Skip to content

Commit

Permalink
Perform ECDSA keygen at end of DOE tests. (#737)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bluegate010
bluegate010 authored Sep 8, 2023
1 parent c2a59e0 commit 9f43d0c
Show file tree
Hide file tree
Showing 10 changed files with 189 additions and 172 deletions.
7 changes: 4 additions & 3 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 1 addition & 3 deletions drivers/test-fw/scripts/vector_gen/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,4 @@ edition = "2021"

[dependencies]
openssl.workspace = true
p384.workspace = true
rfc6979.workspace = true
sha2.workspace = true
caliptra-test.workspace = true
20 changes: 2 additions & 18 deletions drivers/test-fw/scripts/vector_gen/src/hmac384_kdf_vector_gen.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@ Abstract:
--*/

use caliptra_test::crypto::derive_ecdsa_keypair;
use openssl::{hash::MessageDigest, pkey::PKey, sign::Signer};
use p384::ecdsa::SigningKey;
use rfc6979::HmacDrbg;
use sha2::Sha384;

pub struct Hmac384KdfVector {
pub key_0: [u8; 48],
Expand Down Expand Up @@ -54,20 +52,6 @@ fn hmac(key: &[u8], msg: &[u8], tag: &mut [u8]) {
signer.sign(tag).unwrap();
}

fn ecdsa_keygen(key: &[u8], out_pub_x: &mut [u8; 48], out_pub_y: &mut [u8; 48]) {
let mut drbg = HmacDrbg::<Sha384>::new(key, &[0_u8; 48], &[]);
let mut priv_key = [0u8; 48];
drbg.fill_bytes(&mut priv_key);

let ecc_point = SigningKey::from_bytes(&priv_key)
.unwrap()
.verifying_key()
.to_encoded_point(false);

out_pub_x.copy_from_slice(ecc_point.x().unwrap().as_slice());
out_pub_y.copy_from_slice(ecc_point.y().unwrap().as_slice());
}

fn kdf(key: &[u8], label: &[u8], context: Option<&[u8]>, output: &mut [u8; 48]) {
let ctr_be = 1_u32.to_be_bytes();

Expand Down Expand Up @@ -102,7 +86,7 @@ pub fn gen_vector(label_len: usize, context_len: usize) -> Hmac384KdfVector {

hmac(&vec.key_0, &vec.msg_0, &mut vec.kdf_key);
kdf(&vec.kdf_key, &vec.label[..], context, &mut vec.kdf_out);
ecdsa_keygen(&vec.kdf_out, &mut vec.out_pub_x, &mut vec.out_pub_y);
(_, vec.out_pub_x, vec.out_pub_y) = derive_ecdsa_keypair(&vec.kdf_out);

vec
}
28 changes: 3 additions & 25 deletions drivers/test-fw/scripts/vector_gen/src/hmac384_vector_gen.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@ Abstract:
--*/

use caliptra_test::crypto::derive_ecdsa_keypair;
use openssl::{hash::MessageDigest, pkey::PKey, sign::Signer};
use p384::ecdsa::SigningKey;
use rfc6979::HmacDrbg;
use sha2::Sha384;

pub struct Hmac384Vector {
pub seed: [u8; 48],
Expand Down Expand Up @@ -48,26 +46,6 @@ fn hmac(key: &[u8], msg: &[u8], tag: &mut [u8]) {
signer.sign(tag).unwrap();
}

// Returns (priv, pub_x, pub_y)
fn ecdsa_keygen(key: &[u8]) -> ([u8; 48], [u8; 48], [u8; 48]) {
let mut drbg = HmacDrbg::<Sha384>::new(key, &[0_u8; 48], &[]);
let mut priv_key = [0u8; 48];
drbg.fill_bytes(&mut priv_key);

let ecc_point = SigningKey::from_bytes(&priv_key)
.unwrap()
.verifying_key()
.to_encoded_point(false);

let mut pub_x = [0u8; 48];
let mut pub_y = [0u8; 48];

pub_x.copy_from_slice(ecc_point.x().unwrap().as_slice());
pub_y.copy_from_slice(ecc_point.y().unwrap().as_slice());

(priv_key, pub_x, pub_y)
}

pub fn gen_vector(data_len: usize) -> Hmac384Vector {
let mut vec = Hmac384Vector::default();

Expand All @@ -76,11 +54,11 @@ pub fn gen_vector(data_len: usize) -> Hmac384Vector {
rand_bytes(&mut vec.seed);
rand_bytes(&mut vec.data[..]);

let (key, _, _) = ecdsa_keygen(&vec.seed);
let (key, _, _) = derive_ecdsa_keypair(&vec.seed);

let mut out_0 = [0u8; 48];
hmac(&key, &vec.data[..], &mut out_0);
(_, vec.out_pub_x, vec.out_pub_y) = ecdsa_keygen(&out_0);
(_, vec.out_pub_x, vec.out_pub_y) = derive_ecdsa_keypair(&out_0);

vec
}
44 changes: 29 additions & 15 deletions drivers/test-fw/src/bin/doe_tests.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,12 @@ Abstract:
#![no_main]

use caliptra_drivers::{
Array4x12, Array4x4, DeobfuscationEngine, Hmac384, Hmac384Data, Hmac384Key, Hmac384Tag, KeyId,
KeyReadArgs, Mailbox, Trng,
Array4x12, Array4x4, DeobfuscationEngine, Ecc384, Ecc384PubKey, Hmac384, Hmac384Data,
Hmac384Key, KeyId, KeyReadArgs, KeyUsage, KeyWriteArgs, Mailbox, Trng,
};
use caliptra_drivers_test_bin::{DoeTestResults, DOE_TEST_HMAC_KEY, DOE_TEST_IV};

use caliptra_registers::ecc::EccReg;
use caliptra_registers::soc_ifc::SocIfcReg;
use caliptra_registers::soc_ifc_trng::SocIfcTrngReg;
use caliptra_registers::{
Expand All @@ -29,9 +30,20 @@ use caliptra_registers::{
use caliptra_test_harness::test_suite;
use zerocopy::AsBytes;

fn export_result_from_kv(ecc: &mut Ecc384, trng: &mut Trng, key_id: KeyId) -> Ecc384PubKey {
ecc.key_pair(
&KeyReadArgs::new(key_id).into(),
&Array4x12::default(),
trng,
KeyWriteArgs::new(KeyId::KeyId3, KeyUsage::default()).into(),
)
.unwrap()
}

fn test_decrypt() {
let mut test_results = DoeTestResults::default();

let mut ecc = unsafe { Ecc384::new(EccReg::new()) };
let mut hmac384 = Hmac384::new(unsafe { HmacReg::new() });
let mut doe = unsafe { DeobfuscationEngine::new(DoeReg::new()) };
let mut trng = unsafe {
Expand All @@ -48,56 +60,58 @@ fn test_decrypt() {
.ok(),
Some(())
);

let key_out_id = KeyId::KeyId2;
let key_out = KeyWriteArgs::new(key_out_id, KeyUsage::default().set_ecc_key_gen_seed_en());

// Make sure the UDS can be used as a HMAC key
let mut result = Array4x12::default();
hmac384
.hmac(
&Hmac384Key::Key(KeyReadArgs { id: KeyId::KeyId0 }),
&KeyReadArgs::new(KeyId::KeyId0).into(),
&Hmac384Data::Slice("Hello world!".as_bytes()),
&mut trng,
Hmac384Tag::Array4x12(&mut result),
key_out.into(),
)
.unwrap();
test_results.hmac_uds_as_key = result.0;
test_results.hmac_uds_as_key_out_pub = export_result_from_kv(&mut ecc, &mut trng, key_out_id);

// Make sure the UDS can be used as HMAC data
let mut result = Array4x12::default();
hmac384
.hmac(
&Hmac384Key::Array4x12(&Array4x12::new(DOE_TEST_HMAC_KEY)),
&Hmac384Data::Key(KeyReadArgs { id: KeyId::KeyId0 }),
&mut trng,
Hmac384Tag::Array4x12(&mut result),
key_out.into(),
)
.unwrap();
test_results.hmac_uds_as_data = result.0;
test_results.hmac_uds_as_data_out_pub = export_result_from_kv(&mut ecc, &mut trng, key_out_id);

doe.decrypt_field_entropy(&Array4x4::from(DOE_TEST_IV), KeyId::KeyId1)
.unwrap();

// Make sure the FE can be used as a HMAC key
let mut result = Array4x12::default();
hmac384
.hmac(
&Hmac384Key::Key(KeyReadArgs { id: KeyId::KeyId1 }),
&Hmac384Data::Slice("Hello world!".as_bytes()),
&mut trng,
Hmac384Tag::Array4x12(&mut result),
key_out.into(),
)
.unwrap();
test_results.hmac_field_entropy_as_key = result.0;
test_results.hmac_field_entropy_as_key_out_pub =
export_result_from_kv(&mut ecc, &mut trng, key_out_id);

// Make sure the FE can be used as HMAC data
let mut result = Array4x12::default();
hmac384
.hmac(
&Hmac384Key::Array4x12(&Array4x12::new(DOE_TEST_HMAC_KEY)),
&Hmac384Data::Key(KeyReadArgs { id: KeyId::KeyId1 }),
&mut trng,
Hmac384Tag::Array4x12(&mut result),
key_out.into(),
)
.unwrap();
test_results.hmac_field_entropy_as_data = result.0;
test_results.hmac_field_entropy_as_data_out_pub =
export_result_from_kv(&mut ecc, &mut trng, key_out_id);

let mut mbox = Mailbox::new(unsafe { MboxCsr::new() });
mbox.try_start_send_txn()
Expand Down
40 changes: 12 additions & 28 deletions drivers/test-fw/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@

#![no_std]

use caliptra_drivers::Ecc384PubKey;

/// Code shared between the caliptra-drivers integration_test.rs (running on the
/// host) and the test binaries (running inside the hw-model).
use core::fmt::Debug;
Expand All @@ -14,53 +16,35 @@ pub const DOE_TEST_HMAC_KEY: [u32; 12] = [
0xc6879874, 0x0aa49a0f, 0x4e740e9c, 0x2c9f9aad,
];

pub struct HexWord(u32);
impl Debug for HexWord {
fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
write!(f, "0x{:08x}", self.0)
}
}

pub struct HexWordSlice<'a>(&'a [u32]);
impl Debug for HexWordSlice<'_> {
fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
let mut l = f.debug_list();
for val in self.0 {
l.entry(&HexWord(*val));
}
l.finish()
}
}

#[derive(AsBytes, Clone, Copy, Default, Eq, PartialEq, FromBytes)]
#[repr(C)]
pub struct DoeTestResults {
/// HMAC result of the UDS as key, and b"Hello world!" as data.
pub hmac_uds_as_key: [u32; 12],
pub hmac_uds_as_key_out_pub: Ecc384PubKey,

/// HMAC result of HMAC_KEY as key, and UDS as data.
pub hmac_uds_as_data: [u32; 12],
pub hmac_uds_as_data_out_pub: Ecc384PubKey,

// HMAC result of of the field entropy (including padding) as key, and
// b"Hello world" as data.
pub hmac_field_entropy_as_key: [u32; 12],
pub hmac_field_entropy_as_key_out_pub: Ecc384PubKey,

/// HMAC result of HMAC_KEY as key, and field entropy (excluding padding) as
/// data.
pub hmac_field_entropy_as_data: [u32; 12],
pub hmac_field_entropy_as_data_out_pub: Ecc384PubKey,
}
impl Debug for DoeTestResults {
fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
f.debug_struct("DoeTestResults")
.field("hmac_uds_as_key", &HexWordSlice(&self.hmac_uds_as_key))
.field("hmac_uds_as_data", &HexWordSlice(&self.hmac_uds_as_data))
.field("hmac_uds_as_key_out_pub", &self.hmac_uds_as_key_out_pub)
.field("hmac_uds_as_data_out_pub", &self.hmac_uds_as_data_out_pub)
.field(
"hmac_field_entropy_as_key",
&HexWordSlice(&self.hmac_field_entropy_as_key),
"hmac_field_entropy_as_key_out_pub",
&self.hmac_field_entropy_as_key_out_pub,
)
.field(
"hmac_field_entropy_as_data",
&HexWordSlice(&self.hmac_field_entropy_as_data),
"hmac_field_entropy_as_data_out_pub",
&self.hmac_field_entropy_as_data_out_pub,
)
.finish()
}
Expand Down
Loading

0 comments on commit 9f43d0c

Please sign in to comment.