Testpoints
Stage | Name | Tests | Description |
---|---|---|---|
V1 | smoke | kmac_smoke | KMAC smoke test will contain a number of rounds, and acts as a base for many other tests. In each round, we run a full KMAC hashing operation:
This test, and all other tests in the testplan, will be checked for correctness in two different ways:
|
V1 | csr_hw_reset | kmac_csr_hw_reset | Verify the reset values as indicated in the RAL specification.
|
V1 | csr_rw | kmac_csr_rw | Verify accessibility of CSRs as indicated in the RAL specification.
|
V1 | csr_bit_bash | kmac_csr_bit_bash | Verify no aliasing within individual bits of a CSR.
|
V1 | csr_aliasing | kmac_csr_aliasing | Verify no aliasing within the CSR address space.
|
V1 | csr_mem_rw_with_rand_reset | kmac_csr_mem_rw_with_rand_reset | Verify random reset during CSR/memory access.
|
V1 | regwen_csr_and_corresponding_lockable_csr | kmac_csr_rw kmac_csr_aliasing | Verify regwen CSR and its corresponding lockable CSRs.
Note:
This is only applicable if the block contains regwen and locakable CSRs. |
V1 | mem_walk | kmac_mem_walk | Verify accessibility of all memories in the design.
|
V1 | mem_partial_access | kmac_mem_partial_access | Verify partial-accessibility of all memories in the design.
|
V2 | long_msg_and_output | kmac_long_msg_and_output | Same as the smoke test, except with a message of up to 100KB.
Max firmware input size for KMAX is around 392KB, but this is too large for a DV
simulation.
Average input size from firmware would be around 60-100KB, so we use 100KB as a max
input size for DV, but will enable easy extensibility for emulation testing where we can
enable much larger messages.
Allow output length to vary up to 1KB (for XOF functions).
If output length is greater than |
V2 | burst_write | kmac_burst_write | This is the same as the long_message test, except we burst-write chunks of the message into the msg_fifo, and disable intermediate status/CSR checks. |
V2 | test_vectors | kmac_test_vectors_sha3_224 kmac_test_vectors_sha3_256 kmac_test_vectors_sha3_384 kmac_test_vectors_sha3_512 kmac_test_vectors_shake_128 kmac_test_vectors_shake_256 kmac_test_vectors_kmac kmac_test_vectors_kmac_xof | These tests drive NIST test vectors for SHA3/SHAKE/KMAC into the design and check the output against the expected digest values. |
V2 | sideload | kmac_sideload | Same as the smoke test, except we set cfg.sideload and provide a valid sideloaded key as well as a valid SW-provided key. KMAC should operate on the sideloaded key regardless of the cfg_shadowed.sideload field value. |
V2 | app | kmac_app | Test that the Keymgr/ROM/LC can all initiate a KMAC operation through the application interface - Keymgr uses KMAC hash, while ROM/LC use CShake. Use an array of kmac_app_agents to send message data to the KMAC and to control the hashing logic, and set cfg.sideload if the Keymgr is enabled. The result digest sent to the kmac_app_agent will be compared against the result from the DPI reference model. In addition, read from the STATE window afterwards and confirm that this access is blocked and will return 0. |
V2 | app_with_partial_data | kmac_app_with_partial_data | Basd on the kmac_app test, this test will send partial data from application interface
by sending |
V2 | entropy_refresh | kmac_entropy_refresh | Test entropy interface for KMAC. This test randomly chooses to execute either a SW-controlled hash or a hash from the App interface. All configuration fields are left as is, but now we will request EDN entropy by setting the following registers with random value:
In masked mode, scoreboard will check:
In unmasked mode, scoreboard will check:
|
V2 | error | kmac_error | Try several error sequences:
// TODO: Not all of these errors have been supported yet, and more errors might be // added later. // So this might be split into several error tests later on. |
V2 | key_error | kmac_key_error | Test kmac responses correctly when keymgr app sends request but key is not valid. Stimulus:
Check:
|
V2 | edn_timeout_error | kmac_edn_timeout_error | Test kmac responses correctly when EDN response timeout.
