TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 5601cd2cf172b0fe146e7362a1dcd9d8851e72a5 / . / tests / src / drivers / test_driver_signature.c
blob: d81fc233599a57f6cb11aadf075379bd02a05d44 [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
Mateusz Starzyk2c09c9b2021-05-14 22:20:10 +0200[diff] [blame]22#include <test/helpers.h>
23
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]24#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]25#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]26#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]27#include "psa_crypto_ecp.h"
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]28#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]29#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]30#include "mbedtls/ecp.h"
31
Ronald Cron5601cd22021-04-10 15:12:00 +0200[diff] [blame^]32#include "test/drivers/hash.h"
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]33#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]34
35#include "mbedtls/md.h"
36#include "mbedtls/ecdsa.h"
37
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]38#include "test/random.h"
39
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]40#include <string.h>
41
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]42mbedtls_test_driver_signature_hooks_t
43 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
44mbedtls_test_driver_signature_hooks_t
45 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]46
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]47psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]48 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]49 const uint8_t *key_buffer,
50 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]51 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]52 const uint8_t *hash,
53 size_t hash_length,
54 uint8_t *signature,
55 size_t signature_size,
56 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]57{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]58 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
59 {
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]60 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
61 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]62 {
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]63#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
64 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \
65 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]66 return( mbedtls_transparent_test_driver_rsa_sign_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]67 attributes,
68 key_buffer, key_buffer_size,
69 alg, hash, hash_length,
70 signature, signature_size, signature_length ) );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]71#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
72 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
73 return( mbedtls_psa_rsa_sign_hash(
74 attributes,
75 key_buffer, key_buffer_size,
76 alg, hash, hash_length,
77 signature, signature_size, signature_length ) );
78#endif
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]79 }
80 else
81 {
82 return( PSA_ERROR_INVALID_ARGUMENT );
83 }
84 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]85 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
86 {
87 if( PSA_ALG_IS_ECDSA( alg ) )
88 {
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]89#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
90 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \
91 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]92 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
93 attributes,
94 key_buffer, key_buffer_size,
95 alg, hash, hash_length,
96 signature, signature_size, signature_length ) );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]97#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
98 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
99 return( mbedtls_psa_ecdsa_sign_hash(
100 attributes,
101 key_buffer, key_buffer_size,
102 alg, hash, hash_length,
103 signature, signature_size, signature_length ) );
104#endif
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]105 }
106 else
107 {
108 return( PSA_ERROR_INVALID_ARGUMENT );
109 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]110 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]111
112 (void)attributes;
113 (void)key_buffer;
114 (void)key_buffer_size;
115 (void)alg;
116 (void)hash;
117 (void)hash_length;
118 (void)signature;
119 (void)signature_size;
120 (void)signature_length;
121 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]122}
123
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]124psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]125 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]126 const uint8_t *key_buffer,
127 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]128 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]129 const uint8_t *hash,
130 size_t hash_length,
131 const uint8_t *signature,
132 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]133{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]134 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
135 {
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]136 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
137 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]138 {
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]139#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
140 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \
141 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]142 return( mbedtls_transparent_test_driver_rsa_verify_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]143 attributes,
144 key_buffer, key_buffer_size,
145 alg, hash, hash_length,
146 signature, signature_length ) );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]147#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
148 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
149 return( mbedtls_psa_rsa_verify_hash(
150 attributes,
151 key_buffer, key_buffer_size,
152 alg, hash, hash_length,
153 signature, signature_length ) );
154#endif
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]155 }
156 else
157 {
158 return( PSA_ERROR_INVALID_ARGUMENT );
159 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]160 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]161 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
162 {
163 if( PSA_ALG_IS_ECDSA( alg ) )
164 {
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]165#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
166 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \
167 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]168 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
169 attributes,
170 key_buffer, key_buffer_size,
171 alg, hash, hash_length,
172 signature, signature_length ) );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]173#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
174 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
175 return( mbedtls_psa_ecdsa_verify_hash(
176 attributes,
177 key_buffer, key_buffer_size,
178 alg, hash, hash_length,
179 signature, signature_length ) );
180#endif
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]181 }
182 else
183 {
184 return( PSA_ERROR_INVALID_ARGUMENT );
185 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]186 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]187
188 (void)attributes;
189 (void)key_buffer;
190 (void)key_buffer_size;
191 (void)alg;
192 (void)hash;
193 (void)hash_length;
194 (void)signature;
195 (void)signature_length;
