Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add HMAC stop/continue commands & endian swaps #88

Merged
merged 5 commits into from
Dec 11, 2024

Conversation

AlexJones0
Copy link

@AlexJones0 AlexJones0 commented Dec 10, 2024

This PR partially updates Earlgrey's HMAC to match the latest hardware interface changes. It adds digest write-back during SHA256 processing to allow for saving and restoring of partial hash context, adds support for the Stop/Continue commands used to do this, and updates the supporting message length and digest registers. It also implements the new key/digest swap config fields, and makes a couple other small fixes. See the commit messages for more details.
Note: the first commit 77322d9 is taken from #86, as that applies to the HMAC and is required for functional operation.

Tested against existing passing tests hmac_enc_idle_test and hmac_smoketest and previously failing test wots_test from master on OpenTitan.

Copy link

@rivos-eblot rivos-eblot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

couple of minor syntax tweaks

hw/opentitan/ot_hmac.c Outdated Show resolved Hide resolved
hw/opentitan/ot_hmac.c Outdated Show resolved Hide resolved
hw/opentitan/ot_hmac.c Outdated Show resolved Hide resolved
hw/opentitan/ot_hmac.c Outdated Show resolved Hide resolved
hw/opentitan/ot_hmac.c Outdated Show resolved Hide resolved
hw/opentitan/ot_hmac.c Outdated Show resolved Hide resolved
@rivos-eblot
Copy link

(adding Loïc as a reviewer, since he better knows the HMAC implementation than I do)

@AlexJones0 AlexJones0 force-pushed the hmac_updates branch 2 times, most recently from b439c6e to 97f4cce Compare December 10, 2024 15:12
hw/opentitan/ot_hmac.c Outdated Show resolved Hide resolved
Copy link

@rivos-eblot rivos-eblot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very sorry. I missed this point last time:

Can you add the component the change applies to in the commit message:
[ot] hw/opentitan: ot_hmac: <msg>

I think it would be nice to add this kind of checks in the CI BTW (I never took the time to implement this...)

Otherwise, LGTM.

jwnrt and others added 5 commits December 11, 2024 14:22
Digest write-back allows the state of a partial HMAC SHA256 operation to
be read from the DIGEST registers, supporting the addition of
STOP/CONTINUE commands to save and restore partial states.

Also extracts the `sha256_...` calls into separate `ot_hmac_...`
functions to more modular functions which reduce repeated logic, and
will better allow for expansion to support different key length sizes
(SHA2-384/SHA2-512) in the future.

Signed-off-by: Alex Jones <[email protected]>
Adds the STOP/CONTINUE commands to the OpenTitan HMAC model. These
commands allow you to stop a SHA/HMAC hash after the next full round of
hashing/compression, and retrieve the partial digest so that this
context can be restored later and computation can continue. This lets
users stop/start the HMAC as needed, and better cache hash computations.

To correctly implement these commands, in addition to writing back the
partial intermediary digests of the `sha_process` operations, additional
conditional logic is introduced on stop commands for only processing the
FIFO until the next hash block boundary, and an additional check is
added to the `process` call for the hash being completed.

Note that this commit still hard-codes for SHA256, and does not update
the corresponding DIGEST / MESSAGE LENGTH registers to be writable.

Signed-off-by: Alex Jones <[email protected]>
…implement key swap

This commit adds the checks and functionality for writing to the HMAC
MESSAGE_LENGTH and DIGEST registers whilst the HMAC is not active and
the SHA Engine is disabled, to permit the restoration of saved contexts
(partial computations) using the STOP and CONTINUE commands.

Also implements the KEY_SWAP config option, which now makes the default
configuration use little endian key values, and allows you to use big
endian key values as before by setting the relevant config field to 1.

Signed-off-by: Alex Jones <[email protected]>
Reports `IDLE` in the status register if no command is currently being
processed (i.e. no START/CONTINUE/PROCESS/STOP in progress).

Allows the new KEY_SWAP, DIGEST_SIZE and KEY_LENGTH fields of the config
registers to be written to by stopping them from being masked out.

Signed-off-by: Alex Jones <[email protected]>
@AlexJones0
Copy link
Author

Force push adds the component to the commit messages, and corrects one small error (message length does not have to be >= 512 to process, that was a misunderstanding on my part).

I've also now tested it on top of #86 and can see that this seems to be fixing several tests that were failing (wots_test, verify_test_hardcoded, hmac_sha256_functest and fors_test).

@rivos-eblot rivos-eblot self-requested a review December 11, 2024 14:31
Copy link

@rivos-eblot rivos-eblot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jwnrt jwnrt merged commit 914805b into lowRISC:dev/ot-earlgrey-1.0.0-updates Dec 11, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants