[pentest] Manual cherry-pick to earlgrey_1.0.0 #25448
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This extends the SCA lib that is used by the penetration testing framework by providing the following functions: - Configure max. reseed interval for entropy complex - Return device ID - Alert handler configuration and return triggered alerts These functions will be used in an upcoming commit. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit b27ed86)
This commit renames the uJSON data returned by the extclk helper functions from cryptotest to penetrationtest. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit f51e36f)
This commit extends the Ibex FI codebase to make use of the update SCA lib: - Return device ID in init function - Configure alert handler in init function and return alerts for each test - Rename InitTrigger to Init - Configure rv_core_ibex once in init instead of in each function Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit ef78028)
This commit extends the OTBN FI codebase to make use of the update SCA lib: - Return device ID in init function - Configure alert handler in init function and return alerts for each test - Rename InitTrigger to Init - Configure rv_core_ibex once in init instead of in each function Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 2f40873)
To comply with the OpenTitan C style guide, this commit moves the OTBN FI function documentation from the .c into the .h file. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 50b66fa)
This commit uses the SCA lib function to return the device ID for SCA test. By returning the device ID, it is easier to differentiate which chip/fpga was tested. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit fa86845)
As this is not necessary, this commit removes the 0 from OK_STATUS(0) resulting in OK_STATUS(). Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 71e8833)
This commit pulls over the following tests from the pentest_edn branch of nasahlpa/opentitan that has been used for the penetration testing: - rng_fi_entropy_src_bias - rng_fi_firmware_override - rng_fi_edn_bias - rng_fi_edn_resp_ack - csrng_bias Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit b4d17c9)
Based on feedback from the penetration testing lab, this commit changes the following Ibex FI tests: - csr_read: Use helper functions to init registers and unroll register reads in FI phase - csr_write: Unroll csrr and csrw instructions in FI phase - flash_read/write: Init flash only once at init or when data is modified and use helper functions - sram_read: Unroll target instructions and use helper functions - sram_write: Initialize SRAM region to avoid that data from prev. run is still in memory - unconditional_branch: Replace function calls with inline assembly instructions in FI phase - conditional_branch: Replace with 6 new command handlers testing each branch instruction individually - register_file_read: Replace target instructions with ORs to increase target size Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 21f38c7)
This commit pulls over the following tests from the pentest branch of nasahlpa/opentitan that has been used for the penetration testing: -ibex.fi.char.hardened_check_eq_unimp -ibex.fi.char.hardened_check_eq_2_unimps -ibex.fi.char.hardened_check_eq_3_unimps -ibex.fi.char.hardened_check_eq_4_unimps -ibex.fi.char.hardened_check_eq_5_unimps -ibex.fi.char.hardened_check_eq_complement_branch -otp_ctrl.write_lock -otp_ctrl.read_lock -otp_ctrl.data_read -ibex.fi.char.sram_static -ibex.fi.char.sram_write_static_unrolled -ibex.fi.char.sram_write_read -ibex.fi.char.unconditional_branch_nop -ibex.fi.char.unrolled_reg_op_loop_chain Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 6ef6a30)
This is a pure cosmetical change that alphabetically orders the Ibex FI tests. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit bb12a0c)
This commit adds two DIF functions to OTBN allowing to read and clear the load checksum register. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit df6da60)
To be consistent between each test, this commit clears the OTBN DMEM and IMEM between each test run. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 0ad01d5)
This commit pulls over the following tests from the pentest branch of nasahlpa/opentitan that has been used for the penetration testing: - otbn.fi.load_integrity - otbn.fi.key_sideload Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 252996d)
This is a pure cosmetical change that alphabetically orders the OTBN FI tests. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit fd4ae24)
This commit pulls over the following tests from the pentest branch of nasahlpa/opentitan that has been used for the penetration testing: - AES FI - KMAC FI - Shadow Register access FI - Shadow Register read FI Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 4ec5ee8)
This commit pulls over the ROM read digest FI test from the pentest branch of nasahlpa/opentitan that has been used for the penetration testing. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit bd6f0f9)
This commit pulls over the lc_ctrl.runtime_corruption FI test from the pentest branch of nasahlpa/opentitan that has been used for the penetration testing. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 48a9849)
During the penetration testing, new OTBN FI tests and existing ones have been improved. As this work happened in a fork, this PR brings these changes upstream. @aewag co-authored these changes. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit f5294e3)
This commit pulls over the HMAC SCA tests from the pentest branch of nasahlpa/opentitan that has been used for the penetration testing. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 372a630)
This commit pulls over the following tests from the pentest branch of nasahlpa/opentitan that has been used for the penetration testing: - OTP LC FI - OTP HW CFG FI - OTP SW CFG FI - OTP Vendor FI The tests have been developed by @wettermo. Signed-off-by: Pascal Nasahl <[email protected]> Co-authored-by: Moritz Wettermann <[email protected]> (cherry picked from commit 9226336)
This commit ports the following OTBN SCA tests from the pentest fork of nasahlpa/opentitan to the upstream repository: - otbn.sca.key_sideload_fvsr - P-256 ECDSA Key Generation from a seed - P-256 ECDSA Key Generation from a key Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 55e15ce)
To avoid confusion with the existing sca library in sw/device/sca/lib, this commit renames the library in sw/device/tests/penetrationtests/lib to pentest_lib. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 1d9cdb3)
This commit adds the pentest_call_and_sleep function to the pentest_lib. This function is similar to the sca_call_and_sleep function in the sca library but adds the possibility of waiting until the OTBN execution has finished. Adding this to the existing function is not possible because this function also needs to work on english breakfast where OTBN is not available. !OT_IS_ENGLISH_BREAKFAST did not work as already including //sw/device/lib/crypto/drivers:otbn into the bazel build rule raised some compilation errors. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit fee1970)
This is a pure cosmetical change that alphabetically orders the OTBN SCA tests. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 7547f40)
This commit adds the following two new FI tests: - CsrngBiasFWOverride - CsrngBiasFWOverrideStatic These tests can be used to target the entropy source and they allow to monitor the data over the CSRNG interface. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 0d00352)
This commit adds the BatchEncryptRandom AES SCA test that was used for the pen. testing. Authored by @aewag. Signed-off-by: Pascal Nasahl <[email protected]> Co-authored-by: Alexander Wagner <[email protected]> (cherry picked from commit 065468b)
This commit consists of several cosmetic changes enhancing the code readabiliy: - Move function header description into header file to comply with coding standard - Remove break from switch-case - Reorder handlers alphabetically - Remove the cryptotest prefix Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit c3f4a4c)
This commit pulls over the EDN SCA tests from nasahlpa/opentitan that have been used in the pentesting: - edn.sca.bus_data - edn.sca.bus_data_batch_fvsr - edn.sca.bus_data_batch_random These tests can be used to analyze the SCA security of the EDN. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 30669ab)
In this commit, instructions how to build the pen. testing framework for the FPGA or the chip are added. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit 4a4a5bc)
Currently, we have the SCA lib that is used for the old simpleserial based SCA/FI tests (sw/device/sca) and the new pentest lib that is used for the uJSON based pentest framework (sw/device/tests/penetrationtests). As in the longerm we want to get rid of the old simpleserial framework, this commit merges these two libraries and moves it into the new pentest framework. Moreover, the sca_ suffix is replaced with pentest_. A cleanup of these functions will be conducted once the simpleserial framework is removed. Signed-off-by: Pascal Nasahl <[email protected]> (cherry picked from commit def97ec)
This PR pulls over the following tests: - otbn.fi.char.jal - otbn.fi.char_dmem_access - otbn.fi.char_mem from nasahlpa/opentitan that have been used for the pentesting. Due to memory constraints, this PR furthermore creates a separate FI_OTBN target. Signed-off-by: Pascal Nasahl <[email protected]> Co-authored-by: Alexander Wagner <[email protected]> (cherry picked from commit 2c3f55b)
This commit adds the otbn.sca.rsa512_decrypt penetration test. The user needs to provide the mod, exp, and message which then gets decrypted using the rsa OTBN app. The result is transmitted back to the host. SCA measurements can be conducted during the trigger window. Signed-off-by: Pascal Nasahl <[email protected]> Co-authored-by: Alexander Wagner <[email protected]> (cherry picked from commit 9b0647a)
nasahlpa
force-pushed
the
earlgrey_1.0.0_pentest
branch
from
3157847 to
03a840d
Compare
nasahlpa
requested review from
jon-flatley,
vogelpi and
johannheyszl
and removed request for
a team and
jon-flatley
|
Could I please get this approved & merged @vogelpi / @johannheyszl? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR manually cherry-picks the current state of the penetration testing framework to the earlgrey_1.0.0 branch. This helps us preparing for the next test run