diff options
author | Paul Selkirk <paul@psgd.org> | 2018-08-17 16:29:51 -0400 |
---|---|---|
committer | Paul Selkirk <paul@psgd.org> | 2018-08-17 16:29:51 -0400 |
commit | 5d7128c74e0ec9df380e7af4d4bc57af1f0da372 (patch) | |
tree | 2d0bdf33f778dd3c97185ba9faad35edb9e0f705 | |
parent | a9ef90a4cfde26f858460e65805c84cd38b4a285 (diff) |
Add sanity test for arbitrary size keys, to be really sure the keywrap core bank-switched memory works.
-rw-r--r-- | projects/cli-test/mgmt-keywrap.c | 76 |
1 files changed, 54 insertions, 22 deletions
diff --git a/projects/cli-test/mgmt-keywrap.c b/projects/cli-test/mgmt-keywrap.c index 1f98658..77e38c9 100644 --- a/projects/cli-test/mgmt-keywrap.c +++ b/projects/cli-test/mgmt-keywrap.c @@ -158,18 +158,24 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv { command = command; - cli_print(cli, "1. Test vectors with software keywrap"); - hal_aes_use_keywrap_core(0); - run_test(cli, K_128, sizeof(K_128), C_128, sizeof(C_128)); - run_test(cli, K_256, sizeof(K_256), C_256, sizeof(C_256)); - - cli_print(cli, "\n2. Test vectors with keywrap core"); - if (hal_aes_use_keywrap_core(1) == 0) { - cli_print(cli, "keywrap core not found, skipping"); - } - else { + if (argc == 0) { + cli_print(cli, "1. Test vectors with software keywrap"); + hal_aes_use_keywrap_core(0); run_test(cli, K_128, sizeof(K_128), C_128, sizeof(C_128)); run_test(cli, K_256, sizeof(K_256), C_256, sizeof(C_256)); + + cli_print(cli, "\n2. Test vectors with keywrap core"); + if (hal_aes_use_keywrap_core(1) == 0) { + cli_print(cli, "keywrap core not found, skipping"); + } + else { + hal_aes_use_keywrap_core(1); + run_test(cli, K_128, sizeof(K_128), C_128, sizeof(C_128)); + run_test(cli, K_256, sizeof(K_256), C_256, sizeof(C_256)); + } + + cli_print(cli, "\nFor more tests: keywrap test <keysize> <iterations>"); + return CLI_OK; } hal_error_t err; @@ -193,20 +199,46 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv return CLI_ERROR; } - uint8_t kek[KEK_LENGTH]; - size_t kek_len; - if ((err = hal_mkm_get_kek(kek, &kek_len, sizeof(kek))) != LIBHAL_OK) { - cli_print(cli, "hal_mkm_get_kek: %s", hal_error_string(err)); + cli_print(cli, "1. sanity test"); + C_len = sizeof(C); + if ((err = hal_aes_keywrap(NULL, K_256, sizeof(K_256), Q, keysize, C, &C_len)) != LIBHAL_OK) { + cli_print(cli, "hal_aes_keywrap: %s", hal_error_string(err)); return CLI_ERROR; } - cli_print(cli, "\n3. wrap timing with software keywrap"); + for (int i = 0; i <= 1; ++i) { + if (!hal_aes_use_keywrap_core(i) && i) { + cli_print(cli, "keywrap core not found, skipping"); + continue; + } + uint8_t q[keysize + 8]; + size_t q_len = sizeof(q); + if ((err = hal_aes_keyunwrap(NULL, K_256, sizeof(K_256), C, C_len, q, &q_len)) != LIBHAL_OK) { + cli_print(cli, "hal_aes_keyunwrap: %s", hal_error_string(err)); + return CLI_ERROR; + } + if (q_len != keysize) { + cli_print(cli, "unwrap size mismatch: expected %d, got %d", (int)keysize, (int)q_len); + return CLI_ERROR; + } + if (memcmp(Q, q, q_len) != 