lowRISC · moidx · Mar 21, 2024 · Mar 8, 2024
@@ -123,6 +123,27 @@ dif_result_t dif_otbn_get_insn_cnt(const dif_otbn_t *otbn, uint32_t *insn_cnt) {
   return kDifOk;
 }
 
+dif_result_t dif_otbn_get_load_checksum(const dif_otbn_t *otbn,
+                                        uint32_t *checksum) {
+  if (otbn == NULL || checksum == NULL) {
+    return kDifBadArg;
+  }
+
+  *checksum =
+      mmio_region_read32(otbn->base_addr, OTBN_LOAD_CHECKSUM_REG_OFFSET);
+  return kDifOk;
+}
+
+dif_result_t dif_otbn_clear_load_checksum(const dif_otbn_t *otbn) {
+  if (otbn == NULL) {
+    return kDifBadArg;
+  }
+
+  mmio_region_write32(otbn->base_addr, OTBN_LOAD_CHECKSUM_REG_OFFSET, 0);
+
+  return kDifOk;
+}
+
 dif_result_t dif_otbn_imem_write(const dif_otbn_t *otbn, uint32_t offset_bytes,
                                  const void *src, size_t len_bytes) {
   if (otbn == NULL || src == NULL ||

@@ -140,6 +140,30 @@ dif_result_t dif_otbn_get_err_bits(const dif_otbn_t *otbn,
 OT_WARN_UNUSED_RESULT
 dif_result_t dif_otbn_get_insn_cnt(const dif_otbn_t *otbn, uint32_t *insn_cnt);
 
+/**
+ * Gets the content of the load checksum register.
+ *
+ * Gets the 32-bit CRC checksum of data written to memory.
+ *
+ * @param otbn OTBN instance.
+ * @param[out] insn_cnt The number of instructions executed by OTBN.
+ * @return The result of the operation.
+ */
+OT_WARN_UNUSED_RESULT
+dif_result_t dif_otbn_get_load_checksum(const dif_otbn_t *otbn,
+                                        uint32_t *insn_cnt);
+
+/**
+ * Clears the load checksum register.
+ *
+ * Writes 0 to the load checksum register to clear it.
+ *
+ * @param otbn OTBN instance.
+ * @return The result of the operation.
+ */
+OT_WARN_UNUSED_RESULT
+dif_result_t dif_otbn_clear_load_checksum(const dif_otbn_t *otbn);
+
 /**
  * Write an OTBN application into its instruction memory (IMEM).
  *

diff --git a/sw/device/tests/crypto/cryptotest/firmware/BUILD b/sw/device/tests/crypto/cryptotest/firmware/BUILD
@@ -144,17 +144,22 @@ cc_library(
     deps = [
         "//sw/device/lib/base:memory",
         "//sw/device/lib/base:status",
+        "//sw/device/lib/crypto/drivers:keymgr",
         "//sw/device/lib/crypto/drivers:otbn",
         "//sw/device/lib/dif:otbn",
         "//sw/device/lib/runtime:log",
         "//sw/device/lib/testing:entropy_testutils",
+        "//sw/device/lib/testing:keymgr_testutils",
         "//sw/device/lib/testing/test_framework:ujson_ottf",
         "//sw/device/lib/ujson",
         "//sw/device/sca/lib:sca",
+        "//sw/device/tests/crypto/cryptotest/firmware:sca_lib",
         "//sw/device/tests/crypto/cryptotest/firmware/otbn:otbn_char_hardware_dmem_op_loop",
         "//sw/device/tests/crypto/cryptotest/firmware/otbn:otbn_char_hardware_reg_op_loop",
         "//sw/device/tests/crypto/cryptotest/firmware/otbn:otbn_char_unrolled_dmem_op_loop",
         "//sw/device/tests/crypto/cryptotest/firmware/otbn:otbn_char_unrolled_reg_op_loop",
+        "//sw/device/tests/crypto/cryptotest/firmware/otbn:otbn_key_sideload",
+        "//sw/device/tests/crypto/cryptotest/firmware/otbn:otbn_load_integrity",
         "//sw/device/tests/crypto/cryptotest/json:otbn_fi_commands",
     ],
 )

@@ -396,7 +396,7 @@ status_t handle_ibex_fi_char_register_file_read(ujson_t *uj) {
 }
 
 /**
- * Initializes the SCA trigger.
+ * Initializes the trigger.
  *
  *
  * @param uj The received uJSON data.

diff --git a/sw/device/tests/crypto/cryptotest/firmware/otbn/BUILD b/sw/device/tests/crypto/cryptotest/firmware/otbn/BUILD
@@ -33,3 +33,17 @@ otbn_binary(
         "otbn_char_unrolled_reg_op_loop.s",
     ],
 )
+
+otbn_binary(
+    name = "otbn_key_sideload",
+    srcs = [
+        "otbn_key_sideload.s",
+    ],
+)
+
+otbn_binary(
+    name = "otbn_load_integrity",
+    srcs = [
+        "otbn_load_integrity.s",
+    ],
+)
diff --git a/sw/device/tests/crypto/cryptotest/firmware/otbn/otbn_key_sideload.s b/sw/device/tests/crypto/cryptotest/firmware/otbn/otbn_key_sideload.s
@@ -0,0 +1,53 @@
+/* Copyright lowRISC contributors. */
+/* Licensed under the Apache License, Version 2.0, see LICENSE for details. */
+/* SPDX-License-Identifier: Apache-2.0 */
+/*
+    OBTN.KEY_SIDELOAD FI Penetration Test
+*/
+.section .text.start
+
+    /* Load all key shares into w20...w23. */
+    bn.wsrr  w20, KEY_S0_L
+    bn.wsrr  w21, KEY_S1_L
+    bn.wsrr  w22, KEY_S0_H
+    bn.wsrr  w23, KEY_S1_H
+
+    /* Write key shared into accessible DMEM. */
+    li      x2, 20
+    la      x3, k_s0_l
+    bn.sid  x2, 0(x3)
+
+    li      x2, 21
+    la      x3, k_s0_h
+    bn.sid  x2, 0(x3)
+
+    li      x2, 22
+    la      x3, k_s1_l
+    bn.sid  x2, 0(x3)
+
+    li      x2, 23
+    la      x3, k_s1_h
+    bn.sid  x2, 0(x3)
+
+    ecall
+
+.data
+    .globl k_s0_l
+    .balign 32
+    k_s0_l:
+    .zero 32
+
+    .globl k_s0_h
+    .balign 32
+    k_s0_h:
+    .zero 32
+
+    .globl k_s1_l
+    .balign 32
+    k_s1_l:
+    .zero 32
+
+    .globl k_s1_h
+    .balign 32
+    k_s1_h:
+    .zero 32
diff --git a/sw/device/tests/crypto/cryptotest/firmware/otbn/otbn_load_integrity.s b/sw/device/tests/crypto/cryptotest/firmware/otbn/otbn_load_integrity.s
@@ -0,0 +1,31 @@
+/* Copyright lowRISC contributors. */
+/* Licensed under the Apache License, Version 2.0, see LICENSE for details. */
+/* SPDX-License-Identifier: Apache-2.0 */
+/*
+    OBTN.LOAD_INTEGRITY FI Penetration Test
+*/
+.section .text.start
+
+    /* Execute 10 NOPs. */
+    li x1, 10
+    loop x1, 1
+      nop
+
+    ecall
+
+.data
+    /* Reference values. */
+    .balign 32
+    .globl refval1
+    refval1:
+      .word 0x1BADB002
+
+    .balign 32
+    .globl refval2
+    refval2:
+      .word 0x8BADF00D
+
+    .balign 32
+    .globl refval3
+    refval3:
+      .word 0xA5A5A5A5
-Original file line number
+Diff line change
@@ Expand Up @@
     }
     /**
-     * Initializes the SCA trigger.
+     * Initializes the trigger.
      *
      *
      * @param uj The received uJSON data.
@@ Expand Down @@