mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
7330851db0
- also renamed the security test app to crypto test app
87 lines
3.2 KiB
Markdown
87 lines
3.2 KiB
Markdown
| Supported Targets | ESP32 | ESP32-C2 | ESP32-C3 | ESP32-C6 | ESP32-H2 | ESP32-S2 | ESP32-S3 |
|
|
| ----------------- | ----- | -------- | -------- | -------- | -------- | -------- | -------- |
|
|
|
|
## Crypto peripherals test
|
|
|
|
This is a combined crypto peripherals verification application using mostly HAL APIs. This application is intentionally kept simple and does not use any higher layer constructs. This application can help in the early verification of the new SoC.
|
|
|
|
This contains tests for the following features of the crypto peripherals:
|
|
|
|
- MPI peripheral
|
|
- MPI Modular Multiplication
|
|
- MPI Multiplication
|
|
- MPI Modular Exponentiation
|
|
|
|
- ECC peripheral
|
|
- ECC Point multiplication for P192 and P256 curve
|
|
- ECC Point verification for P192 and P256 curve
|
|
- ECC Point verify and multiply for P192 and P256 curve
|
|
- ECC Inverse multiplication for P192 and P256
|
|
|
|
If the hardware supports extended work modes then it also tests:
|
|
- ECC Jacobian multiplication for P192 and P256 curve
|
|
- ECC Jacobian verification for P192 and P256 curve
|
|
- ECC Point verification and Jacobian multiplication for P192 and P256 curve
|
|
- ECC Point addition for P192 and P256 curve
|
|
- Mod addition
|
|
- Mod subtraction
|
|
- Mod multiplication
|
|
|
|
- HMAC periperhal
|
|
- HMAC 'downstream' JTAG Enable mode
|
|
- HMAC 'downstream' JTAG Disable
|
|
- HMAC 'upstream' MAC generation with zeroes
|
|
- HMAC 'upstream' MAC generation from data
|
|
|
|
- DS peripheral
|
|
- Digital Signature Parameter Encryption
|
|
- Digital Signature wrong HMAC key purpose
|
|
- Digital Signature Blocking wrong HMAC key purpose
|
|
- Digital Signature Operation
|
|
- Digital Signature Blocking Operation
|
|
- Digital Signature Invalid Data
|
|
|
|
> **_NOTE:_** The verification tests for the HMAC and Digital Signature peripherals would get exercised in only in an FPGA environment.
|
|
# Burning the HMAC key
|
|
|
|
The HMAC tests need an HMAC key to be burned in the `BLOCK_KEY3` and `BLOCK_KEY4` of the efuses. As this verification application is independent of the efuse component, the user needs to manually burn the keys and their key purposes using `espefuse.py`.
|
|
|
|
```bash
|
|
espefuse.py -p $ESPPORT burn_key BLOCK_KEY3 hmac_key.bin HMAC_DOWN_JTAG
|
|
|
|
espefuse.py -p $ESPPORT burn_key BLOCK_KEY4 hmac_key.bin HMAC_UP
|
|
```
|
|
|
|
# Burning the HMAC keys for Digital Signature tests
|
|
|
|
The tests needs some HMAC keys to be burned in the `BLOCK_KEY1`, `BLOCK_KEY2` and `BLOCK_KEY3` of the efuses. As this verification application is independent of the efuse component, the user needs to manually burn the keys and their key purposes using `espefuse.py`.
|
|
|
|
```bash
|
|
espefuse.py -p $ESPPORT burn_key BLOCK_KEY1 ds_key1.bin HMAC_DOWN_DIGITAL_SIGNATURE --no-read-protect --no-write-protect --do-not-confirm
|
|
|
|
espefuse.py -p $ESPPORT burn_key BLOCK_KEY2 ds_key2.bin HMAC_DOWN_DIGITAL_SIGNATURE --no-read-protect --no-write-protect --do-not-confirm
|
|
|
|
espefuse.py -p $ESPPORT burn_key BLOCK_KEY3 ds_key3.bin HMAC_DOWN_DIGITAL_SIGNATURE --no-read-protect --no-write-protect --do-not-confirm
|
|
```
|
|
|
|
# Building
|
|
|
|
```bash
|
|
idf.py set-target <TARGET>
|
|
idf.py build
|
|
```
|
|
|
|
# Running the app manually
|
|
|
|
```bash
|
|
idf.py flash monitor
|
|
```
|
|
|
|
Enter the test that you want to run locally
|
|
|
|
# Running tests
|
|
|
|
```bash
|
|
pytest --target <TARGET>
|
|
```
|