mirror of
https://github.com/espressif/esp-idf.git
synced 2024-09-20 00:36:01 -04:00
Merge branch 'bugfix/change_block_num_to_burn_keys' into 'master'
fix(hal/testapps): fix block number to burn keys to avoid overlapping See merge request espressif/esp-idf!25611
This commit is contained in:
commit
0281aa844b
@ -76,34 +76,36 @@ espefuse.py -p $ESPPORT burn_key BLOCK_KEY4 main/hmac/hmac_key.bin HMAC_UP
|
||||
|
||||
# Burning the HMAC keys for Digital Signature tests
|
||||
|
||||
The tests needs some HMAC keys to be burned in the `BLOCK_KEY1`, `BLOCK_KEY2` and `BLOCK_KEY3` of the efuses. As this verification application is independent of the efuse component, the user needs to manually burn the keys and their key purposes using `espefuse.py`.
|
||||
The tests needs some HMAC keys to be burned in the `BLOCK_KEY0`, `BLOCK_KEY1` and `BLOCK_KEY2` of the efuses. As this verification application is independent of the efuse component, the user needs to manually burn the keys and their key purposes using `espefuse.py`.
|
||||
|
||||
If SOC_DS_SIGNATURE_MAX_BIT_LEN == 3072:
|
||||
```bash
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY1 main/ds/keys/3072/ds_key1.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY0 main/ds/keys/3072/ds_key1.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY2 main/ds/keys/3072/ds_key2.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY1 main/ds/keys/3072/ds_key2.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY3 main/ds/keys/3072/ds_key3.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY2 main/ds/keys/3072/ds_key3.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
```
|
||||
|
||||
If SOC_DS_SIGNATURE_MAX_BIT_LEN == 4096:
|
||||
```bash
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY1 main/ds/keys/4096/ds_key1.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY0 main/ds/keys/4096/ds_key1.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY2 main/ds/keys/4096/ds_key2.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY1 main/ds/keys/4096/ds_key2.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY3 main/ds/keys/4096/ds_key3.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY2 main/ds/keys/4096/ds_key3.bin HMAC_DOWN_DIGITAL_SIGNATURE
|
||||
```
|
||||
|
||||
# Burning the ECDSA keys
|
||||
|
||||
The ECDSA tests need some ECDSA keys to be burned in the `BLOCK_KEY1` and `BLOCK_KEY2` of the efuses. As this verification application is independent of the efuse component, the user needs to manually burn the keys and their key purposes using `espefuse.py`.
|
||||
By default, ECDSA tests are disabled. You can enable it after disabling HMAC tests using `idf.py menuconfig -> Test App Configuration -> Enable ECDSA Peripheral test cases`
|
||||
|
||||
The ECDSA tests need some ECDSA keys to be burned in the `BLOCK_KEY4` and `BLOCK_KEY5` of the efuses. As this verification application is independent of the efuse component, the user needs to manually burn the keys and their key purposes using `espefuse.py`.
|
||||
|
||||
```bash
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY1 main/ecdsa/ecdsa192_priv_key.pem ECDSA_KEY
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY4 main/ecdsa/ecdsa192_priv_key.pem ECDSA_KEY
|
||||
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY2 main/ecdsa/ecdsa256_priv_key.pem ECDSA_KEY
|
||||
espefuse.py -p $ESPPORT burn_key BLOCK_KEY5 main/ecdsa/ecdsa256_priv_key.pem ECDSA_KEY
|
||||
```
|
||||
|
||||
# Building
|
||||
|
@ -33,5 +33,7 @@ if(CONFIG_SOC_SHA_SUPPORTED)
|
||||
endif()
|
||||
|
||||
idf_component_register(SRCS ${srcs}
|
||||
PRIV_REQUIRES efuse
|
||||
REQUIRES test_utils unity
|
||||
WHOLE_ARCHIVE)
|
||||
WHOLE_ARCHIVE
|
||||
PRIV_INCLUDE_DIRS ".")
|
||||
|
22
components/hal/test_apps/crypto/main/Kconfig.projbuild
Normal file
22
components/hal/test_apps/crypto/main/Kconfig.projbuild
Normal file
@ -0,0 +1,22 @@
|
||||
menu "Test App Configuration"
|
||||
|
||||
config CRYPTO_TEST_APP_ENABLE_DS_TESTS
|
||||
bool "Enable DS Peripheral test cases"
|
||||
default y
|
||||
help
|
||||
Enabling this option includes DS Peripheral related test cases in the build for supported targets.
