TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f823722af4fad033ba233374fcece8f4c9f70de2 / . / tests / src / drivers / test_driver_signature.c
blob: 14de8318e924fb62c218bd5d00999e439d51c4a6 [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]28#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]29#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]30#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]31#include "psa_crypto_ecp.h"
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]32#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]33#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]34#include "mbedtls/ecp.h"
35
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]36#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]37
38#include "mbedtls/md.h"
39#include "mbedtls/ecdsa.h"
40
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]41#include "test/random.h"
42
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]43#include <string.h>
44
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]45mbedtls_test_driver_signature_hooks_t
46 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
47mbedtls_test_driver_signature_hooks_t
48 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]49
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]50psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]51 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]52 const uint8_t *key_buffer,
53 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]54 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]55 const uint8_t *hash,
56 size_t hash_length,
57 uint8_t *signature,
58 size_t signature_size,
59 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]60{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]61#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
62 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
63 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
64 {
65 return( mbedtls_transparent_test_driver_rsa_sign_hash(
66 attributes,
67 key_buffer, key_buffer_size,
68 alg, hash, hash_length,
69 signature, signature_size, signature_length ) );
70 }
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]71 else
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]72#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
73 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
74
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]75#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
76 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
77 if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
78 {
79 if(
80#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
81 PSA_ALG_IS_ECDSA( alg )
82#else
83 PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
84#endif
85 )
86 {
87 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
88 attributes,
89 key_buffer, key_buffer_size,
90 alg, hash, hash_length,
91 signature, signature_size, signature_length ) );
92 }
93 else
94 {
95 return( PSA_ERROR_INVALID_ARGUMENT );
96 }
97 }
98 else
99#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
100 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
101 {
102 (void)attributes;
103 (void)key_buffer;
104 (void)key_buffer_size;
105 (void)alg;
106 (void)hash;
107 (void)hash_length;
108 (void)signature;
109 (void)signature_size;
110 (void)signature_length;
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]111 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]112 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]113}
114
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]115psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]116 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]117 const uint8_t *key_buffer,
118 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]119 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]120 const uint8_t *hash,
121 size_t hash_length,
122 const uint8_t *signature,
123 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]124{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]125#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
126 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
127 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
128 {
129 return( mbedtls_transparent_test_driver_rsa_verify_hash(
130 attributes,
131 key_buffer, key_buffer_size,
132 alg, hash, hash_length,
133 signature, signature_length ) );
134 }
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]135 else
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]136#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
137 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
138
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]139#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
140 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
141 if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]142 {
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]143 if( PSA_ALG_IS_ECDSA( alg ) )
144 {
145 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
146 attributes,
147 key_buffer, key_buffer_size,
148 alg, hash, hash_length,
149 signature, signature_length ) );
150 }
151 else
152 {
153 return( PSA_ERROR_INVALID_ARGUMENT );
154 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]155 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]156 else
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]157#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
158 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]159 {
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]160 (void)attributes;
161 (void)key_buffer;
162 (void)key_buffer_size;
163 (void)alg;
164 (void)hash;
165 (void)hash_length;
166 (void)signature;
167 (void)signature_length;
168
169 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]170 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]171}
172
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]173psa_status_t mbedtls_test_transparent_signature_sign_message(
174 const psa_key_attributes_t *attributes,
175 const uint8_t *key_buffer,
176 size_t key_buffer_size,
177 psa_algorithm_t alg,
178 const uint8_t *input,
179 size_t input_length,
180 uint8_t *signature,
181 size_t signature_size,
182 size_t *signature_length )
183{
184 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
185 size_t hash_length;
186 uint8_t hash[PSA_HASH_MAX_SIZE];
187
188 ++mbedtls_test_driver_signature_sign_hooks.hits;
189
190 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
191 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
192
193 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
194 {
195 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
196 return( PSA_ERROR_BUFFER_TOO_SMALL );
197
198 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
199 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
200 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
201
202 return( PSA_SUCCESS );
203 }
204
205 status = mbedtls_transparent_test_driver_hash_compute(
206 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
207 hash, sizeof( hash ), &hash_length );
208
209 if( status != PSA_SUCCESS )
210 return status;
211
212 return sign_hash( attributes, key_buffer, key_buffer_size,
213 alg, hash, hash_length,
214 signature, signature_size, signature_length );
215}
216
217psa_status_t mbedtls_test_opaque_signature_sign_message(
218 const psa_key_attributes_t *attributes,
219 const uint8_t *key,
220 size_t key_length,
221 psa_algorithm_t alg,
222 const uint8_t *input,
223 size_t input_length,
224 uint8_t *signature,
225 size_t signature_size,
226 size_t *signature_length )
227{
228 (void) attributes;
229 (void) key;
230 (void) key_length;
231 (void) alg;
232 (void) input;
233 (void) input_length;
234 (void) signature;
235 (void) signature_size;
236 (void) signature_length;
237
238 return( PSA_ERROR_NOT_SUPPORTED );
239}
240
241psa_status_t mbedtls_test_transparent_signature_verify_message(
242 const psa_key_attributes_t *attributes,
243 const uint8_t *key_buffer,
244 size_t key_buffer_size,
245 psa_algorithm_t alg,
246 const uint8_t *input,
247 size_t input_length,
248 const uint8_t *signature,
249 size_t signature_length )
250{
251 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
252 size_t hash_length;
253 uint8_t hash[PSA_HASH_MAX_SIZE];
254
255 ++mbedtls_test_driver_signature_verify_hooks.hits;
256
257 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
258 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
259
260 status = mbedtls_transparent_test_driver_hash_compute(
261 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
262 hash, sizeof( hash ), &hash_length );
263
264 if( status != PSA_SUCCESS )
265 return status;
266
267 return verify_hash( attributes, key_buffer, key_buffer_size,
268 alg, hash, hash_length,
269 signature, signature_length );
270}
271
272psa_status_t mbedtls_test_opaque_signature_verify_message(
273 const psa_key_attributes_t *attributes,
274 const uint8_t *key,
275 size_t key_length,
276 psa_algorithm_t alg,
277 const uint8_t *input,
278 size_t input_length,
279 const uint8_t *signature,
280 size_t signature_length )
281{
282 (void) attributes;
283 (void) key;
284 (void) key_length;
285 (void) alg;
286 (void) input;
287 (void) input_length;
288 (void) signature;
289 (void) signature_length;
290
291 return( PSA_ERROR_NOT_SUPPORTED );
292}
293
294psa_status_t mbedtls_test_transparent_signature_sign_hash(
295 const psa_key_attributes_t *attributes,
296 const uint8_t *key_buffer, size_t key_buffer_size,
297 psa_algorithm_t alg,
298 const uint8_t *hash, size_t hash_length,
299 uint8_t *signature, size_t signature_size, size_t *signature_length )
300{
301 ++mbedtls_test_driver_signature_sign_hooks.hits;
302
303 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
304 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
305
306 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
307 {
308 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
309 return( PSA_ERROR_BUFFER_TOO_SMALL );
310 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
311 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
312 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
313 return( PSA_SUCCESS );
314 }
315
316 return sign_hash( attributes, key_buffer, key_buffer_size,
317 alg, hash, hash_length,
318 signature, signature_size, signature_length );
319}
320
321psa_status_t mbedtls_test_opaque_signature_sign_hash(
322 const psa_key_attributes_t *attributes,
323 const uint8_t *key, size_t key_length,
324 psa_algorithm_t alg,
325 const uint8_t *hash, size_t hash_length,
326 uint8_t *signature, size_t signature_size, size_t *signature_length )
327{
328 (void) attributes;
329 (void) key;
330 (void) key_length;
331 (void) alg;
332 (void) hash;
333 (void) hash_length;
334 (void) signature;
335 (void) signature_size;
336 (void) signature_length;
337
338 return( PSA_ERROR_NOT_SUPPORTED );
339}
340
341psa_status_t mbedtls_test_transparent_signature_verify_hash(
342 const psa_key_attributes_t *attributes,
343 const uint8_t *key_buffer, size_t key_buffer_size,
344 psa_algorithm_t alg,
345 const uint8_t *hash, size_t hash_length,
346 const uint8_t *signature, size_t signature_length )
347{
348 ++mbedtls_test_driver_signature_verify_hooks.hits;
349
350 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
351 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
352
353 return verify_hash( attributes, key_buffer, key_buffer_size,
354 alg, hash, hash_length,
355 signature, signature_length );
356}
357
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]358psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]359 const psa_key_attributes_t *attributes,
360 const uint8_t *key, size_t key_length,
361 psa_algorithm_t alg,
362 const uint8_t *hash, size_t hash_length,
363 const uint8_t *signature, size_t signature_length )
364{
365 (void) attributes;
366 (void) key;
367 (void) key_length;
368 (void) alg;
369 (void) hash;
370 (void) hash_length;
371 (void) signature;
372 (void) signature_length;
373 return( PSA_ERROR_NOT_SUPPORTED );
374}
375
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]376#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */