[Cryptech-Commits] [sw/stm32] branch js_keywrap updated: Add sanity test for arbitrary size keys, to be really sure the keywrap core bank-switched memory works.
git at cryptech.is
git at cryptech.is
Fri Aug 17 20:30:03 UTC 2018
This is an automated email from the git hooks/post-receive script.
paul at psgd.org pushed a commit to branch js_keywrap
in repository sw/stm32.
The following commit(s) were added to refs/heads/js_keywrap by this push:
new 5d7128c Add sanity test for arbitrary size keys, to be really sure the keywrap core bank-switched memory works.
5d7128c is described below
commit 5d7128c74e0ec9df380e7af4d4bc57af1f0da372
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Fri Aug 17 16:29:51 2018 -0400
Add sanity test for arbitrary size keys, to be really sure the keywrap core bank-switched memory works.
---
projects/cli-test/mgmt-keywrap.c | 76 ++++++++++++++++++++++++++++------------
1 file changed, 54 insertions(+), 22 deletions(-)
diff --git a/projects/cli-test/mgmt-keywrap.c b/projects/cli-test/mgmt-keywrap.c
index 1f98658..77e38c9 100644
--- a/projects/cli-test/mgmt-keywrap.c
+++ b/projects/cli-test/mgmt-keywrap.c
@@ -158,18 +158,24 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv
{
command = command;
- cli_print(cli, "1. Test vectors with software keywrap");
- hal_aes_use_keywrap_core(0);
- run_test(cli, K_128, sizeof(K_128), C_128, sizeof(C_128));
- run_test(cli, K_256, sizeof(K_256), C_256, sizeof(C_256));
-
- cli_print(cli, "\n2. Test vectors with keywrap core");
- if (hal_aes_use_keywrap_core(1) == 0) {
- cli_print(cli, "keywrap core not found, skipping");
- }
- else {
+ if (argc == 0) {
+ cli_print(cli, "1. Test vectors with software keywrap");
+ hal_aes_use_keywrap_core(0);
run_test(cli, K_128, sizeof(K_128), C_128, sizeof(C_128));
run_test(cli, K_256, sizeof(K_256), C_256, sizeof(C_256));
+
+ cli_print(cli, "\n2. Test vectors with keywrap core");
+ if (hal_aes_use_keywrap_core(1) == 0) {
+ cli_print(cli, "keywrap core not found, skipping");
+ }
+ else {
+ hal_aes_use_keywrap_core(1);
+ run_test(cli, K_128, sizeof(K_128), C_128, sizeof(C_128));
+ run_test(cli, K_256, sizeof(K_256), C_256, sizeof(C_256));
+ }
+
+ cli_print(cli, "\nFor more tests: keywrap test <keysize> <iterations>");
+ return CLI_OK;
}
hal_error_t err;
@@ -193,20 +199,46 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv
return CLI_ERROR;
}
- uint8_t kek[KEK_LENGTH];
- size_t kek_len;
- if ((err = hal_mkm_get_kek(kek, &kek_len, sizeof(kek))) != LIBHAL_OK) {
- cli_print(cli, "hal_mkm_get_kek: %s", hal_error_string(err));
+ cli_print(cli, "1. sanity test");
+ C_len = sizeof(C);
+ if ((err = hal_aes_keywrap(NULL, K_256, sizeof(K_256), Q, keysize, C, &C_len)) != LIBHAL_OK) {
+ cli_print(cli, "hal_aes_keywrap: %s", hal_error_string(err));
return CLI_ERROR;
}
- cli_print(cli, "\n3. wrap timing with software keywrap");
+ for (int i = 0; i <= 1; ++i) {
+ if (!hal_aes_use_keywrap_core(i) && i) {
+ cli_print(cli, "keywrap core not found, skipping");
+ continue;
+ }
+ uint8_t q[keysize + 8];
+ size_t q_len = sizeof(q);
+ if ((err = hal_aes_keyunwrap(NULL, K_256, sizeof(K_256), C, C_len, q, &q_len)) != LIBHAL_OK) {
+ cli_print(cli, "hal_aes_keyunwrap: %s", hal_error_string(err));
+ return CLI_ERROR;