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame]196 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]197}
198
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]199psa_status_t mbedtls_test_transparent_signature_sign_message(
200 const psa_key_attributes_t *attributes,
201 const uint8_t *key_buffer,
202 size_t key_buffer_size,
203 psa_algorithm_t alg,
204 const uint8_t *input,
205 size_t input_length,
206 uint8_t *signature,
207 size_t signature_size,
208 size_t *signature_length )
209{
210 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
211 size_t hash_length;
212 uint8_t hash[PSA_HASH_MAX_SIZE];
213
214 ++mbedtls_test_driver_signature_sign_hooks.hits;
215
216 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
217 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
218
219 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
220 {
221 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
222 return( PSA_ERROR_BUFFER_TOO_SMALL );
223
224 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
225 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
226 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
227
228 return( PSA_SUCCESS );
229 }
230
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]231#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]232 status = mbedtls_transparent_test_driver_hash_compute(
233 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
234 hash, sizeof( hash ), &hash_length );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]235#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
236 status = mbedtls_psa_hash_compute(
237 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
238 hash, sizeof( hash ), &hash_length );
239#else
240 (void) input;
241 (void) input_length;
242 status = PSA_ERROR_NOT_SUPPORTED;
243#endif
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]244 if( status != PSA_SUCCESS )
245 return status;
246
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]247 return( sign_hash( attributes, key_buffer, key_buffer_size,
248 alg, hash, hash_length,
249 signature, signature_size, signature_length ) );
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]250}
251
252psa_status_t mbedtls_test_opaque_signature_sign_message(
253 const psa_key_attributes_t *attributes,
254 const uint8_t *key,
255 size_t key_length,
256 psa_algorithm_t alg,
257 const uint8_t *input,
258 size_t input_length,
259 uint8_t *signature,
260 size_t signature_size,
261 size_t *signature_length )
262{
263 (void) attributes;
264 (void) key;
265 (void) key_length;
266 (void) alg;
267 (void) input;
268 (void) input_length;
269 (void) signature;
270 (void) signature_size;
271 (void) signature_length;
272
273 return( PSA_ERROR_NOT_SUPPORTED );
274}
275
276psa_status_t mbedtls_test_transparent_signature_verify_message(
277 const psa_key_attributes_t *attributes,
278 const uint8_t *key_buffer,
279 size_t key_buffer_size,
280 psa_algorithm_t alg,
281 const uint8_t *input,
282 size_t input_length,
283 const uint8_t *signature,
284 size_t signature_length )
285{
286 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
287 size_t hash_length;
288 uint8_t hash[PSA_HASH_MAX_SIZE];
289
290 ++mbedtls_test_driver_signature_verify_hooks.hits;
291
292 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
293 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
294
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]295#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]296 status = mbedtls_transparent_test_driver_hash_compute(
297 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
298 hash, sizeof( hash ), &hash_length );
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]299#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
300 status = mbedtls_psa_hash_compute(
301 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
302 hash, sizeof( hash ), &hash_length );
303#else
304 (void) input;
305 (void) input_length;
306 status = PSA_ERROR_NOT_SUPPORTED;
307#endif
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]308 if( status != PSA_SUCCESS )
309 return status;
310
Ronald Cron73c9d9e2021-04-09 11:09:54 +0200[diff] [blame]311 return( verify_hash( attributes, key_buffer, key_buffer_size,
312 alg, hash, hash_length,
313 signature, signature_length ) );
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]314}
315
316psa_status_t mbedtls_test_opaque_signature_verify_message(
317 const psa_key_attributes_t *attributes,
318 const uint8_t *key,
319 size_t key_length,
320 psa_algorithm_t alg,
321 const uint8_t *input,
322 size_t input_length,
323 const uint8_t *signature,
324 size_t signature_length )
325{
326 (void) attributes;
327 (void) key;
328 (void) key_length;
329 (void) alg;
330 (void) input;
331 (void) input_length;
332 (void) signature;
333 (void) signature_length;
334
335 return( PSA_ERROR_NOT_SUPPORTED );
336}
337
338psa_status_t mbedtls_test_transparent_signature_sign_hash(
339 const psa_key_attributes_t *attributes,
340 const uint8_t *key_buffer, size_t key_buffer_size,
341 psa_algorithm_t alg,
342 const uint8_t *hash, size_t hash_length,
343 uint8_t *signature, size_t signature_size, size_t *signature_length )
344{
345 ++mbedtls_test_driver_signature_sign_hooks.hits;
346
347 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
348 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
349
350 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
351 {
352 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
353 return( PSA_ERROR_BUFFER_TOO_SMALL );
354 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
355 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
356 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
357 return( PSA_SUCCESS );
358 }
359
360 return sign_hash( attributes, key_buffer, key_buffer_size,
361 alg, hash, hash_length,
362 signature, signature_size, signature_length );
363}
364
365psa_status_t mbedtls_test_opaque_signature_sign_hash(
366 const psa_key_attributes_t *attributes,
367 const uint8_t *key, size_t key_length,
368 psa_algorithm_t alg,
369 const uint8_t *hash, size_t hash_length,
370 uint8_t *signature, size_t signature_size, size_t *signature_length )
371{
372 (void) attributes;
373 (void) key;
374 (void) key_length;
375 (void) alg;
376 (void) hash;
377 (void) hash_length;
378 (void) signature;
379 (void) signature_size;
380 (void) signature_length;
381
382 return( PSA_ERROR_NOT_SUPPORTED );
383}
384
385psa_status_t mbedtls_test_transparent_signature_verify_hash(
386 const psa_key_attributes_t *attributes,
387 const uint8_t *key_buffer, size_t key_buffer_size,
388 psa_algorithm_t alg,
389 const uint8_t *hash, size_t hash_length,
390 const uint8_t *signature, size_t signature_length )
391{
392 ++mbedtls_test_driver_signature_verify_hooks.hits;
393
394 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
395 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
396
397 return verify_hash( attributes, key_buffer, key_buffer_size,
398 alg, hash, hash_length,
399 signature, signature_length );
400}
401
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]402psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]403 const psa_key_attributes_t *attributes,
404 const uint8_t *key, size_t key_length,
405 psa_algorithm_t alg,
406 const uint8_t *hash, size_t hash_length,
407 const uint8_t *signature, size_t signature_length )
408{
409 (void) attributes;
410 (void) key;
411 (void) key_length;
412 (void) alg;
413 (void) hash;
414 (void) hash_length;
415 (void) signature;
416 (void) signature_length;
417 return( PSA_ERROR_NOT_SUPPORTED );
418}
419
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]420#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */