TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 2c7b2f86971536818ddbf87158ea03af7e24c264 / . / tests / src / drivers / signature.c
blob: 62ba4072a9ea4abc7fe61ab4ce4ca68dd931c8be [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
2 * Test driver for signature functions
3 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame^]4/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]18 */
19
20#if !defined(MBEDTLS_CONFIG_FILE)
21#include "mbedtls/config.h"
22#else
23#include MBEDTLS_CONFIG_FILE
24#endif
25
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]26#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]27#include "psa/crypto.h"
28#include "mbedtls/ecp.h"
29
30#include "drivers/signature.h"
31
32#include "mbedtls/md.h"
33#include "mbedtls/ecdsa.h"
34
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]35#include "test/random.h"
36
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]37#include <string.h>
38
39/* If non-null, on success, copy this to the output. */
40void *test_driver_forced_output = NULL;
41size_t test_driver_forced_output_length = 0;
42
43psa_status_t test_transparent_signature_sign_hash_status = PSA_ERROR_NOT_SUPPORTED;
44unsigned long test_transparent_signature_sign_hash_hit = 0;
45
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]46psa_status_t test_transparent_signature_verify_hash_status = PSA_ERROR_NOT_SUPPORTED;
47unsigned long test_transparent_signature_verify_hash_hit = 0;
48
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]49psa_status_t test_transparent_signature_sign_hash(
50 const psa_key_attributes_t *attributes,
51 const uint8_t *key, size_t key_length,
52 psa_algorithm_t alg,
53 const uint8_t *hash, size_t hash_length,
54 uint8_t *signature, size_t signature_size, size_t *signature_length )
55{
56 ++test_transparent_signature_sign_hash_hit;
57
58 if( test_transparent_signature_sign_hash_status != PSA_SUCCESS )
59 return( test_transparent_signature_sign_hash_status );
60
61 if( test_driver_forced_output != NULL )
62 {
63 if( test_driver_forced_output_length > signature_size )
64 return( PSA_ERROR_BUFFER_TOO_SMALL );
65 memcpy( signature, test_driver_forced_output,
66 test_driver_forced_output_length );
67 *signature_length = test_driver_forced_output_length;
68 return( PSA_SUCCESS );
69 }
70
71 psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
72
73#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
74 defined(MBEDTLS_SHA256_C)
75 if( alg != PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) )
76 return( PSA_ERROR_NOT_SUPPORTED );
77 mbedtls_ecp_group_id grp_id;
78 switch( psa_get_key_type( attributes ) )
79 {
80 case PSA_ECC_CURVE_SECP_R1:
81 switch( psa_get_key_bits( attributes ) )
82 {
83 case 256:
84 grp_id = MBEDTLS_ECP_DP_SECP256R1;
85 break;
86 case 384:
87 grp_id = MBEDTLS_ECP_DP_SECP384R1;
88 break;
89 case 521:
90 grp_id = MBEDTLS_ECP_DP_SECP521R1;
91 break;
92 default:
93 return( PSA_ERROR_NOT_SUPPORTED );
94 }
95 break;
96 default:
97 return( PSA_ERROR_NOT_SUPPORTED );
98 }
99
100 /* Beyond this point, the driver is actually doing the work of
101 * calculating the signature. */
102
103 status = PSA_ERROR_GENERIC_ERROR;
104 int ret = 0;
105 mbedtls_mpi r, s;
106 mbedtls_mpi_init( &r );
107 mbedtls_mpi_init( &s );
108 mbedtls_ecp_keypair ecp;
109 mbedtls_ecp_keypair_init( &ecp );
110 size_t curve_bytes = PSA_BITS_TO_BYTES( ecp.grp.pbits );
111
112 MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
113 MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
114 key, key_length ) );
115
116 /* Code adapted from psa_ecdsa_sign() in psa_crypto.c. */
117 mbedtls_md_type_t md_alg = MBEDTLS_MD_SHA256;
118 if( signature_size < 2 * curve_bytes )
119 {
120 status = PSA_ERROR_BUFFER_TOO_SMALL;
121 goto cleanup;
122 }
123 MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp.grp, &r, &s, &ecp.d,
124 hash, hash_length, md_alg ) );
125 MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
126 signature,
127 curve_bytes ) );
128 MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
129 signature + curve_bytes,
130 curve_bytes ) );
131cleanup:
132 /* There's no easy way to translate the error code except through a
133 * library function that's not exported. Use a debugger. */
134 if( ret == 0 )
135 status = PSA_SUCCESS;
136 mbedtls_mpi_free( &r );
137 mbedtls_mpi_free( &s );
138 mbedtls_ecp_keypair_free( &ecp );
139 if( status == PSA_SUCCESS )
140 *signature_length = 2 * curve_bytes;
141#else /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
142 defined(MBEDTLS_SHA256_C) */
143 (void) attributes;
144 (void) key;
145 (void) key_length;
146 (void) alg;
147 (void) hash;
148 (void) hash_length;
149#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
150 defined(MBEDTLS_SHA256_C) */
151
152 return( status );
153}
154
155psa_status_t test_opaque_signature_sign_hash(
156 const psa_key_attributes_t *attributes,
157 const uint8_t *key, size_t key_length,
158 psa_algorithm_t alg,
159 const uint8_t *hash, size_t hash_length,
160 uint8_t *signature, size_t signature_size, size_t *signature_length )
161{
162 (void) attributes;
163 (void) key;
164 (void) key_length;
165 (void) alg;
166 (void) hash;
167 (void) hash_length;
168 (void) signature;
169 (void) signature_size;
170 (void) signature_length;
171 return( PSA_ERROR_NOT_SUPPORTED );
172}
173
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]174psa_status_t test_transparent_signature_verify_hash(
175 const psa_key_attributes_t *attributes,
176 const uint8_t *key, size_t key_length,
177 psa_algorithm_t alg,
178 const uint8_t *hash, size_t hash_length,
179 const uint8_t *signature, size_t signature_length )
180{
181 ++test_transparent_signature_verify_hash_hit;
182
183 if( test_transparent_signature_verify_hash_status != PSA_SUCCESS )
184 return( test_transparent_signature_verify_hash_status );
185
186 psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
187
188#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
189 defined(MBEDTLS_SHA256_C)
190 if( alg != PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) )
191 return( PSA_ERROR_NOT_SUPPORTED );
192 mbedtls_ecp_group_id grp_id;
193 switch( psa_get_key_type( attributes ) )
194 {
195 case PSA_ECC_CURVE_SECP_R1:
196 switch( psa_get_key_bits( attributes ) )
197 {
198 case 256:
199 grp_id = MBEDTLS_ECP_DP_SECP256R1;
200 break;
201 case 384:
202 grp_id = MBEDTLS_ECP_DP_SECP384R1;
203 break;
204 case 521:
205 grp_id = MBEDTLS_ECP_DP_SECP521R1;
206 break;
207 default:
208 return( PSA_ERROR_NOT_SUPPORTED );
209 }
210 break;
211 default:
212 return( PSA_ERROR_NOT_SUPPORTED );
213 }
214
215 /* Beyond this point, the driver is actually doing the work of
216 * calculating the signature. */
217
218 status = PSA_ERROR_GENERIC_ERROR;
219 int ret = 0;
220 mbedtls_mpi r, s;
221 mbedtls_mpi_init( &r );
222 mbedtls_mpi_init( &s );
223 mbedtls_ecp_keypair ecp;
224 mbedtls_ecp_keypair_init( &ecp );
225 mbedtls_test_rnd_pseudo_info rnd_info;
226 memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
227 size_t curve_bytes = PSA_BITS_TO_BYTES( ecp.grp.pbits );
228
229 MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
230
231 /* Code adapted from psa_ecdsa_verify() in psa_crypto.c. */
232 if( signature_length < 2 * curve_bytes )
233 {
234 status = PSA_ERROR_BUFFER_TOO_SMALL;
235 goto cleanup;
236 }
237
238 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
239 signature,
240 curve_bytes ) );
241 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
242 signature + curve_bytes,
243 curve_bytes ) );
244
245 if( PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( attributes ) ) )
246 MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
247 key, key_length ) );
248 else
249 {
250 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ecp.d, key, key_length ) );
251 MBEDTLS_MPI_CHK(
252 mbedtls_ecp_mul( &ecp.grp, &ecp.Q, &ecp.d, &ecp.grp.G,
253 &mbedtls_test_rnd_pseudo_rand,
254 &rnd_info ) );
255 }
256
257 MBEDTLS_MPI_CHK( mbedtls_ecdsa_verify( &ecp.grp, hash, hash_length,
258 &ecp.Q, &r, &s ) );
259cleanup:
260 /* There's no easy way to translate the error code except through a
261 * library function that's not exported. Use a debugger. */
262 if( ret == 0 )
263 status = PSA_SUCCESS;
264 mbedtls_mpi_free( &r );
265 mbedtls_mpi_free( &s );
266 mbedtls_ecp_keypair_free( &ecp );
267#else /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
268 defined(MBEDTLS_SHA256_C) */
269 (void) attributes;
270 (void) key;
271 (void) key_length;
272 (void) alg;
273 (void) hash;
274 (void) hash_length;
275#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
276 defined(MBEDTLS_SHA256_C) */
277
278 return( status );
279}
280
281psa_status_t test_opaque_signature_verify_hash(
282 const psa_key_attributes_t *attributes,
283 const uint8_t *key, size_t key_length,
284 psa_algorithm_t alg,
285 const uint8_t *hash, size_t hash_length,
286 const uint8_t *signature, size_t signature_length )
287{
288 (void) attributes;
289 (void) key;
290 (void) key_length;
291 (void) alg;
292 (void) hash;
293 (void) hash_length;
294 (void) signature;
295 (void) signature_length;
296 return( PSA_ERROR_NOT_SUPPORTED );
297}
298
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]299#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */