TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 9ba7691bf721117eb133b33a1f5d032696698abc / . / tests / src / drivers / test_driver_signature.c
blob: 849438542136c1f4ed42465076253d5ff43fdd78 [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
Mateusz Starzyk2c09c9b2021-05-14 22:20:10 +0200[diff] [blame]22#include <test/helpers.h>
23
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]24#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]25#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]26#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]27#include "psa_crypto_ecp.h"
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]28#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]29#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]30#include "mbedtls/ecp.h"
31
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]32#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]33
34#include "mbedtls/md.h"
35#include "mbedtls/ecdsa.h"
36
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]37#include "test/random.h"
38
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]39#include <string.h>
40
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]41mbedtls_test_driver_signature_hooks_t
42 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
43mbedtls_test_driver_signature_hooks_t
44 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]45
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]46psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]47 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]48 const uint8_t *key_buffer,
49 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]50 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]51 const uint8_t *hash,
52 size_t hash_length,
53 uint8_t *signature,
54 size_t signature_size,
55 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]56{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]57 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
58 {
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]59 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
60 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]61 {
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]62#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
63 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \
64 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]65 return( mbedtls_transparent_test_driver_rsa_sign_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]66 attributes,
67 key_buffer, key_buffer_size,
68 alg, hash, hash_length,
69 signature, signature_size, signature_length ) );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]70#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
71 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
72 return( mbedtls_psa_rsa_sign_hash(
73 attributes,
74 key_buffer, key_buffer_size,
75 alg, hash, hash_length,
76 signature, signature_size, signature_length ) );
77#endif
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]78 }
79 else
80 {
81 return( PSA_ERROR_INVALID_ARGUMENT );
82 }
83 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]84 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
85 {
86 if( PSA_ALG_IS_ECDSA( alg ) )
87 {
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]88#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
89 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \
90 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]91 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
92 attributes,
93 key_buffer, key_buffer_size,
94 alg, hash, hash_length,
95 signature, signature_size, signature_length ) );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]96#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
97 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
98 return( mbedtls_psa_ecdsa_sign_hash(
99 attributes,
100 key_buffer, key_buffer_size,
101 alg, hash, hash_length,
102 signature, signature_size, signature_length ) );
103#endif
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]104 }
105 else
106 {
107 return( PSA_ERROR_INVALID_ARGUMENT );
108 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]109 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]110
111 (void)attributes;
112 (void)key_buffer;
113 (void)key_buffer_size;
114 (void)alg;
115 (void)hash;
116 (void)hash_length;
117 (void)signature;
118 (void)signature_size;
119 (void)signature_length;
120 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]121}
122
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]123psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]124 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]125 const uint8_t *key_buffer,
126 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]127 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]128 const uint8_t *hash,
129 size_t hash_length,
130 const uint8_t *signature,
131 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]132{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]133 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
134 {
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]135 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
136 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]137 {
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]138#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
139 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \
140 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]141 return( mbedtls_transparent_test_driver_rsa_verify_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]142 attributes,
143 key_buffer, key_buffer_size,
144 alg, hash, hash_length,
145 signature, signature_length ) );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]146#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
147 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
148 return( mbedtls_psa_rsa_verify_hash(
149 attributes,
150 key_buffer, key_buffer_size,
151 alg, hash, hash_length,
152 signature, signature_length ) );
153#endif
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]154 }
155 else
156 {
157 return( PSA_ERROR_INVALID_ARGUMENT );
158 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]159 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]160 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
161 {
162 if( PSA_ALG_IS_ECDSA( alg ) )
163 {
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]164#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
165 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \
166 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]167 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
168 attributes,
169 key_buffer, key_buffer_size,
170 alg, hash, hash_length,
171 signature, signature_length ) );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]172#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
173 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
174 return( mbedtls_psa_ecdsa_verify_hash(
175 attributes,
176 key_buffer, key_buffer_size,
177 alg, hash, hash_length,
178 signature, signature_length ) );
179#endif
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]180 }
181 else
182 {
183 return( PSA_ERROR_INVALID_ARGUMENT );
184 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]185 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]186
187 (void)attributes;
188 (void)key_buffer;
189 (void)key_buffer_size;
190 (void)alg;
191 (void)hash;
192 (void)hash_length;
193 (void)signature;
194 (void)signature_length;
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]195 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]196}
197
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]198psa_status_t mbedtls_test_transparent_signature_sign_message(
199 const psa_key_attributes_t *attributes,
200 const uint8_t *key_buffer,
201 size_t key_buffer_size,
202 psa_algorithm_t alg,
203 const uint8_t *input,
204 size_t input_length,
205 uint8_t *signature,
206 size_t signature_size,
207 size_t *signature_length )
208{
209 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
210 size_t hash_length;
211 uint8_t hash[PSA_HASH_MAX_SIZE];
212
213 ++mbedtls_test_driver_signature_sign_hooks.hits;
214
215 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
216 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
217
218 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
219 {
220 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
221 return( PSA_ERROR_BUFFER_TOO_SMALL );
222
223 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
224 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
225 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
226
227 return( PSA_SUCCESS );
228 }
229
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]230#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]231 status = mbedtls_transparent_test_driver_hash_compute(
232 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
233 hash, sizeof( hash ), &hash_length );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]234#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
235 status = mbedtls_psa_hash_compute(
236 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
237 hash, sizeof( hash ), &hash_length );
238#else
239 (void) input;
240 (void) input_length;
241 status = PSA_ERROR_NOT_SUPPORTED;
242#endif
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]243 if( status != PSA_SUCCESS )
244 return status;
245
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]246 return( sign_hash( attributes, key_buffer, key_buffer_size,
247 alg, hash, hash_length,
248 signature, signature_size, signature_length ) );
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]249}
250
251psa_status_t mbedtls_test_opaque_signature_sign_message(
252 const psa_key_attributes_t *attributes,
253 const uint8_t *key,
254 size_t key_length,
255 psa_algorithm_t alg,
256 const uint8_t *input,
257 size_t input_length,
258 uint8_t *signature,
259 size_t signature_size,
260 size_t *signature_length )
261{
262 (void) attributes;
263 (void) key;
264 (void) key_length;
265 (void) alg;
266 (void) input;
267 (void) input_length;
268 (void) signature;
269 (void) signature_size;
270 (void) signature_length;
271
272 return( PSA_ERROR_NOT_SUPPORTED );
273}
274
275psa_status_t mbedtls_test_transparent_signature_verify_message(
276 const psa_key_attributes_t *attributes,
277 const uint8_t *key_buffer,
278 size_t key_buffer_size,
279 psa_algorithm_t alg,
280 const uint8_t *input,
281 size_t input_length,
282 const uint8_t *signature,
283 size_t signature_length )
284{
285 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
286 size_t hash_length;
287 uint8_t hash[PSA_HASH_MAX_SIZE];
288
289 ++mbedtls_test_driver_signature_verify_hooks.hits;
290
291 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
292 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
293
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]294#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]295 status = mbedtls_transparent_test_driver_hash_compute(
296 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
297 hash, sizeof( hash ), &hash_length );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]298#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
299 status = mbedtls_psa_hash_compute(
300 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
301 hash, sizeof( hash ), &hash_length );
302#else
303 (void) input;
304 (void) input_length;
305 status = PSA_ERROR_NOT_SUPPORTED;
306#endif
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]307 if( status != PSA_SUCCESS )
308 return status;
309
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]310 return( verify_hash( attributes, key_buffer, key_buffer_size,
311 alg, hash, hash_length,
312 signature, signature_length ) );
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]313}
314
315psa_status_t mbedtls_test_opaque_signature_verify_message(
316 const psa_key_attributes_t *attributes,
317 const uint8_t *key,
318 size_t key_length,
319 psa_algorithm_t alg,
320 const uint8_t *input,
321 size_t input_length,
322 const uint8_t *signature,
323 size_t signature_length )
324{
325 (void) attributes;
326 (void) key;
327 (void) key_length;
328 (void) alg;
329 (void) input;
330 (void) input_length;
331 (void) signature;
332 (void) signature_length;
333
334 return( PSA_ERROR_NOT_SUPPORTED );
335}
336
337psa_status_t mbedtls_test_transparent_signature_sign_hash(
338 const psa_key_attributes_t *attributes,
339 const uint8_t *key_buffer, size_t key_buffer_size,
340 psa_algorithm_t alg,
341 const uint8_t *hash, size_t hash_length,
342 uint8_t *signature, size_t signature_size, size_t *signature_length )
343{
344 ++mbedtls_test_driver_signature_sign_hooks.hits;
345
346 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
347 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
348
349 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
350 {
351 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
352 return( PSA_ERROR_BUFFER_TOO_SMALL );
353 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
354 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
355 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
356 return( PSA_SUCCESS );
357 }
358
359 return sign_hash( attributes, key_buffer, key_buffer_size,
360 alg, hash, hash_length,
361 signature, signature_size, signature_length );
362}
363
364psa_status_t mbedtls_test_opaque_signature_sign_hash(
365 const psa_key_attributes_t *attributes,
366 const uint8_t *key, size_t key_length,
367 psa_algorithm_t alg,
368 const uint8_t *hash, size_t hash_length,
369 uint8_t *signature, size_t signature_size, size_t *signature_length )
370{
371 (void) attributes;
372 (void) key;
373 (void) key_length;
374 (void) alg;
375 (void) hash;
376 (void) hash_length;
377 (void) signature;
378 (void) signature_size;
379 (void) signature_length;
380
381 return( PSA_ERROR_NOT_SUPPORTED );
382}
383
384psa_status_t mbedtls_test_transparent_signature_verify_hash(
385 const psa_key_attributes_t *attributes,
386 const uint8_t *key_buffer, size_t key_buffer_size,
387 psa_algorithm_t alg,
388 const uint8_t *hash, size_t hash_length,
389 const uint8_t *signature, size_t signature_length )
390{
391 ++mbedtls_test_driver_signature_verify_hooks.hits;
392
393 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
394 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
395
396 return verify_hash( attributes, key_buffer, key_buffer_size,
397 alg, hash, hash_length,
398 signature, signature_length );
399}
400
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]401psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]402 const psa_key_attributes_t *attributes,
403 const uint8_t *key, size_t key_length,
404 psa_algorithm_t alg,
405 const uint8_t *hash, size_t hash_length,
406 const uint8_t *signature, size_t signature_length )
407{
408 (void) attributes;
409 (void) key;
410 (void) key_length;
411 (void) alg;
412 (void) hash;
413 (void) hash_length;
414 (void) signature;
415 (void) signature_length;
416 return( PSA_ERROR_NOT_SUPPORTED );
417}
418
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]419#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */