[feat] [RT] FIPS Self-test (KATs) (#544)

* FIPS Self-test * LMS and SHA1 are implemented in firmware
chipsalliance · Jul 28, 2023 · d3d558a · d3d558a
1 parent 861123a
commit d3d558a
Show file tree

Hide file tree

Showing 6 changed files with 64 additions and 17 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/runtime/Cargo.toml b/runtime/Cargo.toml
@@ -14,6 +14,7 @@ caliptra-x509 = { path = "../x509", default-features = false }
 caliptra-image-types = { path = "../image/types", default-features = false }
 ufmt = "0.2.0"
 zerocopy = "0.6.1"
+caliptra-kat = { version = "0.1.0", path = "../kat" }
 
 [build-dependencies]
 cfg-if = "1.0.0"
@@ -33,10 +34,7 @@ openssl = { version = "0.10", features = ["vendored"] }
 [features]
 riscv = ["caliptra-cpu/riscv"]
 default = ["std", "test_only_commands"]
-emu = [
-    "caliptra_common/emu",
-    "caliptra-drivers/emu"
-]
+emu = ["caliptra_common/emu", "caliptra-drivers/emu"]
 fpga_realtime = ["caliptra-drivers/fpga_realtime"]
 std = ["ufmt/std", "caliptra_common/std"]
 test_only_commands = []

diff --git a/runtime/src/fips.rs b/runtime/src/fips.rs
@@ -3,6 +3,7 @@
 use caliptra_common::cprintln;
 use caliptra_drivers::CaliptraError;
 use caliptra_drivers::CaliptraResult;
+use caliptra_kat::{Ecc384Kat, Hmac384Kat, Sha256Kat, Sha384AccKat, Sha384Kat};
 use caliptra_registers::mbox::enums::MboxStatusE;
 use zerocopy::{AsBytes, FromBytes};
 
@@ -45,9 +46,11 @@ impl FipsModule {
         Ok(MboxStatusE::DataReady)
     }
 
-    pub fn self_test(_env: &Drivers) -> CaliptraResult<MboxStatusE> {
+    pub fn self_test(env: &mut Drivers) -> CaliptraResult<MboxStatusE> {
         cprintln!("[rt] FIPS self test");
-        Err(CaliptraError::RUNTIME_FIPS_UNIMPLEMENTED)
+        Self::execute_kats(env)?;
+
+        Ok(MboxStatusE::CmdComplete)
     }
 
     pub fn shutdown(env: &mut Drivers) -> CaliptraResult<MboxStatusE> {
@@ -61,4 +64,24 @@ impl FipsModule {
     fn zeroize(env: &mut Drivers) {
         env.regions.zeroize();
     }
+
+    /// Execute KAT for cryptographic algorithms implemented in H/W.
+    fn execute_kats(env: &mut Drivers) -> CaliptraResult<()> {
+        cprintln!("[kat] Executing SHA2-256 Engine KAT");
+        Sha256Kat::default().execute(&mut env.sha256)?;
+
+        cprintln!("[kat] Executing SHA2-384 Engine KAT");
+        Sha384Kat::default().execute(&mut env.sha384)?;
+
+        cprintln!("[kat] Executing SHA2-384 Accelerator KAT");
+        Sha384AccKat::default().execute(&mut env.sha384_acc)?;
+
+        cprintln!("[kat] Executing ECC-384 Engine KAT");
+        Ecc384Kat::default().execute(&mut env.ecc384, &mut env.trng)?;
+
+        cprintln!("[kat] Executing HMAC-384 Engine KAT");
+        Hmac384Kat::default().execute(&mut env.hmac384, &mut env.trng)?;
+
+        Ok(())
+    }
 }
diff --git a/runtime/src/lib.rs b/runtime/src/lib.rs
@@ -24,13 +24,13 @@ use caliptra_common::memory_layout::{
 };
 use caliptra_common::{cprintln, FirmwareHandoffTable};
 use caliptra_drivers::{CaliptraError, CaliptraResult, DataVault, Ecc384};
+use caliptra_drivers::{Hmac384, Sha256, Sha384, Sha384Acc, Trng};
 use caliptra_image_types::ImageManifest;
+use caliptra_registers::mbox::enums::MboxStatusE;
 use caliptra_registers::{
-    dv::DvReg,
-    ecc::EccReg,
-    mbox::{enums::MboxStatusE, MboxCsr},
-    sha512_acc::Sha512AccCsr,
-    soc_ifc::SocIfcReg,
+    csrng::CsrngReg, dv::DvReg, ecc::EccReg, entropy_src::EntropySrcReg, hmac::HmacReg,
+    mbox::MboxCsr, sha256::Sha256Reg, sha512::Sha512Reg, sha512_acc::Sha512AccCsr,
+    soc_ifc::SocIfcReg, soc_ifc_trng::SocIfcTrngReg,
 };
 use zerocopy::{AsBytes, FromBytes};
 
