Zvk code samples / Proof of Concept (v2) #310
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add Apache 2.0 license file. The README explains the contents of this repository and how to use it. It refers to content that will be added in later commits. The .gitignore contains references to built files that will be added in upcoming commits. Signed-off-by: Eric Gouriou <[email protected]> Signed-off-by: Kornel Duleba <[email protected]> Signed-off-by: Stanislaw Kardach <[email protected]>
The test vectors were downloaded from offical NIST website. They're stored in form of multiple ZIP archives, e.g. KAT_AES.zip. After being unpacked test vectors from each archive are stored in a separate directory. Signed-off-by: Eric Gouriou <[email protected]> Signed-off-by: Kornel Dulęba <[email protected]> Signed-off-by: Eric Gouriou <[email protected]>
It simply parses test vectors as defined by NIST and creates a dict. The license part of the file was left intact. Signed-off-by: Eric Gouriou <[email protected]> Signed-off-by: Kornel Dulęba <[email protected]>
|
@kdockser Ken, can you please assign to an appropriate contributor? |
There was a problem hiding this comment.
It looks like the tests make assumption on a minimal VLEN value which is not always the one mandated by the standard. Would it be possible to increase the LMUL values (while keeping vl untouched) and to check register index values to make sure those tests can run on implementations with VLEN values supported by the standard ? (and to modify the min_vlen values accordingly)
|
|
||
| - [1] https://datatracker.ietf.org/doc/html/draft-oscca-cfrg-sm3-00 | ||
| - [2] https://datatracker.ietf.org/doc/html/draft-ribose-cfrg-sm4-10 | ||
| - [3] https://github.com/rivosinc/binutils-gdb/tree/vector-crypto |
|
It looks like there is at least one sample for |
Parse the text files with test vectors and generate C headers that can later be used by a test framework. NIST KAT test vectors are used to provide ample coverage. For now parsing of AES-CBC, AES-GCM, SHA-128 and SHA-256 is supported. Signed-off-by: Eric Gouriou <[email protected]> Signed-off-by: Kornel Dulęba <[email protected]> Signed-off-by: Eric Gouriou <[email protected]>
The zvbb-test.c file contains a set of functions verifying and
showcasing usage of instructions defined by the Zvbb extension.
Pre-requisites:
- riscv64-linux-gnu toolchain available in PATH.
- Zvbb-enabled binutils-gdb available in PATH overriding the above
toolchain.
- Zvbb-enabled Spike available in PATH.
- RISC-V Proxy kernel (riscv-pk) compiled and available in
~/RISC-V/riscv64-linux-gnu/bin/pk (can be overridden with PK make
variable).
The default make target will compile all examples and run them in Spike
simulator.
Example make invocation:
# Build and run Zvbb tests with default parameters
make run-zvbb
# Override riscv-pk location
make run-zvbb PK=/opt/prefix/riscv64-linux-gnu/bin/pk
# Override target triplet and riscv-pk location
make run-zvbb TARGET=riscv64-unknown-linux-gnu \
PK=/opt/prefix/riscv64-linux-gnu/bin/pk
Make targets:
- zvbb-test - compiles the PoC code.
- run-zvbb - Executes the compiled binary in Spike.
- clean - Cleans the build artifacts.
Make variables:
- TARGET - Target triplet to use. By default riscv64-linux-gnu.
- PK - Location of the riscv-pk binary. By default it's
~/RISC-V/$(TARGET)/bin/pk
See Makefile for more details.
Signed-off-by: Stanislaw Kardach <[email protected]>
Signed-off-by: Eric Gouriou <[email protected]>
The zvbc-test.c file contains a set of functions verifying and
showcasing usage of instructions defined by the Zvbc extension.
Pre-requisites:
- riscv64-linux-gnu toolchain available in PATH.
- Zvbc-enabled binutils-gdb available in PATH overriding the above
toolchain.
- Zvbc-enabled Spike available in PATH.
- RISC-V Proxy kernel (riscv-pk) compiled and available in
~/RISC-V/riscv64-linux-gnu/bin/pk (can be overridden with PK make
variable).
The default make target will compile all examples and run them in Spike
simulator.
Example make invocation:
# Build and run Zvbc tests with default parameters
make run-zvbc
# Override riscv-pk location
make run-zvbc PK=/opt/prefix/riscv64-linux-gnu/bin/pk
# Override target triplet and riscv-pk location
make run-zvbc TARGET=riscv64-unknown-linux-gnu \
PK=/opt/prefix/riscv64-linux-gnu/bin/pk
Make targets:
- zvbc-test - compiles the PoC code.
- run-zvbc - Executes the compiled binary in Spike.
- clean - Cleans the build artifacts.
Make variables:
- TARGET - Target triplet to use. By default riscv64-linux-gnu.
- PK - Location of the riscv-pk binary. By default it's
~/RISC-V/$(TARGET)/bin/pk
See Makefile for more details.
Signed-off-by: Stanislaw Kardach <[email protected]>
Signed-off-by: Eric Gouriou <[email protected]>
The aes-cbc-test.c file contains a set of functions verifying and
showcasing usage of instructions defined by the Zvkned extension to
implement the AES-CBC algorithm routines.
Pre-requisites:
- riscv64-linux-gnu toolchain available in PATH.
- Zvkned-enabled binutils-gdb available in PATH overriding the above
toolchain.
- Zvkned-enabled Spike available in PATH.
- RISC-V Proxy kernel (riscv-pk) compiled and available in
~/RISC-V/riscv64-linux-gnu/bin/pk (can be overridden with PK make
variable).
The default make target will compile all examples and run them in Spike
simulator.
Example make invocation:
# Build and run Zvkned tests with default parameters
make run-aes-cbc
# Override riscv-pk location
make run-aes-cbc PK=/opt/prefix/riscv64-linux-gnu/bin/pk
# Override target triplet and riscv-pk location
make run-aes-cbc TARGET=riscv64-unknown-linux-gnu \
PK=/opt/prefix/riscv64-linux-gnu/bin/pk
Make targets:
- aes-cbc-test - compiles the PoC code.
- run-aes-cbc - Executes the compiled binary in Spike.
- clean - Cleans the build artifacts.
Make variables:
- TARGET - Target triplet to use. By default riscv64-linux-gnu.
- PK - Location of the riscv-pk binary. By default it's
~/RISC-V/$(TARGET)/bin/pk
See Makefile for more details.
Signed-off-by: Kornel Dulęba <[email protected]>
Signed-off-by: Stanislaw Kardach <[email protected]>
Signed-off-by: Eric Gouriou <[email protected]>
The aes-gcm-test.c file contains a set of functions verifying and
showcasing usage of instructions defined by the Zvkned and Zvbb/Zvbc
extensions to implement AES-GCM algorithm routines.
Pre-requisites:
- riscv64-linux-gnu toolchain available in PATH.
- zvkned, zvbb, and zvbc enabled binutils-gdb available
in PATH overriding the above toolchain.
- zvkned, zvbb, and zbbc enabled Spike available in PATH.
- RISC-V Proxy kernel (riscv-pk) compiled and available in
~/RISC-V/riscv64-linux-gnu/bin/pk (can be overridden with PK make
variable).
The default make target will compile all examples and run them in Spike
simulator.
Example make invocation:
# Build and run aes-gcm-test with default parameters
make run-aes-gcm
# Override riscv-pk location
make run-aes-gcm PK=/opt/prefix/riscv64-linux-gnu/bin/pk
# Override target triplet and riscv-pk location
make run-aes-gcm TARGET=riscv64-unknown-linux-gnu \
PK=/opt/prefix/riscv64-linux-gnu/bin/pk
Make targets:
- aes-gcm-test - compiles the PoC code.
- run-aes-gcm - Executes the compiled binary in Spike.
- clean - Cleans the build artifacts.
Make variables:
- TARGET - Target triplet to use. By default riscv64-linux-gnu.
- PK - Location of the riscv-pk binary. By default it's
~/RISC-V/$(TARGET)/bin/pk
See Makefile for more details.
Signed-off-by: Kornel Dulęba <[email protected]>
Signed-off-by: Eric Gouriou <[email protected]>
The GHASH part of AES-GCM is now run twice using instructions from Zvb*
and Zvkg extensions and then compared to ensure result validity.
Pre-requisites:
- riscv64-linux-gnu toolchain available in PATH.
- Zvkg-enabled binutils-gdb available in PATH overriding the above
toolchain.
- Zvkg-enabled Spike available in PATH.
- RISC-V Proxy kernel (riscv-pk) compiled and available in
~/RISC-V/riscv64-linux-gnu/bin/pk (can be overridden with PK make
variable).
The default make target will compile all examples and run them in Spike
simulator.
Example make invocation:
# Build and run Zvkns+Zvkg tests with default parameters
make run-aes-gcm
# Override riscv-pk location
make run-aes-gcm PK=/opt/prefix/riscv64-linux-gnu/bin/pk
# Override target triplet and riscv-pk location
make run-aes-gcm TARGET=riscv64-unknown-linux-gnu \
PK=/opt/prefix/riscv64-linux-gnu/bin/pk
Make targets:
- aes-gcm-test - compiles the PoC code.
- run-aes-gcm - Executes the compiled binary in Spike.
- clean - Cleans the build artifacts.
Make variables:
- TARGET - Target triplet to use. By default riscv64-linux-gnu.
- PK - Location of the riscv-pk binary. By default it's
~/RISC-V/$(TARGET)/bin/pk
See Makefile for more details.
Signed-off-by: Eric Gouriou <[email protected]>
Signed-off-by: Kornel Duleba <[email protected]>
The sha-test.c file contains a set of functions verifying and
showcasing usage of instructions defined by the Zvknha/Zvknhb
extensions to implement the SHA-128 and SHA-256 algorithm routines.
Pre-requisites:
- riscv64-linux-gnu toolchain available in PATH.
- zvknh[ab]-enabled binutils-gdb available in PATH overriding the above
toolchain.
- zvknh[ab]-enabled Spike available in PATH.
- RISC-V Proxy kernel (riscv-pk) compiled and available in
~/RISC-V/riscv64-linux-gnu/bin/pk (can be overridden with PK make
variable).
The default make target will compile all examples and run them in Spike
simulator.
Example make invocation:
# Build and run zvknh[ab] tests with default parameters
make run-sha
# Override riscv-pk location
make run-sha PK=/opt/prefix/riscv64-linux-gnu/bin/pk
# Override target triplet and riscv-pk location
make run-sha TARGET=riscv64-unknown-linux-gnu \
PK=/opt/prefix/riscv64-linux-gnu/bin/pk
Make targets:
- sha-test - compiles the PoC code.
- run-sha - Executes the compiled binary in Spike.
- clean - Cleans the build artifacts.
Make variables:
- TARGET - Target triplet to use. By default riscv64-linux-gnu.
- PK - Location of the riscv-pk binary. By default it's
~/RISC-V/$(TARGET)/bin/pk
See Makefile for more details.
Signed-off-by: Kornel Dulęba <[email protected]>
Signed-off-by: Eric Gouriou <[email protected]>
The sm3-test.c file contains a set of functions verifying and
showcasing usage of instructions implementing SM3 algorithm (see [1])
defined by the Zvksh extension (see [2]).
Pre-requisites:
- riscv64-linux-gnu toolchain available in PATH.
- Zvksh-enabled binutils-gdb available in PATH overriding the above
toolchain.
- Zvksh-enabled Spike available in PATH.
- RISC-V Proxy kernel (riscv-pk) compiled and available in
~/RISC-V/riscv64-linux-gnu/bin/pk (can be overridden with PK make
variable).
The default make target will compile all examples and run them in Spike
simulator.
Example make invocation:
# Build and run Zvksh tests with default parameters
make run-sm3
# Override riscv-pk location
make run-sm3 PK=/opt/prefix/riscv64-linux-gnu/bin/pk
# Override target triplet and riscv-pk location
make run-sm3 TARGET=riscv64-unknown-linux-gnu \
PK=/opt/prefix/riscv64-linux-gnu/bin/pk
Make targets:
- sm3-test - compiles the PoC code.
- run-sm3 - Executes the compiled binary in Spike.
- clean - Cleans the build artifacts.
Make variables:
- TARGET - Target triplet to use. By default riscv64-linux-gnu.
- PK - Location of the riscv-pk binary. By default it's
~/RISC-V/$(TARGET)/bin/pk
See Makefile for more details.
[1] https://datatracker.ietf.org/doc/html/draft-oscca-cfrg-sm3-00
[2] https://github.com/riscv/riscv-crypto/releases
Signed-off-by: Eric Gouriou <[email protected]>
Signed-off-by: Albert Jakieła <[email protected]>
Signed-off-by: Kornel Duleba <[email protected]>
Signed-off-by: Eric Gouriou <[email protected]>
The sm4-test.c file contains a set of functions verifying and
showcasing usage of instructions implementing SM4 algorithm (see [1])
defined by the Zvksed extension (see [2]).
Pre-requisites:
- riscv64-linux-gnu toolchain available in PATH.
- Zvksed-enabled binutils-gdb available in PATH overriding the above
toolchain.
- Zvksed-enabled Spike available in PATH.
- RISC-V Proxy kernel (riscv-pk) compiled and available in
~/RISC-V/riscv64-linux-gnu/bin/pk (can be overridden with PK make
variable).
The default make target will compile all examples and run them in Spike
simulator.
Example make invocation:
# Build and run Zvksed tests with default parameters
make run-sm4
# Override riscv-pk location
make run-sm4 PK=/opt/prefix/riscv64-linux-gnu/bin/pk
# Override target triplet and riscv-pk location
make run-sm4 TARGET=riscv64-unknown-linux-gnu \
PK=/opt/prefix/riscv64-linux-gnu/bin/pk
Make targets:
- sm4-test - compiles the PoC code.
- run-sm4 - Executes the compiled binary in Spike.
- clean - Cleans the build artifacts.
Make variables:
- TARGET - Target triplet to use. By default riscv64-linux-gnu.
- PK - Location of the riscv-pk binary. By default it's
~/RISC-V/$(TARGET)/bin/pk
See Makefile for more details.
[1] https://datatracker.ietf.org/doc/html/draft-ribose-cfrg-sm4-10
[2] https://github.com/riscv/riscv-crypto/releases
Signed-off-by: Albert Jakieła <[email protected]>
Signed-off-by: Eric Gouriou <[email protected]>
egouriou-rivos
force-pushed
the
zvk-code-samples
branch
from
60f1f2c to
9f8bff9
Compare
egouriou-rivos
changed the title
I am not sure what tests you are referring to. I believe all tests that require VLEN>128 (sha512) now have alternate versions that use LMUL>1 to allow for smaller VLEN, even smaller than 128 in some cases (although not SHA-512). There was an issue in the previous version of those commits where the "base" AES commit only had LMUL=1 versions and the LMUL>1 versions were added in a later commit. That was my mistake and I massaged the commits to introduce the multiple variants in the initial AES commit. My apologies if this caused confusion (I certainly confused myself). |
Thanks, I updated the PR to mention Zvkg, even though only vghsh is covered. |
|
I'm just a passer by, but how do people review the tests without building them? I couldn't build them when I tried |
|
On Tue, May 2, 2023 at 3:31 AM Nazar Kazakov ***@***.***> wrote:
I'm just a passer by, but how do people review the tests without building
them? I couldn't build them when I tried
I build and run them using:
- the current LLVM main branch, which supports the latest version of the
specification
(https://reviews.llvm.org/D148483, https://reviews.llvm.org/D149127)
- Spike using the PR
riscv-software-src/riscv-isa-sim#1303
GCC / binutils-gdb does not have support for the latest version of the
specification yet.
I hope this helps,
Eric
—
… Reply to this email directly, view it on GitHub
<#310 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AXMTHQWST2BMJW2YNH4C6ITXEDO6VANCNFSM6AAAAAAWRB6CLM>
.
You are receiving this because you were assigned.Message ID:
***@***.***>
--
Eric Gouriou
***@***.***
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Code samples covering the Zvk extensions Zvbb, Zvbc, Zvkg, Zvkned, Zvknh[ab], Zvksed, Zvksh.
The code used to live in https://github.com/rivosinc/riscv-code-samples. As part of the architecture review, there has been a request to move it to riscv/riscv-crypto. Hence this PR.
Changes in V2:
Given the vwsll fix, this PR matches the Zvk specification version 0.9.1, 2023-04-25, freeze candidate.
Known issues remaining in V2: