opentitan icon indicating copy to clipboard operation
opentitan copied to clipboard
verified publisher icon lowRISC

[crypto] Outstanding test failures in ECDSA and RSA

Open RyanTorok opened this issue 1 year ago • 4 comments

Description

Several outstanding test failures exist for RSA and ECDSA in the cryptotest framework.

RSA:

  • [ ] wycheproof RSA-2048 pss verify sha-384 #64
  • [ ] wycheproof RSA-3072 pss verify sha-256 #94
  • [ ] wycheproof RSA-4096 pss verify sha-256 #31
  • [ ] wycheproof RSA-4096 pss verify sha-384 #9
  • [ ] wycheproof RSA-4096 pss verify sha-384 #33
  • [ ] wycheproof RSA-4096 pss verify sha-512 #164
  • [ ] NIST CAVP RSA-3072 Verify PSS SHA-{256, 384, 512} unconditionally returns "fail"

ECDSA:

  • [x] wycheproof p256 verify sha-256 #350
  • [x] wycheproof p256 verify sha-512 #420
  • [x] wycheproof p256 verify sha3-256 #358
  • [x] wycheproof p256 verify sha3-512 #424

RyanTorok avatar Mar 28 '24 20:03 RyanTorok

I requested NIST ACVP tests for many of the combinations and got sample test vectors. I can add those in addition to wycheproof if this helps.

vsukhoml avatar Mar 28 '24 21:03 vsukhoml

ECDSA test failures resolved by #22393

RyanTorok avatar Apr 04 '24 13:04 RyanTorok

Removing the ROM label as we are no longer using RSA for secure boot.

moidx avatar Jun 03 '24 20:06 moidx

@andrea-caforio to PTAL

johannheyszl avatar Oct 21 '25 08:10 johannheyszl

Closing as the ECDSA tests are passing and the remaining failing RSA verify tests are documented in https://github.com/lowRISC/opentitan/issues/28656.

nasahlpa avatar Nov 06 '25 11:11 nasahlpa