[sw,cryptolib] Change expected values for tests with result 0

This commit changes the expected values for the tests that have an
expected result of 0. This makes sure we don't run into issues
where the tests are not executing properly and we still get a
correct result due to the expected value of 0.

Furthermore, this commit moves the tests to the hjson framework.

The input and output values don't change from before this change.
This commit merely skips the unnecessary calculations.

Signed-off-by: Hakim Filali <[email protected]>

Author: h-filali

sw/otbn/crypto/tests/BUILD

@@ -409,7 +409,7 @@ otbn_sim_test(
     srcs = [
         "p256_arithmetic_to_boolean_test.s",
     ],
-    exp = "p256_arithmetic_to_boolean_test.exp",
+    testcase = "p256_arithmetic_to_boolean_test.hjson",
     deps = [
         "//sw/otbn/crypto:p256_base",
         "//sw/otbn/crypto:p256_isoncurve",
@@ -423,7 +423,7 @@ otbn_sim_test(
     srcs = [
         "p256_arithmetic_to_boolean_mod_test.s",
     ],
-    exp = "p256_arithmetic_to_boolean_mod_test.exp",
+    testcase = "p256_arithmetic_to_boolean_mod_test.hjson",
     deps = [
         "//sw/otbn/crypto:p256_base",
         "//sw/otbn/crypto:p256_isoncurve",
@@ -465,7 +465,7 @@ otbn_sim_test(
     srcs = [
         "p384_boolean_to_arithmetic_test.s",
     ],
-    exp = "p384_boolean_to_arithmetic_test.exp",
+    testcase = "p384_boolean_to_arithmetic_test.hjson",
     deps = [
         "//sw/otbn/crypto:p384_b2a",
     ],
@@ -476,7 +476,7 @@ otbn_sim_test(
     srcs = [
         "p384_arithmetic_to_boolean_test.s",
     ],
-    exp = "p384_arithmetic_to_boolean_test.exp",
+    testcase = "p384_arithmetic_to_boolean_test.hjson",
     deps = [
         "//sw/otbn/crypto:p384_a2b",
         "//sw/otbn/crypto:p384_base",
@@ -488,7 +488,7 @@ otbn_sim_test(
     srcs = [
         "p384_arithmetic_to_boolean_mod_test.s",
     ],
-    exp = "p384_arithmetic_to_boolean_mod_test.exp",
+    testcase = "p384_arithmetic_to_boolean_mod_test.hjson",
     deps = [
         "//sw/otbn/crypto:p384_a2b",
         "//sw/otbn/crypto:p384_base",
@@ -601,7 +601,7 @@ otbn_sim_test(
     srcs = [
         "p384_keygen_test.s",
     ],
-    exp = "p384_keygen_test.exp",
+    testcase = "p384_keygen_test.hjson",
     deps = [
         "//sw/otbn/crypto:p384_base",
         "//sw/otbn/crypto:p384_keygen",
@@ -614,7 +614,7 @@ otbn_sim_test(
     srcs = [
         "p384_keygen_from_seed_test.s",
     ],
-    exp = "p384_keygen_from_seed_test.exp",
+    testcase = "p384_keygen_from_seed_test.hjson",
     deps = [
         "//sw/otbn/crypto:p384_b2a",
         "//sw/otbn/crypto:p384_base",

sw/otbn/crypto/tests/p256_arithmetic_to_boolean_mod_test.exp

@@ -0,0 +1,22 @@
+// Copyright lowRISC contributors (OpenTitan project).
+// Licensed under the Apache License, Version 2.0, see LICENSE for details.
+// SPDX-License-Identifier: Apache-2.0
+{
+  "entrypoint": "p256_arithmetic_to_boolean_mod_test",
+  "input": {
+    "regs": {
+      # w31 is zero
+      "w31": "0x0000000000000000000000000000000000000000000000000000000000000000"
+      # First arithmetic share of x.
+      "w11": "0x2328ce20226e4542f38f1ca699ce6272592fbe18c2d1a4f0eefd3e816b35c5e6",
+      # Second arithmetic share of x.
+      "w19": "0x53038ee6d4a25811969abf6f892fa008dc0f09fc3c6c760991349036bf81b6ba"
+    }
+  }
+  "output": {
+    "regs": {
+      # Unmasked result x.
+      "w20": "0x762c5d06f7109d548a29dc1622fe027b353ec814ff3e1afa8031ceb82ab77ca0",
+    }
+  }
+}

sw/otbn/crypto/tests/p256_arithmetic_to_boolean_mod_test.hjson

@@ -12,10 +12,7 @@
 
 .section .text.start
 
-p256_arithmetic_to_boolean_test:
-
-  /* init all-zero register */
-  bn.xor    w31, w31, w31
+p256_arithmetic_to_boolean_mod_test:
 
   /* Load domain parameter.
      w29 = dmem[p256_p] */
@@ -26,58 +23,18 @@ p256_arithmetic_to_boolean_test:
   /* Set MOD to p */
   bn.wsrw   MOD, w29
 
-  /* Load values into WDRs */
-
-  /* w11 <= dmem[x] mod p */
-  li        x3, 11
-  la        x4, x
-  bn.lid    x3, 0(x4)
-  bn.addm   w11, w11, w31
-
-  /* w19 <= URND mod p */
-  bn.wsrr   w19, URND
-  bn.addm   w19, w19, w31
-
-  /* Arithmetic masking */
-
-  /* w11 = A <= w11 - w19 = x - r */
-  bn.subm    w11, w11, w19
-
   /* Arithmetic to boolean conversion */
   jal       x1, arithmetic_to_boolean_mod
 
-  /* Unmask and compare values
-     after conversion */
+  /* Unmask after conversion */
 
   /* w20 <= w20 ^ w19 = x' ^ r = x */
   bn.xor    w20, w20, w19
 
-  /* w10 <= dmem[x] mod p */
-  li        x3, 10
-  la        x4, x
-  bn.lid    x3, 0(x4)
-  bn.addm   w10, w10, w31
-
-  /* w0 <= w10 - w20 */
-  bn.sub    w0, w20, w10
-
   ecall
 
-
 .data
 
-.globl x
-.balign 32
-x:
-  .word 0x2ab77ca0
-  .word 0x8031ceb8
-  .word 0xff3e1afa
-  .word 0x353ec814
-  .word 0x22fe027b
-  .word 0x8a29dc16
-  .word 0xf7109d54
-  .word 0x762c5d06
-
 /* Public key z-coordinate. */
 .globl z
 .balign 32

sw/otbn/crypto/tests/p256_arithmetic_to_boolean_mod_test.s

@@ -0,0 +1,25 @@
+// Copyright lowRISC contributors (OpenTitan project).
+// Licensed under the Apache License, Version 2.0, see LICENSE for details.
+// SPDX-License-Identifier: Apache-2.0
+{
+  "entrypoint": "p256_arithmetic_to_boolean_test",
+  "input": {
+    "regs": {
+      # w31 is zero
+      "w31": "0x0000000000000000000000000000000000000000000000000000000000000000",
+      # First arithmetic share of x.
+      "w11": "0x58b8977117dfeb954edfca6e9a7a6dc50957e6bd913a34a2d986834026276da7",
+      "w12": "0x0000000000000000000000000000000000000000000000000000000000000000",
+      # Second arithmetic share of x.
+      "w18": "0x1d73c595df30b1bf3b4a11a7888394b62be6e1576e03e657a6ab4b7804900ef9",
+      "w19": "0x0000000000000000000000000000000000000000000000000000000000000001"
+    }
+  }
+  "output": {
+    "regs": {
+      # Unmasked result x.
+      "w20": "0x762c5d06f7109d548a29dc1622fe027b353ec814ff3e1afa8031ceb82ab77ca0",
+      "w21": "0x0000000000000000000000000000000000000000000000000000000000000001",
+    }
+  }
+}

sw/otbn/crypto/tests/p256_arithmetic_to_boolean_test.exp

@@ -14,9 +14,6 @@
 
 p256_arithmetic_to_boolean_test:
 
-  /* init all-zero register */
-  bn.xor    w31, w31, w31
-
   /* Load domain parameter.
      w29 = dmem[p256_p] */
   li        x2, 29
@@ -26,87 +23,20 @@ p256_arithmetic_to_boolean_test:
   /* Set MOD to p */
   bn.wsrw   MOD, w29
 
-  /* Load values into WDRs */
-
-  /* w11 <= dmem[x_l] */
-  li        x3, 11
-  la        x4, x_l
-  bn.lid    x3, 0(x4)
-
-  /* w12 <= dmem[x_u] */
-  li        x3, 12
-  la        x4, x_u
-  bn.lid    x3, 0(x4)
-
-  /* w18 <= URND
-     w19 <= URND (1 bit) */
-  bn.wsrr   w18, URND
-  bn.wsrr   w19, URND
-  bn.rshi   w19, w31, w19 >> 255
-
-  /* Arithmetic masking */
-
-  /* [w12,w11] = A <= [w12,w11] - [w19,w18] mod 2^257 = x - r mod 2^257
-     This may result in bits above 2^257, but these will be stripped off. */
-  bn.sub    w11, w11, w18
-  bn.subb   w12, w12, w19
-  bn.rshi   w12, w12, w31 >> 1
-  bn.rshi   w12, w31, w12 >> 255
-
   /* Arithmetic to boolean conversion */
   jal       x1, arithmetic_to_boolean
 
-  /* Unmask and compare values
-     after conversion */
+  /* Unmask after conversion */
 
   /* w20 <= w20 ^ w18 = x' ^ r
      w21 <= w21 ^ w19 = x' ^ r */
   bn.xor    w20, w20, w18
   bn.xor    w21, w21, w19
 
-  /* w11 <= dmem[x_l] */
-  li        x3, 11
-  la        x4, x_l
-  bn.lid    x3, 0(x4)
-
-  /* w12 <= dmem[x_u] */
-  li        x3, 12
-  la        x4, x_u
-  bn.lid    x3, 0(x4)
-
-  /* [w1,w0] <= [w12,w11] - [w21,w20] */
-  bn.sub    w0, w11, w20
-  bn.subb   w1, w12, w21
-
   ecall
 
-
 .data
 
-.globl x_u
-.balign 32
-x_u:
-  .word 0x00000001
-  .word 0x00000000
-  .word 0x00000000
-  .word 0x00000000
-  .word 0x00000000
-  .word 0x00000000
-  .word 0x00000000
-  .word 0x00000000
-
-.globl x_l
-.balign 32
-x_l:
-  .word 0x2ab77ca0
-  .word 0x8031ceb8
-  .word 0xff3e1afa
-  .word 0x353ec814
-  .word 0x22fe027b
-  .word 0x8a29dc16
-  .word 0xf7109d54
-  .word 0x762c5d06
-
 /* Public key z-coordinate. */
 .globl z
 .balign 32

sw/otbn/crypto/tests/p256_arithmetic_to_boolean_test.hjson

@@ -0,0 +1,25 @@
+// Copyright lowRISC contributors (OpenTitan project).
+// Licensed under the Apache License, Version 2.0, see LICENSE for details.
+// SPDX-License-Identifier: Apache-2.0
+{
+  "entrypoint": "p384_arithmetic_to_boolean_mod_test",
+  "input": {
+    "regs": {
+      # w31 is zero
+      "w31": "0x0000000000000000000000000000000000000000000000000000000000000000"
+      # First arithmetic share of x.
+      "w11": "0x034084329b46f1f0d277b31ea21c79370defc8a41b42246d3f4aae8c76f51f07",
+      "w12": "0x000000000000000000000000000000007679a2adc67c5fc8dd94a7f9c7ebf0b3",
+      # Second arithmetic share of x.
+      "w18": "0xe6ed0dfd7175e4ce3b976dff369604fb339e0775ef413315f03ca38e57185a0b",
+      "w19": "0x00000000000000000000000000000000bec5256738c1bb31a29d26be62cb8bed"
+    }
+  }
+  "output": {
+    "regs": {
+      # Unmasked result x.
+      "w20": "0xea2d92300cbcd6bf0e0f211dd8b27e33418dd01b0a8357832f875219ce0d7913",
+      "w21": "0x00000000000000000000000000000000353ec814ff3e1afa8031ceb82ab77ca0"
+    }
+  }
+}