Based on kmac app sequence, this sequence configures kmac to ensure an EDN timeout
error by writing
|
V2 | entropy_mode_error | kmac_entropy_mode_error | Test kmac responses correctly when entropy mode is configured incorrectly.
Based on kmac edn_timeout sequence, this sequence write incorrect
|
V2 | entropy_ready_error | kmac_entropy_ready_error | Test kmac responses correctly when entropy_ready field is not set.
Based on kmac app sequence, this sequence does not write
|
V2 | lc_escalation | kmac_lc_escalation | Randomly set Checks:
|
V2 | stress_all | kmac_stress_all |
|
V2 | intr_test | kmac_intr_test | Verify common intr_test CSRs that allows SW to mock-inject interrupts.
|
V2 | alert_test | kmac_alert_test | Verify common
|
V2 | tl_d_oob_addr_access | kmac_tl_errors | Access out of bounds address and verify correctness of response / behavior |
V2 | tl_d_illegal_access | kmac_tl_errors | Drive unsupported requests via TL interface and verify correctness of response / behavior. Below error cases are tested bases on the TLUL spec
|
V2 | tl_d_outstanding_access | kmac_csr_hw_reset kmac_csr_rw kmac_csr_aliasing kmac_same_csr_outstanding | Drive back-to-back requests without waiting for response to ensure there is one transaction outstanding within the TL device. Also, verify one outstanding when back- to-back accesses are made to the same address. |
V2 | tl_d_partial_access | kmac_csr_hw_reset kmac_csr_rw kmac_csr_aliasing kmac_same_csr_outstanding | Access CSR with one or more bytes of data. For read, expect to return all word value of the CSR. For write, enabling bytes should cover all CSR valid fields. |
V2S | shadow_reg_update_error | kmac_shadow_reg_errors | Verify shadowed registers' update error.
|
V2S | shadow_reg_read_clear_staged_value | kmac_shadow_reg_errors | Verify reading a shadowed register will clear its staged value.
|
V2S | shadow_reg_storage_error | kmac_shadow_reg_errors | Verify shadowed registers' storage error.
|
V2S | shadowed_reset_glitch | kmac_shadow_reg_errors | Verify toggle shadowed_rst_n pin can trigger storage error.
|
V2S | shadow_reg_update_error_with_csr_rw | kmac_shadow_reg_errors_with_csr_rw | Run shadow_reg_update_error sequence in parallel with csr_rw sequence.
|
V2S | tl_intg_err | kmac_tl_intg_err kmac_sec_cm | Verify that the data integrity check violation generates an alert.
|
V2S | sec_cm_bus_integrity | kmac_tl_intg_err | Verify the countermeasure(s) BUS.INTEGRITY. |
V2S | sec_cm_lc_escalate_en_intersig_mubi | kmac_lc_escalation | Verify global LC_ESCALATE_EN mubi |
V2S | sec_cm_sw_key_key_masking | kmac_smoke | Verify the countermeasure(s) SW_KEY.KEY.MASKING. |
V2S | sec_cm_key_sideload | kmac_sideload | Verify the key from KeyMgr is sideloaded. |
V2S | sec_cm_cfg_shadowed_config_shadow | kmac_shadow_reg_errors | Verify the countermeasure(s) CFG_SHADOWED.CONFIG.SHADOW. |
V2S | sec_cm_fsm_sparse | kmac_sec_cm | Verify the countermeasure(s) FSM.SPARSE. |
V2S | sec_cm_ctr_redun | kmac_sec_cm | Verify the countermeasure(s) CTR.REDUN. |
V2S | sec_cm_packer_ctr_redun | kmac_sec_cm | Verify the countermeasure(s) PACKER.CTR.REDUN. |
V2S | sec_cm_cfg_shadowed_config_regwen | kmac_smoke | Verify the countermeasure(s) CFG_SHADOWED.CONFIG.REGWEN. |
V2S | sec_cm_fsm_global_esc | kmac_lc_escalation | Verify the countermeasure(s) FSM.GLOBAL_ESC. |
V2S | sec_cm_fsm_local_esc | kmac_sec_cm | Verify the countermeasure(s) FSM.LOCAL_ESC. |
V2S | sec_cm_logic_integrity | N/A | Verify the countermeasure(s) LOGIC.INTEGRITY. |
V2S | sec_cm_absorbed_ctrl_mubi | kmac_mubi | Verify the countermeasure(s) ABSORBED.CTRL.INTEGRITY |
V2S | sec_cm_sw_cmd_ctrl_sparse | kmac_smoke | Verify the countermeasure(s) SW_CMD.CTRL.INTEGRITY |
V3 | throughput | kmac_throughput | Measure the throughput of the various hashing calculations and make sure they correspond to the expected throughput range for the design. |
V3 | stress_all_with_rand_reset | kmac_stress_all_with_rand_reset | This test runs 3 parallel threads - stress_all, tl_errors and random reset. After reset is asserted, the test will read and check all valid CSR registers. |
Covergroups
Name | Description |
---|---|
app_cg | Covers several scenarios related to the app interface:
Note that this covergroup will be duplicated once per app interface. |
app_sw_cfg_cg | Covers several scenarios related to the app interface and cfg_shadowed register value:
These sw register settings should not affect kmac app interface calculation. Note that this covergroup will be duplicated once per app interface. |
cmd_process_cg | Covers that the KMAC can handle seeing a
|
config_cg | Covers that all valid configuration settings for the KMAC have been tested. Individual config settings that will be covered include:
|
edn_cg | Covers that EDN entropy can be received by KMAC while keccak rounds are active/inactive, crossed with a few entropy configuration values (fast entropy, etc...). |
entropy_timer_cg | Cover the values for the entropy_period register's |
error_cg | Covers all error scenarios:
|
msg_len_cg | Covers various input message length ranges, to ensure that KMAC can operate successfully on different sized messages. The minimum tested msg length is 0 bytes, and the maximum length is 10_000 bytes, we will cover that an acceptable distribution of lengths has been seen, and specifically cover some corner cases (like length 0). |
msgfifo_level_cg | Covers that all possible fifo statuses have been seen when running different hash operations (like sha3/shake/cshake/kmac), such as various fifo depths, fifo full, and fifo empty. |
msgfifo_write_mask_cg | Covers that the msgfifo has been written using all possible TLUL masks. |
output_digest_len_cg | Similar to the |
prefix_range_cg | The prefix used for CSHAKE and KMAC (function_name + customization_string) are only allowed to be valid alphabet letters, or a space character. This covergroup covers that all of these characters have appeared in a prefix value. |
regwen_val_when_new_value_written_cg | Cover each lockable reg field with these 2 cases:
This is only applicable if the block contains regwen and locakable CSRs. |
sha3_status_cg | Covers that all sha3-related status fields have eventually been seen. |
shadow_field_errs_cg | Cover all shadow register errors for each register field. For all register fields within the shadowed register, this coverpoint covers the following errors:
|
sideload_cg | Covers that the KMAC sees scenarios where the sideloaded key is provided and should be
used ( |
state_read_mask_cg | Covers that the state windows have been read using all possible TLUL masks. |
tl_errors_cg | Cover the following error cases on TL-UL bus:
|
tl_intg_err_cg | Cover all kinds of integrity errors (command, data or both) and cover number of error bits on each integrity check. Cover the kinds of integrity errors with byte enabled write on memory if applicable: Some memories store the integrity values. When there is a subword write, design re-calculate the integrity with full word data and update integrity in the memory. This coverage ensures that memory byte write has been issued and the related design logic has been verfied. |