|
||||
|
||||
config CRYPTO_TEST_APP_ENABLE_HMAC_TESTS
|
||||
bool "Enable HMAC Peripheral test cases"
|
||||
default y
|
||||
help
|
||||
Enabling this option includes HMAC Peripheral related test cases in the build for supported targets.
|
||||
|
||||
config CRYPTO_TEST_APP_ENABLE_ECDSA_TESTS
|
||||
depends on !CRYPTO_TEST_APP_ENABLE_HMAC_TESTS
|
||||
bool "Enable ECDSA Peripheral test cases"
|
||||
default n
|
||||
help
|
||||
Enabling this option includes ECDSA Peripheral related test cases in the build for supported targets.
|
||||
|
||||
endmenu
|
@ -32,15 +32,15 @@ static void run_all_tests(void)
|
||||
|
||||
#if CONFIG_IDF_ENV_FPGA
|
||||
|
||||
#if CONFIG_SOC_HMAC_SUPPORTED
|
||||
#if CONFIG_SOC_HMAC_SUPPORTED && CONFIG_CRYPTO_TEST_APP_ENABLE_HMAC_TESTS
|
||||
RUN_TEST_GROUP(hmac);
|
||||
#endif
|
||||
|
||||
#if CONFIG_SOC_DIG_SIGN_SUPPORTED
|
||||
#if CONFIG_SOC_DIG_SIGN_SUPPORTED && CONFIG_CRYPTO_TEST_APP_ENABLE_DS_TESTS
|
||||
RUN_TEST_GROUP(ds);
|
||||
#endif
|
||||
|
||||
#if CONFIG_SOC_ECDSA_SUPPORTED
|
||||
#if CONFIG_SOC_ECDSA_SUPPORTED && CONFIG_CRYPTO_TEST_APP_ENABLE_ECDSA_TESTS
|
||||
RUN_TEST_GROUP(ecdsa)
|
||||
#endif
|
||||
|
||||
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -12,15 +12,9 @@
|
||||
#include "unity_fixture.h"
|
||||
|
||||
#include "soc/soc_caps.h"
|
||||
typedef enum {
|
||||
HMAC_KEY0 = 0,
|
||||
HMAC_KEY1,
|
||||
HMAC_KEY2,
|
||||
HMAC_KEY3,
|
||||
HMAC_KEY4,
|
||||
HMAC_KEY5,
|
||||
HMAC_KEY_MAX
|
||||
} hmac_key_id_t;
|
||||
#include "esp_log.h"
|
||||
|
||||
const static char *TAG = "test_ds";
|
||||
|
||||
#if CONFIG_IDF_TARGET_ESP32S2
|
||||
#include "esp32s2/rom/efuse.h"
|
||||
@ -164,7 +158,7 @@ static void ds_disable_release(void)
|
||||
}
|
||||
|
||||
|
||||
static esp_err_t esp_ds_start_sign(const void *message, const esp_ds_data_t *data, hmac_key_id_t key_id)
|
||||
static esp_err_t esp_ds_start_sign(const void *message, const esp_ds_data_t *data, uint32_t key_id)
|
||||
{
|
||||
ds_acquire_enable();
|
||||
|
||||
@ -215,7 +209,7 @@ static esp_err_t esp_ds_finish_sign(void *signature, const esp_ds_data_t *data)
|
||||
|
||||
static esp_err_t esp_ds_sign(const void *message,
|
||||
const esp_ds_data_t *data,
|
||||
hmac_key_id_t key_id,
|
||||
uint32_t key_id,
|
||||
void *signature)
|
||||
{
|
||||
esp_err_t result = esp_ds_start_sign(message, data, key_id);
|
||||
@ -272,7 +266,7 @@ static void ds_disable_release(void)
|
||||
|
||||
static esp_err_t esp_ds_start_sign(const void *message,
|
||||
const esp_ds_data_t *data,
|
||||
hmac_key_id_t key_id)
|
||||
uint32_t key_id)
|
||||
{
|
||||
ds_acquire_enable();
|
||||
|
||||
@ -325,7 +319,7 @@ esp_err_t esp_ds_finish_sign(void *signature, const esp_ds_data_t *data)
|
||||
|
||||
static esp_err_t esp_ds_sign(const void *message,
|
||||
const esp_ds_data_t *data,
|
||||
hmac_key_id_t key_id,
|
||||
uint32_t key_id,
|
||||
void *signature)
|
||||
{
|
||||
esp_err_t result = esp_ds_start_sign(message, data, key_id);
|
||||
@ -384,7 +378,7 @@ TEST_TEAR_DOWN(ds)
|
||||
TEST(ds, digital_signature_parameter_encryption)
|
||||
{
|
||||
for (int i = 0; i < NUM_CASES; i++) {
|
||||
printf("Encrypting test case %d...\n", i);
|
||||
ESP_LOGI(TAG, "Encrypting test case %d.", i);
|
||||
const encrypt_testcase_t *t = &test_cases[i];
|
||||
esp_ds_data_t result = { };
|
||||
esp_ds_p_data_t p_data;
|
||||
@ -397,7 +391,7 @@ TEST(ds, digital_signature_parameter_encryption)
|
||||
|
||||
esp_err_t r = esp_ds_encrypt_params(&result, t->iv, &p_data,
|
||||
test_hmac_keys[t->hmac_key_idx]);
|
||||
printf("Encrypting test case %d done\n", i);
|
||||
ESP_LOGI(TAG, "Encrypting test case %d done", i);
|
||||
TEST_ASSERT_EQUAL(ESP_OK, r);
|
||||
TEST_ASSERT_EQUAL(t->p_data.length, result.rsa_length);
|
||||
TEST_ASSERT_EQUAL_HEX8_ARRAY(t->iv, result.iv, ETS_DS_IV_LEN);
|
||||
@ -405,8 +399,8 @@ TEST(ds, digital_signature_parameter_encryption)
|
||||
}
|
||||
}
|
||||
|
||||
// This test uses the HMAC_KEY0 eFuse key which hasn't been burned by burn_hmac_keys().
|
||||
// HMAC_KEY0 is usually used for HMAC upstream (user access) tests.
|
||||
// This test uses the HMAC_KEY_BLOCK_1 eFuse key which hasn't been burned by burn_hmac_keys().
|
||||
// HMAC_KEY_BLOCK_1 is usually used for HMAC upstream (user access) tests.
|
||||
TEST(ds, digital_signature_wrong_hmac_key_purpose)
|
||||
{
|
||||
esp_ds_data_t ds_data = {};
|
||||
@ -414,11 +408,11 @@ TEST(ds, digital_signature_wrong_hmac_key_purpose)
|
||||
const char *message = "test";
|
||||
|
||||
// HMAC fails in that case because it checks for the correct purpose
|
||||
TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_start_sign(message, &ds_data, HMAC_KEY0));
|
||||
TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_start_sign(message, &ds_data, HMAC_KEY_BLOCK_1));
|
||||
}
|
||||
|
||||
// This test uses the HMAC_KEY0 eFuse key which hasn't been burned by burn_hmac_keys().
|
||||
// HMAC_KEY0 is usually used for HMAC upstream (user access) tests.
|
||||
// This test uses the HMAC_KEY_BLOCK_1 eFuse key which hasn't been burned by burn_hmac_keys().
|
||||
// HMAC_KEY_BLOCK_1 is usually used for HMAC upstream (user access) tests.
|
||||
TEST(ds, digital_signature_blocking_wrong_hmac_key_purpose)
|
||||
{
|
||||
esp_ds_data_t ds_data = {};
|
||||
@ -427,13 +421,13 @@ TEST(ds, digital_signature_blocking_wrong_hmac_key_purpose)
|
||||
uint8_t signature_data [128 * 4];
|
||||
|
||||
// HMAC fails in that case because it checks for the correct purpose
|
||||
TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_sign(message, &ds_data, HMAC_KEY0, signature_data));
|
||||
TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_sign(message, &ds_data, HMAC_KEY_BLOCK_1, signature_data));
|
||||
}
|
||||
|
||||
TEST(ds, digital_signature_operation)
|
||||
{
|
||||
for (int i = 0; i < NUM_CASES; i++) {
|
||||
printf("Running test case %d...\n", i);
|
||||
ESP_LOGI(TAG, "Running test case %d.", i);
|
||||
const encrypt_testcase_t *t = &test_cases[i];
|
||||
|
||||
// copy encrypt parameter test case into ds_data structure
|
||||
@ -444,11 +438,11 @@ TEST(ds, digital_signature_operation)
|
||||
|
||||
for (int j = 0; j < NUM_MESSAGES; j++) {
|
||||
uint8_t signature[DS_MAX_BITS / 8] = { 0 };
|
||||
printf(" ... message %d\n", j);
|
||||
ESP_LOGD(TAG, " ... message %d", j);
|
||||
|
||||
esp_err_t ds_r = esp_ds_start_sign(test_messages[j],
|
||||
&ds_data,
|
||||
t->hmac_key_idx + 1);
|
||||
t->hmac_key_idx);
|
||||
TEST_ASSERT_EQUAL(ESP_OK, ds_r);
|
||||
|
||||
ds_r = esp_ds_finish_sign(signature, &ds_data);
|
||||
@ -465,7 +459,7 @@ TEST(ds, digital_signature_operation)
|
||||
TEST(ds, digital_signature_blocking_operation)
|
||||
{
|
||||
for (int i = 0; i < NUM_CASES; i++) {
|
||||
printf("Running test case %d...\n", i);
|
||||
ESP_LOGI(TAG, "Running test case %d.", i);
|
||||
const encrypt_testcase_t *t = &test_cases[i];
|
||||
|
||||
// copy encrypt parameter test case into ds_data structure
|
||||
@ -479,7 +473,7 @@ TEST(ds, digital_signature_blocking_operation)
|
||||
|
||||
esp_err_t ds_r = esp_ds_start_sign(test_messages[0],
|
||||
&ds_data,
|
||||
t->hmac_key_idx + 1);
|
||||
t->hmac_key_idx);
|
||||
TEST_ASSERT_EQUAL(ESP_OK, ds_r);
|
||||
|
||||
ds_r = esp_ds_finish_sign(signature, &ds_data);
|
||||
@ -487,7 +481,7 @@ TEST(ds, digital_signature_blocking_operation)
|
||||
#else
|
||||
esp_err_t ds_r = esp_ds_sign(test_messages[0],
|
||||
&ds_data,
|
||||
t->hmac_key_idx + 1,
|
||||
t->hmac_key_idx,
|
||||
signature);
|
||||
TEST_ASSERT_EQUAL(ESP_OK, ds_r);
|
||||
#endif
|
||||
@ -510,10 +504,10 @@ TEST(ds, digital_signature_invalid_data)
|
||||
|
||||
// Corrupt the IV one bit at a time, rerun and expect failure
|
||||
for (int bit = 0; bit < 128; bit++) {
|
||||
printf("Corrupting IV bit %d...\n", bit);
|
||||
ESP_LOGD(TAG, "Corrupting IV bit %d.", bit);
|
||||
ds_data.iv[bit / 8] ^= 1 << (bit % 8);
|
||||
|
||||
esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1);
|
||||
esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx);
|
||||
TEST_ASSERT_EQUAL(ESP_OK, ds_r);
|
||||
|
||||
ds_r = esp_ds_finish_sign(signature, &ds_data);
|
||||
@ -524,12 +518,12 @@ TEST(ds, digital_signature_invalid_data)
|
||||
}
|
||||
|
||||
// Corrupt encrypted key data one bit at a time, rerun and expect failure
|
||||
printf("Corrupting C...\n");
|
||||
ESP_LOGD(TAG, "Corrupting C.");
|
||||
for (int bit = 0; bit < ETS_DS_C_LEN * 8; bit++) {
|
||||
printf("Corrupting C bit %d...\n", bit);
|
||||
ESP_LOGD(TAG, "Corrupting C bit %d.", bit);
|
||||
ds_data.c[bit / 8] ^= 1 << (bit % 8);
|
||||
|
||||
esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1);
|
||||
esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx);
|
||||
TEST_ASSERT_EQUAL(ESP_OK, ds_r);
|
||||
|
||||
ds_r = esp_ds_finish_sign(signature, &ds_data);
|
||||
|
@ -8,6 +8,7 @@
|
||||
#include <stdbool.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "esp_efuse_chip.h"
|
||||
#include "esp_private/esp_crypto_lock_internal.h"
|
||||
#include "esp_random.h"
|
||||
#include "hal/clk_gate_ll.h"
|
||||
@ -19,6 +20,7 @@
|
||||
#include "unity_fixture.h"
|
||||
|
||||
#include "ecdsa_params.h"
|
||||
#include "hal_crypto_common.h"
|
||||
|
||||
static void ecdsa_enable_and_reset(void)
|
||||
{
|
||||
@ -125,13 +127,13 @@ static void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t*
|
||||
if (is_p256) {
|
||||
conf.curve = ECDSA_CURVE_SECP256R1;
|
||||
if (use_km_key == 0) {
|
||||
conf.efuse_key_blk = 6;
|
||||
conf.efuse_key_blk = EFUSE_BLK_KEY0 + ECDSA_KEY_BLOCK_2;
|
||||
}
|
||||
len = 32;
|
||||
} else {
|
||||
conf.curve = ECDSA_CURVE_SECP192R1;
|
||||
if (use_km_key == 0) {
|
||||
conf.efuse_key_blk = 5;
|
||||
conf.efuse_key_blk = EFUSE_BLK_KEY0 + ECDSA_KEY_BLOCK_1;
|
||||
}
|
||||
len = 24;
|
||||
}
|
||||
@ -172,13 +174,13 @@ static void test_ecdsa_export_pubkey(bool is_p256, bool use_km_key)
|
||||
if (is_p256) {
|
||||
conf.curve = ECDSA_CURVE_SECP256R1;
|
||||
if (use_km_key == 0) {
|
||||
conf.efuse_key_blk = 6;
|
||||
conf.efuse_key_blk = EFUSE_BLK_KEY0 + ECDSA_KEY_BLOCK_2;
|
||||
}
|
||||
len = 32;
|
||||
} else {
|
||||
conf.curve = ECDSA_CURVE_SECP192R1;
|
||||
if (use_km_key == 0) {
|
||||
conf.efuse_key_blk = 5;
|
||||
conf.efuse_key_blk = EFUSE_BLK_KEY0 + ECDSA_KEY_BLOCK_1;
|
||||
}
|
||||
len = 24;
|
||||
}
|
||||
|
23
components/hal/test_apps/crypto/main/hal_crypto_common.h
Normal file
23
components/hal/test_apps/crypto/main/hal_crypto_common.h
Normal file
@ -0,0 +1,23 @@
|
||||
/*
|
||||
* SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
|
||||
*
|
||||
* SPDX-License-Identifier: Unlicense OR CC0-1.0
|
||||
*/
|
||||
#pragma once
|
||||
|
||||
// efuse key blocks for DS
|
||||
#define DS_KEY_BLOCK_1 0
|
||||
#define DS_KEY_BLOCK_2 1
|
||||
#define DS_KEY_BLOCK_3 2
|
||||
|
||||
/*
|
||||
* HMAC and ECDSA testcases cannot run together as block used for burning keys are overlapped
|
||||
*/
|
||||
|
||||
// efuse key blocks for HMAC
|
||||
#define HMAC_KEY_BLOCK_1 3
|
||||
#define HMAC_KEY_BLOCK_2 4
|
||||
|
||||
// efuse key blocks for ECDSA
|
||||
#define ECDSA_KEY_BLOCK_1 4
|
||||
#define ECDSA_KEY_BLOCK_2 5
|
@ -16,18 +16,9 @@
|
||||
#include "soc/hwcrypto_reg.h"
|
||||
#include "soc/system_reg.h"
|
||||
#include "hmac_params.h"
|
||||
#include "hal_crypto_common.h"
|
||||
|
||||
typedef enum {
|
||||
HMAC_KEY0 = 0,
|
||||
HMAC_KEY1,
|
||||
HMAC_KEY2,
|
||||
HMAC_KEY3,
|
||||
HMAC_KEY4,
|
||||
HMAC_KEY5,
|
||||
HMAC_KEY_MAX
|
||||
} hmac_key_id_t;
|
||||
|
||||
static ets_efuse_block_t convert_key_type(hmac_key_id_t key_id) {
|
||||
static ets_efuse_block_t convert_key_type(uint32_t key_id) {
|
||||
return ETS_EFUSE_BLOCK_KEY0 + (ets_efuse_block_t) key_id;
|
||||
}
|
||||
|
||||
@ -48,7 +39,7 @@ static esp_err_t hmac_jtag_disable(void)
|
||||
#define SHA256_PAD_SZ 8
|
||||
|
||||
|
||||
static esp_err_t hmac_jtag_enable(hmac_key_id_t key_id, const uint8_t *token)
|
||||
static esp_err_t hmac_jtag_enable(uint32_t key_id, const uint8_t *token)
|
||||
{
|
||||
int ets_status;
|
||||
esp_err_t err = ESP_OK;
|
||||
@ -69,7 +60,7 @@ static void write_and_padd(uint8_t *block, const uint8_t *data, uint16_t data_le
|
||||
bzero(block + data_len + 1, SHA256_BLOCK_SZ - data_len - 1);
|
||||
}
|
||||
|
||||
static esp_err_t hmac_calculate(hmac_key_id_t key_id, const void *message, size_t message_len, uint8_t *hmac)
|
||||
static esp_err_t hmac_calculate(uint32_t key_id, const void *message, size_t message_len, uint8_t *hmac)
|
||||
{
|
||||
const uint8_t *message_bytes = (const uint8_t *)message;
|
||||
|
||||
@ -151,7 +142,7 @@ static esp_err_t hmac_calculate(hmac_key_id_t key_id, const void *message, size_
|
||||
#else /* !CONFIG_IDF_TARGET_ESP32S2 */
|
||||
|
||||
|
||||
static esp_err_t hmac_calculate(hmac_key_id_t key_id,
|
||||
static esp_err_t hmac_calculate(uint32_t key_id,
|
||||
const void *message,
|
||||
size_t message_len,
|
||||
uint8_t *hmac)
|
||||
@ -168,7 +159,7 @@ static esp_err_t hmac_calculate(hmac_key_id_t key_id,
|
||||
}
|
||||
}
|
||||
|
||||
static esp_err_t hmac_jtag_enable(hmac_key_id_t key_id, const uint8_t *token)
|
||||
static esp_err_t hmac_jtag_enable(uint32_t key_id, const uint8_t *token)
|
||||
{
|
||||
int ets_status;
|
||||
esp_err_t err = ESP_OK;
|
||||
@ -210,7 +201,7 @@ TEST_TEAR_DOWN(hmac)
|
||||
|
||||
TEST(hmac, hmac_downstream_jtag_enable_mode)
|
||||
{
|
||||
TEST_ASSERT_EQUAL_HEX32_MESSAGE(ESP_OK, hmac_jtag_enable(HMAC_KEY3, jtag_enable_token_data),
|
||||
TEST_ASSERT_EQUAL_HEX32_MESSAGE(ESP_OK, hmac_jtag_enable(HMAC_KEY_BLOCK_1, jtag_enable_token_data),
|
||||
"JTAG should be re-enabled now, please manually verify");
|
||||
}
|
||||
|
||||
@ -227,7 +218,7 @@ TEST(hmac, hmac_upstream_mac_generation_with_zeroes)
|
||||
const size_t num_zero_results = sizeof(zero_results) / sizeof(hmac_result);
|
||||
|
||||
for (int i = 0; i < num_zero_results; i++) {
|
||||
TEST_ESP_OK(hmac_calculate(HMAC_KEY4, zeroes, zero_results[i].msglen, hmac));
|
||||
TEST_ESP_OK(hmac_calculate(HMAC_KEY_BLOCK_2, zeroes, zero_results[i].msglen, hmac));
|
||||
TEST_ASSERT_EQUAL_HEX8_ARRAY(zero_results[i].result, hmac, sizeof(hmac));
|
||||
}
|
||||
}
|
||||
@ -238,7 +229,7 @@ TEST(hmac, hmac_upstream_MAC_generation_from_data)
|
||||
uint8_t hmac[32];
|
||||
|
||||
for (int i = 0; i < sizeof(results)/sizeof(hmac_result); i++) {
|
||||
TEST_ESP_OK(hmac_calculate(HMAC_KEY4, message, results[i].msglen, hmac));
|
||||
TEST_ESP_OK(hmac_calculate(HMAC_KEY_BLOCK_2, message, results[i].msglen, hmac));
|
||||
TEST_ASSERT_EQUAL_HEX8_ARRAY(results[i].result, hmac, sizeof(hmac));
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user