+ }
+ if (q_len != keysize) {
+ cli_print(cli, "unwrap size mismatch: expected %d, got %d", (int)keysize, (int)q_len);
+ return CLI_ERROR;
+ }
+ if (memcmp(Q, q, q_len) != 0) {
+ cli_print(cli, "unwrap mismatch:\n Want: ");
+ uart_send_hexdump(Q, 0, Q_len - 1);
+ cli_print(cli, "\n Got: ");
+ uart_send_hexdump(q, 0, q_len - 1);
+ cli_print(cli, "");
+ return CLI_ERROR;
+ }
+ cli_print(cli, "with %s: OK", i ? "keywrap core" : "software keywrap");
+ }
+
+ cli_print(cli, "\n2. wrap timing with software keywrap");
hal_aes_use_keywrap_core(0);
uint32_t start = HAL_GetTick();
for (int i = 0; i < iterations; ++i) {
C_len = sizeof(C);
- if ((err = hal_aes_keywrap(NULL, kek, kek_len, Q, keysize, C, &C_len)) != LIBHAL_OK) {
+ if ((err = hal_aes_keywrap(NULL, K_256, sizeof(K_256), Q, keysize, C, &C_len)) != LIBHAL_OK) {
cli_print(cli, "hal_aes_keywrap: %s", hal_error_string(err));
return CLI_ERROR;
}
@@ -216,7 +248,7 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv
cli_print(cli, "%ld.%03lds total, %ld.%03ldms per wrap",
elapsed / 1000, elapsed % 1000, per / 1000, per % 1000);
- cli_print(cli, "\n4. wrap timing with keywrap core");
+ cli_print(cli, "\n3. wrap timing with keywrap core");
if (hal_aes_use_keywrap_core(1) == 0) {
cli_print(cli, "keywrap core not found, skipping");
@@ -225,7 +257,7 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv
start = HAL_GetTick();
for (int i = 0; i < iterations; ++i) {
C_len = sizeof(C);
- if ((err = hal_aes_keywrap(NULL, kek, kek_len, Q, keysize, C, &C_len)) != LIBHAL_OK) {
+ if ((err = hal_aes_keywrap(NULL, K_256, sizeof(K_256), Q, keysize, C, &C_len)) != LIBHAL_OK) {
cli_print(cli, "hal_aes_keywrap: %s", hal_error_string(err));
return CLI_ERROR;
}
@@ -236,13 +268,13 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv
elapsed / 1000, elapsed % 1000, per / 1000, per % 1000);
}
- cli_print(cli, "\n5. unwrap timing with software keywrap");
+ cli_print(cli, "\n4. unwrap timing with software keywrap");
hal_aes_use_keywrap_core(0);
start = HAL_GetTick();
for (int i = 0; i < iterations; ++i) {
Q_len = sizeof(Q);
- if ((err = hal_aes_keyunwrap(NULL, kek, kek_len, C, C_len, Q, &Q_len)) != LIBHAL_OK) {
+ if ((err = hal_aes_keyunwrap(NULL, K_256, sizeof(K_256), C, C_len, Q, &Q_len)) != LIBHAL_OK) {
cli_print(cli, "hal_aes_keyunwrap: %s", hal_error_string(err));
return CLI_ERROR;
}
@@ -252,7 +284,7 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv
cli_print(cli, "%ld.%03lds total, %ld.%03ldms per wrap",
elapsed / 1000, elapsed % 1000, per / 1000, per % 1000);
- cli_print(cli, "\n6. unwrap timing with keywrap core");
+ cli_print(cli, "\n5. unwrap timing with keywrap core");
if (hal_aes_use_keywrap_core(1) == 0) {
cli_print(cli, "keywrap core not found, skipping");
@@ -261,7 +293,7 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv
start = HAL_GetTick();
for (int i = 0; i < iterations; ++i) {
Q_len = sizeof(Q);
- if ((err = hal_aes_keyunwrap(NULL, kek, kek_len, C, C_len, Q, &Q_len)) != LIBHAL_OK) {
+ if ((err = hal_aes_keyunwrap(NULL, K_256, sizeof(K_256), C, C_len, Q, &Q_len)) != LIBHAL_OK) {
cli_print(cli, "hal_aes_keywrap: %s", hal_error_string(err));
return CLI_ERROR;
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Commits
mailing list