[rom, rom_ext] Run known-answer tests for used cryptographic algorithms before signature verification

[vsukhoml]

Description

To make it easier include ROM, ROM_EXT into certification scope if would be required, it is useful to run known-answer tests for cryptographic algorithms used for signature verification (including those used for cached result). While running something like sha256(const) and checking that result is expected is pretty fast and have minimal impact on code size, tests for signature verification itself can be lengthy and data for known-answer tests will require plenty of room (especially SPHINCS+). But at least for P256/P384 it is feasible as extra code size is a signature size + few extra calls.

To reduce latency known-answer test checking that valid signature validates, and invalid (e.g. bit flipped) is not can run on OTBN in parallel with computing image hashes using SHA256/KMAC/etc.

@moidx , @timothytrippel

[moidx]

Running KATs on secure boot functions is used in designs where the FIPS boundary does not include the non-volatile memory (e.g. Integrated root of trust). This is not necessary for an OT solution that defines the physical boundary as the IC.

On the other hand, we don't have enough code space in the ROM to support this. The earliest this can be done is in the ROM_EXT.

Moving to ROM_EXT for further triaging.

[vsukhoml]

Tests should run before use of cryptographic functions by the module, whatever module it is. If we plan to bring ROM in the scope (and we probably will, due to its crucial role in firmware updates), it is better to have this functionality. At least for P256 and related hash functions.

[moidx]

As I mentioned in the previous comment. We don't have enough space to fit this in, so the earliest we can apply KATs is ROM_EXT.