@@ -92,6 +92,23 @@ pub struct Drivers<'a> {
     pub data_vault: DataVault,
     pub soc_ifc: SocIfcReg,
     pub regions: MemoryRegions,
+    pub sha256: Sha256,
+
+    // SHA2-384 Engine
+    pub sha384: Sha384,
+
+    // SHA2-384 Accelerator
+    pub sha384_acc: Sha384Acc,
+
+    /// Hmac384 Engine
+    pub hmac384: Hmac384,
+
+    /// Cryptographically Secure Random Number Generator
+    pub trng: Trng,
+
+    /// Ecc384 Engine
+    pub ecc384: Ecc384,
+
     pub fht: &'a mut FirmwareHandoffTable,
 
     /// A copy of the ImageHeader for the currently running image
@@ -110,6 +127,12 @@ impl<'a> Drivers<'a> {
         };
         let manifest = ImageManifest::read_from(manifest_slice.as_bytes())
             .ok_or(CaliptraError::RUNTIME_NO_MANIFEST)?;
+        let trng = Trng::new(
+            CsrngReg::new(),
+            EntropySrcReg::new(),
+            SocIfcTrngReg::new(),
+            &SocIfcReg::new(),
+        )?;
 
         Ok(Self {
             mbox: Mailbox::new(MboxCsr::new()),
@@ -118,6 +141,12 @@ impl<'a> Drivers<'a> {
             data_vault: DataVault::new(DvReg::new()),
             soc_ifc: SocIfcReg::new(),
             regions: MemoryRegions::new(),
+            sha256: Sha256::new(Sha256Reg::new()),
+            sha384: Sha384::new(Sha512Reg::new()),
+            sha384_acc: Sha384Acc::new(Sha512AccCsr::new()),
+            hmac384: Hmac384::new(HmacReg::new()),
+            ecc384: Ecc384::new(EccReg::new()),
+            trng,
             fht,
             manifest,
         })

diff --git a/runtime/src/main.rs b/runtime/src/main.rs
@@ -40,15 +40,13 @@ pub extern "C" fn entry_point() -> ! {
             Ok(drivers) => drivers,
             Err(e) => {
                 caliptra_common::report_handoff_error_and_halt(
-                    "Runtime can't load create drivers",
+                    "Runtime can't load drivers",
                     e.into(),
                 );
             }
         };
-
         cprintln!("Caliptra RT listening for mailbox commands...");
         caliptra_runtime::handle_mailbox_commands(&mut drivers);
-
         caliptra_drivers::ExitCtrl::exit(0)
     } else {
         caliptra_common::report_handoff_error_and_halt(

diff --git a/runtime/tests/integration_tests.rs b/runtime/tests/integration_tests.rs
@@ -202,7 +202,6 @@ fn test_verify_cmd() {
 #[test]
 fn test_fips_cmd_api() {
     let mut model = run_rom_test("mbox");
-    let expected_err = Err(ModelError::MailboxCmdFailed(0x000E0006));
 
     model.step_until(|m| m.soc_mbox().status().read().mbox_fsm_ps().mbox_idle());
 
@@ -226,8 +225,7 @@ fn test_fips_cmd_api() {
     assert_eq!(name, VersionResponse::NAME.as_bytes());
 
     let resp = model.mailbox_execute(u32::from(CommandId::SELF_TEST), &cmd);
-    assert_eq!(resp, expected_err);
-    model.soc_ifc().cptra_fw_error_non_fatal().write(|_| 0);
+    assert!(resp.is_ok());
 
     let resp = model.mailbox_execute(u32::from(CommandId::SHUTDOWN), &cmd);
     assert!(resp.is_ok());