TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c0eabdc63657f784dee45167b010534cd3924cfa / . / tests / src / drivers / test_driver_signature.c
blob: 4bf60a5bdbc96b89389c39a26c2058c227dac927 [file] [log] [blame]
/*
* Test driver for signature functions.
* Currently supports signing and verifying precalculated hashes, using
* only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
# include "psa/crypto.h"
# include "psa_crypto_core.h"
# include "psa_crypto_ecp.h"
# include "psa_crypto_hash.h"
# include "psa_crypto_rsa.h"
# include "mbedtls/ecp.h"
# include "test/drivers/signature.h"
# include "mbedtls/md.h"
# include "mbedtls/ecdsa.h"
# include "test/random.h"
# include <string.h>
mbedtls_test_driver_signature_hooks_t mbedtls_test_driver_signature_sign_hooks =
MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
mbedtls_test_driver_signature_hooks_t mbedtls_test_driver_signature_verify_hooks =
MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
psa_status_t sign_hash(const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
uint8_t *signature,
size_t signature_size,
size_t *signature_length)
{
# if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
return (mbedtls_transparent_test_driver_rsa_sign_hash(
attributes, key_buffer, key_buffer_size, alg, hash, hash_length,
signature, signature_size, signature_length));
} else
# endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
# if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
if (
# if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
PSA_ALG_IS_ECDSA(alg)
# else
PSA_ALG_IS_RANDOMIZED_ECDSA(alg)
# endif
) {
return (mbedtls_transparent_test_driver_ecdsa_sign_hash(
attributes, key_buffer, key_buffer_size, alg, hash, hash_length,
signature, signature_size, signature_length));
} else {
return PSA_ERROR_INVALID_ARGUMENT;
}
} else
# endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
* defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
{
(void)attributes;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
(void)hash;
(void)hash_length;
(void)signature;
(void)signature_size;
(void)signature_length;
return PSA_ERROR_NOT_SUPPORTED;
}
}
psa_status_t verify_hash(const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
const uint8_t *signature,
size_t signature_length)
{
# if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) {
return (mbedtls_transparent_test_driver_rsa_verify_hash(
attributes, key_buffer, key_buffer_size, alg, hash, hash_length,
signature, signature_length));
} else
# endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
# if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
if (PSA_ALG_IS_ECDSA(alg)) {
return (mbedtls_transparent_test_driver_ecdsa_verify_hash(
attributes, key_buffer, key_buffer_size, alg, hash, hash_length,
signature, signature_length));
} else {
return PSA_ERROR_INVALID_ARGUMENT;
}
} else
# endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
* defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
{
(void)attributes;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
(void)hash;
(void)hash_length;
(void)signature;
(void)signature_length;
return PSA_ERROR_NOT_SUPPORTED;
}
}
psa_status_t mbedtls_test_transparent_signature_sign_message(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *signature,
size_t signature_size,
size_t *signature_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t hash_length;
uint8_t hash[PSA_HASH_MAX_SIZE];
++mbedtls_test_driver_signature_sign_hooks.hits;
if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS)
return mbedtls_test_driver_signature_sign_hooks.forced_status;
if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
if (mbedtls_test_driver_signature_sign_hooks.forced_output_length >
signature_size)
return PSA_ERROR_BUFFER_TOO_SMALL;
memcpy(signature,
mbedtls_test_driver_signature_sign_hooks.forced_output,
mbedtls_test_driver_signature_sign_hooks.forced_output_length);
*signature_length =
mbedtls_test_driver_signature_sign_hooks.forced_output_length;
return PSA_SUCCESS;
}
status = mbedtls_transparent_test_driver_hash_compute(
PSA_ALG_SIGN_GET_HASH(alg), input, input_length, hash, sizeof(hash),
&hash_length);
if (status != PSA_SUCCESS)
return status;
return sign_hash(attributes, key_buffer, key_buffer_size, alg, hash,
hash_length, signature, signature_size, signature_length);
}
psa_status_t mbedtls_test_opaque_signature_sign_message(
const psa_key_attributes_t *attributes,
const uint8_t *key,
size_t key_length,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *signature,
size_t signature_size,
size_t *signature_length)
{
(void)attributes;
(void)key;
(void)key_length;
(void)alg;
(void)input;
(void)input_length;
(void)signature;
(void)signature_size;
(void)signature_length;
return PSA_ERROR_NOT_SUPPORTED;
}
psa_status_t mbedtls_test_transparent_signature_verify_message(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
const uint8_t *signature,
size_t signature_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t hash_length;
uint8_t hash[PSA_HASH_MAX_SIZE];
++mbedtls_test_driver_signature_verify_hooks.hits;
if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS)
return mbedtls_test_driver_signature_verify_hooks.forced_status;
status = mbedtls_transparent_test_driver_hash_compute(
PSA_ALG_SIGN_GET_HASH(alg), input, input_length, hash, sizeof(hash),
&hash_length);
if (status != PSA_SUCCESS)
return status;
return verify_hash(attributes, key_buffer, key_buffer_size, alg, hash,
hash_length, signature, signature_length);
}
psa_status_t mbedtls_test_opaque_signature_verify_message(
const psa_key_attributes_t *attributes,
const uint8_t *key,
size_t key_length,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
const uint8_t *signature,
size_t signature_length)
{
(void)attributes;
(void)key;
(void)key_length;
(void)alg;
(void)input;
(void)input_length;
(void)signature;
(void)signature_length;
return PSA_ERROR_NOT_SUPPORTED;
}
psa_status_t mbedtls_test_transparent_signature_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
uint8_t *signature,
size_t signature_size,
size_t *signature_length)
{
++mbedtls_test_driver_signature_sign_hooks.hits;
if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS)
return mbedtls_test_driver_signature_sign_hooks.forced_status;
if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
if (mbedtls_test_driver_signature_sign_hooks.forced_output_length >
signature_size)
return PSA_ERROR_BUFFER_TOO_SMALL;
memcpy(signature,
mbedtls_test_driver_signature_sign_hooks.forced_output,
mbedtls_test_driver_signature_sign_hooks.forced_output_length);
*signature_length =
mbedtls_test_driver_signature_sign_hooks.forced_output_length;
return PSA_SUCCESS;
}
return sign_hash(attributes, key_buffer, key_buffer_size, alg, hash,
hash_length, signature, signature_size, signature_length);
}
psa_status_t
mbedtls_test_opaque_signature_sign_hash(const psa_key_attributes_t *attributes,
const uint8_t *key,
size_t key_length,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
uint8_t *signature,
size_t signature_size,
size_t *signature_length)
{
(void)attributes;
(void)key;
(void)key_length;
(void)alg;
(void)hash;
(void)hash_length;
(void)signature;
(void)signature_size;
(void)signature_length;
return PSA_ERROR_NOT_SUPPORTED;
}
psa_status_t mbedtls_test_transparent_signature_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
const uint8_t *signature,
size_t signature_length)
{
++mbedtls_test_driver_signature_verify_hooks.hits;
if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS)
return mbedtls_test_driver_signature_verify_hooks.forced_status;
return verify_hash(attributes, key_buffer, key_buffer_size, alg, hash,
hash_length, signature, signature_length);
}
psa_status_t mbedtls_test_opaque_signature_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key,
size_t key_length,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
const uint8_t *signature,
size_t signature_length)
{
(void)attributes;
(void)key;
(void)key_length;
(void)alg;
(void)hash;
(void)hash_length;
(void)signature;
(void)signature_length;
return PSA_ERROR_NOT_SUPPORTED;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */