From f297caf6cd635b36b85b1232f057aac7848803cf Mon Sep 17 00:00:00 2001 From: Pascal Nasahl Date: Mon, 3 Nov 2025 13:53:34 +0100 Subject: [PATCH 1/2] [crypto_kat_test_suite] Add missing tests to `crypto_kat_test_suite` Add the AES-GCM. ACVP HMAC, and RSA tests to the `crypto_kat_test_suite` target. Signed-off-by: Pascal Nasahl --- sw/device/tests/crypto/cryptotest/BUILD | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sw/device/tests/crypto/cryptotest/BUILD b/sw/device/tests/crypto/cryptotest/BUILD index 32e08ce4bf884..222e352af59e8 100644 --- a/sw/device/tests/crypto/cryptotest/BUILD +++ b/sw/device/tests/crypto/cryptotest/BUILD @@ -590,6 +590,8 @@ cryptotest( test_suite( name = "crypto_kat_test_suite", tests = [ + ":acvp_hmac_sha256", + ":aes_gcm_kat", ":aes_kat", ":cshake_kat", ":drbg_kat", @@ -599,6 +601,7 @@ test_suite( ":hmac_sha384_kat", ":hmac_sha512_kat", ":kmac_kat", + ":rsa_kat", ":sha256_kat", ":sha384_kat", ":sha3_224_kat", From 6c69f465eb2debe5d93a60cc69619621e1ff8a49 Mon Sep 17 00:00:00 2001 From: Pascal Nasahl Date: Mon, 3 Nov 2025 14:15:27 +0100 Subject: [PATCH 2/2] [crypto] Add missing tests to the testplan The testplan located in `sw/device/lib/crypto/data` is missing some of the cryptotests that we have. Add them to the testplan. Signed-off-by: Pascal Nasahl --- .../lib/crypto/data/crypto_testplan.hjson | 146 ++++++++++++++---- 1 file changed, 114 insertions(+), 32 deletions(-) diff --git a/sw/device/lib/crypto/data/crypto_testplan.hjson b/sw/device/lib/crypto/data/crypto_testplan.hjson index 09cc9cd4b78d1..bd75b19613136 100644 --- a/sw/device/lib/crypto/data/crypto_testplan.hjson +++ b/sw/device/lib/crypto/data/crypto_testplan.hjson @@ -5,22 +5,25 @@ name: "crypto" testpoints: [ { - name: crypto_lib_hash_stress - desc: '''Check that the hash algorithms are correct. + name: crypto_lib_aes_stress + desc: '''Check that the aes implementation is correct. - Run the hash algorithms Sha256, Sha384 and Sha512 and compare the digist against - the NIST test vector. + Run the following operations and compare the result against the NIST test vector: + - AES-CBC/CFB/ECB/OFB encryption. + - AES-CBC/CFB/ECB/OFB decryption. + - AES-GCM encryption. + - AES-GCM decryption. ''' stage: N.A. si_stage: SV3 tests: [] bazel: [ - "//sw/device/tests/crypto:sha256_functest", - "//sw/device/tests/crypto:sha384_functest", - "//sw/device/tests/crypto:sha512_functest", - "//sw/device/tests/crypto:hkdf_functest", - "//sw/device/tests/crypto:otcrypto_hash_test", - "//sw/device/tests/crypto:otcrypto_export_test" + "//sw/device/tests/crypto:aes_functest", + "//sw/device/tests/crypto:aes_kwp_kat_functest", + "//sw/device/tests/crypto:aes_kwp_functest", + "//sw/device/tests/crypto:aes_gcm_functest", + "//sw/device/tests/crypto/cryptotest:aes_kat" + "//sw/device/tests/crypto/cryptotest:aes_gcm_kat" ] lc_states: ["PROD"] } @@ -45,23 +48,69 @@ ] } { - name: crypto_lib_rsa_key_gen_stress - desc: '''Check that the implementation of RSA key generation is correct. + name: crypto_lib_hash_stress + desc: '''Check that the hash algorithms are correct. - Generate RSA key pairs with sizes 2048, 3072 and 4096 bits. - The key generation should take an appropriate time based on the key size and the - platform (FPGA or Silicon). - For each key pair: - - Sign a message with the private key. - - Verify the signature with the public key. + Run the hash algorithms Sha256, Sha384, Sha512, SHA3-224, SHA3-256, + SHA3-384 and SHA3-512 and compare the digest against the NIST test + vector. ''' stage: N.A. si_stage: SV3 tests: [] bazel: [ - "//sw/device/tests/crypto:rsa_2048_keygen_functest", - "//sw/device/tests/crypto:rsa_3072_keygen_functest", - "//sw/device/tests/crypto:rsa_4096_keygen_functest", + "//sw/device/tests/crypto:sha256_functest", + "//sw/device/tests/crypto:sha384_functest", + "//sw/device/tests/crypto:sha512_functest", + "//sw/device/tests/crypto:hkdf_functest", + "//sw/device/tests/crypto:otcrypto_hash_test", + "//sw/device/tests/crypto:otcrypto_export_test" + "//sw/device/tests/crypto/cryptotest:sha256_kat", + "//sw/device/tests/crypto/cryptotest:sha384_kat", + "//sw/device/tests/crypto/cryptotest:sha3_224_kat", + "//sw/device/tests/crypto/cryptotest:sha3_256_kat", + "//sw/device/tests/crypto/cryptotest:sha3_384_kat", + "//sw/device/tests/crypto/cryptotest:sha3_512_kat", + "//sw/device/tests/crypto/cryptotest:sha512_kat", + ] + lc_states: ["PROD"] + } + { + name: crypto_lib_hmac_stress + desc: '''Check that HMAC works correctly. + + Run HMAC Sha256, Sha384 and Sha512 and compare the output against + the NIST test vector. + ''' + stage: N.A. + si_stage: SV3 + tests: [] + bazel: [ + "//sw/device/tests/crypto:hmac_sha256_functest", + "//sw/device/tests/crypto:hmac_sha384_functest", + "//sw/device/tests/crypto:hmac_sha512_functest", + "//sw/device/tests/crypto:hmac_functest", + "//sw/device/tests/crypto:hmac_multistream_functest", + "//sw/device/tests/crypto/cryptotest:acvp_hmac_sha256", + "//sw/device/tests/crypto/cryptotest:hmac_sha256_kat", + "//sw/device/tests/crypto/cryptotest:hmac_sha384_kat", + "//sw/device/tests/crypto/cryptotest:hmac_sha512_kat", + ] + lc_states: ["PROD"] + } + { + name: crypto_lib_kmac_stress + desc: '''Check that KMAC works correctly. + + Run KMAC and compare the output against + the wycheproof test vector. + ''' + stage: N.A. + si_stage: SV3 + tests: [] + bazel: [ + "//sw/device/tests/crypto:kmac_functest_hardcoded", + "//sw/device/tests/crypto/cryptotest:kmac_kat", ] lc_states: ["PROD"] } @@ -72,6 +121,7 @@ Run the follow operations and compare the result against the NIST test vector: - RSA signature. - RSA signature verification. + - RSA encryption and decryption. With the keys sizes 2048, 3072 and 4096 bits. ''' stage: N.A. @@ -85,27 +135,59 @@ "//sw/device/tests/crypto:rsa_3072_signature_functest", "//sw/device/tests/crypto:rsa_4096_encryption_functest", "//sw/device/tests/crypto:rsa_4096_signature_functest", + "//sw/device/tests/crypto/cryptotest:rsa_kat", ] lc_states: ["PROD"] } { - name: crypto_lib_aes_stress - desc: '''Check that the aes implementation is correct. + name: crypto_lib_rsa_key_gen_stress + desc: '''Check that the implementation of RSA key generation is correct. - Run the following operations and compare the result against the NIST test vector: - - AES-CBC encryption. - - AES-CBC decryption. - - AES-GCM encryption. - - AES-GCM decryption. + Generate RSA key pairs with sizes 2048, 3072 and 4096 bits. + The key generation should take an appropriate time based on the key size and the + platform (FPGA or Silicon). + For each key pair: + - Sign a message with the private key. + - Verify the signature with the public key. ''' stage: N.A. si_stage: SV3 tests: [] bazel: [ - "//sw/device/tests/crypto:aes_kwp_kat_functest", - "//sw/device/tests/crypto:aes_kwp_functest", - "//sw/device/tests/crypto:aes_gcm_functest", - "//sw/device/tests/crypto/cryptotest:aes_kat" + "//sw/device/tests/crypto:rsa_2048_keygen_functest", + "//sw/device/tests/crypto:rsa_3072_keygen_functest", + "//sw/device/tests/crypto:rsa_4096_keygen_functest", + ] + lc_states: ["PROD"] + } + { + name: crypto_lib_shake_stress + desc: '''Check that the implementation of SHAKE is correct. + + Run CShake128 and CShake256 and compare the output against + the NIST test vector. + ''' + stage: N.A. + si_stage: SV3 + tests: [] + bazel: [ + "//sw/device/tests/crypto:cshake_kat", + "//sw/device/tests/crypto:shake128_kat", + "//sw/device/tests/crypto:shake256_kat", + ] + lc_states: ["PROD"] + } + { + name: crypto_lib_sphincsplus_stress + desc: '''Check that the implementation of SPHINCS+ is correct. + + Run SPHINCS+ and compare the output against the test vector. + ''' + stage: N.A. + si_stage: SV3 + tests: [] + bazel: [ + "//sw/device/tests/crypto:sphincsplus_kat", ] lc_states: ["PROD"] }