TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / f2b11a9a77ca2b80952890e72ebe38de7169a441 / . / tests / src / drivers / test_driver_signature.c
blob: e486704152ba02756cf61a5a9ae8e8607460cc05 [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
Mateusz Starzykf2b11a92021-05-21 09:33:46 +0200[diff] [blame^]22#define MBEDTLS_ALLOW_PRIVATE_ACCESS
23
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]24#if !defined(MBEDTLS_CONFIG_FILE)
25#include "mbedtls/config.h"
26#else
27#include MBEDTLS_CONFIG_FILE
28#endif
29
Mateusz Starzyk2c09c9b2021-05-14 22:20:10 +0200[diff] [blame]30#include <test/helpers.h>
31
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]32#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]33#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]34#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]35#include "psa_crypto_ecp.h"
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]36#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]37#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]38#include "mbedtls/ecp.h"
39
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]40#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]41
42#include "mbedtls/md.h"
43#include "mbedtls/ecdsa.h"
44
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]45#include "test/random.h"
46
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]47#include <string.h>
48
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]49mbedtls_test_driver_signature_hooks_t
50 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
51mbedtls_test_driver_signature_hooks_t
52 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]53
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]54psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]55 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]56 const uint8_t *key_buffer,
57 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]58 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]59 const uint8_t *hash,
60 size_t hash_length,
61 uint8_t *signature,
62 size_t signature_size,
63 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]64{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]65#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
66 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
67 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
68 {
69 return( mbedtls_transparent_test_driver_rsa_sign_hash(
70 attributes,
71 key_buffer, key_buffer_size,
72 alg, hash, hash_length,
73 signature, signature_size, signature_length ) );
74 }
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]75 else
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]76#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
77 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
78
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]79#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
80 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
81 if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
82 {
83 if(
84#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
85 PSA_ALG_IS_ECDSA( alg )
86#else
87 PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
88#endif
89 )
90 {
91 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
92 attributes,
93 key_buffer, key_buffer_size,
94 alg, hash, hash_length,
95 signature, signature_size, signature_length ) );
96 }
97 else
98 {
99 return( PSA_ERROR_INVALID_ARGUMENT );
100 }
101 }
102 else
103#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
104 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
105 {
106 (void)attributes;
107 (void)key_buffer;
108 (void)key_buffer_size;
109 (void)alg;
110 (void)hash;
111 (void)hash_length;
112 (void)signature;
113 (void)signature_size;
114 (void)signature_length;
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]115 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]116 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]117}
118
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]119psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]120 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]121 const uint8_t *key_buffer,
122 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]123 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]124 const uint8_t *hash,
125 size_t hash_length,
126 const uint8_t *signature,
127 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]128{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]129#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
130 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
131 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
132 {
133 return( mbedtls_transparent_test_driver_rsa_verify_hash(
134 attributes,
135 key_buffer, key_buffer_size,
136 alg, hash, hash_length,
137 signature, signature_length ) );
138 }
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]139 else
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]140#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
141 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
142
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]143#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
144 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
145 if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]146 {
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]147 if( PSA_ALG_IS_ECDSA( alg ) )
148 {
149 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
150 attributes,
151 key_buffer, key_buffer_size,
152 alg, hash, hash_length,
153 signature, signature_length ) );
154 }
155 else
156 {
157 return( PSA_ERROR_INVALID_ARGUMENT );
158 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]159 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]160 else
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]161#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
162 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]163 {
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]164 (void)attributes;
165 (void)key_buffer;
166 (void)key_buffer_size;
167 (void)alg;
168 (void)hash;
169 (void)hash_length;
170 (void)signature;
171 (void)signature_length;
172
173 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]174 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]175}
176
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]177psa_status_t mbedtls_test_transparent_signature_sign_message(
178 const psa_key_attributes_t *attributes,
179 const uint8_t *key_buffer,
180 size_t key_buffer_size,
181 psa_algorithm_t alg,
182 const uint8_t *input,
183 size_t input_length,
184 uint8_t *signature,
185 size_t signature_size,
186 size_t *signature_length )
187{
188 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
189 size_t hash_length;
190 uint8_t hash[PSA_HASH_MAX_SIZE];
191
192 ++mbedtls_test_driver_signature_sign_hooks.hits;
193
194 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
195 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
196
197 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
198 {
199 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
200 return( PSA_ERROR_BUFFER_TOO_SMALL );
201
202 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
203 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
204 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
205
206 return( PSA_SUCCESS );
207 }
208
209 status = mbedtls_transparent_test_driver_hash_compute(
210 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
211 hash, sizeof( hash ), &hash_length );
212
213 if( status != PSA_SUCCESS )
214 return status;
215
216 return sign_hash( attributes, key_buffer, key_buffer_size,
217 alg, hash, hash_length,
218 signature, signature_size, signature_length );
219}
220
221psa_status_t mbedtls_test_opaque_signature_sign_message(
222 const psa_key_attributes_t *attributes,
223 const uint8_t *key,
224 size_t key_length,
225 psa_algorithm_t alg,
226 const uint8_t *input,
227 size_t input_length,
228 uint8_t *signature,
229 size_t signature_size,
230 size_t *signature_length )
231{
232 (void) attributes;
233 (void) key;
234 (void) key_length;
235 (void) alg;
236 (void) input;
237 (void) input_length;
238 (void) signature;
239 (void) signature_size;
240 (void) signature_length;
241
242 return( PSA_ERROR_NOT_SUPPORTED );
243}
244
245psa_status_t mbedtls_test_transparent_signature_verify_message(
246 const psa_key_attributes_t *attributes,
247 const uint8_t *key_buffer,
248 size_t key_buffer_size,
249 psa_algorithm_t alg,
250 const uint8_t *input,
251 size_t input_length,
252 const uint8_t *signature,
253 size_t signature_length )
254{
255 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
256 size_t hash_length;
257 uint8_t hash[PSA_HASH_MAX_SIZE];
258
259 ++mbedtls_test_driver_signature_verify_hooks.hits;
260
261 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
262 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
263
264 status = mbedtls_transparent_test_driver_hash_compute(
265 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
266 hash, sizeof( hash ), &hash_length );
267
268 if( status != PSA_SUCCESS )
269 return status;
270
271 return verify_hash( attributes, key_buffer, key_buffer_size,
272 alg, hash, hash_length,
273 signature, signature_length );
274}
275
276psa_status_t mbedtls_test_opaque_signature_verify_message(
277 const psa_key_attributes_t *attributes,
278 const uint8_t *key,
279 size_t key_length,
280 psa_algorithm_t alg,
281 const uint8_t *input,
282 size_t input_length,
283 const uint8_t *signature,
284 size_t signature_length )
285{
286 (void) attributes;
287 (void) key;
288 (void) key_length;
289 (void) alg;
290 (void) input;
291 (void) input_length;
292 (void) signature;
293 (void) signature_length;
294
295 return( PSA_ERROR_NOT_SUPPORTED );
296}
297
298psa_status_t mbedtls_test_transparent_signature_sign_hash(
299 const psa_key_attributes_t *attributes,
300 const uint8_t *key_buffer, size_t key_buffer_size,
301 psa_algorithm_t alg,
302 const uint8_t *hash, size_t hash_length,
303 uint8_t *signature, size_t signature_size, size_t *signature_length )
304{
305 ++mbedtls_test_driver_signature_sign_hooks.hits;
306
307 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
308 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
309
310 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
311 {
312 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
313 return( PSA_ERROR_BUFFER_TOO_SMALL );
314 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
315 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
316 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
317 return( PSA_SUCCESS );
318 }
319
320 return sign_hash( attributes, key_buffer, key_buffer_size,
321 alg, hash, hash_length,
322 signature, signature_size, signature_length );
323}
324
325psa_status_t mbedtls_test_opaque_signature_sign_hash(
326 const psa_key_attributes_t *attributes,
327 const uint8_t *key, size_t key_length,
328 psa_algorithm_t alg,
329 const uint8_t *hash, size_t hash_length,
330 uint8_t *signature, size_t signature_size, size_t *signature_length )
331{
332 (void) attributes;
333 (void) key;
334 (void) key_length;
335 (void) alg;
336 (void) hash;
337 (void) hash_length;
338 (void) signature;
339 (void) signature_size;
340 (void) signature_length;
341
342 return( PSA_ERROR_NOT_SUPPORTED );
343}
344
345psa_status_t mbedtls_test_transparent_signature_verify_hash(
346 const psa_key_attributes_t *attributes,
347 const uint8_t *key_buffer, size_t key_buffer_size,
348 psa_algorithm_t alg,
349 const uint8_t *hash, size_t hash_length,
350 const uint8_t *signature, size_t signature_length )
351{
352 ++mbedtls_test_driver_signature_verify_hooks.hits;
353
354 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
355 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
356
357 return verify_hash( attributes, key_buffer, key_buffer_size,
358 alg, hash, hash_length,
359 signature, signature_length );
360}
361
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]362psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]363 const psa_key_attributes_t *attributes,
364 const uint8_t *key, size_t key_length,
365 psa_algorithm_t alg,
366 const uint8_t *hash, size_t hash_length,
367 const uint8_t *signature, size_t signature_length )
368{
369 (void) attributes;
370 (void) key;
371 (void) key_length;
372 (void) alg;
373 (void) hash;
374 (void) hash_length;
375 (void) signature;
376 (void) signature_length;
377 return( PSA_ERROR_NOT_SUPPORTED );
378}
379
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]380#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */