Skip to content

[fisim/crypto] Add instruction skip simulator #28549

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
+3,004 −91
Open

[fisim/crypto] Add instruction skip simulator #28549

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0a40378
[pentest] Add markers in pentest framework
siemen11 Nov 3, 2025
7e7b16c
[fisim/crypto] Add instruction skip simulator
siemen11 Nov 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 23 additions & 1 deletion sw/device/tests/penetrationtests/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# Licensed under the Apache License, Version 2.0, see LICENSE for details.
# SPDX-License-Identifier: Apache-2.0

load(":pentest.bzl", "pentest_cryptolib_fi_asym", "pentest_cryptolib_fi_sym", "pentest_cryptolib_sca_asym", "pentest_cryptolib_sca_sym", "pentest_fi", "pentest_fi_ibex", "pentest_fi_otbn", "pentest_sca")
load(":pentest.bzl", "pentest_cryptolib_fi_asym", "pentest_cryptolib_fi_gdb_asym", "pentest_cryptolib_fi_gdb_sym", "pentest_cryptolib_fi_sym", "pentest_cryptolib_sca_asym", "pentest_cryptolib_sca_sym", "pentest_fi", "pentest_fi_ibex", "pentest_fi_otbn", "pentest_sca")
load("@ot_python_deps//:requirements.bzl", "requirement")

package(default_visibility = ["//visibility:public"])
Expand Down Expand Up @@ -287,6 +287,17 @@ pentest_cryptolib_fi_asym(
test_vectors = CRYPTOLIB_FI_ASYM_TESTVECTOR_TARGETS,
)

pentest_cryptolib_fi_gdb_sym(
name = "fi_sym_cryptolib_python_gdb_test",
tags = [
"manual",
"skip_in_ci",
],
test_args = "",
test_harness = "//sw/host/penetrationtests/python/fi:fi_sym_cryptolib_python_gdb_test",
test_vectors = [],
)

pentest_cryptolib_fi_asym(
name = "fi_asym_cryptolib_python_test",
tags = [],
Expand All @@ -295,6 +306,17 @@ pentest_cryptolib_fi_asym(
test_vectors = [],
)

pentest_cryptolib_fi_gdb_asym(
name = "fi_asym_cryptolib_python_gdb_test",
tags = [
"manual",
"skip_in_ci",
],
test_args = "",
test_harness = "//sw/host/penetrationtests/python/fi:fi_asym_cryptolib_python_gdb_test",
test_vectors = [],
)

CRYPTOLIB_SCA_SYM_TESTVECTOR_TARGETS = [
"//sw/host/penetrationtests/testvectors/data:sca_sym_cryptolib",
]
Expand Down
21 changes: 20 additions & 1 deletion sw/device/tests/penetrationtests/doc/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ cd $REPO_TOP
./bazelisk.sh run //sw/device/tests/penetrationtests:fi_ibex_fpga_cw340_sival_rom_ext
```

In addition, we have Python scripts to use the pentest framework in //sw/host/penetrationtests/python.
In addition, we have Python scripts to use the pentest framework in `//sw/host/penetrationtests/python`.
These scripts are also tested.
Use the following command to automatically test the Ibex FI tests on the CW340 FPGA board:

Expand All @@ -76,6 +76,25 @@ cd $REPO_TOP
./bazelisk.sh run //sw/device/tests/penetrationtests:fi_ibex_python_test_fpga_cw340_sival_rom_ext
```

## GDB Testing (FiSim)

The crypto library is tested on a debug enabled CW340 FPGA by tracing several relevant cryptographic calls and apply instruction skips or other fault models to their execution. In order to use this testing, the CW340 FPGA has to be adapted. We provide a picture on its setup as reference:

![CW340 debug setup](fi_sim_cw340_setup.png)

In order to run a GDB test, find the "gdb_test" targets in the BUILD file in `//sw/device/tests/penetrationtests`. For example,
```console
./bazelisk.sh run //sw/device/tests/penetrationtests:fi_sym_cryptolib_python_gdb_test_fpga_cw340_rom_ext

./bazelisk.sh run //sw/device/tests/penetrationtests:fi_asym_cryptolib_python_gdb_test_fpga_cw340_rom_ext
```

These tests specifically run in the rom_ext environment since this is a ROM version in the RMA lifecycle which enables debug. The test then builds and runs openocd in the background which opens the default port 3333 to GDB. The files in //sw/host/penetrationtests/python/util contain classes in order to communicate with the FPGA, OpenOCD, and GDB.

The testing is performed on the flashed pentest framework in this directory which provides the interface to the crypto library in `//sw/device/lib/crypto`. The targeted functions are found parsing the dis file. The parser is also found in `//sw/host/penetrationtests/python/util`.

All test outputs are saved in the `bazel-testlogs/sw/device/tests/penetrationtests` folder in opentitan. Take note that the output to the terminal is piped to the campaign file in that directory, please consult this file for the test output. This is done since each subtest can take 2-12h.

## Versioning

In `//sw/device/tests/penetrationtests/firmware/lib/pentest_lib.h`, a value PENTEST_VERSION is found with the current version of the pentest framework.
Expand Down
Binary file added sw/device/tests/penetrationtests/doc/fi_sim_cw340_setup.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
24 changes: 22 additions & 2 deletions sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_asym_impl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,9 @@

#define MODULE_ID MAKE_MODULE_ID('f', 'a', 'i')

// Markers in the dis file to be able to trace certain functions
#define PENTEST_MARKER_LABEL(name) asm volatile(#name ":" ::: "memory")

// OAEP label for testing.
static const unsigned char kTestLabel[] = "Test label.";
static const size_t kTestLabelLen = sizeof(kTestLabel) - 1;
Expand Down Expand Up @@ -403,12 +406,14 @@ status_t cryptolib_fi_rsa_sign_impl(

// Trigger window.
if (uj_input.trigger & kPentestTrigger3) {
PENTEST_MARKER_LABEL(PENTEST_MARKER_RSA_SIGN_START);
Copy link
Member

@nasahlpa nasahlpa Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to correctly understand, your git commit message says "These markers do influence influence the pentest code as they are function calls." Could you please elaborate on this?

Copy link
Contributor Author

@siemen11 siemen11 Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking at the assembly, these markers become functions, meaning that the trigger high and low together with the payload crypto function is now executed in the PENTEST_MARKER_RSA_SIGN_START function

Copy link
Contributor Author

@siemen11 siemen11 Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A priori, I can not guarantee that the trigger high and low did not change

Copy link
Member

@nasahlpa nasahlpa Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah got it.

Instead of using those marker, would it be possible to use the trigger high / low as markers? Just to avoid that we are changing the code we know works quite well.

Copy link
Contributor Author

@siemen11 siemen11 Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sadly no since those do not have unique names. Now I can parse for the unique names and ensure we are testing the correct function

Copy link
Member

@nasahlpa nasahlpa Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hm I see.

And parsing for the asm instruction sequence that is responsible for setting the trigger to high / low is now not possible because parsing for that would be not so easy.

So I am good with that change, thanks for explaining :)

Copy link
Contributor Author

@siemen11 siemen11 Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

An example of the new binary is

20017fb8 <PENTEST_MARKER_AES_START>:
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c:141
20017fb8:           00005097            auipc   ra,0x5
20017fbc:           036080e7            jalr    54(ra) # 2001cfee <pentest_set_trigger_high>
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c:142
20017fc0:           f5840513            addi    a0,s0,-168
20017fc4:           fbc40593            addi    a1,s0,-68
20017fc8:           4611                        li      a2,4
20017fca:           f4442683            lw      a3,-188(s0)
20017fce:           f4842703            lw      a4,-184(s0)
20017fd2:           87ce                        mv      a5,s3
20017fd4:           f4042803            lw      a6,-192(s0)
20017fd8:           88a6                        mv      a7,s1
20017fda:           83de                        mv      t2,s7
20017fdc:           8e62                        mv      t3,s8
20017fde:           00001097            auipc   ra,0x1
20017fe2:           77c080e7            jalr    1916(ra) # 2001975a <otcrypto_aes>
20017fe6:           04054b63            bltz    a0,2001803c <PENTEST_MARKER_AES_END+0x34>
pentest_set_trigger_low():
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/lib/pentest_lib.c:944
20017fea:           effea517            auipc   a0,0xeffea
20017fee:           02e54583            lbu     a1,46(a0) # 10002018 <trigger_bit_index>
20017ff2:           01000537            lui     a0,0x1000
gpio_masked_bit_write():
/proc/self/cwd/sw/device/lib/dif/dif_gpio.c:101
20017ff6:       /-- e199                        bnez    a1,20017ffc <PENTEST_MARKER_AES_START+0x44>
20017ff8:       |   02000537            lui     a0,0x2000
/proc/self/cwd/sw/device/lib/dif/dif_gpio.c:100
20017ffc:       \-> effea597            auipc   a1,0xeffea
20018000:           02058593            addi    a1,a1,32 # 1000201c <gpio>
20018004:           418c                        lw      a1,0(a1)
mmio_region_write32():
/proc/self/cwd/./sw/device/lib/base/mmio.h:149
20018006:           cd88                        sw      a0,24(a1)

20018008 <PENTEST_MARKER_AES_END>:
cryptolib_fi_aes_impl():
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c:147
20018008:           05492023            sw      s4,64(s2)
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c:148
2001800c:           04092423            sw      zero,72(s2)
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c:149
20018010:           04000613            li      a2,64
20018014:           854a                        mv      a0,s2
20018016:           4581                        li      a1,0
20018018:           0000a097            auipc   ra,0xa
2001801c:           398080e7            jalr    920(ra) # 200223b0 <memset>
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c:150
20018020:           04092603            lw      a2,64(s2)
20018024:           854a                        mv      a0,s2
20018026:           85de                        mv      a1,s7
20018028:           0000a097            auipc   ra,0xa
2001802c:           2f4080e7            jalr    756(ra) # 2002231c <memcpy>
20018030:           4c01                        li      s8,0
20018032:       /-- a0a1                        j       2001807a <PENTEST_MARKER_AES_END+0x72>
20018034:       |   c0001073            unimp
20018038:       |   c0001073            unimp
2001803c:       |   8c2a                        mv      s8,a0
2001803e:       |   897d                        andi    a0,a0,31
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c:142
20018040:       |   0000b597            auipc   a1,0xb
20018044:       |   6cc58613            addi    a2,a1,1740 # 2002370c <hex+0x79a>
20018048:       |   4cc305b7            lui     a1,0x4cc30
2001804c:       |   08e00693            li      a3,142
20018050:       |   0000a097            auipc   ra,0xa
20018054:       |   0c6080e7            jalr    198(ra) # 20022116 <status_create>
status_report():
/proc/self/cwd/sw/device/lib/testing/test_framework/ottf_main.c:99
20018058:       |   effea597            auipc   a1,0xeffea
2001805c:       |   fcc5a603            lw      a2,-52(a1) # 10002024 <status_report_list_cnt>
20018060:       |   46a9                        li      a3,10
20018062:       |   02d676b3            remu    a3,a2,a3
20018066:       |   effeb717            auipc   a4,0xeffeb
2001806a:       |   fe270713            addi    a4,a4,-30 # 10003048 <status_report_list>
2001806e:       |   20e6c6b3            sh2add  a3,a3,a4
20018072:       |   c288                        sw      a0,0(a3)
/proc/self/cwd/sw/device/lib/testing/test_framework/ottf_main.c:100
20018074:       |   0605                        addi    a2,a2,1
20018076:       |   fcc5a623            sw      a2,-52(a1)
2001807a:       \-> f5042503            lw      a0,-176(s0)
cryptolib_fi_aes_impl():
/proc/self/cwd/sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c:153
2001807e:           812a                        mv      sp,a0
20018080:           8562                        mv      a0,s8
20018082:           f4040113            addi    sp,s0,-192
20018086:           0000a297            auipc   t0,0xa
2001808a:           474282e7            jalr    t0,1140(t0) # 200224fa <OUTLINED_FUNCTION_3>
2001808e:           8082                        ret
20018090:           c0001073            unimp
20018094:           c0001073            unimp

Copy link
Contributor Author

@siemen11 siemen11 Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So it looks like trigger high to the function call should be the same, but maybe trigger low moved somewhat

pentest_set_trigger_high();
}
TRY(otcrypto_rsa_sign(&private_key, msg_digest, padding_mode, sig_buf));
// Trigger window.
if (uj_input.trigger & kPentestTrigger3) {
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_RSA_SIGN_END);
}

// Return data back to host.
Expand Down Expand Up @@ -561,13 +566,16 @@ status_t cryptolib_fi_rsa_verify_impl(
hardened_bool_t verification_result;
// Trigger window.
if (uj_input.trigger & kPentestTrigger3) {
PENTEST_MARKER_LABEL(PENTEST_MARKER_RSA_VERIFY_START);
pentest_set_trigger_high();
}
TRY(otcrypto_rsa_verify(&public_key, msg_digest, padding_mode, sig,
&verification_result));
status_t status = otcrypto_rsa_verify(&public_key, msg_digest, padding_mode,
sig, &verification_result);
if (uj_input.trigger & kPentestTrigger3) {
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_RSA_VERIFY_END);
}
TRY(status);

// Return data back to host.
uj_output->result = true;
Expand Down Expand Up @@ -633,9 +641,11 @@ status_t cryptolib_fi_p256_ecdh_impl(
.keyblob = shared_secretblob,
};

PENTEST_MARKER_LABEL(PENTEST_MARKER_P256_ECDH_START);
pentest_set_trigger_high();
TRY(otcrypto_ecdh_p256(&private_key, &public_key, &shared_secret));
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_P256_ECDH_END);

uint32_t share0[kPentestP256Words];
uint32_t share1[kPentestP256Words];
Expand Down Expand Up @@ -726,13 +736,15 @@ status_t cryptolib_fi_p256_sign_impl(

// Trigger window 1.
if (uj_input.trigger == 1) {
PENTEST_MARKER_LABEL(PENTEST_MARKER_P256_SIGN_START);
pentest_set_trigger_high();
}
// Sign the message.
TRY(otcrypto_ecdsa_p256_sign_verify(&private_key, &public_key, message_digest,
signature_mut));
if (uj_input.trigger == 1) {
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_P256_SIGN_END);
}

// Return data back to host.
Expand Down Expand Up @@ -790,10 +802,12 @@ status_t cryptolib_fi_p256_verify_impl(

hardened_bool_t verification_result = kHardenedBoolFalse;

PENTEST_MARKER_LABEL(PENTEST_MARKER_P256_VERIFY_START);
pentest_set_trigger_high();
TRY(otcrypto_ecdsa_p256_verify(&public_key, message_digest, signature,
&verification_result));
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_P256_VERIFY_END);

// Return data back to host.
uj_output->result = true;
Expand Down Expand Up @@ -859,9 +873,11 @@ status_t cryptolib_fi_p384_ecdh_impl(
.keyblob = shared_secretblob,
};

PENTEST_MARKER_LABEL(PENTEST_MARKER_P384_ECDH_START);
pentest_set_trigger_high();
TRY(otcrypto_ecdh_p384(&private_key, &public_key, &shared_secret));
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_P384_ECDH_END);

uint32_t share0[kPentestP384Words];
uint32_t share1[kPentestP384Words];
Expand Down Expand Up @@ -952,12 +968,14 @@ status_t cryptolib_fi_p384_sign_impl(

// Trigger window 1.
if (uj_input.trigger == 1) {
PENTEST_MARKER_LABEL(PENTEST_MARKER_P384_SIGN_START);
pentest_set_trigger_high();
}
TRY(otcrypto_ecdsa_p384_sign_verify(&private_key, &public_key, message_digest,
signature_mut));
if (uj_input.trigger == 1) {
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_P384_SIGN_END);
}

// Return data back to host.
Expand Down Expand Up @@ -1015,10 +1033,12 @@ status_t cryptolib_fi_p384_verify_impl(

hardened_bool_t verification_result = kHardenedBoolFalse;

PENTEST_MARKER_LABEL(PENTEST_MARKER_P384_VERIFY_START);
pentest_set_trigger_high();
TRY(otcrypto_ecdsa_p384_verify(&public_key, message_digest, signature,
&verification_result));
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_P384_VERIFY_END);

// Return data back to host.
uj_output->result = true;
Expand Down
13 changes: 13 additions & 0 deletions sw/device/tests/penetrationtests/firmware/fi/cryptolib_fi_sym_impl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@

#define MODULE_ID MAKE_MODULE_ID('c', 'f', 's')

// Markers in the dis file to be able to trace certain functions
#define PENTEST_MARKER_LABEL(name) asm volatile(#name ":" ::: "memory")

status_t cryptolib_fi_aes_impl(cryptolib_fi_sym_aes_in_t uj_input,
cryptolib_fi_sym_aes_out_t *uj_output) {
// Set the AES mode.
Expand Down Expand Up @@ -134,9 +137,11 @@ status_t cryptolib_fi_aes_impl(cryptolib_fi_sym_aes_in_t uj_input,
};

// Trigger window.
PENTEST_MARKER_LABEL(PENTEST_MARKER_AES_START);
pentest_set_trigger_high();
TRY(otcrypto_aes(&key, iv, mode, op, input, padding, output));
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_AES_END);

// Return data back to host.
uj_output->data_len = padded_len_bytes;
Expand Down Expand Up @@ -168,11 +173,13 @@ status_t cryptolib_fi_drbg_generate_impl(

// Trigger window 0.
if (uj_input.trigger & kPentestTrigger2) {
PENTEST_MARKER_LABEL(PENTEST_MARKER_DRBG_GENERATE_START);
pentest_set_trigger_high();
}
TRY(otcrypto_drbg_generate(nonce, output));
if (uj_input.trigger & kPentestTrigger2) {
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_DRBG_GENERATE_END);
}

// Return data back to host.
Expand All @@ -197,11 +204,13 @@ status_t cryptolib_fi_drbg_reseed_impl(

// Trigger window 0.
if (uj_input.trigger & kPentestTrigger1) {
PENTEST_MARKER_LABEL(PENTEST_MARKER_DRBG_RESEED_START);
pentest_set_trigger_high();
}
TRY(otcrypto_drbg_instantiate(entropy));
if (uj_input.trigger & kPentestTrigger1) {
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_DRBG_RESEED_END);
}

// Return data back to host.
Expand Down Expand Up @@ -298,10 +307,12 @@ status_t cryptolib_fi_gcm_impl(cryptolib_fi_sym_gcm_in_t uj_input,
}

// Trigger window.
PENTEST_MARKER_LABEL(PENTEST_MARKER_GCM_ENCRYPT_START);
pentest_set_trigger_high();
TRY(otcrypto_aes_gcm_encrypt(&key, plaintext, iv, aad, tag_len,
actual_ciphertext, actual_tag));
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_GCM_ENCRYPT_END);

// Return data back to host.
uj_output->cfg = 0;
Expand Down Expand Up @@ -385,9 +396,11 @@ status_t cryptolib_fi_hmac_impl(cryptolib_fi_sym_hmac_in_t uj_input,
};

// Trigger window.
PENTEST_MARKER_LABEL(PENTEST_MARKER_HMAC_START);
pentest_set_trigger_high();
TRY(otcrypto_hmac(&key, input_message, tag));
pentest_set_trigger_low();
PENTEST_MARKER_LABEL(PENTEST_MARKER_HMAC_END);

// Return data back to host.
uj_output->data_len = tag_bytes;
Expand Down
92 changes: 92 additions & 0 deletions sw/device/tests/penetrationtests/pentest.bzl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@ PENTEST_EXEC_ENVS = {
"//hw/top_earlgrey:fpga_cw340_rom_ext": "fpga_cw340",
} | EARLGREY_SILICON_OWNER_ROM_EXT_ENVS

GDB_EXEC_ENVS = {
"//hw/top_earlgrey:fpga_cw340_rom_ext": "fpga_cw340",
}

FIRMWARE_DEPS_FI = [
"//sw/device/tests/penetrationtests/firmware/fi:alert_fi",
"//sw/device/tests/penetrationtests/firmware/fi:crypto_fi",
Expand Down Expand Up @@ -388,6 +392,50 @@ def pentest_cryptolib_fi_sym(name, test_vectors, test_args, test_harness, tags):
deps = FIRMWARE_DEPS_CRYPTOLIB_FI_SYM,
)

def pentest_cryptolib_fi_gdb_sym(name, test_vectors, test_args, test_harness, tags):
"""A macro for defining a CryptoTest test case.

Args:
name: the name of the test.
test_vectors: the test vectors to use.
test_args: additional arguments to pass to the test.
test_harness: the test harness to use.
tags: indicate the tags for CI.
"""
opentitan_test(
name = name,
srcs = ["//sw/device/tests/penetrationtests/firmware:firmware_cryptolib_fi_sym.c"],
fpga = fpga_params(
timeout = "long",
data = test_vectors,
tags = tags,
test_cmd = """
--bootstrap={firmware}
""" + test_args,
test_harness = test_harness,
),
fpga_cw340 = fpga_params(
timeout = "long",
tags = tags,
data = test_vectors,
test_cmd = """
--bootstrap={firmware}
""" + test_args,
test_harness = test_harness,
),
exec_env = GDB_EXEC_ENVS,
silicon = silicon_params(
timeout = "eternal",
tags = tags,
data = test_vectors,
test_cmd = """
--bootstrap={firmware}
""" + test_args,
test_harness = test_harness,
),
deps = FIRMWARE_DEPS_CRYPTOLIB_FI_SYM,
)

def pentest_cryptolib_fi_asym(name, test_vectors, test_args, test_harness, tags):
"""A macro for defining a CryptoTest test case.

Expand Down Expand Up @@ -432,6 +480,50 @@ def pentest_cryptolib_fi_asym(name, test_vectors, test_args, test_harness, tags)
deps = FIRMWARE_DEPS_CRYPTOLIB_FI_ASYM,
)

def pentest_cryptolib_fi_gdb_asym(name, test_vectors, test_args, test_harness, tags):
"""A macro for defining a CryptoTest test case.

Args:
name: the name of the test.
test_vectors: the test vectors to use.
test_args: additional arguments to pass to the test.
test_harness: the test harness to use.
tags: indicate the tags for CI.
"""
opentitan_test(
name = name,
srcs = ["//sw/device/tests/penetrationtests/firmware:firmware_cryptolib_fi_asym.c"],
fpga = fpga_params(
timeout = "long",
data = test_vectors,
tags = tags,
test_cmd = """
--bootstrap={firmware}
""" + test_args,
test_harness = test_harness,
),
fpga_cw340 = fpga_params(
timeout = "long",
tags = tags,
data = test_vectors,
test_cmd = """
--bootstrap={firmware}
""" + test_args,
test_harness = test_harness,
),
exec_env = GDB_EXEC_ENVS,
silicon = silicon_params(
timeout = "eternal",
tags = tags,
data = test_vectors,
test_cmd = """
--bootstrap={firmware}
""" + test_args,
test_harness = test_harness,
),
deps = FIRMWARE_DEPS_CRYPTOLIB_FI_ASYM,
)

def pentest_cryptolib_sca_sym(name, test_vectors, test_args, test_harness, tags):
"""A macro for defining a CryptoTest test case.

Expand Down
Loading
Loading