[pentest] Move SCA lib into pentest lib

Currently, we have the SCA lib that is used for the old simpleserial based SCA/FI tests (sw/device/sca) and the new pentest lib that is used for the uJSON based pentest framework (sw/device/tests/penetrationtests). As in the longerm we want to get rid of the old simpleserial framework, this commit merges these two libraries and moves it into the new pentest framework. Moreover, the sca_ suffix is replaced with pentest_. A cleanup of these functions will be conducted once the simpleserial framework is removed. Signed-off-by: Pascal Nasahl <nasahlpa@lowrisc.org>
lowRISC · Oct 22, 2024 · def97ec · def97ec
1 parent ec3f1da
commit def97ec
Show file tree

Hide file tree

Showing 42 changed files with 1,099 additions and 1,190 deletions.
diff --git a/sw/device/sca/BUILD b/sw/device/sca/BUILD
@@ -34,8 +34,8 @@ opentitan_binary(
         "//sw/device/lib/testing/test_framework:ottf_main",
         "//sw/device/sca/lib:aes",
         "//sw/device/sca/lib:prng",
-        "//sw/device/sca/lib:sca",
         "//sw/device/sca/lib:simple_serial",
+        "//sw/device/tests/penetrationtests/firmware/lib:pentest_lib",
     ],
 )
 
@@ -55,8 +55,8 @@ opentitan_binary(
         "//sw/device/lib/testing/test_framework:ottf_ld_silicon_creator_slot_a",
         "//sw/device/lib/testing/test_framework:ottf_main",
         "//sw/device/sca/lib:prng",
-        "//sw/device/sca/lib:sca",
         "//sw/device/sca/lib:simple_serial",
+        "//sw/device/tests/penetrationtests/firmware/lib:pentest_lib",
     ],
 )
 
@@ -76,8 +76,8 @@ opentitan_binary(
         "//sw/device/lib/testing/test_framework:ottf_ld_silicon_creator_slot_a",
         "//sw/device/lib/testing/test_framework:ottf_main",
         "//sw/device/sca/lib:prng",
-        "//sw/device/sca/lib:sca",
         "//sw/device/sca/lib:simple_serial",
+        "//sw/device/tests/penetrationtests/firmware/lib:pentest_lib",
     ],
 )
 
@@ -99,8 +99,8 @@ opentitan_binary(
         "//sw/device/lib/testing/test_framework:ottf_ld_silicon_creator_slot_a",
         "//sw/device/lib/testing/test_framework:ottf_main",
         "//sw/device/sca/lib:prng",
-        "//sw/device/sca/lib:sca",
         "//sw/device/sca/lib:simple_serial",
+        "//sw/device/tests/penetrationtests/firmware/lib:pentest_lib",
         "//sw/otbn/crypto:p384_ecdsa_sca",
     ],
 )
@@ -124,8 +124,8 @@ opentitan_binary(
         "//sw/device/lib/testing/test_framework:ottf_ld_silicon_creator_slot_a",
         "//sw/device/lib/testing/test_framework:ottf_main",
         "//sw/device/sca/lib:prng",
-        "//sw/device/sca/lib:sca",
         "//sw/device/sca/lib:simple_serial",
+        "//sw/device/tests/penetrationtests/firmware/lib:pentest_lib",
         "//sw/otbn/crypto:p256_ecdsa_sca",
     ],
 )
diff --git a/sw/device/sca/aes_serial.c b/sw/device/sca/aes_serial.c
@@ -10,8 +10,8 @@
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
 #include "sw/device/sca/lib/aes.h"
 #include "sw/device/sca/lib/prng.h"
-#include "sw/device/sca/lib/sca.h"
 #include "sw/device/sca/lib/simple_serial.h"
+#include "sw/device/tests/penetrationtests/firmware/lib/pentest_lib.h"
 
 #if !OT_IS_ENGLISH_BREAKFAST
 #include "sw/device/lib/testing/aes_testutils.h"
@@ -181,16 +181,16 @@ static void aes_key_mask_and_config(const uint8_t *key, size_t key_len) {
   dif_aes_key_share_t key_shares;
   // Mask the provided key.
   for (int i = 0; i < key_len / 4; ++i) {
-    key_shares.share1[i] = sca_non_linear_layer(
-        sca_linear_layer(sca_next_lfsr(1, kScaLfsrMasking)));
+    key_shares.share1[i] = pentest_non_linear_layer(
+        pentest_linear_layer(pentest_next_lfsr(1, kPentestLfsrMasking)));
     key_shares.share0[i] = *((uint32_t *)key + i) ^ key_shares.share1[i];
   }
   // Provide random shares for unused key bits.
   for (size_t i = key_len / 4; i < kAesKeyLengthMax / 4; ++i) {
     key_shares.share1[i] =
-        sca_non_linear_layer(sca_next_lfsr(1, kScaLfsrMasking));
+        pentest_non_linear_layer(pentest_next_lfsr(1, kPentestLfsrMasking));
     key_shares.share0[i] =
-        sca_non_linear_layer(sca_next_lfsr(1, kScaLfsrMasking));
+        pentest_non_linear_layer(pentest_next_lfsr(1, kPentestLfsrMasking));
   }
   SS_CHECK_DIF_OK(dif_aes_start(&aes, &transaction, &key_shares, NULL));
 }
@@ -223,9 +223,9 @@ static void aes_serial_key_set(const uint8_t *key, size_t key_len) {
 /**
  * Encrypts a plaintext using the AES peripheral.
  *
- * This function uses `sca_call_and_sleep()` from the sca library to put Ibex to
- * sleep in order to minimize noise during captures. The plaintext must be
- * `kAesTextLength` bytes long.
+ * This function uses `pentest_call_and_sleep()` from the sca library to put
+ * Ibex to sleep in order to minimize noise during captures. The plaintext must
+ * be `kAesTextLength` bytes long.
  *
  * @param plaintext Plaintext.
  * @param plaintext_len Length of the plaintext.
@@ -245,7 +245,7 @@ static void aes_encrypt(const uint8_t *plaintext, size_t plaintext_len) {
   // Using the SecAesStartTriggerDelay hardware parameter, the AES unit is
   // configured to start operation 40 cycles after receiving the start trigger.
   // This allows Ibex to go to sleep in order to not disturb the capture.
-  sca_call_and_sleep(aes_manual_trigger, kIbexAesSleepCycles, false);
+  pentest_call_and_sleep(aes_manual_trigger, kIbexAesSleepCycles, false, false);
 }
 
 /**
@@ -293,9 +293,9 @@ static void aes_serial_single_encrypt(const uint8_t *plaintext,
     block_ctr = 1;
   }
 
-  sca_set_trigger_high();
+  pentest_set_trigger_high();
   aes_encrypt(plaintext, plaintext_len);
-  sca_set_trigger_low();
+  pentest_set_trigger_low();
 
   aes_send_ciphertext(false);
 }
@@ -374,12 +374,12 @@ static void aes_serial_batch_encrypt(const uint8_t *data, size_t data_len) {
     block_ctr = num_encryptions;
   }
 
-  sca_set_trigger_high();
+  pentest_set_trigger_high();
   for (uint32_t i = 0; i < num_encryptions; ++i) {
     aes_encrypt(plaintext_random, kAesTextLength);
     aes_serial_advance_random();
   }
-  sca_set_trigger_low();
+  pentest_set_trigger_low();
 
   aes_send_ciphertext(true);
 }
@@ -427,7 +427,7 @@ static void aes_serial_batch_alternative_encrypt(const uint8_t *data,
   // Set trigger high outside of loop
   // On FPGA, the trigger is AND-ed with AES !IDLE and creates a LO-HI-LO per
   // AES operation
-  sca_set_trigger_high();
+  pentest_set_trigger_high();
   dif_aes_data_t ciphertext;
   for (uint32_t i = 0; i < num_encryptions; ++i) {
     // Encrypt
@@ -444,7 +444,7 @@ static void aes_serial_batch_alternative_encrypt(const uint8_t *data,
     // Use ciphertext as next plaintext (incl. next call to this function)
     memcpy(batch_plaintext, ciphertext.data, kAesTextLength);
   }
-  sca_set_trigger_low();
+  pentest_set_trigger_low();
   // Acknowledge command
   simple_serial_send_status(0);
   // send last ciphertext
@@ -563,12 +563,12 @@ static void aes_serial_fvsr_key_batch_encrypt(const uint8_t *data,
   num_encryptions = read_32(data);
   SS_CHECK(num_encryptions <= kNumBatchOpsMax);
 
-  sca_set_trigger_high();
+  pentest_set_trigger_high();
   for (uint32_t i = 0; i < num_encryptions; ++i) {
     aes_key_mask_and_config(batch_keys[i], kAesKeyLength);
     aes_encrypt(batch_plaintexts[i], kAesTextLength);
   }
-  sca_set_trigger_low();
+  pentest_set_trigger_low();
 
   // Acknowledge command
   simple_serial_send_status(0);
@@ -622,15 +622,15 @@ static void aes_serial_fvsr_data_batch_encrypt(const uint8_t *data,
       memcpy(batch_plaintexts[i], plaintext_random, kAesKeyLength);
       aes_serial_advance_random_data();
     }
-    sample_fixed = sca_next_lfsr(1, kScaLfsrOrder) & 0x1;
+    sample_fixed = pentest_next_lfsr(1, kPentestLfsrOrder) & 0x1;
   }
 
-  sca_set_trigger_high();
+  pentest_set_trigger_high();
   for (uint32_t i = 0; i < num_encryptions; ++i) {
     aes_key_mask_and_config(batch_keys[i], kAesKeyLength);
     aes_encrypt(batch_plaintexts[i], kAesTextLength);
   }
-  sca_set_trigger_low();
+  pentest_set_trigger_low();
 
   // Acknowledge command
   simple_serial_send_status(0);
@@ -656,7 +656,7 @@ static void aes_serial_seed_lfsr(const uint8_t *seed, size_t seed_len) {
     // enable masking
     transaction.force_masks = false;
   }
-  sca_seed_lfsr(seed_local, kScaLfsrMasking);
+  pentest_seed_lfsr(seed_local, kPentestLfsrMasking);
 }
 
 /**
@@ -671,7 +671,7 @@ static void aes_serial_seed_lfsr(const uint8_t *seed, size_t seed_len) {
 static void aes_serial_seed_lfsr_order(const uint8_t *seed, size_t seed_len) {
   SS_CHECK(seed_len == sizeof(uint32_t));
   uint32_t seed_local = read_32(seed);
-  sca_seed_lfsr(seed_local, kScaLfsrOrder);
+  pentest_seed_lfsr(seed_local, kPentestLfsrOrder);
 }
 
 /**
@@ -730,7 +730,7 @@ static void aes_serial_set_default_values(const uint8_t *data,
     memcpy(plaintext_random, kPlaintextRandomStartFvsrData, kAesTextLength);
   }
 
-  sca_seed_lfsr(kPrngInitialState, kScaLfsrOrder);
+  pentest_seed_lfsr(kPrngInitialState, kPentestLfsrOrder);
 }
 
 /**
@@ -749,12 +749,13 @@ static void init_aes(void) {
  * UART.
  */
 bool test_main(void) {
-  sca_init(kScaTriggerSourceAes, kScaPeripheralIoDiv4 | kScaPeripheralAes);
+  pentest_init(kPentestTriggerSourceAes,
+               kPentestPeripheralIoDiv4 | kPentestPeripheralAes);
 
   LOG_INFO("Running AES serial");
 
   LOG_INFO("Initializing simple serial interface to capture board.");
-  simple_serial_init(sca_get_uart());
+  simple_serial_init(pentest_get_uart());
   simple_serial_register_handler('k', aes_serial_key_set);
   simple_serial_register_handler('p', aes_serial_single_encrypt);
   simple_serial_register_handler('b', aes_serial_batch_encrypt);

diff --git a/sw/device/sca/ecc256_sign_serial.c b/sw/device/sca/ecc256_sign_serial.c
@@ -10,8 +10,8 @@
 #include "sw/device/lib/testing/entropy_testutils.h"
 #include "sw/device/lib/testing/test_framework/ottf_main.h"
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
-#include "sw/device/sca/lib/sca.h"
 #include "sw/device/sca/lib/simple_serial.h"
+#include "sw/device/tests/penetrationtests/firmware/lib/pentest_lib.h"
 
 #include "hw/top_earlgrey/sw/autogen/top_earlgrey.h"
 #include "otbn_regs.h"
@@ -241,10 +241,10 @@ static void ecc256_ecdsa(const uint8_t *arg, size_t len) {
   uint32_t ecc256_signature_s[kEcc256NumWords];
 
   LOG_INFO("Signing");
-  sca_set_trigger_high();
+  pentest_set_trigger_high();
   p256_ecdsa_sign(ecc256_msg, ecc256_private_key_d, ecc256_signature_r,
                   ecc256_signature_s, ecc256_secret_k);
-  sca_set_trigger_low();
+  pentest_set_trigger_low();
 
   // Copy r and s into byte buffers to avoid strict-aliasing violations.
   uint8_t ecc256_signature_r_bytes[kEcc256NumBytes];
@@ -270,14 +270,15 @@ static void ecc256_ecdsa(const uint8_t *arg, size_t len) {
 static void simple_serial_main(void) {
   SS_CHECK_STATUS_OK(entropy_testutils_auto_mode_init());
 
-  sca_init(kScaTriggerSourceOtbn, kScaPeripheralEntropy | kScaPeripheralIoDiv4 |
-                                      kScaPeripheralOtbn | kScaPeripheralCsrng |
-                                      kScaPeripheralEdn | kScaPeripheralHmac);
+  pentest_init(kPentestTriggerSourceOtbn,
+               kPentestPeripheralEntropy | kPentestPeripheralIoDiv4 |
+                   kPentestPeripheralOtbn | kPentestPeripheralCsrng |
+                   kPentestPeripheralEdn | kPentestPeripheralHmac);
 
   LOG_INFO("Running ECC serial");
   LOG_INFO("Initializing simple serial interface to capture board.");
 
-  simple_serial_init(sca_get_uart());
+  simple_serial_init(pentest_get_uart());
   SS_CHECK(simple_serial_register_handler('p', ecc256_ecdsa) ==
            kSimpleSerialOk);
   SS_CHECK(simple_serial_register_handler('k', ecc256_set_secret_key_k) ==

diff --git a/sw/device/sca/ecc384_serial.c b/sw/device/sca/ecc384_serial.c
@@ -10,8 +10,8 @@
 #include "sw/device/lib/testing/entropy_testutils.h"
 #include "sw/device/lib/testing/test_framework/ottf_main.h"
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
-#include "sw/device/sca/lib/sca.h"
 #include "sw/device/sca/lib/simple_serial.h"
+#include "sw/device/tests/penetrationtests/firmware/lib/pentest_lib.h"
 
 #include "hw/top_earlgrey/sw/autogen/top_earlgrey.h"
 #include "otbn_regs.h"
@@ -256,10 +256,10 @@ static void ecc384_ecdsa(const uint8_t *ecc384_secret_k_bytes,
   uint32_t ecc384_signature_s[kEcc384NumWords];
 
   LOG_INFO("Signing");
-  sca_set_trigger_high();
+  pentest_set_trigger_high();
   p384_ecdsa_sign(ecc384_msg, ecc384_private_key_d, ecc384_signature_r,
                   ecc384_signature_s, ecc384_secret_k);
-  sca_set_trigger_low();
+  pentest_set_trigger_low();
 
   // Copy r and s into byte buffers to avoid strict-aliasing violations.
   uint8_t ecc384_signature_r_bytes[kEcc384NumBytes];
@@ -289,13 +289,14 @@ static void ecc384_ecdsa(const uint8_t *ecc384_secret_k_bytes,
 static void simple_serial_main(void) {
   SS_CHECK_STATUS_OK(entropy_testutils_auto_mode_init());
 
-  sca_init(kScaTriggerSourceOtbn, kScaPeripheralEntropy | kScaPeripheralIoDiv4 |
-                                      kScaPeripheralOtbn | kScaPeripheralCsrng |
-                                      kScaPeripheralEdn | kScaPeripheralHmac);
+  pentest_init(kPentestTriggerSourceOtbn,
+               kPentestPeripheralEntropy | kPentestPeripheralIoDiv4 |
+                   kPentestPeripheralOtbn | kPentestPeripheralCsrng |
+                   kPentestPeripheralEdn | kPentestPeripheralHmac);
 
   LOG_INFO("Running ECC serial");
   LOG_INFO("Initializing simple serial interface to capture board.");
-  simple_serial_init(sca_get_uart());
+  simple_serial_init(pentest_get_uart());
 
   SS_CHECK(simple_serial_register_handler('p', ecc384_ecdsa) ==
            kSimpleSerialOk);

diff --git a/sw/device/sca/kmac_serial.c b/sw/device/sca/kmac_serial.c
@@ -9,8 +9,8 @@
 #include "sw/device/lib/testing/test_framework/ottf_main.h"
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
 #include "sw/device/sca/lib/prng.h"
-#include "sw/device/sca/lib/sca.h"
 #include "sw/device/sca/lib/simple_serial.h"
+#include "sw/device/tests/penetrationtests/firmware/lib/pentest_lib.h"
 
 #include "hw/top_earlgrey/sw/autogen/top_earlgrey.h"
 #include "kmac_regs.h"
@@ -222,7 +222,7 @@ static dif_result_t kmac_msg_start(dif_kmac_mode_kmac_t mode, size_t l,
   mmio_region_write32(kmac.base_addr, KMAC_KEY_LEN_REG_OFFSET, key_len);
   for (int i = 0; i < ARRAYSIZE(k->share0); ++i) {
     // Run LFSR for 32 steps to ensure that all state bits are updated.
-    const uint32_t a = sca_next_lfsr(32, kScaLfsrMasking);
+    const uint32_t a = pentest_next_lfsr(32, kPentestLfsrMasking);
     mmio_region_write32(kmac.base_addr,
                         KMAC_KEY_SHARE0_0_REG_OFFSET +
                             (ptrdiff_t)i * (ptrdiff_t)sizeof(uint32_t),
@@ -480,7 +480,7 @@ static void sha3_serial_absorb(const uint8_t *msg, size_t msg_len) {
   // configured to start operation 40 cycles after receiving the START and PROC
   // commands. This allows Ibex to go to sleep in order to not disturb the
   // capture.
-  sca_call_and_sleep(kmac_msg_proc, kIbexSha3SleepCycles, false);
+  pentest_call_and_sleep(kmac_msg_proc, kIbexSha3SleepCycles, false, false);
 }
 
 /**
@@ -497,9 +497,9 @@ static void sha3_serial_single_absorb(const uint8_t *msg, size_t msg_len) {
   SS_CHECK(msg_len == kMessageLength);
 
   // Ungate the capture trigger signal and then start the operation.
-  sca_set_trigger_high();
+  pentest_set_trigger_high();
   sha3_serial_absorb(msg, msg_len);
-  sca_set_trigger_low();
+  pentest_set_trigger_low();
 
   // Check KMAC has finsihed processing the message.
   kmac_msg_done();
@@ -544,9 +544,9 @@ static void sha3_serial_batch(const uint8_t *data, size_t data_len) {
     kmac_reset();
     memcpy(kmac_key.share0, batch_keys[i], kKeyLength);
 
-    sca_set_trigger_high();
+    pentest_set_trigger_high();
     sha3_serial_absorb(batch_messages[i], kMessageLength);
-    sca_set_trigger_low();
+    pentest_set_trigger_low();
 
     kmac_msg_done();
     SS_CHECK_DIF_OK(kmac_get_digest(out, kDigestLength));
@@ -571,7 +571,7 @@ static void sha3_serial_batch(const uint8_t *data, size_t data_len) {
  */
 static void sha3_serial_seed_lfsr(const uint8_t *seed, size_t seed_len) {
   SS_CHECK(seed_len == sizeof(uint32_t));
-  sca_seed_lfsr(read_32(seed), kScaLfsrMasking);
+  pentest_seed_lfsr(read_32(seed), kPentestLfsrMasking);
 }
 
 /**
@@ -581,12 +581,13 @@ static void sha3_serial_seed_lfsr(const uint8_t *seed, size_t seed_len) {
  * UART.
  */
 bool test_main(void) {
-  sca_init(kScaTriggerSourceKmac, kScaPeripheralIoDiv4 | kScaPeripheralKmac);
+  pentest_init(kPentestTriggerSourceKmac,
+               kPentestPeripheralIoDiv4 | kPentestPeripheralKmac);
 
   LOG_INFO("Running kmac_serial");
 
   LOG_INFO("Initializing simple serial interface to capture board.");
-  simple_serial_init(sca_get_uart());
+  simple_serial_init(pentest_get_uart());
   simple_serial_register_handler('k', sha3_serial_set_key);
   simple_serial_register_handler('p', sha3_serial_single_absorb);
   simple_serial_register_handler('b', sha3_serial_batch);