diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-09-16 13:17:00 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-09-17 01:38:05 +0000 |
commit | b89dd9906c4b990d45d48195368df1cfb583b9b0 (patch) | |
tree | 853a8cfe7a228585cb6c56916190e0ec47379bc7 /test | |
parent | 83a5b5bd7f9773a33728b223930a16425f380541 (diff) | |
download | chrome-ec-b89dd9906c4b990d45d48195368df1cfb583b9b0.tar.gz |
cr50: add TRNG testing mode with TRNG restartstabilize-rust-14225.B-cr50_stab
NIST statistical tests for TRNG entropy requires to compare entropy
in regular mode (continuous readings) with entropy after TRNG restarts.
Added support for TRNG restart before reading entropy and updated script
to drive tests.
BUG=b:138577834
TEST=test/nist_entropy.sh
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Idc46191be05e8275730726f6debb8007ca361bc6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3165883
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: William Wesson <wesson@google.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'test')
-rwxr-xr-x | test/tpm_test/nist_entropy.sh | 13 | ||||
-rw-r--r-- | test/tpm_test/trng_test.py | 2 |
2 files changed, 12 insertions, 3 deletions
diff --git a/test/tpm_test/nist_entropy.sh b/test/tpm_test/nist_entropy.sh index 5344a49890..b25bd884bf 100755 --- a/test/tpm_test/nist_entropy.sh +++ b/test/tpm_test/nist_entropy.sh @@ -8,6 +8,7 @@ set -e TMP_PATH="/tmp/ea" NIST_URL="https://github.com/usnistgov/SP800-90B_EntropyAssessment.git" TRNG_OUT="${TMP_PATH}/trng_output" +TRNG_OUT_RESTART="${TMP_PATH}/trng_output_restart" EA_LOG="ea_non_iid.log" rm -rf "${TMP_PATH}" git clone --depth 1 "${NIST_URL}" "${TMP_PATH}" @@ -21,11 +22,19 @@ if [[ ! -f "${TRNG_OUT}" ]]; then echo "${TRNG_OUT} does not exist" exit 1 fi +# -t3 use TRNG with restarts +./tpmtest.py -t3 -o "${TRNG_OUT_RESTART}" +if [[ ! -f "${TRNG_OUT_RESTART}" ]]; then + echo "${TRNG_OUT_RESTART} does not exist" + exit 1 +fi + rm -f "${EA_LOG}" -"${TMP_PATH}/cpp/ea_non_iid" -a "${TRNG_OUT}" | tee "${EA_LOG}" +"${TMP_PATH}/cpp/ea_non_iid" -v -a "${TRNG_OUT}" | tee "${EA_LOG}" entropy="$(awk '/min/ {print $5}' "${EA_LOG}")" if [[ -z "${entropy}" ]]; then entropy="$(awk '/H_original/ {print $2}' "${EA_LOG}")" fi echo "Minimal entropy ${entropy}" -"${TMP_PATH}/cpp/ea_restart" "${TRNG_OUT}" "${entropy}" | tee -a "${EA_LOG}" +"${TMP_PATH}/cpp/ea_restart" -v "${TRNG_OUT_RESTART}" \ + "${entropy}" | tee -a "${EA_LOG}" diff --git a/test/tpm_test/trng_test.py b/test/tpm_test/trng_test.py index bdf0477a32..38aabc7c13 100644 --- a/test/tpm_test/trng_test.py +++ b/test/tpm_test/trng_test.py @@ -69,7 +69,7 @@ def trng_test(tpm, trng_output, trng_mode, tsb=1): subcmd.TpmTestError: on unexpected target responses """ - if trng_mode not in [0, 1, 2]: + if trng_mode not in [0, 1, 2, 3]: raise subcmd.TpmTestError('Unknown random source: %d' % trng_mode) # minimal recommended by NIST is 1000 samples per block |