Software APIs
mod_exp_ibex_unittest.cc
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 
5 #include "sw/device/silicon_creator/lib/sigverify/mod_exp_ibex.h"
6 
7 #include <unordered_set>
8 
9 #include "gmock/gmock.h"
10 #include "gtest/gtest.h"
11 #include "sw/device/silicon_creator/lib/sigverify/rsa_key.h"
12 
13 namespace sigverify_mod_exp_ibex_unittest {
14 namespace {
15 
16 /**
17  * PKCS #1 v1.5 encoded messages used in tests.
18  */
19 
20 /**
21  * Message: "test"
22  * SHA2-256 hash (little-endian): {0xb0f00a08, 0xd15d6c15, 0x2b0b822c,
23  * 0xa3bf4f1b, 0xc55ad015, 0x9a2feaa0, 0x884c7d65, 0x9f86d081}
24  */
25 constexpr sigverify_rsa_buffer_t kEncMsgTest = {
26  0xb0f00a08, 0xd15d6c15, 0x2b0b822c, 0xa3bf4f1b, 0xc55ad015, 0x9a2feaa0,
27  0x884c7d65, 0x9f86d081, 0x05000420, 0x03040201, 0x86480165, 0x0d060960,
28  0x00303130, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
29  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
30  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
31  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
32  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
33  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
34  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
35  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
36  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
37  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
38  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
39  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
40  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff,
41  0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0x0001ffff,
42 };
43 
44 /**
45  * Inputs and expected values for computational tests involving signatures.
46  */
47 struct SigTestCase {
48  /**
49  * Key to use in calculations.
50  */
51  const sigverify_rsa_key_t key;
52  /**
53  * An RSA signature.
54  */
55  sigverify_rsa_buffer_t sig;
56  /**
57  * sig^e mod n.
58  *
59  * This value must match the result of `mod_exp(sig, e, n)`.
60  */
61  const sigverify_rsa_buffer_t *enc_msg;
62 };
63 
64 // The keys below do not need to be kept in sync with the actual keys used in
65 // boot stages since we have separate tests for each boot stage.
66 constexpr SigTestCase kSigTestCases[1]{
67  // message: "test"
68  {
69  // sw/device/silicon_creator/rom/keys/fake/test_key_0_rsa_3072_exp_f4.public.der
70  .key =
71  {
72  .n = {{
73  0x5801a2bd, 0xeff64a46, 0xc8cf2251, 0xa7cd62cb, 0x634a39c2,
74  0x55c936d3, 0x463d61fc, 0x762ebbaa, 0x01aadfb2, 0x23da15d1,
75  0x8475fdc6, 0x4ec67b7b, 0xe9364570, 0xd23ec7c7, 0x98038d63,
76  0x5688a56b, 0x68037add, 0xb20ff289, 0x9d96c1ce, 0xbac0b8cd,
77  0xead33d0b, 0x195f89c8, 0xd7dc110e, 0xf5bccc12, 0x8dfa33dc,
78  0xedc404d2, 0x74ef8524, 0x9197c0c8, 0x79cc448e, 0x4c9c505d,
79  0x4a586ad7, 0xe2d0f071, 0x589f28c2, 0x2ca7fc22, 0x0354b0e2,
80  0xefb63b44, 0x33a75b04, 0x9e194454, 0x1b4b2cde, 0x8e3f78e0,
81  0x5260877c, 0x05685b72, 0x4868ad4e, 0x10303ac9, 0x05ac2411,
82  0x5e797381, 0xd5407668, 0xe3522348, 0xa33134f8, 0x38f7a953,
83  0xd926f672, 0x136f6753, 0xb186b0ab, 0x5ccab586, 0x61e5bf2e,
84  0x9fc0eebb, 0x788ed0bd, 0x47b5fc70, 0xf971262a, 0x3b40d99b,
85  0x5b9fd926, 0xce3c93bf, 0xd406005e, 0x72b9e555, 0xc9b9273e,
86  0xfcef747f, 0xf0a35598, 0x2761e8f6, 0xec1799df, 0x462bc52d,
87  0x8e47218b, 0x429ccdae, 0xe7e7d66c, 0x70c70b03, 0x0356c3d2,
88  0x3cb3e7d1, 0xd42d035d, 0x83c529a3, 0x8df9930e, 0xb082e1f0,
89  0x07509c30, 0x5c33a350, 0x4f6884b9, 0x7b9d2de0, 0x0f1d16b3,
90  0x38dbcf55, 0x168580ea, 0xc2f2aca4, 0x43f0ae60, 0x227dd2ed,
91  0xd8dc61f4, 0x9404e8bc, 0x0db76fe3, 0x3491d3b0, 0x6ca44e27,
92  0xcda63719,
93  }},
94  .n0_inv =
95  {
96  0x9c9a176b,
97  0x44d6fa52,
98  0x71a63ec4,
99  0xadc94595,
100  0x3fd9bc73,
101  0xa83cdc95,
102  0xbe1bc819,
103  0x2b421fae,
104  },
105  },
106  .sig =
107  {
108  0xeb28a6d3, 0x936b42bb, 0x76d3973d, 0x6322d536, 0x253c7547,
109  0x1bfdda9f, 0x597b8193, 0xccac0b02, 0xb3b66a5b, 0xa7880e18,
110  0x04846239, 0x4e927eda, 0x37883753, 0x8bc059cd, 0xdc6102d5,
111  0xa702185d, 0xf963eec8, 0xfed8f779, 0xc606461b, 0xa5326e90,
112  0x87f4ef4b, 0xddaa7f8b, 0xcdae0535, 0x1174dbc8, 0x345db563,
113  0x57b9dd37, 0xd6ff9402, 0x1c8077ec, 0x02e76f6f, 0x135797fe,
114  0x92ca1d0c, 0x84da4abf, 0xce3f4b43, 0xe3d47def, 0x510ba10e,
115  0x9940e174, 0x5c0635bc, 0x8fc7b1d6, 0x9ee042d9, 0x68dc09c7,
116  0x30b54030, 0xf2336aa6, 0xaf6535f9, 0x7b1fc0e1, 0xeea50f7c,
117  0xe1d2f4b3, 0xa0405640, 0xc035d5b9, 0x34ee81ef, 0xf1460ecf,
118  0x943b5734, 0xae5dcd6e, 0x64373ca7, 0x968dd9e5, 0xd1916ff3,
119  0x0c4e1ab5, 0x5ba76542, 0x9488cc72, 0x35ef4275, 0x071eef2a,
120  0x64516088, 0x42a383fd, 0x477678ee, 0xd1c7c37d, 0x7f55cf49,
121  0x24f62205, 0x564dfc4a, 0x8b305ceb, 0x46917278, 0xab9bf3c3,
122  0x9a1f6739, 0x188c264e, 0x32c584e9, 0x54d0e1d6, 0x967710a1,
123  0x1efe8ffb, 0x299e277a, 0x0ea61f6c, 0xf7845775, 0x78386d10,
124  0x66245c4f, 0xfd52953a, 0x955b4b10, 0x6b7d9d30, 0x68fc106f,
125  0xbaaebfac, 0x653b64bd, 0x826a3baa, 0x98703747, 0x6ee930ec,
126  0xacbb94d8, 0xcede8d12, 0xa17b3cb0, 0xa520fe81, 0x84df2df5,
127  0x4f97181e,
128  },
129  .enc_msg = &kEncMsgTest,
130  },
131 };
132 
133 class ModExp : public testing::TestWithParam<SigTestCase> {};
134 
135 TEST_P(ModExp, EncMsg) {
136  sigverify_rsa_buffer_t res;
137  EXPECT_EQ(sigverify_mod_exp_ibex(&GetParam().key, &GetParam().sig, &res),
138  kErrorOk);
139  EXPECT_THAT(res.data, ::testing::ElementsAreArray(GetParam().enc_msg->data));
140 }
141 
142 INSTANTIATE_TEST_SUITE_P(AllCases, ModExp, testing::ValuesIn(kSigTestCases));
143 
144 } // namespace
145 } // namespace sigverify_mod_exp_ibex_unittest
Return to OpenTitan Documentation