[pentest] Add new OTBN FI tests

This commit pulls over the following tests from the pentest branch of
nasahlpa/opentitan that has been used for the penetration testing:
- otbn.fi.load_integrity
- otbn.fi.key_sideload

Signed-off-by: Pascal Nasahl <[email protected]>

sw/device/tests/penetrationtests/firmware/fi/BUILD

@@ -34,18 +34,22 @@ cc_library(
     deps = [
         "//sw/device/lib/base:memory",
         "//sw/device/lib/base:status",
+        "//sw/device/lib/crypto/drivers:keymgr",
         "//sw/device/lib/crypto/drivers:otbn",
         "//sw/device/lib/dif:otbn",
         "//sw/device/lib/dif:rv_core_ibex",
         "//sw/device/lib/runtime:log",
         "//sw/device/lib/testing:entropy_testutils",
+        "//sw/device/lib/testing:keymgr_testutils",
         "//sw/device/lib/testing/test_framework:ujson_ottf",
         "//sw/device/lib/ujson",
         "//sw/device/sca/lib:sca",
         "//sw/device/tests/penetrationtests/firmware/fi/otbn:otbn_char_hardware_dmem_op_loop",
         "//sw/device/tests/penetrationtests/firmware/fi/otbn:otbn_char_hardware_reg_op_loop",
         "//sw/device/tests/penetrationtests/firmware/fi/otbn:otbn_char_unrolled_dmem_op_loop",
         "//sw/device/tests/penetrationtests/firmware/fi/otbn:otbn_char_unrolled_reg_op_loop",
+        "//sw/device/tests/penetrationtests/firmware/fi/otbn:otbn_key_sideload",
+        "//sw/device/tests/penetrationtests/firmware/fi/otbn:otbn_load_integrity",
         "//sw/device/tests/penetrationtests/firmware/lib:sca_lib",
         "//sw/device/tests/penetrationtests/json:otbn_fi_commands",
     ],

sw/device/tests/penetrationtests/firmware/fi/otbn/BUILD

@@ -33,3 +33,17 @@ otbn_binary(
         "otbn_char_unrolled_reg_op_loop.s",
     ],
 )
+
+otbn_binary(
+    name = "otbn_key_sideload",
+    srcs = [
+        "otbn_key_sideload.s",
+    ],
+)
+
+otbn_binary(
+    name = "otbn_load_integrity",
+    srcs = [
+        "otbn_load_integrity.s",
+    ],
+)

sw/device/tests/penetrationtests/firmware/fi/otbn/otbn_key_sideload.s

@@ -0,0 +1,53 @@
+/* Copyright lowRISC contributors (OpenTitan project). */
+/* Licensed under the Apache License, Version 2.0, see LICENSE for details. */
+/* SPDX-License-Identifier: Apache-2.0 */
+/*
+    OBTN.KEY_SIDELOAD FI Penetration Test
+*/
+.section .text.start
+
+    /* Load all key shares into w20...w23. */
+    bn.wsrr  w20, KEY_S0_L
+    bn.wsrr  w21, KEY_S1_L
+    bn.wsrr  w22, KEY_S0_H
+    bn.wsrr  w23, KEY_S1_H
+
+    /* Write key shared into accessible DMEM. */
+    li      x2, 20
+    la      x3, k_s0_l
+    bn.sid  x2, 0(x3)
+
+    li      x2, 21
+    la      x3, k_s0_h
+    bn.sid  x2, 0(x3)
+
+    li      x2, 22
+    la      x3, k_s1_l
+    bn.sid  x2, 0(x3)
+
+    li      x2, 23
+    la      x3, k_s1_h
+    bn.sid  x2, 0(x3)
+
+    ecall
+
+.data
+    .globl k_s0_l
+    .balign 32
+    k_s0_l:
+    .zero 32
+
+    .globl k_s0_h
+    .balign 32
+    k_s0_h:
+    .zero 32
+
+    .globl k_s1_l
+    .balign 32
+    k_s1_l:
+    .zero 32
+
+    .globl k_s1_h
+    .balign 32
+    k_s1_h:
+    .zero 32

sw/device/tests/penetrationtests/firmware/fi/otbn/otbn_load_integrity.s

@@ -0,0 +1,31 @@
+/* Copyright lowRISC contributors (OpenTitan project). */
+/* Licensed under the Apache License, Version 2.0, see LICENSE for details. */
+/* SPDX-License-Identifier: Apache-2.0 */
+/*
+    OBTN.LOAD_INTEGRITY FI Penetration Test
+*/
+.section .text.start
+
+    /* Execute 10 NOPs. */
+    li x1, 10
+    loop x1, 1
+      nop
+
+    ecall
+
+.data
+    /* Reference values. */
+    .balign 32
+    .globl refval1
+    refval1:
+      .word 0x1BADB002
+
+    .balign 32
+    .globl refval2
+    refval2:
+      .word 0x8BADF00D
+
+    .balign 32
+    .globl refval3
+    refval3:
+      .word 0xA5A5A5A5