Skip to content

[crypto] Add missing tests to the testplan #28636

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

[crypto] Add missing tests to the testplan #28636

wants to merge 2 commits into from
+115 −32

Conversation

@nasahlpa
Copy link
Member

@nasahlpa nasahlpa commented Nov 3, 2025

This PR consists of two PRs:

  1. Add AES-GCM and RSA to the crypto_kat_test_suite target
  2. Add missing tests to the crypto testplan

@nasahlpa nasahlpa added the CherryPick:earlgrey_1.0.0 This PR should be cherry-picked to earlgrey_1.0.0 label Nov 3, 2025
@nasahlpa nasahlpa marked this pull request as ready for review November 3, 2025 13:18
AlexJones0
AlexJones0 reviewed Nov 5, 2025
View reviewed changes
Copy link
Contributor

@AlexJones0 AlexJones0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @nasahlpa, I've left a few comments but this looks like a nice improvement to me. It would also be good if @engdoreis could check this, particularly with regards to the specified SiVal stages.

As a question, do you currently see the //sw/device/tests/crypto/cryptotest:rsa_kat passing locally? I've tried running rsa_kat_fpga_cw340_sival_rom_ext but I get an error:

thread 'main' panicked at sw/host/tests/crypto/rsa_kat/src/main.rs:111:53:
called `Result::unwrap()` on an `Err` value: CapacityError: insufficient capacity
...

I haven't had time to debug the problem fully, but it looks generally like the RSA 4096 wycheproof test vectors have n of a length that is parsed to 513 bytes whereas the cryptotest UJSON definitions define a RSA_CMD_MAX_N_BYTES of 512. Not sure why this is happening - perhaps there is an extra byte/nibble that needs to be stripped somewhere, or some parsing logic has gone slightly wrong?

sw/device/lib/crypto/data/crypto_testplan.hjson
desc: '''Check that KMAC works correctly.

Run KMAC and compare the output against
the wycheproof test vector.
Copy link
Contributor

@AlexJones0 AlexJones0 Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aside: while we use the wycheproof test vectors here, there are also some example NIST KMAC test vectors (not part of CAVP) for KMAC/KMACXOF here that could potentially be used. It looks like DV is already making use of these.

Copy link
Member Author

@nasahlpa nasahlpa Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree, we should think of adding additional test vectors for KMAC.

@nasahlpa
[crypto_kat_test_suite] Add missing tests to crypto_kat_test_suite
3d7dbf3 
Add the AES-GCM and RSA tests to the `crypto_kat_test_suite` target.

Signed-off-by: Pascal Nasahl <[email protected]>
@nasahlpa
[crypto] Add missing tests to the testplan
b77cc98 
The testplan located in `sw/device/lib/crypto/data` is missing some
of the cryptotests that we have. Add them to the testplan.

Signed-off-by: Pascal Nasahl <[email protected]>
@nasahlpa
Copy link
Member Author

nasahlpa commented Nov 5, 2025

Thanks @AlexJones0 for the careful review!

I have fixed the failing RSA test you have discovered in PR #28655.

@nasahlpa nasahlpa mentioned this pull request Nov 5, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AlexJones0 AlexJones0 AlexJones0 left review comments

@luismarques luismarques Awaiting requested review from luismarques

@engdoreis engdoreis Awaiting requested review from engdoreis

@johannheyszl johannheyszl Awaiting requested review from johannheyszl

@jwnrt jwnrt Awaiting requested review from jwnrt

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

CherryPick:earlgrey_1.0.0 This PR should be cherry-picked to earlgrey_1.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nasahlpa @AlexJones0