[pentest] Add crypto version

Add the version of the crypto library to the pentest framework's readout
for the crypto related init functions.

In order to have the latest git hash be printed as the version, all
commands or tests should be run with the --stamp flag in the Bazel
command.

Signed-off-by: Siemen Dhooghe <[email protected]>

Author: siemen11

sw/device/tests/penetrationtests/firmware/fi/BUILD

@@ -76,6 +76,7 @@ cc_library(
         "//sw/device/lib/base:math",
         "//sw/device/lib/base:memory",
         "//sw/device/lib/base:status",
+        "//sw/device/lib/crypto/impl:cryptolib_build_info",
         "//sw/device/lib/crypto/impl:ecc_p256",
         "//sw/device/lib/crypto/impl:ecc_p384",
         "//sw/device/lib/crypto/impl:integrity",
@@ -105,6 +106,7 @@ cc_library(
         "//sw/device/lib/base:status",
         "//sw/device/lib/crypto/impl:aes",
         "//sw/device/lib/crypto/impl:aes_gcm",
+        "//sw/device/lib/crypto/impl:cryptolib_build_info",
         "//sw/device/lib/crypto/impl:drbg",
         "//sw/device/lib/crypto/impl:hmac",
         "//sw/device/lib/crypto/impl:integrity",

sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_asym.c

@@ -6,6 +6,8 @@
 
 #include "sw/device/lib/base/memory.h"
 #include "sw/device/lib/base/status.h"
+#include "sw/device/lib/crypto/drivers/cryptolib_build_info.h"
+#include "sw/device/lib/crypto/include/cryptolib_build_info.h"
 #include "sw/device/lib/runtime/log.h"
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
 #include "sw/device/lib/testing/test_framework/ujson_ottf.h"
@@ -509,7 +511,18 @@ status_t handle_cryptolib_fi_asym_init(ujson_t *uj) {
   TRY(pentest_send_sku_config(uj));
 
   /////////////// STUB START ///////////////
-  // Add things like versioning.
+  uint32_t version;
+  bool released;
+  uint32_t build_hash_low;
+  uint32_t build_hash_high;
+  TRY(otcrypto_build_info(&version, &released, &build_hash_low,
+                          &build_hash_high));
+  char cryptolib_version[150];
+  memset(cryptolib_version, '\0', sizeof(cryptolib_version));
+  base_snprintf(cryptolib_version, sizeof(cryptolib_version),
+                "CRYPTO version %08x, released %s, hash %08x%08x", version,
+                released ? "true" : "false", build_hash_high, build_hash_low);
+  RESP_OK(ujson_serialize_string, uj, cryptolib_version);
   /////////////// STUB END ///////////////
 
   return OK_STATUS();

sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym.c

@@ -6,6 +6,8 @@
 
 #include "sw/device/lib/base/memory.h"
 #include "sw/device/lib/base/status.h"
+#include "sw/device/lib/crypto/drivers/cryptolib_build_info.h"
+#include "sw/device/lib/crypto/include/cryptolib_build_info.h"
 #include "sw/device/lib/runtime/log.h"
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
 #include "sw/device/lib/testing/test_framework/ujson_ottf.h"
@@ -223,7 +225,18 @@ status_t handle_cryptolib_fi_sym_init(ujson_t *uj) {
   TRY(pentest_send_sku_config(uj));
 
   /////////////// STUB START ///////////////
-  // Add things like versioning.
+  uint32_t version;
+  bool released;
+  uint32_t build_hash_low;
+  uint32_t build_hash_high;
+  TRY(otcrypto_build_info(&version, &released, &build_hash_low,
+                          &build_hash_high));
+  char cryptolib_version[150];
+  memset(cryptolib_version, '\0', sizeof(cryptolib_version));
+  base_snprintf(cryptolib_version, sizeof(cryptolib_version),
+                "CRYPTO version %08x, released %s, hash %08x%08x", version,
+                released ? "true" : "false", build_hash_high, build_hash_low);
+  RESP_OK(ujson_serialize_string, uj, cryptolib_version);
   /////////////// STUB END ///////////////
 
   return OK_STATUS();

sw/device/tests/penetrationtests/firmware/sca/BUILD

@@ -73,6 +73,7 @@ cc_library(
         "//sw/device/lib/base:math",
         "//sw/device/lib/base:memory",
         "//sw/device/lib/base:status",
+        "//sw/device/lib/crypto/impl:cryptolib_build_info",
         "//sw/device/lib/crypto/impl:ecc_p256",
         "//sw/device/lib/crypto/impl:ecc_p384",
         "//sw/device/lib/crypto/impl:integrity",
@@ -102,6 +103,7 @@ cc_library(
         "//sw/device/lib/base:status",
         "//sw/device/lib/crypto/impl:aes",
         "//sw/device/lib/crypto/impl:aes_gcm",
+        "//sw/device/lib/crypto/impl:cryptolib_build_info",
         "//sw/device/lib/crypto/impl:drbg",
         "//sw/device/lib/crypto/impl:hmac",
         "//sw/device/lib/crypto/impl:integrity",

sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_asym.c

@@ -6,6 +6,8 @@
 
 #include "sw/device/lib/base/memory.h"
 #include "sw/device/lib/base/status.h"
+#include "sw/device/lib/crypto/drivers/cryptolib_build_info.h"
+#include "sw/device/lib/crypto/include/cryptolib_build_info.h"
 #include "sw/device/lib/runtime/log.h"
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
 #include "sw/device/lib/testing/test_framework/ujson_ottf.h"
@@ -865,7 +867,18 @@ status_t handle_cryptolib_sca_asym_init(ujson_t *uj) {
   TRY(pentest_send_sku_config(uj));
 
   /////////////// STUB START ///////////////
-  // Add things like versioning.
+  uint32_t version;
+  bool released;
+  uint32_t build_hash_low;
+  uint32_t build_hash_high;
+  TRY(otcrypto_build_info(&version, &released, &build_hash_low,
+                          &build_hash_high));
+  char cryptolib_version[150];
+  memset(cryptolib_version, '\0', sizeof(cryptolib_version));
+  base_snprintf(cryptolib_version, sizeof(cryptolib_version),
+                "CRYPTO version %08x, released %s, hash %08x%08x", version,
+                released ? "true" : "false", build_hash_high, build_hash_low);
+  RESP_OK(ujson_serialize_string, uj, cryptolib_version);
   /////////////// STUB END ///////////////
 
   return OK_STATUS();

sw/device/tests/penetrationtests/firmware/sca/cryptolib_sca_sym.c

@@ -6,6 +6,8 @@
 
 #include "sw/device/lib/base/memory.h"
 #include "sw/device/lib/base/status.h"
+#include "sw/device/lib/crypto/drivers/cryptolib_build_info.h"
+#include "sw/device/lib/crypto/include/cryptolib_build_info.h"
 #include "sw/device/lib/runtime/log.h"
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
 #include "sw/device/lib/testing/test_framework/ujson_ottf.h"
@@ -917,7 +919,18 @@ status_t handle_cryptolib_sca_sym_init(ujson_t *uj) {
   TRY(pentest_send_sku_config(uj));
 
   /////////////// STUB START ///////////////
-  // Add things like versioning.
+  uint32_t version;
+  bool released;
+  uint32_t build_hash_low;
+  uint32_t build_hash_high;
+  TRY(otcrypto_build_info(&version, &released, &build_hash_low,
+                          &build_hash_high));
+  char cryptolib_version[150];
+  memset(cryptolib_version, '\0', sizeof(cryptolib_version));
+  base_snprintf(cryptolib_version, sizeof(cryptolib_version),
+                "CRYPTO version %08x, released %s, hash %08x%08x", version,
+                released ? "true" : "false", build_hash_high, build_hash_low);
+  RESP_OK(ujson_serialize_string, uj, cryptolib_version);
   /////////////// STUB END ///////////////
 
   return OK_STATUS();

sw/host/penetrationtests/python/fi/communication/fi_asym_cryptolib_commands.py

@@ -52,6 +52,7 @@ def init(
         boot_log = self.target.read_response()
         boot_measurements = self.target.read_response()
         version = self.target.read_response()
+        cryptolib_version = self.target.read_response()
         return (
             device_id,
             sensors,
@@ -60,6 +61,7 @@ def init(
             boot_log,
             boot_measurements,
             version,
+            cryptolib_version,
         )
 
     def handle_rsa_enc(

sw/host/penetrationtests/python/fi/communication/fi_sym_cryptolib_commands.py

@@ -52,6 +52,7 @@ def init(
         boot_log = self.target.read_response()
         boot_measurements = self.target.read_response()
         version = self.target.read_response()
+        cryptolib_version = self.target.read_response()
         return (
             device_id,
             sensors,
@@ -60,6 +61,7 @@ def init(
             boot_log,
             boot_measurements,
             version,
+            cryptolib_version,
         )
 
     def handle_aes(