From 53c00600c04c7e7c9a5076185953c159e3de0587 Mon Sep 17 00:00:00 2001 From: Vladimir Rozic Date: Mon, 25 Sep 2023 12:22:53 +0100 Subject: [PATCH] [ci] Add test capture --- ci/azure-pipelines.yml | 28 +++++++++++++++++++++------- ci/ci_capture_aes_cw310.yaml | 30 ++++++++++++++++++++++++++++++ ci/ci_capture_aes_fvsr.sh | 8 ++++++++ 3 files changed, 59 insertions(+), 7 deletions(-) create mode 100644 ci/ci_capture_aes_cw310.yaml create mode 100755 ci/ci_capture_aes_fvsr.sh diff --git a/ci/azure-pipelines.yml b/ci/azure-pipelines.yml index ce39584cf..54e0ccef2 100644 --- a/ci/azure-pipelines.yml +++ b/ci/azure-pipelines.yml @@ -1,13 +1,27 @@ -trigger: +pr: branches: include: - "*" -jobs: -- job: hello_world - displayName: Hello world - pool: - vmImage: ubuntu-latest +- job: sca_capture + displayName: "Capture SCA traces" + timeoutInMinutes: 30 + dependsOn: checkout + pool: FPGA SCA steps: + - checkout: self - bash: | - echo Hello, world! + python3 -m pip install --user -r python-requirements.txt + displayName: "Install python dependencies" + - bash: | + sudo apt install git-lfs + displayName: "Install system dependencies" + - bash: | + pushd ci + ./ci_capture_aes_fvsr.sh + popd + displayName: "Capture traces" + # here migth want to add more steps to publish the traces, e.g. + - publish: path/to/file + artifact: traces + displayName: "Upload traces" diff --git a/ci/ci_capture_aes_cw310.yaml b/ci/ci_capture_aes_cw310.yaml new file mode 100644 index 000000000..85532f0c4 --- /dev/null +++ b/ci/ci_capture_aes_cw310.yaml @@ -0,0 +1,30 @@ +device: + fpga_bitstream: ../cw/objs/lowrisc_systems_chip_earlgrey_cw310_0.1.bit + force_program_bitstream: True + fw_bin: ../cw/objs/aes_serial_fpga_cw310.bin + pll_frequency: 100000000 + baudrate: 115200 +capture: + # Only AES-128 ECB is supported at this moment. + key_len_bytes: 16 + plain_text_len_bytes: 16 + output_len_bytes: 16 + # Samples per trace - We oversample by 20x and AES w/ DOM is doing + # ~56/72 cycles per encryption (AES-128/256). + num_samples: 1200 + # Offest in samples - The AES idle signal becomes visible 1 target clock + # cycle later (20 samples) and there are 2 synchronization stages at 100 MHz + # at the top level (4 samples). + offset: -40 + # 32-bit seed for SW key masking. Key masks are generated using an LFSR. + # To switch off the masking, 0 must be used as LFSR seed. + lfsr_seed: 0xdeadbeef + batch_prng_seed: 0 + scope_gain: 31.5 + num_traces: 1000 + project_name: ci_projects/opentitan_simple_aes + waverunner_ip: 192.168.1.228 +plot_capture: + show: False + num_traces: 100 + trace_image_filename: null diff --git a/ci/ci_capture_aes_fvsr.sh b/ci/ci_capture_aes_fvsr.sh new file mode 100755 index 000000000..31bed5522 --- /dev/null +++ b/ci/ci_capture_aes_fvsr.sh @@ -0,0 +1,8 @@ +#!/bin/bash +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# SPDX-License-Identifier: Apache-2.0 + +# Simple script to test AES fvsr-key capture +../cw/capture.py --cfg-file ci_capture_aes_cw310.yaml capture aes-fvsr-key-batch +[ -d "./ci_projects/opentitan_simple_aes_data" ] && echo "Directory ./ci_projects/opentitan_simple_aes_data exists" || echo "Error: Directory ./ci_projects/opentitan_simple_aes_data does not exists."