opentitan icon indicating copy to clipboard operation
opentitan copied to clipboard
verified publisher icon lowRISC

[cryptotest] add wycheproof KMAC test vectors

Open RyanTorok opened this issue 1 year ago • 6 comments

Adds the wycheproof KMAC test vectors to /sw/vendor/ and adds a python script and JSON schema to parse the test vectors into the format that will be used in the test harness. The parser and JSON schema are only a slight variation of the ones used for HMAC in #21149 and #21151, respectively.

Dependent on #21599

RyanTorok avatar Feb 05 '24 14:02 RyanTorok

Just for documentation: The first commit of the PR was auto-generated by running util/vendor.py --update -c sw/vendor/google_wycheproof.vendor.hjson

RyanTorok avatar Feb 05 '24 20:02 RyanTorok

This is a pretty epically large PR. One alternative to vendoring in the code would be to fork the Wycheproof repo into the lowRISC organization, add a bit of code to produce a release, and then add that release as a third_party dependency. Subsequent updates would just be pulling in the changes, re-releasing, and then changing a couple lines in third_party. Would this be useful or are these updates infrequent enough that it's not worth changing?

CC @jadephilipoom

milesdai avatar Feb 05 '24 20:02 milesdai

This is a pretty epically large PR. One alternative to vendoring in the code would be to fork the Wycheproof repo into the lowRISC organization, add a bit of code to produce a release, and then add that release as a third_party dependency. Subsequent updates would just be pulling in the changes, re-releasing, and then changing a couple lines in third_party. Would this be useful or are these updates infrequent enough that it's not worth changing?

CC @jadephilipoom

Historically the updates have been rare (there was only one update before this, and it was 3 years ago according to GitHub). Maybe we will want to update more frequently to pull in new tests, now that the code is more mature, but I'm not sure.

jadephilipoom avatar Feb 06 '24 08:02 jadephilipoom

Following up on this, after an offline discussion, we've agreed that it makes sense for @RyanTorok to try implementing the discussed solution above to investigate if this is worth spending the time to fix.

milesdai avatar Feb 08 '24 19:02 milesdai

After some offline discussion, it was decided the cleanest solution was to depend on a specific commit of the upstream wycheproof repo, rather than making a fork/release.

RyanTorok avatar Feb 13 '24 13:02 RyanTorok

This PR has been refactored to use the non-vendored wycheproof test vectors added in #21599 .

RyanTorok avatar Feb 21 '24 14:02 RyanTorok

Successfully created backport PR for earlgrey_es_sival:

  • #21825

github-actions[bot] avatar Mar 04 '24 19:03 github-actions[bot]