Software APIs
aes_testutils.h
1// Copyright lowRISC contributors (OpenTitan project).
2// Licensed under the Apache License, Version 2.0, see LICENSE for details.
3// SPDX-License-Identifier: Apache-2.0
4
5#ifndef OPENTITAN_SW_DEVICE_LIB_TESTING_AES_TESTUTILS_H_
6#define OPENTITAN_SW_DEVICE_LIB_TESTING_AES_TESTUTILS_H_
7
8#include "sw/device/lib/dif/dif_aes.h"
9#include "sw/device/lib/runtime/ibex.h"
10#include "sw/device/lib/testing/test_framework/check.h"
11
12// The AES_TESTUTILS_HAS_EDN_AND_CSRNG define is created
13// by the Bazel rule to indicate the presence of the csrng
14// and edn IPs.
15#ifdef AES_TESTUTILS_HAS_EDN_AND_CSRNG
16#include "sw/device/lib/dif/dif_csrng.h"
17#include "sw/device/lib/dif/dif_edn.h"
18#endif
19
20/**
21 * Returns the value of the AES status flag.
22 *
23 * @param aes An aes DIF handle.
24 * @param status Status value to query.
25 */
26inline bool aes_testutils_get_status(dif_aes_t *aes, dif_aes_status_t status) {
27 bool set;
28 dif_result_t res = dif_aes_get_status(aes, status, &set);
29 return (res == kDifOk) && set;
30}
31
32/**
33 * Waits for the given AES status flag to be set the given value.
34 *
35 * @param aes An aes DIF handle.
36 * @param flag Status flag value.
37 * @param status The status value.
38 * @param timeout_usec Timeout in microseconds.
39 */
40#define AES_TESTUTILS_WAIT_FOR_STATUS(aes_, status_, flag_, timeout_usec_) \
41 IBEX_TRY_SPIN_FOR(aes_testutils_get_status((aes_), (status_)) == (flag_), \
42 (timeout_usec_))
43
44#ifdef AES_TESTUTILS_HAS_EDN_AND_CSRNG
45/**
46 * Initializes the entropy complex for performing AES SCA measurements with
47 * masking switched off.
48 *
49 * Initializes CSRNG and EDN0 to produce a fixed seed which after being loaded
50 * into AES causes the AES masking PRNG to output an all-zero vector. Entropy
51 * src and EDN1 are left untouched.
52 *
53 * @param csrng A CSRNG DIF handle.
54 * @param edn0 An EDN DIF handle.
55 * @return The result of the operation.
56 */
57OT_WARN_UNUSED_RESULT
58status_t aes_testutils_masking_prng_zero_output_seed(const dif_csrng_t *csrng,
59 const dif_edn_t *edn0);
60
61/**
62 * CTR_DRBG Known-Answer-Test (KAT) using the CSRNG SW application interface.
63 *
64 * Initializes CSRNG and then runs multiple generate and a reseed command to
65 * ensure the seed leading to an all-zero output of the AES masking PRNG can
66 * repeatedly be generated.
67 *
68 * @param csrng A CSRNG DIF handle.
69 * @return The result of the operation.
70 */
71OT_WARN_UNUSED_RESULT
72status_t aes_testutils_csrng_kat(const dif_csrng_t *csrng);
73#endif
74
75/**
76 * Sets up an AES encryption.
77 *
78 * Starts the encryption operation by loading a key share along with some
79 * plain text and transaction data into the AES block.
80 * This function is used in tandem with aes_testutils_decrypt_ciphertext.
81 *
82 * @param transaction The AES transaction settings.
83 * @param aes An AES handle.
84 * @return The result of the operation.
85 */
86OT_WARN_UNUSED_RESULT
87status_t aes_testutils_setup_encryption(dif_aes_transaction_t transaction,
88 dif_aes_t *aes);
89
90/**
91 * Reads some produced cipher text and sets up an AES decryption.
92 *
93 * Starts the decryption operation by loading a key along with some
94 * cipher text and transaction data into the AES block. Also checks whether
95 * the produced cipher text and decrypted cipher text are correct.
96 * This function is used in tandem with aes_testutils_setup_encryption.
97 *
98 * @param transaction The AES transaction settings used for encryption.
99 * @param aes An AES handle.
100 * @return The result of the operation.
101 */
102OT_WARN_UNUSED_RESULT
103status_t aes_testutils_decrypt_ciphertext(dif_aes_transaction_t transaction,
104 dif_aes_t *aes);
105
106#endif // OPENTITAN_SW_DEVICE_LIB_TESTING_AES_TESTUTILS_H_