Cr50: Add logging functionality to PinWeaver.

In order to be able to recover from the AP and Cr50 getting out of
sync, this logging functionality gives Cr50 a way to track the
state changes of the merkle tree so that the AP can be updated to
the current state as long as it has a recent enough copy.

This involves packing the important information so it can be stored
efficiently on flash, and adding the necessary messages for the
replay.

CQ-DEPEND=CL:895395,CL:929430
BRANCH=none
BUG=chromium:809729, chromium:809745
TEST=cd ~/src/platform/ec && V=1 make run-weaver_ng -j

Change-Id: I40f98de2c8e9706cccb5b922215699f2132fa121
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/963773
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>

2 files changed, 764 insertions, 16 deletions

diff --git a/test/pinweaver.c b/test/pinweaver.c
index 16c40ec9aa..2f105c7b0a 100644
--- a/test/pinweaver.c
+++ b/test/pinweaver.c
@@ -6,6 +6,7 @@
 #include <pinweaver.h>
 
 #include <dcrypto.h>
+#include <nvmem_vars.h>
 #include <sha256.h>
 #include <stdint.h>
 #include <string.h>
@@ -123,11 +124,32 @@ const uint8_t ROOT_WITH_DEFAULT_HMAC[] = {
 		0x37, 0xc2, 0xf2, 0x72, 0x31, 0xdd, 0xc4, 0xaf,
 };
 
+/* This is not the actual hmac. */
+const uint8_t OTHER_HMAC[] = {
+		0xec, 0x64, 0x73, 0x39, 0xcf, 0x53, 0xb7, 0x08,
+		0x85, 0x8f, 0xb6, 0x20, 0x25, 0x98, 0x59, 0x97,
+		0x58, 0x8c, 0x7a, 0x80, 0x10, 0xb4, 0xc1, 0xc8,
+		0x8a, 0xdf, 0xe3, 0x69, 0x07, 0xd1, 0xc4, 0xdc,
+};
+
+const uint8_t ROOT_WITH_OTHER_HMAC[] = {
+		0xdf, 0xce, 0xf4, 0xba, 0x18, 0xe8, 0xd0, 0x1d,
+		0xcb, 0x3b, 0x29, 0x41, 0x44, 0x01, 0x6e, 0x72,
+		0xe3, 0x19, 0x9a, 0x44, 0x62, 0x44, 0x2a, 0xf1,
+		0xaf, 0x66, 0xb6, 0xf0, 0x61, 0x05, 0x9d, 0xc0,
+};
+
 /******************************************************************************/
 /* Config Variables and defines for Mocks.
  */
 
-uint32_t MOCK_restart_count;
+struct tuple MOCK_pw_tuple;
+struct pw_long_term_storage_t MOCK_pw_long_term_storage;
+struct pw_log_storage_t MOCK_pw_log_storage;
+int MOCK_getvar_ret = EC_SUCCESS;
+int MOCK_setvar_ret = EC_SUCCESS;
+int MOCK_writevars_ret = EC_SUCCESS;
+void *MOCK_tuple_val_ret;
 
 const uint8_t *MOCK_rand_bytes_src;
 size_t MOCK_rand_bytes_offset;
@@ -198,6 +220,14 @@ static const char *pw_error_str(int code)
 		return "PW_ERR_CRYPTO_FAILURE";
 	case PW_ERR_RATE_LIMIT_REACHED:
 		return "PW_ERR_RATE_LIMIT_REACHED";
+	case PW_ERR_ROOT_NOT_FOUND:
+		return "PW_ERR_ROOT_NOT_FOUND";
+	case PW_ERR_NV_EMPTY:
+		return "PW_ERR_NV_EMPTY";
+	case PW_ERR_NV_LENGTH_MISMATCH:
+		return "PW_ERR_NV_LENGTH_MISMATCH";
+	case PW_ERR_NV_VERSION_MISMATCH:
+		return "PW_ERR_NV_VERSION_MISMATCH";
 	default:
 		return "?";
 	}
@@ -262,6 +292,64 @@ void print_hex(const uint8_t *data, size_t n)
 		ccprintf("%02x ", data[x]);
 }
 
+/* Initialize the log.
+ * For num_operations:
+ * < 0   only zero out the storage.
+ * == 0  only initialize the tree
+ * > 0   cyclically applies operations in the following order:
+ *           insert
+ *           auth failed
+ *           auth success
+ *           remove
+ * So for num_operations == 4 the complete set of operations will be written to
+ * the log.
+ */
+static void setup_storage(int num_operations)
+{
+	MOCK_getvar_ret = EC_SUCCESS;
+	MOCK_setvar_ret = EC_SUCCESS;
+	MOCK_writevars_ret = EC_SUCCESS;
+
+	memset(&MOCK_pw_long_term_storage, 0,
+	       sizeof(MOCK_pw_long_term_storage));
+	memset(&MOCK_pw_log_storage, 0, sizeof(MOCK_pw_log_storage));
+
+	if (num_operations < 0)
+		return;
+	--num_operations;
+
+	store_merkle_tree(&EMPTY_TREE);
+
+	while (num_operations > 0) {
+		--num_operations;
+
+		log_insert_leaf(DEFAULT_LEAF.pub.label, ROOT_WITH_DEFAULT_HMAC,
+				DEFAULT_HMAC);
+
+		if (num_operations < 0)
+			return;
+		--num_operations;
+
+		log_auth(DEFAULT_LEAF.pub.label, ROOT_WITH_OTHER_HMAC,
+			 PW_ERR_LOWENT_AUTH_FAILED,
+			 (struct pw_timestamp_t) {7, 99});
+
+		if (num_operations < 0)
+			return;
+		--num_operations;
+
+		log_auth(DEFAULT_LEAF.pub.label, ROOT_WITH_DEFAULT_HMAC,
+			 EC_SUCCESS,
+			 (struct pw_timestamp_t) {10, 100});
+
+		if (num_operations < 0)
+			return;
+		--num_operations;
+
+		log_remove_leaf(DEFAULT_LEAF.pub.label, EMPTY_TREE.root);
+	}
+}
+
 static void setup_default_empty_path(uint8_t hashes[][PW_HASH_SIZE])
 {
 	uint8_t num_siblings = (1 << EMPTY_TREE.bits_per_level.v) - 1;
@@ -331,6 +419,9 @@ static void setup_reset_tree_defaults(struct merkle_tree_t *merkle_tree,
 	MOCK_DECRYPTO_release_counter = 0;
 
 	memset(merkle_tree, 0, sizeof(*merkle_tree));
+	memset(&MOCK_pw_long_term_storage, 0,
+	       sizeof(MOCK_pw_long_term_storage));
+	memset(&MOCK_pw_log_storage, 0, sizeof(MOCK_pw_log_storage));
 
 	request->header.version = PW_PROTOCOL_VERSION;
 	request->header.type.v = PW_RESET_TREE;
@@ -343,6 +434,8 @@ static void setup_reset_tree_defaults(struct merkle_tree_t *merkle_tree,
 	MOCK_rand_bytes_offset = 0;
 	MOCK_rand_bytes_len = sizeof(EMPTY_TREE.key_derivation_nonce);
 	MOCK_appkey_derive_fail = EC_SUCCESS;
+	MOCK_setvar_ret = EC_SUCCESS;
+	MOCK_writevars_ret = EC_SUCCESS;
 }
 
 static void setup_insert_leaf_defaults(struct merkle_tree_t *merkle_tree,
@@ -352,6 +445,7 @@ static void setup_insert_leaf_defaults(struct merkle_tree_t *merkle_tree,
 	MOCK_DECRYPTO_release_counter = 0;
 
 	memcpy(merkle_tree, &EMPTY_TREE, sizeof(EMPTY_TREE));
+	memset(&MOCK_pw_log_storage, 0, sizeof(MOCK_pw_log_storage));
 
 	request->header.version = PW_PROTOCOL_VERSION;
 	request->header.type.v = PW_INSERT_LEAF;
@@ -380,6 +474,8 @@ static void setup_insert_leaf_defaults(struct merkle_tree_t *merkle_tree,
 	MOCK_hash_update_cb = 0;
 	MOCK_hmac = DEFAULT_HMAC;
 	MOCK_aes_fail = 0;
+	MOCK_setvar_ret = EC_SUCCESS;
+	MOCK_writevars_ret = EC_SUCCESS;
 }
 
 static void setup_remove_leaf_defaults(struct merkle_tree_t *merkle_tree,
@@ -391,6 +487,7 @@ static void setup_remove_leaf_defaults(struct merkle_tree_t *merkle_tree,
 	memcpy(merkle_tree, &EMPTY_TREE, sizeof(EMPTY_TREE));
 	memcpy(merkle_tree->root, ROOT_WITH_DEFAULT_HMAC,
 	       sizeof(ROOT_WITH_DEFAULT_HMAC));
+	memset(&MOCK_pw_log_storage, 0, sizeof(MOCK_pw_log_storage));
 
 	request->header.version = PW_PROTOCOL_VERSION;
 	request->header.type.v = PW_REMOVE_LEAF;
@@ -403,6 +500,9 @@ static void setup_remove_leaf_defaults(struct merkle_tree_t *merkle_tree,
 	memcpy(request->data.remove_leaf.leaf_hmac, DEFAULT_HMAC,
 	       sizeof(request->data.remove_leaf.leaf_hmac));
 	setup_default_empty_path(request->data.remove_leaf.path_hashes);
+
+	MOCK_setvar_ret = EC_SUCCESS;
+	MOCK_writevars_ret = EC_SUCCESS;
 }
 
 static void setup_try_auth_defaults_with_leaf(
@@ -425,6 +525,8 @@ static void setup_try_auth_defaults_with_leaf(
 		/* Gets overwritten by auth_hash_update_cb. */
 		MOCK_hmac = EMPTY_HMAC;
 
+	memset(&MOCK_pw_log_storage, 0, sizeof(MOCK_pw_log_storage));
+
 	request->header.version = PW_PROTOCOL_VERSION;
 	request->header.type.v = PW_TRY_AUTH;
 	request->header.data_length =
@@ -440,13 +542,15 @@ static void setup_try_auth_defaults_with_leaf(
 			leaf_data, MOCK_hmac,
 			&request->data.try_auth.unimported_leaf_data);
 
-	MOCK_restart_count = 0;
+	force_restart_count(0);
 	force_time((timestamp_t){.val = 0});
 	MOCK_rand_bytes_src = DEFAULT_IV;
 	MOCK_rand_bytes_offset = 0;
 	MOCK_rand_bytes_len = sizeof(DEFAULT_IV);
 	MOCK_hash_update_cb = auth_hash_update_cb;
 	MOCK_aes_fail = 0;
+	MOCK_setvar_ret = EC_SUCCESS;
+	MOCK_writevars_ret = EC_SUCCESS;
 }
 
 static void setup_try_auth_defaults(struct merkle_tree_t *merkle_tree,
@@ -465,6 +569,7 @@ static void setup_reset_auth_defaults(struct merkle_tree_t *merkle_tree,
 	MOCK_DECRYPTO_init_counter = 0;
 	MOCK_DECRYPTO_release_counter = 0;
 	memcpy(merkle_tree, &EMPTY_TREE, sizeof(EMPTY_TREE));
+	memset(&MOCK_pw_log_storage, 0, sizeof(MOCK_pw_log_storage));
 
 	request->header.version = PW_PROTOCOL_VERSION;
 	request->header.type.v = PW_RESET_AUTH;
@@ -489,6 +594,71 @@ static void setup_reset_auth_defaults(struct merkle_tree_t *merkle_tree,
 	MOCK_hash_update_cb = auth_hash_update_cb;
 	MOCK_hmac = EMPTY_HMAC; /* Gets overwritten by auth_hash_update_cb. */
 	MOCK_aes_fail = 0;
+	MOCK_setvar_ret = EC_SUCCESS;
+	MOCK_writevars_ret = EC_SUCCESS;
+}
+
+static void setup_get_log_defaults(struct merkle_tree_t *merkle_tree,
+				   struct pw_request_t *request)
+{
+	MOCK_DECRYPTO_init_counter = 0;
+	MOCK_DECRYPTO_release_counter = 0;
+
+	memcpy(merkle_tree, &EMPTY_TREE, sizeof(*merkle_tree));
+
+	request->header.version = PW_PROTOCOL_VERSION;
+	request->header.type.v = PW_GET_LOG;
+	request->header.data_length = sizeof(struct pw_request_get_log_t);
+
+	/* Chosen not to match any of the root hashes in the log. */
+	memcpy(request->data.get_log.root, OTHER_HMAC,
+	       sizeof(OTHER_HMAC));
+
+	setup_storage(1);
+}
+
+static void setup_log_replay_defaults_with_leaf(
+		const struct leaf_data_t *leaf_data,
+		struct merkle_tree_t *merkle_tree,
+		struct pw_request_t *request)
+{
+	MOCK_DECRYPTO_init_counter = 0;
+	MOCK_DECRYPTO_release_counter = 0;
+
+	memcpy(merkle_tree, &EMPTY_TREE, sizeof(*merkle_tree));
+	if (leaf_data->pub.attempt_count.v != 6 &&
+	    leaf_data->pub.attempt_count.v != 10)
+		/* Gets overwritten by auth_hash_update_cb. */
+		MOCK_hmac = DEFAULT_HMAC;
+	else
+		/* Gets overwritten by auth_hash_update_cb. */
+		MOCK_hmac = EMPTY_HMAC;
+
+	request->header.version = PW_PROTOCOL_VERSION;
+	request->header.type.v = PW_LOG_REPLAY;
+	request->header.data_length =
+			sizeof(struct pw_request_log_replay_t) +
+			PW_LEAF_PAYLOAD_SIZE +
+			get_path_auxiliary_hash_count(&EMPTY_TREE) *
+			PW_HASH_SIZE;
+
+	memcpy(request->data.log_replay.log_root, ROOT_WITH_DEFAULT_HMAC,
+	       sizeof(ROOT_WITH_DEFAULT_HMAC));
+
+	setup_default_unimported_leaf_data_and_hashes(
+			leaf_data, MOCK_hmac,
+			&request->data.try_auth.unimported_leaf_data);
+
+	MOCK_hash_update_cb = auth_hash_update_cb;
+
+	setup_storage(4);
+}
+
+static void setup_log_replay_defaults(struct merkle_tree_t *merkle_tree,
+				      struct pw_request_t *request)
+{
+	setup_log_replay_defaults_with_leaf(&DEFAULT_LEAF, merkle_tree,
+					    request);
 }
 
 /* Increases the length of the pub and cipher_text by 4 each. */
@@ -550,6 +720,9 @@ static void auth_hash_update_cb(const void *data, size_t len)
 	case 6:
 		MOCK_hmac = EMPTY_HMAC;
 		break;
+	case 16:
+		MOCK_hmac = OTHER_HMAC;
+		break;
 	default:
 		MOCK_hmac = DEFAULT_HMAC;
 		break;
@@ -557,14 +730,9 @@ static void auth_hash_update_cb(const void *data, size_t len)
 }
 
 /******************************************************************************/
-/* Mock implementations of TPM, TRNG, and Dcrypto functionality.
+/* Mock implementations of TPM functionality.
  */
 
-uint32_t get_restart_count(void)
-{
-	return MOCK_restart_count;
-}
-
 void get_storage_seed(void *buf, size_t *len)
 {
 	*len = *len < sizeof(DEFAULT_STORAGE_SEED) ? *len :
@@ -572,6 +740,65 @@ void get_storage_seed(void *buf, size_t *len)
 	memcpy(buf, DEFAULT_STORAGE_SEED, *len);
 }
 
+/******************************************************************************/
+/* Mock implementations of nvmem_vars functionality.
+ */
+const struct tuple *getvar(const uint8_t *key, uint8_t key_len)
+{
+	if (MOCK_getvar_ret != EC_SUCCESS)
+		return NULL;
+
+	MOCK_pw_tuple.flags = 0;
+	MOCK_pw_tuple.key_len = key_len;
+
+	if (key_len == (sizeof(PW_TREE_VAR) - 1) &&
+	    memcmp(key, PW_TREE_VAR, (sizeof(PW_TREE_VAR) - 1)) == 0) {
+		MOCK_pw_tuple.val_len = sizeof(MOCK_pw_long_term_storage);
+		MOCK_tuple_val_ret = &MOCK_pw_long_term_storage;
+		return &MOCK_pw_tuple;
+	} else if (key_len == (sizeof(PW_LOG_VAR0) - 1) &&
+		   memcmp(key, PW_LOG_VAR0, (sizeof(PW_LOG_VAR0) - 1)) == 0) {
+		MOCK_pw_tuple.val_len = sizeof(struct pw_log_storage_t);
+		MOCK_tuple_val_ret = &MOCK_pw_log_storage;
+		return &MOCK_pw_tuple;
+	} else
+		return NULL;
+}
+
+const uint8_t *tuple_val(const struct tuple *tpl)
+{
+	return MOCK_tuple_val_ret;
+}
+
+int setvar(const uint8_t *key, uint8_t key_len,
+	   const uint8_t *val, uint8_t val_len)
+{
+	if (MOCK_setvar_ret != EC_SUCCESS)
+		return MOCK_setvar_ret;
+
+	if (key_len == (sizeof(PW_TREE_VAR) - 1) &&
+	    memcmp(key, PW_TREE_VAR, (sizeof(PW_TREE_VAR) - 1)) == 0) {
+		TEST_ASSERT(val_len == sizeof(MOCK_pw_long_term_storage));
+		memcpy(&MOCK_pw_long_term_storage, val, val_len);
+		return EC_SUCCESS;
+	} else if (key_len == (sizeof(PW_LOG_VAR0) - 1) &&
+		   memcmp(key, PW_LOG_VAR0, (sizeof(PW_LOG_VAR0) - 1)) == 0) {
+		TEST_ASSERT(val_len == sizeof(struct pw_log_storage_t));
+		memcpy(&MOCK_pw_log_storage, val, val_len);
+		return EC_SUCCESS;
+	} else
+		return EC_ERROR_UNKNOWN;
+}
+
+int writevars(void)
+{
+	return MOCK_writevars_ret;
+}
+
+/******************************************************************************/
+/* Mock implementations of TRNG functionality.
+ */
+
 void rand_bytes(void *buffer, size_t len)
 {
 	if (!MOCK_rand_bytes_src)
@@ -585,6 +812,10 @@ void rand_bytes(void *buffer, size_t len)
 		MOCK_rand_bytes_offset = 0;
 }
 
+/******************************************************************************/
+/* Mock implementations of Dcrypto functionality.
+ */
+
 void HASH_update(struct HASH_CTX *ctx, const void *data, size_t len)
 {
 	if (MOCK_hash_update_cb)
@@ -919,6 +1150,20 @@ static int handle_reset_tree_crypto_failure(void)
 	return check_dcrypto_mutex_usage();
 }
 
+static int handle_reset_tree_nv_fail(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_reset_tree_defaults(&merkle_tree, &buf.request);
+
+	MOCK_writevars_ret = PW_ERR_NV_LENGTH_MISMATCH;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, merkle_tree.root),
+		    PW_ERR_NV_LENGTH_MISMATCH);
+	return EC_SUCCESS;
+}
+
 static int handle_reset_tree_success(void)
 {
 	struct merkle_tree_t merkle_tree;
@@ -932,6 +1177,21 @@ static int handle_reset_tree_success(void)
 	TEST_ASSERT_ARRAY_EQ((uint8_t *)&merkle_tree, (uint8_t *)&EMPTY_TREE,
 			     sizeof(EMPTY_TREE));
 
+	TEST_ASSERT(MOCK_pw_long_term_storage.storage_version ==
+		    PW_STORAGE_VERSION);
+	TEST_ASSERT(MOCK_pw_long_term_storage.bits_per_level.v ==
+		    EMPTY_TREE.bits_per_level.v);
+	TEST_ASSERT(MOCK_pw_long_term_storage.height.v ==
+		    EMPTY_TREE.height.v);
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_long_term_storage.key_derivation_nonce,
+			     EMPTY_TREE.key_derivation_nonce,
+			     sizeof(EMPTY_TREE.key_derivation_nonce));
+
+	TEST_ASSERT(MOCK_pw_log_storage.storage_version == PW_STORAGE_VERSION);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].type.v == PW_RESET_TREE);
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_log_storage.entries[0].root,
+			     EMPTY_TREE.root, sizeof(EMPTY_TREE.root));
+
 	return check_dcrypto_mutex_usage();
 }
 
@@ -1040,6 +1300,20 @@ static int handle_insert_leaf_crypto_failure(void)
 	return check_dcrypto_mutex_usage();
 }
 
+static int handle_insert_leaf_nv_fail(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_insert_leaf_defaults(&merkle_tree, &buf.request);
+
+	MOCK_writevars_ret = PW_ERR_NV_LENGTH_MISMATCH;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, merkle_tree.root),
+		    PW_ERR_NV_LENGTH_MISMATCH);
+	return EC_SUCCESS;
+}
+
 static int handle_insert_leaf_success(void)
 {
 	struct merkle_tree_t merkle_tree;
@@ -1075,6 +1349,16 @@ static int handle_insert_leaf_success(void)
 			    (wrapped_leaf_data->cipher_text[x] ^
 			     MOCK_AES_XOR_BYTE(x)));
 
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].type.v == PW_INSERT_LEAF);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].label.v ==
+		    DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_log_storage.entries[0].root,
+			     ROOT_WITH_DEFAULT_HMAC,
+			     sizeof(ROOT_WITH_DEFAULT_HMAC));
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_log_storage.entries[0].leaf_hmac,
+			     DEFAULT_HMAC,
+			     sizeof(DEFAULT_HMAC));
+
 	return check_dcrypto_mutex_usage();
 }
 
@@ -1127,6 +1411,20 @@ static int handle_remove_leaf_path_auth_failed(void)
 	return check_dcrypto_mutex_usage();
 }
 
+static int handle_remove_leaf_nv_fail(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_remove_leaf_defaults(&merkle_tree, &buf.request);
+
+	MOCK_writevars_ret = PW_ERR_NV_LENGTH_MISMATCH;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, merkle_tree.root),
+		    PW_ERR_NV_LENGTH_MISMATCH);
+	return EC_SUCCESS;
+}
+
 static int handle_remove_leaf_success(void)
 {
 	struct merkle_tree_t merkle_tree;
@@ -1137,6 +1435,12 @@ static int handle_remove_leaf_success(void)
 	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
 		    EC_SUCCESS);
 
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].type.v ==
+		    PW_REMOVE_LEAF);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].label.v ==
+		    DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_log_storage.entries[0].root,
+			     EMPTY_TREE.root, sizeof(EMPTY_TREE.root));
 	return check_dcrypto_mutex_usage();
 }
 
@@ -1279,7 +1583,7 @@ static int handle_try_auth_rate_limit_reached(void)
 	/* Test PW_BLOCK_ATTEMPTS. */
 	memcpy(&leaf_data, &DEFAULT_LEAF, sizeof(DEFAULT_LEAF));
 	leaf_data.pub.attempt_count.v = 51;
-	MOCK_restart_count = 1;
+	force_restart_count(1);
 	force_time((timestamp_t){.val = 7200llu * SECOND});
 	setup_try_auth_defaults_with_leaf(&leaf_data, &merkle_tree,
 					  &buf.request);
@@ -1295,7 +1599,23 @@ static int handle_try_auth_rate_limit_reached(void)
 	leaf_data.pub.delay_schedule[0].attempt_count.v = 5;
 	leaf_data.pub.delay_schedule[0].time_diff.v = PW_BLOCK_ATTEMPTS;
 	leaf_data.pub.attempt_count.v = 6;
-	MOCK_restart_count = 1;
+	force_restart_count(1);
+	force_time((timestamp_t){.val = 7200llu * SECOND});
+	setup_try_auth_defaults_with_leaf(&leaf_data, &merkle_tree,
+					  &buf.request);
+
+	TEST_RET_EQ(check_try_auth_rate_limit_reached_response(
+			&merkle_tree, &buf,
+			(const struct time_diff_t){PW_BLOCK_ATTEMPTS}),
+		    EC_SUCCESS);
+
+	memcpy(&leaf_data, &DEFAULT_LEAF, sizeof(DEFAULT_LEAF));
+	memset(leaf_data.pub.delay_schedule, 0,
+	       sizeof(leaf_data.pub.delay_schedule));
+	leaf_data.pub.delay_schedule[0].attempt_count.v = 5;
+	leaf_data.pub.delay_schedule[0].time_diff.v = PW_BLOCK_ATTEMPTS;
+	leaf_data.pub.attempt_count.v = 6;
+	force_restart_count(1);
 	force_time((timestamp_t){.val = 7200llu * SECOND});
 	setup_try_auth_defaults_with_leaf(&leaf_data, &merkle_tree,
 					  &buf.request);
@@ -1312,7 +1632,7 @@ static int handle_try_auth_rate_limit_reached(void)
 	leaf_data.pub.timestamp.timer_value = 7200llu;
 	setup_try_auth_defaults_with_leaf(&leaf_data, &merkle_tree,
 					  &buf.request);
-	MOCK_restart_count = 0;
+	force_restart_count(0);
 	force_time((timestamp_t){.val = (leaf_data.pub.timestamp.timer_value +
 					 3599llu) * SECOND});
 
@@ -1327,7 +1647,7 @@ static int handle_try_auth_rate_limit_reached(void)
 	leaf_data.pub.timestamp.timer_value = 7200llu;
 	setup_try_auth_defaults_with_leaf(&leaf_data, &merkle_tree,
 					  &buf.request);
-	MOCK_restart_count = 1;
+	force_restart_count(1);
 	force_time((timestamp_t){.val = 3599llu * SECOND});
 
 	TEST_RET_EQ(check_try_auth_rate_limit_reached_response(
@@ -1337,6 +1657,22 @@ static int handle_try_auth_rate_limit_reached(void)
 	return check_dcrypto_mutex_usage();
 }
 
+static int handle_try_auth_nv_fail(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_try_auth_defaults(&merkle_tree, &buf.request);
+	force_restart_count(0);
+	force_time((timestamp_t){.val = 65 * SECOND});
+
+	MOCK_writevars_ret = PW_ERR_NV_LENGTH_MISMATCH;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, merkle_tree.root),
+		    PW_ERR_NV_LENGTH_MISMATCH);
+	return EC_SUCCESS;
+}
+
 static int handle_try_auth_lowent_auth_failed(void)
 {
 	struct merkle_tree_t merkle_tree;
@@ -1356,7 +1692,7 @@ static int handle_try_auth_lowent_auth_failed(void)
 				 sizeof(leaf_data.sec.low_entropy_secret) - 1];
 	setup_try_auth_defaults_with_leaf(&leaf_data, &merkle_tree,
 					  &buf.request);
-	MOCK_restart_count = 1;
+	force_restart_count(1);
 	force_time((timestamp_t){.val = (65ull * SECOND)});
 
 	TEST_RET_EQ(do_request(&merkle_tree, &buf), PW_ERR_LOWENT_AUTH_FAILED);
@@ -1397,6 +1733,20 @@ static int handle_try_auth_lowent_auth_failed(void)
 	 * force_time() is called.
 	 */
 	TEST_ASSERT(pub->timestamp.timer_value - 65ull < 100);
+
+	/* Validate the log entry for a failed auth attempt. */
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].type.v == PW_TRY_AUTH);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].label.v ==
+		    DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].return_code ==
+				    PW_ERR_LOWENT_AUTH_FAILED);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].timestamp.boot_count ==
+		    pub->timestamp.boot_count);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].timestamp.timer_value ==
+		    pub->timestamp.timer_value);
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_log_storage.entries[0].root,
+			     EMPTY_TREE.root,
+			     sizeof(EMPTY_TREE.root));
 	return check_dcrypto_mutex_usage();
 }
 
@@ -1416,7 +1766,7 @@ static int handle_try_auth_success(void)
 	leaf_data.pub.attempt_count.v = 6;
 	setup_try_auth_defaults_with_leaf(&leaf_data, &merkle_tree,
 					  &buf.request);
-	MOCK_restart_count = 0;
+	force_restart_count(0);
 	force_time((timestamp_t){.val = 65 * SECOND});
 
 	TEST_RET_EQ(do_request(&merkle_tree, &buf), EC_SUCCESS);
@@ -1453,13 +1803,26 @@ static int handle_try_auth_success(void)
 			     DEFAULT_LEAF.sec.high_entropy_secret,
 			     sizeof(DEFAULT_LEAF.sec.high_entropy_secret));
 
+	/* Validate the log entry on success. */
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].type.v == PW_TRY_AUTH);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].label.v ==
+		    DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].return_code == EC_SUCCESS);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].timestamp.boot_count ==
+		    pub->timestamp.boot_count);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].timestamp.timer_value ==
+		    pub->timestamp.timer_value);
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_log_storage.entries[0].root,
+			     ROOT_WITH_DEFAULT_HMAC,
+			     sizeof(ROOT_WITH_DEFAULT_HMAC));
+
 	/* Test boot_count + 1 case. */
 	leaf_data.pub.attempt_count.v = 6;
 	leaf_data.pub.timestamp.boot_count = 0;
 	leaf_data.pub.timestamp.timer_value = 7200llu;
 	setup_try_auth_defaults_with_leaf(&leaf_data, &merkle_tree,
 					  &buf.request);
-	MOCK_restart_count = 1;
+	force_restart_count(1);
 	force_time((timestamp_t){.val = 65llu * SECOND});
 
 	TEST_RET_EQ(do_request(&merkle_tree, &buf), EC_SUCCESS);
@@ -1588,6 +1951,20 @@ static int handle_reset_auth_reset_auth_failed(void)
 	return check_dcrypto_mutex_usage();
 }
 
+static int handle_reset_auth_nv_fail(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_reset_auth_defaults(&merkle_tree, &buf.request);
+
+	MOCK_writevars_ret = PW_ERR_NV_LENGTH_MISMATCH;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, merkle_tree.root),
+		    PW_ERR_NV_LENGTH_MISMATCH);
+	return EC_SUCCESS;
+}
+
 static int handle_reset_auth_success(void)
 {
 	struct merkle_tree_t merkle_tree;
@@ -1635,6 +2012,19 @@ static int handle_reset_auth_success(void)
 			     sizeof(DEFAULT_LEAF.sec));
 	TEST_ASSERT(pub->attempt_count.v == 0);
 
+	/* Validate the log entry on success. */
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].type.v == PW_TRY_AUTH);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].label.v ==
+		    DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].return_code == EC_SUCCESS);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].timestamp.boot_count ==
+		    pub->timestamp.boot_count);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].timestamp.timer_value ==
+		    pub->timestamp.timer_value);
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_log_storage.entries[0].root,
+			     ROOT_WITH_DEFAULT_HMAC,
+			     sizeof(ROOT_WITH_DEFAULT_HMAC));
+
 	/* Test with different minor version and struct lengths. */
 	setup_reset_auth_defaults(&merkle_tree, &buf.request);
 	setup_mock_future_version(
@@ -1675,6 +2065,343 @@ static int handle_reset_auth_success(void)
 	TEST_ASSERT_ARRAY_EQ((uint8_t *)&sec, (uint8_t *)&DEFAULT_LEAF.sec,
 			     sizeof(DEFAULT_LEAF.sec));
 	TEST_ASSERT(pub->attempt_count.v == 0);
+
+	/* Validate the log entry on success. */
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].type.v == PW_TRY_AUTH);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].label.v ==
+		    DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].return_code == EC_SUCCESS);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].timestamp.boot_count ==
+		    pub->timestamp.boot_count);
+	TEST_ASSERT(MOCK_pw_log_storage.entries[0].timestamp.timer_value ==
+		    pub->timestamp.timer_value);
+	TEST_ASSERT_ARRAY_EQ(MOCK_pw_log_storage.entries[0].root,
+			     ROOT_WITH_DEFAULT_HMAC,
+			     sizeof(ROOT_WITH_DEFAULT_HMAC));
+	return check_dcrypto_mutex_usage();
+}
+
+/******************************************************************************/
+/* Get log test cases.
+ */
+
+static int handle_get_log_invalid_length(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_get_log_defaults(&merkle_tree, &buf.request);
+
+	++buf.request.header.data_length;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_LENGTH_INVALID);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_get_log_nv_fail(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_get_log_defaults(&merkle_tree, &buf.request);
+
+	MOCK_getvar_ret = PW_ERR_NV_EMPTY;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_NV_EMPTY);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_get_log_success(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+	const struct pw_get_log_entry_t (*view)[PW_LOG_ENTRY_COUNT] =
+			(void *)buf.response.data.get_log;
+
+	setup_get_log_defaults(&merkle_tree, &buf.request);
+	setup_storage(4);
+
+	TEST_RET_EQ(do_request(&merkle_tree, &buf), EC_SUCCESS);
+
+	TEST_ASSERT_ARRAY_EQ(buf.response.header.root, EMPTY_TREE.root,
+			     sizeof(EMPTY_TREE.root));
+	TEST_ASSERT_ARRAY_EQ(buf.response.header.root, merkle_tree.root,
+			     sizeof(merkle_tree.root));
+
+	TEST_ASSERT(buf.response.header.version == PW_PROTOCOL_VERSION);
+	TEST_ASSERT(buf.response.header.data_length ==
+		    sizeof(struct pw_get_log_entry_t) * PW_LOG_ENTRY_COUNT);
+	TEST_RET_EQ(buf.response.header.result_code, EC_SUCCESS);
+
+	TEST_ASSERT(buf.response.header.version == PW_PROTOCOL_VERSION);
+
+	TEST_ASSERT((*view)[0].type.v == PW_REMOVE_LEAF);
+	TEST_ASSERT((*view)[0].label.v == DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT_ARRAY_EQ((*view)[0].root, EMPTY_TREE.root,
+			     sizeof(EMPTY_TREE.root));
+
+	TEST_ASSERT((*view)[1].type.v == PW_TRY_AUTH);
+	TEST_ASSERT((*view)[1].label.v == DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT((*view)[1].return_code == EC_SUCCESS);
+	TEST_ASSERT((*view)[1].timestamp.boot_count == 10);
+	TEST_ASSERT((*view)[1].timestamp.timer_value == 100);
+	TEST_ASSERT_ARRAY_EQ((*view)[1].root, ROOT_WITH_DEFAULT_HMAC,
+			     sizeof(ROOT_WITH_DEFAULT_HMAC));
+
+	setup_get_log_defaults(&merkle_tree, &buf.request);
+	setup_storage(2);
+
+	TEST_RET_EQ(do_request(&merkle_tree, &buf), EC_SUCCESS);
+
+	TEST_ASSERT((*view)[0].type.v == PW_TRY_AUTH);
+	TEST_ASSERT((*view)[0].label.v == DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT((*view)[0].return_code == PW_ERR_LOWENT_AUTH_FAILED);
+	TEST_ASSERT((*view)[0].timestamp.boot_count == 7);
+	TEST_ASSERT((*view)[0].timestamp.timer_value == 99);
+	TEST_ASSERT_ARRAY_EQ((*view)[0].root, ROOT_WITH_OTHER_HMAC,
+			     sizeof(ROOT_WITH_OTHER_HMAC));
+
+	TEST_ASSERT((*view)[1].type.v == PW_INSERT_LEAF);
+	TEST_ASSERT((*view)[1].label.v == DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT_ARRAY_EQ((*view)[1].root, ROOT_WITH_DEFAULT_HMAC,
+			     sizeof(ROOT_WITH_DEFAULT_HMAC));
+	TEST_ASSERT_ARRAY_EQ((*view)[1].leaf_hmac, DEFAULT_HMAC,
+			     sizeof(DEFAULT_HMAC));
+
+	setup_get_log_defaults(&merkle_tree, &buf.request);
+	setup_storage(0);
+
+	TEST_RET_EQ(do_request(&merkle_tree, &buf), EC_SUCCESS);
+
+	TEST_ASSERT((*view)[0].type.v == PW_RESET_TREE);
+	TEST_ASSERT_ARRAY_EQ((*view)[0].root, EMPTY_TREE.root,
+			     sizeof(EMPTY_TREE.root));
+
+	return check_dcrypto_mutex_usage();
+}
+
+/******************************************************************************/
+/* Log replay test cases.
+ */
+
+static int handle_log_replay_invalid_length(void)
+{
+	return invalid_length_with_leaf_head(
+			(size_t)&((struct pw_request_t *)0)->data.log_replay
+					.unimported_leaf_data.head,
+			setup_log_replay_defaults);
+}
+
+static int handle_log_replay_nv_fail(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_log_replay_defaults(&merkle_tree, &buf.request);
+
+	MOCK_getvar_ret = PW_ERR_NV_EMPTY;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_NV_EMPTY);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_log_replay_root_not_found(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_log_replay_defaults(&merkle_tree, &buf.request);
+
+	memcpy(buf.request.data.log_replay.log_root, DEFAULT_HMAC,
+	       sizeof(DEFAULT_HMAC));
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_ROOT_NOT_FOUND);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_log_replay_type_invalid(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+
+	setup_log_replay_defaults(&merkle_tree, &buf.request);
+
+	memcpy(buf.request.data.log_replay.log_root, EMPTY_TREE.root,
+	       sizeof(EMPTY_TREE.root));
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_TYPE_INVALID);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_log_replay_hmac_auth_failed(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+	struct leaf_data_t leaf_data = {};
+
+	memcpy(&leaf_data, &DEFAULT_LEAF, sizeof(leaf_data));
+	leaf_data.pub.attempt_count.v = 7;
+	setup_log_replay_defaults_with_leaf(&leaf_data, &merkle_tree,
+					    &buf.request);
+
+	memcpy(buf.request.data.log_replay.unimported_leaf_data.hmac,
+	       EMPTY_HMAC, sizeof(EMPTY_HMAC));
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_HMAC_AUTH_FAILED);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_log_replay_crypto_failure(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+	struct leaf_data_t leaf_data = {};
+
+	memcpy(&leaf_data, &DEFAULT_LEAF, sizeof(leaf_data));
+	leaf_data.pub.attempt_count.v = 7;
+	setup_log_replay_defaults_with_leaf(&leaf_data, &merkle_tree,
+					    &buf.request);
+
+	MOCK_aes_fail = 1;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_CRYPTO_FAILURE);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_log_replay_label_invalid(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+	struct leaf_data_t leaf_data = {};
+
+	memcpy(&leaf_data, &DEFAULT_LEAF, sizeof(leaf_data));
+	leaf_data.pub.label.v = 0;
+	setup_log_replay_defaults_with_leaf(&leaf_data, &merkle_tree,
+					    &buf.request);
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_LABEL_INVALID);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_log_replay_path_auth_failed(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+	uint8_t (*path_hashes)[32] =
+			(void *)buf.request.data.log_replay.unimported_leaf_data
+					.payload +
+			sizeof(struct leaf_public_data_t) +
+			sizeof(struct leaf_sensitive_data_t);
+
+	setup_log_replay_defaults(&merkle_tree, &buf.request);
+
+	(*path_hashes)[0] ^= 0xff;
+
+	TEST_RET_EQ(test_handle_short_msg(&merkle_tree, &buf, EMPTY_TREE.root),
+		    PW_ERR_PATH_AUTH_FAILED);
+	return check_dcrypto_mutex_usage();
+}
+
+static int handle_log_replay_success(void)
+{
+	struct merkle_tree_t merkle_tree;
+	struct pw_test_data_t buf;
+	struct leaf_data_t leaf_data = {};
+	struct leaf_public_data_t *pub =
+			(void *)buf.response.data.log_replay
+					.unimported_leaf_data.payload;
+	struct leaf_sensitive_data_t sec = {};
+	uint8_t *resp_cipher_text = (void *)pub + sizeof(*pub);
+
+	/*
+	 * Test for auth success.
+	 */
+	setup_log_replay_defaults(&merkle_tree, &buf.request);
+
+	TEST_RET_EQ(do_request(&merkle_tree, &buf), EC_SUCCESS);
+
+	TEST_ASSERT(buf.response.header.version == PW_PROTOCOL_VERSION);
+	TEST_ASSERT(buf.response.header.data_length ==
+		    sizeof(struct pw_response_log_replay_t) +
+		    PW_LEAF_PAYLOAD_SIZE);
+	TEST_RET_EQ(buf.response.header.result_code, EC_SUCCESS);
+
+	TEST_ASSERT_ARRAY_EQ(buf.response.header.root, EMPTY_TREE.root,
+			     sizeof(EMPTY_TREE.root));
+	TEST_ASSERT_ARRAY_EQ(buf.response.header.root, merkle_tree.root,
+			     sizeof(merkle_tree.root));
+
+	TEST_ASSERT_ARRAY_EQ(
+			buf.response.data.log_replay.unimported_leaf_data.hmac,
+			DEFAULT_HMAC, sizeof(DEFAULT_HMAC));
+	TEST_ASSERT_ARRAY_EQ(
+			buf.response.data.log_replay.unimported_leaf_data.iv,
+			DEFAULT_IV, sizeof(DEFAULT_IV));
+	DCRYPTO_aes_ctr((uint8_t *)&sec, EMPTY_TREE.wrap_key,
+			sizeof(EMPTY_TREE.wrap_key) * 8, DEFAULT_IV,
+			resp_cipher_text, sizeof(sec));
+	TEST_ASSERT(pub->label.v == DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT_ARRAY_EQ(
+			(const uint8_t *)&pub->delay_schedule,
+			(const uint8_t *)&DEFAULT_LEAF.pub.delay_schedule,
+			sizeof(DEFAULT_LEAF.pub.delay_schedule));
+	TEST_ASSERT_ARRAY_EQ((uint8_t *)&sec, (uint8_t *)&DEFAULT_LEAF.sec,
+			     sizeof(DEFAULT_LEAF.sec));
+	TEST_ASSERT(pub->attempt_count.v == 0);
+	TEST_ASSERT(pub->timestamp.boot_count == 10);
+	TEST_ASSERT(pub->timestamp.timer_value == 100);
+
+	/*
+	 * Test for auth failed.
+	 */
+	memcpy(&leaf_data, &DEFAULT_LEAF, sizeof(leaf_data));
+	leaf_data.pub.attempt_count.v = 15;
+	setup_log_replay_defaults_with_leaf(&leaf_data, &merkle_tree,
+					    &buf.request);
+	memcpy(buf.request.data.log_replay.log_root, ROOT_WITH_OTHER_HMAC,
+	       sizeof(ROOT_WITH_OTHER_HMAC));
+	setup_storage(2);
+
+	TEST_RET_EQ(do_request(&merkle_tree, &buf), EC_SUCCESS);
+
+	TEST_ASSERT(buf.response.header.version == PW_PROTOCOL_VERSION);
+	TEST_ASSERT(buf.response.header.data_length ==
+		    sizeof(struct pw_response_log_replay_t) +
+		    PW_LEAF_PAYLOAD_SIZE);
+	TEST_RET_EQ(buf.response.header.result_code, EC_SUCCESS);
+
+	TEST_ASSERT_ARRAY_EQ(buf.response.header.root, EMPTY_TREE.root,
+			     sizeof(EMPTY_TREE.root));
+	TEST_ASSERT_ARRAY_EQ(buf.response.header.root, merkle_tree.root,
+			     sizeof(merkle_tree.root));
+
+	TEST_ASSERT_ARRAY_EQ(
+			buf.response.data.log_replay.unimported_leaf_data.hmac,
+			OTHER_HMAC, sizeof(OTHER_HMAC));
+	TEST_ASSERT_ARRAY_EQ(
+			buf.response.data.log_replay.unimported_leaf_data.iv,
+			DEFAULT_IV, sizeof(DEFAULT_IV));
+	DCRYPTO_aes_ctr((uint8_t *)&sec, EMPTY_TREE.wrap_key,
+			sizeof(EMPTY_TREE.wrap_key) * 8, DEFAULT_IV,
+			resp_cipher_text, sizeof(sec));
+	TEST_ASSERT(pub->label.v == DEFAULT_LEAF.pub.label.v);
+	TEST_ASSERT_ARRAY_EQ(
+			(const uint8_t *)&pub->delay_schedule,
+			(const uint8_t *)&DEFAULT_LEAF.pub.delay_schedule,
+			sizeof(DEFAULT_LEAF.pub.delay_schedule));
+	TEST_ASSERT_ARRAY_EQ((uint8_t *)&sec, (uint8_t *)&DEFAULT_LEAF.sec,
+			     sizeof(DEFAULT_LEAF.sec));
+	TEST_ASSERT(pub->attempt_count.v == 16);
+	TEST_ASSERT(pub->timestamp.boot_count == 7);
+	TEST_ASSERT(pub->timestamp.timer_value == 99);
 	return check_dcrypto_mutex_usage();
 }
 
@@ -1699,6 +2426,7 @@ void run_test(void)
 	RUN_TEST(handle_reset_tree_bits_per_level_invalid);
 	RUN_TEST(handle_reset_tree_height_invalid);
 	RUN_TEST(handle_reset_tree_crypto_failure);
+	RUN_TEST(handle_reset_tree_nv_fail);
 	RUN_TEST(handle_reset_tree_success);
 
 	/* Test insert leaf. */
@@ -1707,12 +2435,14 @@ void run_test(void)
 	RUN_TEST(handle_insert_leaf_delay_schedule_invalid);
 	RUN_TEST(handle_insert_leaf_path_auth_failed);
 	RUN_TEST(handle_insert_leaf_crypto_failure);
+	RUN_TEST(handle_insert_leaf_nv_fail);
 	RUN_TEST(handle_insert_leaf_success);
 
 	/* Test remove leaf. */
 	RUN_TEST(handle_remove_leaf_invalid_length);
 	RUN_TEST(handle_remove_leaf_label_invalid);
 	RUN_TEST(handle_remove_leaf_path_auth_failed);
+	RUN_TEST(handle_remove_leaf_nv_fail);
 	RUN_TEST(handle_remove_leaf_success);
 
 	/* Test try auth. */
@@ -1723,6 +2453,7 @@ void run_test(void)
 	RUN_TEST(handle_try_auth_hmac_auth_failed);
 	RUN_TEST(handle_try_auth_crypto_failure);
 	RUN_TEST(handle_try_auth_rate_limit_reached);
+	RUN_TEST(handle_try_auth_nv_fail);
 	RUN_TEST(handle_try_auth_lowent_auth_failed);
 	RUN_TEST(handle_try_auth_success);
 
@@ -1733,7 +2464,24 @@ void run_test(void)
 	RUN_TEST(handle_reset_auth_hmac_auth_failed);
 	RUN_TEST(handle_reset_auth_crypto_failure);
 	RUN_TEST(handle_reset_auth_reset_auth_failed);
+	RUN_TEST(handle_reset_auth_nv_fail);
 	RUN_TEST(handle_reset_auth_success);
 
+	/* Test get log. */
+	RUN_TEST(handle_get_log_invalid_length);
+	RUN_TEST(handle_get_log_nv_fail);
+	RUN_TEST(handle_get_log_success);
+
+	/* Test log replay. */
+	RUN_TEST(handle_log_replay_invalid_length);
+	RUN_TEST(handle_log_replay_nv_fail);
+	RUN_TEST(handle_log_replay_root_not_found);
+	RUN_TEST(handle_log_replay_type_invalid);
+	RUN_TEST(handle_log_replay_hmac_auth_failed);
+	RUN_TEST(handle_log_replay_crypto_failure);
+	RUN_TEST(handle_log_replay_label_invalid);
+	RUN_TEST(handle_log_replay_path_auth_failed);
+	RUN_TEST(handle_log_replay_success);
+
 	test_print_result();
 }
diff --git a/test/test_config.h b/test/test_config.h
index dd14aad6b2..8542a17e0a 100644
--- a/test/test_config.h
+++ b/test/test_config.h
@@ -262,7 +262,7 @@ enum nvmem_vars {
 #ifdef TEST_PINWEAVER
 #define CONFIG_PINWEAVER
 #define CONFIG_SHA256
-#endif
+#endif /* TEST_PINWEAVER */
 
 #ifdef TEST_RTC
 #define CONFIG_HOSTCMD_RTC