TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 3a95d2b530f72c63946b2039ed5a653f06a376fe / . / tests / src / drivers / test_driver_signature.c
blob: 2e43270e53aa156a6e818bcce7074ae8aa5b1173 [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]28#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]29#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]30#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]31#include "psa_crypto_ecp.h"
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]32#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]33#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]34#include "mbedtls/ecp.h"
35
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]36#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]37
38#include "mbedtls/md.h"
39#include "mbedtls/ecdsa.h"
40
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]41#include "test/random.h"
42
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]43#include <string.h>
44
Ronald Cronc4bc12e2021-04-13 12:41:34 +0200[diff] [blame]45mbedtls_test_driver_signature_hooks_t
46 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
47mbedtls_test_driver_signature_hooks_t
48 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]49
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]50psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]51 const psa_key_attributes_t *attributes,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]52 const uint8_t *key_buffer,
53 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]54 psa_algorithm_t alg,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]55 const uint8_t *hash,
56 size_t hash_length,
57 uint8_t *signature,
58 size_t signature_size,
59 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]60{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]61 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
62 {
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]63 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
64 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]65 {
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]66#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
67 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
68 return( mbedtls_transparent_test_driver_rsa_sign_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]69 attributes,
70 key_buffer, key_buffer_size,
71 alg, hash, hash_length,
72 signature, signature_size, signature_length ) );
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]73#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
74 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]75 }
76 else
77 {
78 return( PSA_ERROR_INVALID_ARGUMENT );
79 }
80 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]81 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
82 {
83 if( PSA_ALG_IS_ECDSA( alg ) )
84 {
85#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
86 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
87 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
88 attributes,
89 key_buffer, key_buffer_size,
90 alg, hash, hash_length,
91 signature, signature_size, signature_length ) );
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]92#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
93 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]94 }
95 else
96 {
97 return( PSA_ERROR_INVALID_ARGUMENT );
98 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]99 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]100
101 (void)attributes;
102 (void)key_buffer;
103 (void)key_buffer_size;
104 (void)alg;
105 (void)hash;
106 (void)hash_length;
107 (void)signature;
108 (void)signature_size;
109 (void)signature_length;
110 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]111}
112
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]113psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]114 const psa_key_attributes_t *attributes,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]115 const uint8_t *key_buffer,
116 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]117 psa_algorithm_t alg,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]118 const uint8_t *hash,
119 size_t hash_length,
120 const uint8_t *signature,
121 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]122{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]123 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
124 {
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]125 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
126 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]127 {
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]128#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
129 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
130 return( mbedtls_transparent_test_driver_rsa_verify_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]131 attributes,
132 key_buffer, key_buffer_size,
133 alg, hash, hash_length,
134 signature, signature_length ) );
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]135#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
136 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]137 }
138 else
139 {
140 return( PSA_ERROR_INVALID_ARGUMENT );
141 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]142 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]143 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
144 {
145 if( PSA_ALG_IS_ECDSA( alg ) )
146 {
147#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
148 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
149 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
150 attributes,
151 key_buffer, key_buffer_size,
152 alg, hash, hash_length,
153 signature, signature_length ) );
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]154#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
155 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]156 }
157 else
158 {
159 return( PSA_ERROR_INVALID_ARGUMENT );
160 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]161 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]162
163 (void)attributes;
164 (void)key_buffer;
165 (void)key_buffer_size;
166 (void)alg;
167 (void)hash;
168 (void)hash_length;
169 (void)signature;
170 (void)signature_length;
171
172 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]173}
174
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]175psa_status_t mbedtls_test_transparent_signature_sign_message(
176 const psa_key_attributes_t *attributes,
177 const uint8_t *key_buffer,
178 size_t key_buffer_size,
179 psa_algorithm_t alg,
180 const uint8_t *input,
181 size_t input_length,
182 uint8_t *signature,
183 size_t signature_size,
184 size_t *signature_length )
185{
186 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
187 size_t hash_length;
188 uint8_t hash[PSA_HASH_MAX_SIZE];
189
190 ++mbedtls_test_driver_signature_sign_hooks.hits;
191
192 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
193 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
194
195 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
196 {
197 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
198 return( PSA_ERROR_BUFFER_TOO_SMALL );
199
200 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
201 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
202 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
203
204 return( PSA_SUCCESS );
205 }
206
207 status = mbedtls_transparent_test_driver_hash_compute(
208 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
209 hash, sizeof( hash ), &hash_length );
210
211 if( status != PSA_SUCCESS )
212 return status;
213
214 return sign_hash( attributes, key_buffer, key_buffer_size,
215 alg, hash, hash_length,
216 signature, signature_size, signature_length );
217}
218
219psa_status_t mbedtls_test_opaque_signature_sign_message(
220 const psa_key_attributes_t *attributes,
221 const uint8_t *key,
222 size_t key_length,
223 psa_algorithm_t alg,
224 const uint8_t *input,
225 size_t input_length,
226 uint8_t *signature,
227 size_t signature_size,
228 size_t *signature_length )
229{
230 (void) attributes;
231 (void) key;
232 (void) key_length;
233 (void) alg;
234 (void) input;
235 (void) input_length;
236 (void) signature;
237 (void) signature_size;
238 (void) signature_length;
239
240 return( PSA_ERROR_NOT_SUPPORTED );
241}
242
243psa_status_t mbedtls_test_transparent_signature_verify_message(
244 const psa_key_attributes_t *attributes,
245 const uint8_t *key_buffer,
246 size_t key_buffer_size,
247 psa_algorithm_t alg,
248 const uint8_t *input,
249 size_t input_length,
250 const uint8_t *signature,
251 size_t signature_length )
252{
253 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
254 size_t hash_length;
255 uint8_t hash[PSA_HASH_MAX_SIZE];
256
257 ++mbedtls_test_driver_signature_verify_hooks.hits;
258
259 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
260 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
261
262 status = mbedtls_transparent_test_driver_hash_compute(
263 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
264 hash, sizeof( hash ), &hash_length );
265
266 if( status != PSA_SUCCESS )
267 return status;
268
269 return verify_hash( attributes, key_buffer, key_buffer_size,
270 alg, hash, hash_length,
271 signature, signature_length );
272}
273
274psa_status_t mbedtls_test_opaque_signature_verify_message(
275 const psa_key_attributes_t *attributes,
276 const uint8_t *key,
277 size_t key_length,
278 psa_algorithm_t alg,
279 const uint8_t *input,
280 size_t input_length,
281 const uint8_t *signature,
282 size_t signature_length )
283{
284 (void) attributes;
285 (void) key;
286 (void) key_length;
287 (void) alg;
288 (void) input;
289 (void) input_length;
290 (void) signature;
291 (void) signature_length;
292
293 return( PSA_ERROR_NOT_SUPPORTED );
294}
295
296psa_status_t mbedtls_test_transparent_signature_sign_hash(
297 const psa_key_attributes_t *attributes,
298 const uint8_t *key_buffer, size_t key_buffer_size,
299 psa_algorithm_t alg,
300 const uint8_t *hash, size_t hash_length,
301 uint8_t *signature, size_t signature_size, size_t *signature_length )
302{
303 ++mbedtls_test_driver_signature_sign_hooks.hits;
304
305 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
306 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
307
308 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
309 {
310 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
311 return( PSA_ERROR_BUFFER_TOO_SMALL );
312 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
313 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
314 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
315 return( PSA_SUCCESS );
316 }
317
318 return sign_hash( attributes, key_buffer, key_buffer_size,
319 alg, hash, hash_length,
320 signature, signature_size, signature_length );
321}
322
323psa_status_t mbedtls_test_opaque_signature_sign_hash(
324 const psa_key_attributes_t *attributes,
325 const uint8_t *key, size_t key_length,
326 psa_algorithm_t alg,
327 const uint8_t *hash, size_t hash_length,
328 uint8_t *signature, size_t signature_size, size_t *signature_length )
329{
330 (void) attributes;
331 (void) key;
332 (void) key_length;
333 (void) alg;
334 (void) hash;
335 (void) hash_length;
336 (void) signature;
337 (void) signature_size;
338 (void) signature_length;
339
340 return( PSA_ERROR_NOT_SUPPORTED );
341}
342
343psa_status_t mbedtls_test_transparent_signature_verify_hash(
344 const psa_key_attributes_t *attributes,
345 const uint8_t *key_buffer, size_t key_buffer_size,
346 psa_algorithm_t alg,
347 const uint8_t *hash, size_t hash_length,
348 const uint8_t *signature, size_t signature_length )
349{
350 ++mbedtls_test_driver_signature_verify_hooks.hits;
351
352 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
353 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
354
355 return verify_hash( attributes, key_buffer, key_buffer_size,
356 alg, hash, hash_length,
357 signature, signature_length );
358}
359
Ronald Cronc4bc12e2021-04-13 12:41:34 +0200[diff] [blame]360psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]361 const psa_key_attributes_t *attributes,
362 const uint8_t *key, size_t key_length,
363 psa_algorithm_t alg,
364 const uint8_t *hash, size_t hash_length,
365 const uint8_t *signature, size_t signature_length )
366{
367 (void) attributes;
368 (void) key;
369 (void) key_length;
370 (void) alg;
371 (void) hash;
372 (void) hash_length;
373 (void) signature;
374 (void) signature_length;
375 return( PSA_ERROR_NOT_SUPPORTED );
376}
377
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]378#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */