[Cryptech-Commits] [user/js/keywrap] branch auto_zeroise updated: Adding test case for auto_zeroise. Can see that a loaded key gets wiped after timeout. Status bits looks fishy though.

git at cryptech.is git at cryptech.is
Tue Dec 11 08:58:58 UTC 2018


This is an automated email from the git hooks/post-receive script.

joachim at secworks.se pushed a commit to branch auto_zeroise
in repository user/js/keywrap.

The following commit(s) were added to refs/heads/auto_zeroise by this push:
     new 4665dcc  Adding test case for auto_zeroise. Can see that a loaded key gets wiped after timeout. Status bits looks fishy though.
4665dcc is described below

commit 4665dcca8381b60a34ae2f47a2949822b4fbbf09
Author: Joachim Strömbergson <joachim at secworks.se>
AuthorDate: Tue Dec 11 09:58:47 2018 +0100

    Adding test case for auto_zeroise. Can see that a loaded key gets wiped after timeout. Status bits looks fishy though.
---
 src/tb/tb_keywrap.v | 158 +++++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 125 insertions(+), 33 deletions(-)

diff --git a/src/tb/tb_keywrap.v b/src/tb/tb_keywrap.v
index 4d1c25c..867b4a3 100644
--- a/src/tb/tb_keywrap.v
+++ b/src/tb/tb_keywrap.v
@@ -51,38 +51,42 @@ module tb_keywrap();
 
 
   // API for the core.
-  localparam ADDR_NAME0       = 8'h00;
-  localparam ADDR_NAME1       = 8'h01;
-  localparam ADDR_VERSION     = 8'h02;
+  localparam ADDR_NAME0        = 8'h00;
+  localparam ADDR_NAME1        = 8'h01;
+  localparam ADDR_VERSION      = 8'h02;
 
-  localparam ADDR_CTRL        = 8'h08;
-  localparam CTRL_INIT_BIT    = 0;
-  localparam CTRL_NEXT_BIT    = 1;
+  localparam ADDR_CTRL         = 8'h08;
+  localparam CTRL_INIT_BIT     = 0;
+  localparam CTRL_NEXT_BIT     = 1;
+  localparam CTRL_ZEROISE_BIT  = 2;
 
-  localparam ADDR_STATUS      = 8'h09;
-  localparam STATUS_READY_BIT = 0;
-  localparam STATUS_VALID_BIT = 1;
+  localparam ADDR_STATUS       = 8'h09;
+  localparam STATUS_READY_BIT  = 0;
+  localparam STATUS_VALID_BIT  = 1;
+  localparam STATUS_LOADED_BIT = 2;
 
-  localparam ADDR_CONFIG      = 8'h0a;
-  localparam CTRL_ENCDEC_BIT  = 0;
-  localparam CTRL_KEYLEN_BIT  = 1;
+  localparam ADDR_CONFIG       = 8'h0a;
+  localparam CTRL_ENCDEC_BIT   = 0;
+  localparam CTRL_KEYLEN_BIT   = 1;
 
-  localparam ADDR_RLEN        = 8'h0c;
-  localparam ADDR_R_BANK      = 8'h0d;
-  localparam ADDR_A0          = 8'h0e;
-  localparam ADDR_A1          = 8'h0f;
+  localparam ADDR_TIMEOUT      = 8'h0b;
 
-  localparam ADDR_KEY0        = 8'h10;
-  localparam ADDR_KEY1        = 8'h11;
-  localparam ADDR_KEY2        = 8'h12;
-  localparam ADDR_KEY3        = 8'h13;
-  localparam ADDR_KEY4        = 8'h14;
-  localparam ADDR_KEY5        = 8'h15;
-  localparam ADDR_KEY6        = 8'h16;
-  localparam ADDR_KEY7        = 8'h17;
+  localparam ADDR_RLEN         = 8'h0c;
+  localparam ADDR_R_BANK       = 8'h0d;
+  localparam ADDR_A0           = 8'h0e;
+  localparam ADDR_A1           = 8'h0f;
 
-  localparam ADDR_R_DATA0     = 8'h80;
-  localparam ADDR_R_DATA127   = 8'hff;
+  localparam ADDR_KEY0         = 8'h10;
+  localparam ADDR_KEY1         = 8'h11;
+  localparam ADDR_KEY2         = 8'h12;
+  localparam ADDR_KEY3         = 8'h13;
+  localparam ADDR_KEY4         = 8'h14;
+  localparam ADDR_KEY5         = 8'h15;
+  localparam ADDR_KEY6         = 8'h16;
+  localparam ADDR_KEY7         = 8'h17;
+
+  localparam ADDR_R_DATA0      = 8'h80;
+  localparam ADDR_R_DATA127    = 8'hff;
 
 
   //----------------------------------------------------------------
@@ -1055,7 +1059,6 @@ module tb_keywrap();
   endtask // test_kwp_ad_128_2
 
 
-
   //----------------------------------------------------------------
   // test_big_wrap_256
   // Implements wrap test with a huge (16 kB+) data object
@@ -1142,6 +1145,93 @@ module tb_keywrap();
     end
   endtask // test_big_wrap_256
 
+  //----------------------------------------------------------------
+  // test_zeroise
+  // Test the auto_zeroise functionality. We test that:
+  //   1. We can init a key and have it auto zeroise.
+  //   2. We can init a key and keep it alive.
+  //   3. We can init a key and the force zeroisation.
+  //----------------------------------------------------------------
+  task test_zeroise;
+    begin : test_zeroise
+      integer i;
+      integer err;
+
+      err = 0;
+
+      $display("** TC test_zeroise START.");
+      $display("** Test 1: Auto zeroise.");
+
+      tc_ctr = tc_ctr + 1;
+
+      // Write key and keylength, we also want to encrypt/wrap.
+      write_word(ADDR_KEY0,   32'h55aa55aa);
+      write_word(ADDR_KEY1,   32'h55aa55aa);
+      write_word(ADDR_KEY2,   32'h55aa55aa);
+      write_word(ADDR_KEY3,   32'h55aa55aa);
+      write_word(ADDR_KEY4,   32'h55aa55aa);
+      write_word(ADDR_KEY5,   32'h55aa55aa);
+      write_word(ADDR_KEY6,   32'h55aa55aa);
+      write_word(ADDR_KEY7,   32'h55aa55aa);
+      write_word(ADDR_CONFIG, 32'h00000003);
+
+      read_word(ADDR_STATUS);
+      $display("Status register: 0x%032b", read_data);
+
+      // Set the key timeout to 6 * 16 = 96 cycles.
+      write_word(ADDR_TIMEOUT, 32'h00000006);
+
+      $display("Contents of the key_mem[2]: 0x%016x",
+               dut.core.aes.keymem.key_mem[2]);
+
+      // Initialize the AES engine (to expand the key).
+      // Wait for init to complete.
+      // Note, not actually needed to wait. We can write R data during init.
+      $display("* Initializing.");
+      write_word(ADDR_CTRL, 32'h00000001);
+      #(2 * CLK_PERIOD);
+      wait_ready();
+      $display("* Init done.");
+
+      // Display contents in one of the key expansion registers
+      $display("Contents of the key_mem[2]: 0x%016x",
+               dut.core.aes.keymem.key_mem[2]);
+
+      // Check if key is loaded, according to the loaded flag.
+      read_word(ADDR_STATUS);
+      $display("Status register: 0x%032b", read_data);
+
+      // Display the counter a few times.
+      $display("Contents of the key_mem[2]: 0x%05x",
+               dut.core.key_timeout_ctr_reg);
+      #(10 * CLK_PERIOD);
+      $display("Contents of the key_mem[2]: 0x%05x",
+               dut.core.key_timeout_ctr_reg);
+      #(10 * CLK_PERIOD);
+      $display("Contents of the key_mem[2]: 0x%05x",
+               dut.core.key_timeout_ctr_reg);
+      #(10 * CLK_PERIOD);
+      $display("Contents of the key_mem[2]: 0x%05x",
+               dut.core.key_timeout_ctr_reg);
+      #(10 * CLK_PERIOD);
+
+      read_word(ADDR_STATUS);
+      $display("Status register: 0x%032b", read_data);
+
+      // Display contents in one of the key expansion registers
+      $display("Contents of the key_mem[2]: 0x%016x",
+               dut.core.aes.keymem.key_mem[2]);
+
+      #(40 * CLK_PERIOD);
+
+      read_word(ADDR_STATUS);
+      $display("Status register: 0x%032b", read_data);
+
+
+      $display("** TC test_zeroise END.\n");
+    end
+  endtask // test_zeroise
+
 
   //----------------------------------------------------------------
   // main
@@ -1162,14 +1252,16 @@ module tb_keywrap();
       reset_dut();
       dump_dut_state();
 
-      test_core_access();
+//      test_core_access();
+
+//      test_kwp_ae_128_1();
+//      test_kwp_ad_128_1();
+//      test_kwp_ae_128_2();
+//      test_kwp_ad_128_2();
 
-      test_kwp_ae_128_1();
-      test_kwp_ad_128_1();
-      test_kwp_ae_128_2();
-      test_kwp_ad_128_2();
+//      test_big_wrap_256();
 
-      test_big_wrap_256();
+      test_zeroise();
 
       display_test_results();
 

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the Commits mailing list