 0; i < sizeof(plaintext_data) / write_size; i++) { + ESP_LOGI("", " i = %d", i); + ESP_ERROR_CHECK(esp_flash_write_encrypted(NULL, partition->address + (i * write_size), plaintext_data, write_size)); + static uint8_t read_data[128]; + ESP_ERROR_CHECK(esp_partition_read(partition, write_size * i, read_data, write_size)); + TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext_data + (i * write_size), read_data, write_size); + } +} + +#if SOC_FLASH_ENCRYPTION_XTS_AES_128 +static void key_mgr_test_xts_aes_128_random_mode(void) +{ + static esp_key_mgr_random_key_config_t key_config; + key_config.key_type = ESP_KEY_MGR_XTS_AES_128_KEY; + + static esp_key_mgr_key_recovery_info_t key_recovery_info; + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info)); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); + test_xts_aes_key_random_mode(); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); +} +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */ + +#if SOC_FLASH_ENCRYPTION_XTS_AES_256 +static void key_mgr_test_xts_aes_256_random_mode(void) +{ + static esp_key_mgr_random_key_config_t key_config; + key_config.key_type = ESP_KEY_MGR_XTS_AES_256_KEY; + + static esp_key_mgr_key_recovery_info_t key_recovery_info; + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info)); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); + test_xts_aes_key_random_mode(); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); +} +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */ +#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */ +#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */ + +#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY +#if SOC_ECDSA_SUPPORT_EXPORT_PUBKEY extern void test_ecdsa_export_pubkey(bool is_p256, uint8_t *ecdsa_pub_x, uint8_t *ecdsa_pub_y, bool use_km_key); extern void test_ecdsa_export_pubkey_inner(bool is_p256, uint8_t *exported_pub_x, uint8_t *exported_pub_y, bool use_km_key, uint16_t *len); #endif +extern void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, bool use_km_key, ecdsa_sign_type_t k_type); +extern int test_ecdsa_verify(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, uint8_t *pub_x, uint8_t *pub_y); extern void test_ecdsa_sign_and_verify(bool is_p256, uint8_t* sha, uint8_t* pub_x, uint8_t* pub_y, bool use_km_key, ecdsa_sign_type_t k_type); /* @@ -137,11 +228,6 @@ void test_ecdsa_key_aes_mode(test_data_aes_mode_t *ecdsa_test_data, ecdsa_sign_t #endif } - -extern void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, bool use_km_key, ecdsa_sign_type_t k_type); - -extern int test_ecdsa_verify(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, uint8_t *pub_x, uint8_t *pub_y); - void key_mgr_test_ecdsa_key(bool is_p256, ecdsa_sign_type_t k_type) { uint8_t pub_x[32] = {}; @@ -151,18 +237,17 @@ void key_mgr_test_ecdsa_key(bool is_p256, ecdsa_sign_type_t k_type) test_ecdsa_sign(is_p256, sha256_digest, r_le, s_le, 1, k_type); - print_data_in_hex(sha256_digest, sizeof(sha256_digest), "ECDSA message sha256 digest"); - print_data_in_hex(r_le, sizeof(r_le), "ECDSA signature r_le"); - print_data_in_hex(s_le, sizeof(s_le), "ECDSA signature s_le"); + ESP_LOG_BUFFER_HEXDUMP("ECDSA message sha256 digest", sha256_digest, sizeof(sha256_digest), ESP_LOG_DEBUG); + ESP_LOG_BUFFER_HEXDUMP("ECDSA signature r_le", r_le, sizeof(r_le), ESP_LOG_DEBUG); + ESP_LOG_BUFFER_HEXDUMP("ECDSA signature s_le", s_le, sizeof(s_le), ESP_LOG_DEBUG); // Export the pubkey from ECDSA peripheral uint16_t pubkey_len = 0; test_ecdsa_export_pubkey_inner(is_p256, pub_x, pub_y, 1, &pubkey_len); - print_data_in_hex(pub_x, pubkey_len, "ECDSA key pubx"); - print_data_in_hex(pub_y, pubkey_len, "ECDSA key puby"); + ESP_LOG_BUFFER_HEXDUMP("ECDSA key pubx", pub_x, pubkey_len, ESP_LOG_DEBUG); + ESP_LOG_BUFFER_HEXDUMP("ECDSA key puby", pub_y, pubkey_len, ESP_LOG_DEBUG); TEST_ASSERT_EQUAL(0, test_ecdsa_verify(is_p256, sha256_digest, r_le, s_le, pub_x, pub_y)); - } static void key_mgr_test_ecdsa_p256_aes_mode(void) @@ -185,47 +270,8 @@ static void key_mgr_test_ecdsa_p256_aes_mode(void) TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); } -static void key_mgr_test_xts_aes_128_ecdh0_mode(void) -{ - printf("\nKey Manager ECDH0 deployment: XTS_AES_128 key\n"); - static esp_key_mgr_ecdh0_key_config_t key_config; - memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE); - key_config.key_type = ESP_KEY_MGR_XTS_AES_128_KEY; - - static esp_key_mgr_key_recovery_info_t key_recovery_info; - static esp_key_mgr_ecdh0_info_t ecdh0_info; - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info)); - - print_data_in_hex(ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, "K2_G"); - - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); - test_xts_aes_key_ecdh0_mode(&test_data_ecdh0); - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); -} - -static void key_mgr_test_xts_aes_256_ecdh0_mode(void) -{ - printf("\nKey Manager ECDH0 deployment: XTS_AES_256 key\n"); - static esp_key_mgr_ecdh0_key_config_t key_config; - memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE); - memcpy(key_config.k1_G[1], (uint8_t*) test_data_ecdh0.k1_G[1], KEY_MGR_ECDH0_INFO_SIZE); - key_config.key_type = ESP_KEY_MGR_XTS_AES_256_KEY; - - static esp_key_mgr_key_recovery_info_t key_recovery_info; - static esp_key_mgr_ecdh0_info_t ecdh0_info; - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info)); - - print_data_in_hex(ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, "K2_G_0"); - print_data_in_hex(ecdh0_info.k2_G[1], KEY_MGR_ECDH0_INFO_SIZE, "K2_G_1"); - - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); - test_xts_aes_key_ecdh0_mode(&test_data_ecdh0); - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); -} - static void key_mgr_test_ecdsa_ecdh0_mode(void) { - printf("\nKey Manager ECDH0 deployment: ECDSA_256 key\n"); static esp_key_mgr_ecdh0_key_config_t key_config; memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE); key_config.key_type = ESP_KEY_MGR_ECDSA_256_KEY; @@ -233,8 +279,7 @@ static void key_mgr_test_ecdsa_ecdh0_mode(void) static esp_key_mgr_key_recovery_info_t key_recovery_info; static esp_key_mgr_ecdh0_info_t ecdh0_info; TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info)); - - print_data_in_hex(ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, "K2_G"); + ESP_LOG_BUFFER_HEXDUMP("K2_G", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG); TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); #ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE @@ -246,7 +291,6 @@ static void key_mgr_test_ecdsa_ecdh0_mode(void) static void key_mgr_test_ecdsa_random_mode(void) { - printf("\nKey Manager Random deployment: ECDSA_256 key\n"); static esp_key_mgr_random_key_config_t key_config; key_config.key_type = ESP_KEY_MGR_ECDSA_256_KEY; @@ -254,57 +298,128 @@ static void key_mgr_test_ecdsa_random_mode(void) TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info)); TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); - #ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE key_mgr_test_ecdsa_key(1, ECDSA_K_TYPE_DETERMINISITIC); #endif key_mgr_test_ecdsa_key(1, ECDSA_K_TYPE_TRNG); - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); } +#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */ -#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS +#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY +extern esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t message_len, uint8_t *hmac); -static void test_xts_aes_key_random_mode(void) +static void key_mgr_test_hmac_key_aes_mode(test_data_aes_mode_t *test_data) { - const esp_partition_t *partition = get_test_storage_partition(); - ESP_ERROR_CHECK(esp_partition_erase_range(partition, 0, partition->size)); - uint8_t plaintext_data[1024] = {[0 ... 1023] = 0xBE}; - const int write_size = 16; - for (int i = 0; i < sizeof(plaintext_data) / write_size; i++) { - printf("\n i = %d\n", i); - ESP_ERROR_CHECK(esp_flash_write_encrypted(NULL, partition->address + (i * write_size), plaintext_data, write_size)); - static uint8_t read_data[128]; - ESP_ERROR_CHECK(esp_partition_read(partition, write_size * i, read_data, write_size)); - TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext_data + (i * write_size), read_data, write_size); - } + uint8_t hmac[32] = {0}; + TEST_ASSERT_EQUAL(ESP_OK, hmac_calculate(HMAC_KEY_KM, test_data->hmac_test_data.message, sizeof(test_data->hmac_test_data.message), hmac)); + TEST_ASSERT_EQUAL_HEX8_ARRAY(test_data->hmac_test_data.hmac_result, hmac, sizeof(test_data->hmac_test_data.hmac_result)); +} + +static void key_mgr_test_hmac_key_ecdh0_mode(const uint8_t *message, size_t message_len) +{ + uint8_t hmac[32] = {0}; + TEST_ASSERT_EQUAL(ESP_OK, hmac_calculate(HMAC_KEY_KM, message, message_len, hmac)); + // We cannot verify the result here as the HMAC key deployed is unknown. +} + +static void key_mgr_test_hmac_key_aes_random_mode(const uint8_t *message, size_t message_len) +{ + uint8_t hmac[32] = {0}; + TEST_ASSERT_EQUAL(ESP_OK, hmac_calculate(HMAC_KEY_KM, message, message_len, hmac)); + // We cannot verify the result here as the HMAC key deployed is unknown. } -static void key_mgr_test_xts_aes_128_random_mode(void) +static void key_mgr_test_hmac_aes_mode(void) { - static esp_key_mgr_random_key_config_t key_config; - key_config.key_type = ESP_KEY_MGR_XTS_AES_128_KEY; + static esp_key_mgr_aes_key_config_t key_config; + memcpy(key_config.k2_info, (uint8_t*) test_data_hmac.k2_info, KEY_MGR_K2_INFO_SIZE); + memcpy(key_config.k1_encrypted, (uint8_t*) test_data_hmac.k1_encrypted, KEY_MGR_K1_ENCRYPTED_SIZE); + memcpy(key_config.sw_init_key, (uint8_t*) test_data_hmac.init_key, KEY_MGR_SW_INIT_KEY_SIZE); + key_config.use_pre_generated_sw_init_key = 1; + key_config.key_type = ESP_KEY_MGR_HMAC_KEY; static esp_key_mgr_key_recovery_info_t key_recovery_info; - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info)); - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); - test_xts_aes_key_random_mode(); - TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_aes_mode(&key_config, &key_recovery_info)); + ESP_LOG_BUFFER_HEXDUMP("key_info", key_recovery_info.key_info, sizeof(esp_key_mgr_key_info_t), ESP_LOG_DEBUG); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); + key_mgr_test_hmac_key_aes_mode(&test_data_hmac); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); } -static void key_mgr_test_xts_aes_256_random_mode(void) +static void key_mgr_test_hmac_ecdh0_mode(void) +{ + static esp_key_mgr_ecdh0_key_config_t key_config; + memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE); + key_config.key_type = ESP_KEY_MGR_HMAC_KEY; + + static esp_key_mgr_key_recovery_info_t key_recovery_info; + static esp_key_mgr_ecdh0_info_t ecdh0_info; + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info)); + + ESP_LOG_BUFFER_HEXDUMP("K2_G", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG); + + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); + key_mgr_test_hmac_key_ecdh0_mode(test_data_hmac.hmac_test_data.message, sizeof(test_data_hmac.hmac_test_data.message)); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); +} + +static void key_mgr_test_hmac_random_mode(void) { static esp_key_mgr_random_key_config_t key_config; - key_config.key_type = ESP_KEY_MGR_XTS_AES_256_KEY; + key_config.key_type = ESP_KEY_MGR_HMAC_KEY; static esp_key_mgr_key_recovery_info_t key_recovery_info; TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info)); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); - test_xts_aes_key_random_mode(); + key_mgr_test_hmac_key_aes_random_mode(test_data_hmac.hmac_test_data.message, sizeof(test_data_hmac.hmac_test_data.message)); TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); } -#endif +#endif /* SOC_KEY_MANAGER_HMAC_KEY_DEPLOY */ + +#if SOC_KEY_MANAGER_DS_KEY_DEPLOY +extern esp_err_t esp_ds_sign(const void *message, + const esp_ds_data_t *data, + uint32_t key_id, + void *signature); + +static void key_mgr_test_ds_key_aes_mode(test_data_aes_mode_t *test_data) +{ + esp_ds_data_t esp_ds_data = {0}; + esp_ds_data.rsa_length = test_data->ds_test_data.ds_key_size / 32 - 1; + memcpy(esp_ds_data.iv, test_data->ds_test_data.ds_encrypted_input_params_iv, sizeof(esp_ds_data.iv)); + memcpy(esp_ds_data.c, test_data->ds_test_data.ds_encrypted_input_params, sizeof(esp_ds_data.c)); + + uint8_t signature[4096 / 8] = {0}; // Max possible RSA signature size + + esp_err_t ds_r = esp_ds_sign(test_data->ds_test_data.ds_message, + &esp_ds_data, + HMAC_KEY_KM, + signature); + + TEST_ASSERT_EQUAL(ESP_OK, ds_r); + TEST_ASSERT_EQUAL_HEX8_ARRAY(test_data->ds_test_data.ds_result, signature, sizeof(test_data->ds_test_data.ds_result)); +} + +static void key_mgr_test_ds_aes_mode(void) +{ + static esp_key_mgr_aes_key_config_t key_config; + memcpy(key_config.k2_info, (uint8_t*) test_data_ds.k2_info, KEY_MGR_K2_INFO_SIZE); + memcpy(key_config.k1_encrypted, (uint8_t*) test_data_ds.k1_encrypted, KEY_MGR_K1_ENCRYPTED_SIZE); + memcpy(key_config.sw_init_key, (uint8_t*) test_data_ds.init_key, KEY_MGR_SW_INIT_KEY_SIZE); + key_config.use_pre_generated_sw_init_key = 1; + key_config.key_type = ESP_KEY_MGR_DS_KEY; + + static esp_key_mgr_key_recovery_info_t key_recovery_info; + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_aes_mode(&key_config, &key_recovery_info)); + + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info)); + key_mgr_test_ds_key_aes_mode(&test_data_ds); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type)); +} +#endif /* SOC_KEY_MANAGER_DS_KEY_DEPLOY */ TEST_GROUP(key_manager); @@ -320,56 +435,124 @@ TEST_TEAR_DOWN(key_manager) test_utils_get_leak_level(ESP_LEAK_TYPE_CRITICAL, ESP_COMP_LEAK_ALL)); } +#if SOC_KEY_MANAGER_FE_KEY_DEPLOY +#if SOC_FLASH_ENCRYPTION_XTS_AES_128 TEST(key_manager, xts_aes_128_key_aes_deployment) { - key_mgr_test_xts_aes_128(); + key_mgr_test_xts_aes_128_aes_mode(); } +TEST(key_manager, xts_key_128_ecdh0_deployment) +{ + key_mgr_test_xts_aes_128_ecdh0_mode(); +} + +#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS +TEST(key_manager, xts_key_128_random_deployment) +{ + key_mgr_test_xts_aes_128_random_mode(); +} +#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */ +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */ + +#if SOC_FLASH_ENCRYPTION_XTS_AES_256 TEST(key_manager, xts_aes_256_key_aes_deployment) { key_mgr_test_xts_aes_256_aes_mode(); } -TEST(key_manager, ecdsa_key_aes_deployment) +TEST(key_manager, xts_key_256_ecdh0_deployment) +{ + key_mgr_test_xts_aes_256_ecdh0_mode(); +} + +#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS +TEST(key_manager, xts_key_256_random_deployment) +{ + key_mgr_test_xts_aes_256_random_mode(); +} +#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */ +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */ +#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */ + +#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY +TEST(key_manager, ecdsa_p256_key_aes_deployment) { key_mgr_test_ecdsa_p256_aes_mode(); } -TEST(key_manager, xts_key_ecdh0_deployment) -{ - key_mgr_test_xts_aes_128_ecdh0_mode(); - key_mgr_test_xts_aes_256_ecdh0_mode(); -} - -TEST(key_manager, ecdsa_key_ecdh0_deployment) +TEST(key_manager, ecdsa_p256_key_ecdh0_deployment) { key_mgr_test_ecdsa_ecdh0_mode(); } -TEST(key_manager, ecdsa_key_random_deployment) +TEST(key_manager, ecdsa_p256_key_random_deployment) { key_mgr_test_ecdsa_random_mode(); } +#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */ -#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS -TEST(key_manager, xts_key_random_deployment) +#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY +TEST(key_manager, hmac_key_aes_deployment) { - key_mgr_test_xts_aes_128_random_mode(); - key_mgr_test_xts_aes_256_random_mode(); + key_mgr_test_hmac_aes_mode(); } -#endif + +TEST(key_manager, hmac_key_ecdh0_deployment) +{ + key_mgr_test_hmac_ecdh0_mode(); +} + +TEST(key_manager, hmac_key_random_deployment) +{ + key_mgr_test_hmac_random_mode(); +} +#endif /* SOC_KEY_MANAGER_HMAC_KEY_DEPLOY */ + +#if SOC_KEY_MANAGER_DS_KEY_DEPLOY +TEST(key_manager, ds_key_aes_deployment) +{ + key_mgr_test_ds_aes_mode(); +} +#endif /* SOC_KEY_MANAGER_DS_KEY_DEPLOY */ TEST_GROUP_RUNNER(key_manager) { +#if SOC_KEY_MANAGER_FE_KEY_DEPLOY +#if SOC_FLASH_ENCRYPTION_XTS_AES_128 RUN_TEST_CASE(key_manager, xts_aes_128_key_aes_deployment); - RUN_TEST_CASE(key_manager, xts_aes_256_key_aes_deployment); - RUN_TEST_CASE(key_manager, ecdsa_key_aes_deployment); - RUN_TEST_CASE(key_manager, xts_key_ecdh0_deployment); - RUN_TEST_CASE(key_manager, ecdsa_key_ecdh0_deployment); - RUN_TEST_CASE(key_manager, ecdsa_key_random_deployment); + RUN_TEST_CASE(key_manager, xts_key_128_ecdh0_deployment); #if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS // This tests expects Flash encryption to be enabled as the test compares the decrypted flash data with the plaintext data - RUN_TEST_CASE(key_manager, xts_key_random_deployment); -#endif + RUN_TEST_CASE(key_manager, xts_key_128_random_deployment); +#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */ +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */ +#if SOC_FLASH_ENCRYPTION_XTS_AES_256 + RUN_TEST_CASE(key_manager, xts_aes_256_key_aes_deployment); + RUN_TEST_CASE(key_manager, xts_key_256_ecdh0_deployment); +#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS + RUN_TEST_CASE(key_manager, xts_key_256_random_deployment); +#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */ +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */ +#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */ + +#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY + RUN_TEST_CASE(key_manager, ecdsa_p256_key_aes_deployment); + RUN_TEST_CASE(key_manager, ecdsa_p256_key_ecdh0_deployment); + RUN_TEST_CASE(key_manager, ecdsa_p256_key_random_deployment); +#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */ + +#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY + RUN_TEST_CASE(key_manager, hmac_key_aes_deployment); + RUN_TEST_CASE(key_manager, hmac_key_ecdh0_deployment); + RUN_TEST_CASE(key_manager, hmac_key_random_deployment); +#endif /* SOC_KEY_MANAGER_HMAC_KEY_DEPLOY */ + +#if SOC_KEY_MANAGER_DS_KEY_DEPLOY + RUN_TEST_CASE(key_manager, ds_key_aes_deployment); + // Verifying deployment of a DS key using the ECDH0 and Random mode of the Key Manager + // is not possible as the deployed DS key is not known to user in these modes to + // pre-generate the ciphertext input data. +#endif /* SOC_KEY_MANAGER_DS_KEY_DEPLOY */ } diff --git a/components/hal/test_apps/crypto/main/sha/sha_block.c b/components/hal/test_apps/crypto/main/sha/sha_block.c index 852e0efe33..e18745f25d 100644 --- a/components/hal/test_apps/crypto/main/sha/sha_block.c +++ b/components/hal/test_apps/crypto/main/sha/sha_block.c @@ -12,7 +12,7 @@ #include "soc/periph_defs.h" #include "esp_private/periph_ctrl.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "hal/sha_hal.h" #include "hal/sha_ll.h" #include "sha_block.h" @@ -68,10 +68,7 @@ static void sha1_update_block(sha1_ctx* ctx, esp_sha_type sha_type, const unsign if ( (ilen >= 64) || local_len) { /* Enable peripheral module */ - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(true); - sha_ll_reset_register(); - } + esp_crypto_sha_enable_periph_clk(true); sha_hal_wait_idle(); sha_hal_set_mode(sha_type); @@ -103,9 +100,7 @@ static void sha1_update_block(sha1_ctx* ctx, esp_sha_type sha_type, const unsign sha_hal_read_digest(sha_type, ctx->state); /* Disable peripheral module */ - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(false); - } + esp_crypto_sha_enable_periph_clk(false); } if ( ilen > 0 ) { @@ -172,10 +167,7 @@ static void sha256_update_block(sha256_ctx* ctx, esp_sha_type sha_type, const un if ( (ilen >= 64) || local_len) { /* Enable peripheral module */ - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(true); - sha_ll_reset_register(); - } + esp_crypto_sha_enable_periph_clk(true); sha_hal_wait_idle(); sha_hal_set_mode(sha_type); @@ -207,9 +199,7 @@ static void sha256_update_block(sha256_ctx* ctx, esp_sha_type sha_type, const un sha_hal_read_digest(sha_type, ctx->state); /* Disable peripheral module */ - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(false); - } + esp_crypto_sha_enable_periph_clk(false); } if ( ilen > 0 ) { @@ -321,10 +311,7 @@ static void sha512_update_block(sha512_ctx* ctx, esp_sha_type sha_type, const un if ( (ilen >= 128) || local_len) { /* Enable peripheral module */ - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(true); - sha_ll_reset_register(); - } + esp_crypto_sha_enable_periph_clk(true); sha_hal_wait_idle(); sha_hal_set_mode(sha_type); @@ -360,9 +347,7 @@ static void sha512_update_block(sha512_ctx* ctx, esp_sha_type sha_type, const un sha_hal_read_digest(sha_type, ctx->state); /* Disable peripheral module */ - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(false); - } + esp_crypto_sha_enable_periph_clk(false); } if ( ilen > 0 ) {