TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 2c09c9bca97dcbe42e0b8f2d6f5c00f1c94099c4 / . / tests / src / drivers / test_driver_signature.c
blob: fdfba165fa416bfca17fe7cdb6d6fb9d88d542c4 [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
Mateusz Starzyk2c09c9b2021-05-14 22:20:10 +0200[diff] [blame^]28#include <test/helpers.h>
29
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]30#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]31#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]32#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]33#include "psa_crypto_ecp.h"
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]34#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]35#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]36#include "mbedtls/ecp.h"
37
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]38#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]39
40#include "mbedtls/md.h"
41#include "mbedtls/ecdsa.h"
42
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]43#include "test/random.h"
44
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]45#include <string.h>
46
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]47mbedtls_test_driver_signature_hooks_t
48 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
49mbedtls_test_driver_signature_hooks_t
50 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]51
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]52psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]53 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]54 const uint8_t *key_buffer,
55 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]56 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]57 const uint8_t *hash,
58 size_t hash_length,
59 uint8_t *signature,
60 size_t signature_size,
61 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]62{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]63#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
64 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
65 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
66 {
67 return( mbedtls_transparent_test_driver_rsa_sign_hash(
68 attributes,
69 key_buffer, key_buffer_size,
70 alg, hash, hash_length,
71 signature, signature_size, signature_length ) );
72 }
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]73 else
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]74#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
75 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
76
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]77#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
78 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
79 if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
80 {
81 if(
82#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
83 PSA_ALG_IS_ECDSA( alg )
84#else
85 PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
86#endif
87 )
88 {
89 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
90 attributes,
91 key_buffer, key_buffer_size,
92 alg, hash, hash_length,
93 signature, signature_size, signature_length ) );
94 }
95 else
96 {
97 return( PSA_ERROR_INVALID_ARGUMENT );
98 }
99 }
100 else
101#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
102 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
103 {
104 (void)attributes;
105 (void)key_buffer;
106 (void)key_buffer_size;
107 (void)alg;
108 (void)hash;
109 (void)hash_length;
110 (void)signature;
111 (void)signature_size;
112 (void)signature_length;
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]113 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]114 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]115}
116
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]117psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]118 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]119 const uint8_t *key_buffer,
120 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]121 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]122 const uint8_t *hash,
123 size_t hash_length,
124 const uint8_t *signature,
125 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]126{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]127#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
128 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
129 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
130 {
131 return( mbedtls_transparent_test_driver_rsa_verify_hash(
132 attributes,
133 key_buffer, key_buffer_size,
134 alg, hash, hash_length,
135 signature, signature_length ) );
136 }
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]137 else
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]138#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
139 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
140
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]141#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
142 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
143 if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]144 {
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]145 if( PSA_ALG_IS_ECDSA( alg ) )
146 {
147 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
148 attributes,
149 key_buffer, key_buffer_size,
150 alg, hash, hash_length,
151 signature, signature_length ) );
152 }
153 else
154 {
155 return( PSA_ERROR_INVALID_ARGUMENT );
156 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]157 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]158 else
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]159#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
160 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]161 {
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]162 (void)attributes;
163 (void)key_buffer;
164 (void)key_buffer_size;
165 (void)alg;
166 (void)hash;
167 (void)hash_length;
168 (void)signature;
169 (void)signature_length;
170
171 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]172 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]173}
174
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]175psa_status_t mbedtls_test_transparent_signature_sign_message(
176 const psa_key_attributes_t *attributes,
177 const uint8_t *key_buffer,
178 size_t key_buffer_size,
179 psa_algorithm_t alg,
180 const uint8_t *input,
181 size_t input_length,
182 uint8_t *signature,
183 size_t signature_size,
184 size_t *signature_length )
185{
186 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
187 size_t hash_length;
188 uint8_t hash[PSA_HASH_MAX_SIZE];
189
190 ++mbedtls_test_driver_signature_sign_hooks.hits;
191
192 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
193 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
194
195 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
196 {
197 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
198 return( PSA_ERROR_BUFFER_TOO_SMALL );
199
200 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
201 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
202 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
203
204 return( PSA_SUCCESS );
205 }
206
207 status = mbedtls_transparent_test_driver_hash_compute(
208 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
209 hash, sizeof( hash ), &hash_length );
210
211 if( status != PSA_SUCCESS )
212 return status;
213
214 return sign_hash( attributes, key_buffer, key_buffer_size,
215 alg, hash, hash_length,
216 signature, signature_size, signature_length );
217}
218
219psa_status_t mbedtls_test_opaque_signature_sign_message(
220 const psa_key_attributes_t *attributes,
221 const uint8_t *key,
222 size_t key_length,
223 psa_algorithm_t alg,
224 const uint8_t *input,
225 size_t input_length,
226 uint8_t *signature,
227 size_t signature_size,
228 size_t *signature_length )
229{
230 (void) attributes;
231 (void) key;
232 (void) key_length;
233 (void) alg;
234 (void) input;
235 (void) input_length;
236 (void) signature;
237 (void) signature_size;
238 (void) signature_length;
239
240 return( PSA_ERROR_NOT_SUPPORTED );
241}
242
243psa_status_t mbedtls_test_transparent_signature_verify_message(
244 const psa_key_attributes_t *attributes,
245 const uint8_t *key_buffer,
246 size_t key_buffer_size,
247 psa_algorithm_t alg,
248 const uint8_t *input,
249 size_t input_length,
250 const uint8_t *signature,
251 size_t signature_length )
252{
253 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
254 size_t hash_length;
255 uint8_t hash[PSA_HASH_MAX_SIZE];
256
257 ++mbedtls_test_driver_signature_verify_hooks.hits;
258
259 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
260 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
261
262 status = mbedtls_transparent_test_driver_hash_compute(
263 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
264 hash, sizeof( hash ), &hash_length );
265
266 if( status != PSA_SUCCESS )
267 return status;
268
269 return verify_hash( attributes, key_buffer, key_buffer_size,
270 alg, hash, hash_length,
271 signature, signature_length );
272}
273
274psa_status_t mbedtls_test_opaque_signature_verify_message(
275 const psa_key_attributes_t *attributes,
276 const uint8_t *key,
277 size_t key_length,
278 psa_algorithm_t alg,
279 const uint8_t *input,
280 size_t input_length,
281 const uint8_t *signature,
282 size_t signature_length )
283{
284 (void) attributes;
285 (void) key;
286 (void) key_length;
287 (void) alg;
288 (void) input;
289 (void) input_length;
290 (void) signature;
291 (void) signature_length;
292
293 return( PSA_ERROR_NOT_SUPPORTED );
294}
295
296psa_status_t mbedtls_test_transparent_signature_sign_hash(
297 const psa_key_attributes_t *attributes,
298 const uint8_t *key_buffer, size_t key_buffer_size,
299 psa_algorithm_t alg,
300 const uint8_t *hash, size_t hash_length,
301 uint8_t *signature, size_t signature_size, size_t *signature_length )
302{
303 ++mbedtls_test_driver_signature_sign_hooks.hits;
304
305 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
306 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
307
308 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
309 {
310 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
311 return( PSA_ERROR_BUFFER_TOO_SMALL );
312 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
313 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
314 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
315 return( PSA_SUCCESS );
316 }
317
318 return sign_hash( attributes, key_buffer, key_buffer_size,
319 alg, hash, hash_length,
320 signature, signature_size, signature_length );
321}
322
323psa_status_t mbedtls_test_opaque_signature_sign_hash(
324 const psa_key_attributes_t *attributes,
325 const uint8_t *key, size_t key_length,
326 psa_algorithm_t alg,
327 const uint8_t *hash, size_t hash_length,
328 uint8_t *signature, size_t signature_size, size_t *signature_length )
329{
330 (void) attributes;
331 (void) key;
332 (void) key_length;
333 (void) alg;
334 (void) hash;
335 (void) hash_length;
336 (void) signature;
337 (void) signature_size;
338 (void) signature_length;
339
340 return( PSA_ERROR_NOT_SUPPORTED );
341}
342
343psa_status_t mbedtls_test_transparent_signature_verify_hash(
344 const psa_key_attributes_t *attributes,
345 const uint8_t *key_buffer, size_t key_buffer_size,
346 psa_algorithm_t alg,
347 const uint8_t *hash, size_t hash_length,
348 const uint8_t *signature, size_t signature_length )
349{
350 ++mbedtls_test_driver_signature_verify_hooks.hits;
351
352 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
353 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
354
355 return verify_hash( attributes, key_buffer, key_buffer_size,
356 alg, hash, hash_length,
357 signature, signature_length );
358}
359
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]360psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]361 const psa_key_attributes_t *attributes,
362 const uint8_t *key, size_t key_length,
363 psa_algorithm_t alg,
364 const uint8_t *hash, size_t hash_length,
365 const uint8_t *signature, size_t signature_length )
366{
367 (void) attributes;
368 (void) key;
369 (void) key_length;
370 (void) alg;
371 (void) hash;
372 (void) hash_length;
373 (void) signature;
374 (void) signature_length;
375 return( PSA_ERROR_NOT_SUPPORTED );
376}
377
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]378#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */