[crypto] Trial division for RSA key generation.

sw/otbn/crypto/tests/BUILD

@@ -780,6 +780,125 @@ otbn_consttime_test(
     ],
 )
 
+otbn_sim_test(
+    name = "relprime_small_primes_multiple_of_3_test",
+    srcs = [
+        "relprime_small_primes_multiple_of_3_test.s",
+    ],
+    exp = "relprime_small_primes_multiple_of_3_test.exp",
+    deps = [
+        "//sw/otbn/crypto:div",
+        "//sw/otbn/crypto:gcd",
+        "//sw/otbn/crypto:lcm",
+        "//sw/otbn/crypto:montmul",
+        "//sw/otbn/crypto:mul",
+        "//sw/otbn/crypto:primality",
+        "//sw/otbn/crypto:rsa_keygen",
+    ],
+)
+
+otbn_sim_test(
+    name = "relprime_small_primes_multiple_of_5_test",
+    srcs = [
+        "relprime_small_primes_multiple_of_5_test.s",
+    ],
+    exp = "relprime_small_primes_multiple_of_5_test.exp",
+    deps = [
+        "//sw/otbn/crypto:div",
+        "//sw/otbn/crypto:gcd",
+        "//sw/otbn/crypto:lcm",
+        "//sw/otbn/crypto:montmul",
+        "//sw/otbn/crypto:mul",
+        "//sw/otbn/crypto:primality",
+        "//sw/otbn/crypto:rsa_keygen",
+    ],
+)
+
+otbn_sim_test(
+    name = "relprime_small_primes_multiple_of_7_test",
+    srcs = [
+        "relprime_small_primes_multiple_of_7_test.s",
+    ],
+    exp = "relprime_small_primes_multiple_of_7_test.exp",
+    deps = [
+        "//sw/otbn/crypto:div",
+        "//sw/otbn/crypto:gcd",
+        "//sw/otbn/crypto:lcm",
+        "//sw/otbn/crypto:montmul",
+        "//sw/otbn/crypto:mul",
+        "//sw/otbn/crypto:primality",
+        "//sw/otbn/crypto:rsa_keygen",
+    ],
+)
+
+otbn_sim_test(
+    name = "relprime_small_primes_multiple_of_11_test",
+    srcs = [
+        "relprime_small_primes_multiple_of_11_test.s",
+    ],
+    exp = "relprime_small_primes_multiple_of_11_test.exp",
+    deps = [
+        "//sw/otbn/crypto:div",
+        "//sw/otbn/crypto:gcd",
+        "//sw/otbn/crypto:lcm",
+        "//sw/otbn/crypto:montmul",
+        "//sw/otbn/crypto:mul",
+        "//sw/otbn/crypto:primality",
+        "//sw/otbn/crypto:rsa_keygen",
+    ],
+)
+
+otbn_sim_test(
+    name = "relprime_small_primes_multiple_of_17_test",
+    srcs = [
+        "relprime_small_primes_multiple_of_17_test.s",
+    ],
+    exp = "relprime_small_primes_multiple_of_17_test.exp",
+    deps = [
+        "//sw/otbn/crypto:div",
+        "//sw/otbn/crypto:gcd",
+        "//sw/otbn/crypto:lcm",
+        "//sw/otbn/crypto:montmul",
+        "//sw/otbn/crypto:mul",
+        "//sw/otbn/crypto:primality",
+        "//sw/otbn/crypto:rsa_keygen",
+    ],
+)
+
+otbn_sim_test(
+    name = "relprime_small_primes_multiple_of_31_test",
+    srcs = [
+        "relprime_small_primes_multiple_of_31_test.s",
+    ],
+    exp = "relprime_small_primes_multiple_of_31_test.exp",
+    deps = [
+        "//sw/otbn/crypto:div",
+        "//sw/otbn/crypto:gcd",
+        "//sw/otbn/crypto:lcm",
+        "//sw/otbn/crypto:montmul",
+        "//sw/otbn/crypto:mul",
+        "//sw/otbn/crypto:primality",
+        "//sw/otbn/crypto:rsa_keygen",
+    ],
+)
+
+otbn_sim_test(
+    name = "relprime_small_primes_negative_test",
+    srcs = [
+        "relprime_small_primes_negative_test.s",
+    ],
+    exp = "relprime_small_primes_negative_test.exp",
+    deps = [
+        "//sw/otbn/crypto:div",
+        "//sw/otbn/crypto:gcd",
+        "//sw/otbn/crypto:lcm",
+        "//sw/otbn/crypto:montmul",
+        "//sw/otbn/crypto:mul",
+        "//sw/otbn/crypto:primality",
+        "//sw/otbn/crypto:rsa_keygen",
+    ],
+)
+
 otbn_library(
     name = "rsa_keygen_checkpq_test_data",
     srcs = [

sw/otbn/crypto/tests/relprime_small_primes_multiple_of_11_test.exp

@@ -0,0 +1,2 @@
+# Expect 0 (check failed).
+w22 = 0

sw/otbn/crypto/tests/relprime_small_primes_multiple_of_11_test.s

@@ -0,0 +1,68 @@
+/* Copyright lowRISC contributors (OpenTitan project). */
+/* Licensed under the Apache License, Version 2.0, see LICENSE for details. */
+/* SPDX-License-Identifier: Apache-2.0 */
+
+/**
+ * Standalone test to check an RSA keygen subroutine.
+ *
+ * The `relprime_small_primes` subroutine checks if a candidate prime is a
+ * multiple of a small prime. This test ensures that the check detects a
+ * multiple of 11.
+ */
+
+.section .text.start
+
+main:
+  /* Init all-zero register. */
+  bn.xor    w31, w31, w31
+
+  /* Load the number of limbs for this test. */
+  li        x30, 4
+
+  /* w22 <= 0 if dmem[simple_positive_input] is NOT relatively prime to F4 */
+  la        x16, input
+  jal       x1, relprime_small_primes
+
+  ecall
+
+.data
+
+/**
+ * A 1024-bit value that is a multiple of 11 and NOT 3, 5, 7, 17, or 31.
+ *
+ * Full value for reference =
+ */
+.balign 32
+input:
+.word 0x0a9a411f
+.word 0xca52e7f3
+.word 0x2c301918
+.word 0x948c97b0
+.word 0x171f68fc
+.word 0xe36be04a
+.word 0x0a7ffbaa
+.word 0xf9cf072d
+.word 0x51b76bd5
+.word 0x19d0fec0
+.word 0x0771be64
+.word 0x49c95131
+.word 0x1ed7cd7a
+.word 0xda4a6077
+.word 0x11fa0022
+.word 0x66e409f1
+.word 0x95548bfd
+.word 0x7938113a
+.word 0x9296d0f5
+.word 0x1352294c
+.word 0x33eaf657
+.word 0x6c47a7dc
+.word 0xf57e2b6b
+.word 0xd1194a3e
+.word 0x84402e7e
+.word 0x87641b66
+.word 0x2c3c225e
+.word 0x5e27e299
+.word 0x5ee52414
+.word 0xab6816c2
+.word 0x0ea3266c
+.word 0x5f4b97ff

sw/otbn/crypto/tests/relprime_small_primes_multiple_of_17_test.exp

@@ -0,0 +1,2 @@
+# Expect 0 (check failed).
+w22 = 0

sw/otbn/crypto/tests/relprime_small_primes_multiple_of_17_test.s

@@ -0,0 +1,69 @@
+/* Copyright lowRISC contributors (OpenTitan project). */
+/* Licensed under the Apache License, Version 2.0, see LICENSE for details. */
+/* SPDX-License-Identifier: Apache-2.0 */
+
+/**
+ * Standalone test to check an RSA keygen subroutine.
+ *
+ * The `relprime_small_primes` subroutine checks if a candidate prime is a
+ * multiple of a small prime. This test ensures that the check detects a
+ * multiple of 17.
+ */
+
+.section .text.start
+
+main:
+  /* Init all-zero register. */
+  bn.xor    w31, w31, w31
+
+  /* Load the number of limbs for this test. */
+  li        x30, 4
+
+  /* w22 <= 0 if dmem[simple_positive_input] is NOT relatively prime to F4 */
+  la        x16, input
+  jal       x1, relprime_small_primes
+
+  ecall
+
+.data
+
+/**
+ * A 1024-bit value that is a multiple of 17 and NOT 3, 5, 11, 17, or 31.
+ *
+ * Full value for reference =
+ * 0x5143649b8bf054404d0ebedfa7a956dabd297218a15c6410335f8fc10f679ea7b4c0c055a34801e48f9a22cc124580ae9de9fda12300eb6cc6a5ab1e9edb8ff24329ef86ec8833131fbfcbbf8e97f9ac5475dc577367b017cb30d1df1c4baa3c63be79499d79f3e1fda86b6ad1790701b6156e77604ad67d9a8e49e8a4c2a845
+ */
+.balign 32
+input:
+.word 0xa4c2a845
+.word 0x9a8e49e8
+.word 0x604ad67d
+.word 0xb6156e77
+.word 0xd1790701
+.word 0xfda86b6a
+.word 0x9d79f3e1
+.word 0x63be7949
+.word 0x1c4baa3c
+.word 0xcb30d1df
+.word 0x7367b017
+.word 0x5475dc57
+.word 0x8e97f9ac
+.word 0x1fbfcbbf
+.word 0xec883313
+.word 0x4329ef86
+.word 0x9edb8ff2
+.word 0xc6a5ab1e
+.word 0x2300eb6c
+.word 0x9de9fda1
+.word 0x124580ae
+.word 0x8f9a22cc
+.word 0xa34801e4
+.word 0xb4c0c055
+.word 0x0f679ea7
+.word 0x335f8fc1
+.word 0xa15c6410
+.word 0xbd297218
+.word 0xa7a956da
+.word 0x4d0ebedf
+.word 0x8bf05440
+.word 0x5143649b

sw/otbn/crypto/tests/relprime_small_primes_multiple_of_31_test.exp

@@ -0,0 +1,2 @@
+# Expect 0 (check failed).
+w22 = 0

sw/otbn/crypto/tests/relprime_small_primes_multiple_of_31_test.s

@@ -0,0 +1,69 @@
+/* Copyright lowRISC contributors (OpenTitan project). */
+/* Licensed under the Apache License, Version 2.0, see LICENSE for details. */
+/* SPDX-License-Identifier: Apache-2.0 */
+
+/**
+ * Standalone test to check an RSA keygen subroutine.
+ *
+ * The `relprime_small_primes` subroutine checks if a candidate prime is a
+ * multiple of a small prime. This test ensures that the check detects a
+ * multiple of 31.
+ */
+
+.section .text.start
+
+main:
+  /* Init all-zero register. */
+  bn.xor    w31, w31, w31
+
+  /* Load the number of limbs for this test. */
+  li        x30, 4
+
+  /* w22 <= 0 if dmem[simple_positive_input] is NOT relatively prime to F4 */
+  la        x16, input
+  jal       x1, relprime_small_primes
+
+  ecall
+
+.data
+
+/**
+ * A 1024-bit value that is a multiple of 31 and NOT 3, 5, 7, 11, or 17.
+ *
+ * Full value for reference =
+ * 0xc6b202813cf17e3c55fefc6282020980fa205b3ccfb384f597e2c0749b1d5213c2ebbf45d5f239e911062650cd43d3c008183c6c2cf217ac48af2bcfeac39a280afd60eea8508324e97f40fa78d5d70a5b5fcb80c1e260feaa1f02f54c072a915d48a0d13a162f1e22f40b26c1eb29d4e7a44c48956c2daa5edfd222e7cf7221
+ */
+.balign 32
+input:
+.word 0xe7cf7221
+.word 0x5edfd222
+.word 0x956c2daa
+.word 0xe7a44c48
+.word 0xc1eb29d4
+.word 0x22f40b26
+.word 0x3a162f1e
+.word 0x5d48a0d1
+.word 0x4c072a91
+.word 0xaa1f02f5
+.word 0xc1e260fe
+.word 0x5b5fcb80
+.word 0x78d5d70a
+.word 0xe97f40fa
+.word 0xa8508324
+.word 0x0afd60ee
+.word 0xeac39a28
+.word 0x48af2bcf
+.word 0x2cf217ac
+.word 0x08183c6c
+.word 0xcd43d3c0
+.word 0x11062650
+.word 0xd5f239e9
+.word 0xc2ebbf45
+.word 0x9b1d5213
+.word 0x97e2c074
+.word 0xcfb384f5
+.word 0xfa205b3c
+.word 0x82020980
+.word 0x55fefc62
+.word 0x3cf17e3c
+.word 0xc6b20281

sw/otbn/crypto/tests/relprime_small_primes_multiple_of_3_test.exp

@@ -0,0 +1,2 @@
+# Expect 0 (check failed).
+w22 = 0