0) { + cli_print(cli, "unwrap mismatch:\n Want: "); + uart_send_hexdump(Q, 0, Q_len - 1); + cli_print(cli, "\n Got: "); + uart_send_hexdump(q, 0, q_len - 1); + cli_print(cli, ""); + return CLI_ERROR; + } + cli_print(cli, "with %s: OK", i ? "keywrap core" : "software keywrap"); + } + + cli_print(cli, "\n2. wrap timing with software keywrap"); hal_aes_use_keywrap_core(0); uint32_t start = HAL_GetTick(); for (int i = 0; i < iterations; ++i) { C_len = sizeof(C); - if ((err = hal_aes_keywrap(NULL, kek, kek_len, Q, keysize, C, &C_len)) != LIBHAL_OK) { + if ((err = hal_aes_keywrap(NULL, K_256, sizeof(K_256), Q, keysize, C, &C_len)) != LIBHAL_OK) { cli_print(cli, "hal_aes_keywrap: %s", hal_error_string(err)); return CLI_ERROR; } @@ -216,7 +248,7 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv cli_print(cli, "%ld.%03lds total, %ld.%03ldms per wrap", elapsed / 1000, elapsed % 1000, per / 1000, per % 1000); - cli_print(cli, "\n4. wrap timing with keywrap core"); + cli_print(cli, "\n3. wrap timing with keywrap core"); if (hal_aes_use_keywrap_core(1) == 0) { cli_print(cli, "keywrap core not found, skipping"); @@ -225,7 +257,7 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv start = HAL_GetTick(); for (int i = 0; i < iterations; ++i) { C_len = sizeof(C); - if ((err = hal_aes_keywrap(NULL, kek, kek_len, Q, keysize, C, &C_len)) != LIBHAL_OK) { + if ((err = hal_aes_keywrap(NULL, K_256, sizeof(K_256), Q, keysize, C, &C_len)) != LIBHAL_OK) { cli_print(cli, "hal_aes_keywrap: %s", hal_error_string(err)); return CLI_ERROR; } @@ -236,13 +268,13 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv elapsed / 1000, elapsed % 1000, per / 1000, per % 1000); } - cli_print(cli, "\n5. unwrap timing with software keywrap"); + cli_print(cli, "\n4. unwrap timing with software keywrap"); hal_aes_use_keywrap_core(0); start = HAL_GetTick(); for (int i = 0; i < iterations; ++i) { Q_len = sizeof(Q); - if ((err = hal_aes_keyunwrap(NULL, kek, kek_len, C, C_len, Q, &Q_len)) != LIBHAL_OK) { + if ((err = hal_aes_keyunwrap(NULL, K_256, sizeof(K_256), C, C_len, Q, &Q_len)) != LIBHAL_OK) { cli_print(cli, "hal_aes_keyunwrap: %s", hal_error_string(err)); return CLI_ERROR; } @@ -252,7 +284,7 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv cli_print(cli, "%ld.%03lds total, %ld.%03ldms per wrap", elapsed / 1000, elapsed % 1000, per / 1000, per % 1000); - cli_print(cli, "\n6. unwrap timing with keywrap core"); + cli_print(cli, "\n5. unwrap timing with keywrap core"); if (hal_aes_use_keywrap_core(1) == 0) { cli_print(cli, "keywrap core not found, skipping"); @@ -261,7 +293,7 @@ static int cmd_keywrap_test(struct cli_def *cli, const char *command, char *argv start = HAL_GetTick(); for (int i = 0; i < iterations; ++i) { Q_len = sizeof(Q); - if ((err = hal_aes_keyunwrap(NULL, kek, kek_len, C, C_len, Q, &Q_len)) != LIBHAL_OK) { + if ((err = hal_aes_keyunwrap(NULL, K_256, sizeof(K_256), C, C_len, Q, &Q_len)) != LIBHAL_OK) { cli_print(cli, "hal_aes_keywrap: %s", hal_error_string(err)); return CLI_ERROR; } |