Software APIs
otbn_sca.h
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 
5 #ifndef OPENTITAN_SW_DEVICE_TESTS_PENETRATIONTESTS_FIRMWARE_SCA_OTBN_SCA_H_
6 #define OPENTITAN_SW_DEVICE_TESTS_PENETRATIONTESTS_FIRMWARE_SCA_OTBN_SCA_H_
7 
8 #include "sw/device/lib/base/status.h"
9 #include "sw/device/lib/ujson/ujson.h"
10 
11 /**
12  * Starts the P-256 ECDSA Key Generation from a key in batch mode.
13  *
14  * Num_traces fixed vs random keys are generated using the SCA PRNG and
15  * for each key the key generation operation on OTBN is started.
16  *
17  * @param uj An initialized uJSON context.
18  * @return OK or error.
19  */
20 status_t handle_otbn_sca_ecc256_ecdsa_keygen_fvsr_key_batch(ujson_t *uj);
21 
22 /**
23  * Starts the P-256 ECDSA Key Generation from a seed in batch mode.
24  *
25  * Num_traces fixed vs random seeds are generated using the SCA PRNG and
26  * for each seed the key generation operation on OTBN is started.
27  *
28  * @param uj An initialized uJSON context.
29  * @return OK or error.
30  */
31 status_t handle_otbn_sca_ecc256_ecdsa_keygen_fvsr_seed_batch(ujson_t *uj);
32 
33 /**
34  * Enable or disable masking.
35  *
36  * This command handler allows to enable or disable the masking. When masking is
37  * turned on, a random 320-bit mask is generated for the seed share 1. The mask
38  * is 0 when masking is turned off.
39  *
40  * @param uj An initialized uJSON context.
41  * @return OK or error.
42  */
43 status_t handle_otbn_sca_ecc256_en_masks(ujson_t *uj);
44 
45 /**
46  * Set the constant C.
47  *
48  * This command handler allows the host to set the constant C to generate the
49  * random key.
50  *
51  * @param uj An initialized uJSON context.
52  * @return OK or error.
53  */
54 status_t handle_otbn_sca_ecc256_set_c(ujson_t *uj);
55 
56 /**
57  * Set the seed share 0.
58  *
59  * Allows the host to set the 320-bit seed share 0 that is used for the key
60  * generation.
61  *
62  * @param uj An initialized uJSON context.
63  * @return OK or error.
64  */
65 status_t handle_otbn_sca_ecc256_set_seed(ujson_t *uj);
66 
67 /**
68  * otbn.sca.ecdsa256.sign command handler.
69  *
70  * Runs a ECDSA 256 sign operation, used to measure whether the operation
71  * leakes secret information.
72  *
73  * @param uj An initialized uJSON context.
74  * @return OK or error.
75  */
76 status_t handle_otbn_sca_ecdsa_p256_sign(ujson_t *uj);
77 
78 /**
79  * otbn.sca.ecdsa256.sign_batch command handler.
80  *
81  * Same as otbn.sca.ecdsa256.sign but in batch mode. Random message, random
82  * key, and random secret is used.
83  *
84  * @param uj An initialized uJSON context.
85  * @return OK or error.
86  */
87 status_t handle_otbn_sca_ecdsa_p256_sign_batch(ujson_t *uj);
88 
89 /**
90  * otbn.sca.ecdsa256.sign_fvsr_batch command handler.
91  *
92  * Same as otbn.sca.ecdsa256.sign but in batch mode. Fixed or random message,
93  * fixed or random key, and fixed or random secret is used.
94  *
95  * @param uj An initialized uJSON context.
96  * @return OK or error.
97  */
98 status_t handle_otbn_sca_ecdsa_p256_sign_fvsr_batch(ujson_t *uj);
99 
100 /**
101  * Initializes the OTBN SCA test on the device.
102  *
103  * @param uj An initialized uJSON context.
104  * @return OK or error.
105  */
106 status_t handle_otbn_pentest_init(ujson_t *uj);
107 
108 /**
109  * Initializes the Keymanager used for the OTBN SCA tests.
110  *
111  * @param uj An initialized uJSON context.
112  * @return OK or error.
113  */
114 status_t handle_otbn_pentest_init_keymgr(ujson_t *uj);
115 
116 /**
117  * otbn.sca.insn.carry_flag command handler.
118  *
119  * Receive big_num from host. On OTBN, add big_num + big_num and get the
120  * carry flag. If the carry flag is not set, return the result. If the carry
121  * flag is set, return random number. Checks whether carry flag is leaking.
122  *
123  * @param uj An initialized uJSON context.
124  * @return OK or error.
125  */
126 status_t handle_otbn_sca_insn_carry_flag(ujson_t *uj);
127 
128 /**
129  * Command handler for the otbn.sca.key_sideload_fvsr test.
130  *
131  * Side-load 16 fixed vs. random keys from keymanager to OTBN.
132  *
133  * @param uj An initialized uJSON context.
134  * @return OK or error.
135  */
136 status_t handle_otbn_sca_key_sideload_fvsr(ujson_t *uj);
137 
138 /**
139  * Command handler for the otbn.sca.rsa512_decrypt test.
140  *
141  * RSA512 decryption side-channel test. Get mod, exp, and msg from uJSON.
142  * Perform RSA512 decryption and send back the message.
143  *
144  * @param uj An initialized uJSON context.
145  * @return OK or error.
146  */
147 status_t handle_otbn_sca_rsa512_decrypt(ujson_t *uj);
148 
149 /**
150  * OTBN SCA command handler.
151  *
152  * Command handler for the OTBN SCA command.
153  *
154  * @param uj An initialized uJSON context.
155  * @return OK or error.
156  */
157 status_t handle_otbn_sca(ujson_t *uj);
158 
159 #endif // OPENTITAN_SW_DEVICE_TESTS_PENETRATIONTESTS_FIRMWARE_SCA_OTBN_SCA_H_
Return to OpenTitan Documentation