TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / d54303da7c3efc47a429b3e20845a8e857e7ed81 / . / tests / src / drivers / test_driver_signature.c
blob: 443b52eefc044a94b6503ab8086e91beee17a0b5 [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]28#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]29#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]30#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]31#include "psa_crypto_ecp.h"
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]32#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]33#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]34#include "mbedtls/ecp.h"
35
Ronald Crond54303d2021-04-10 15:12:00 +0200[diff] [blame^]36#include "test/drivers/hash.h"
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]37#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]38
39#include "mbedtls/md.h"
40#include "mbedtls/ecdsa.h"
41
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]42#include "test/random.h"
43
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]44#include <string.h>
45
Ronald Cronc4bc12e2021-04-13 12:41:34 +0200[diff] [blame]46mbedtls_test_driver_signature_hooks_t
47 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
48mbedtls_test_driver_signature_hooks_t
49 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]50
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]51psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]52 const psa_key_attributes_t *attributes,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]53 const uint8_t *key_buffer,
54 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]55 psa_algorithm_t alg,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]56 const uint8_t *hash,
57 size_t hash_length,
58 uint8_t *signature,
59 size_t signature_size,
60 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]61{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]62 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
63 {
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]64 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
65 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]66 {
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]67#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
68 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \
69 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]70 return( mbedtls_transparent_test_driver_rsa_sign_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]71 attributes,
72 key_buffer, key_buffer_size,
73 alg, hash, hash_length,
74 signature, signature_size, signature_length ) );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]75#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
76 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
77 return( mbedtls_psa_rsa_sign_hash(
78 attributes,
79 key_buffer, key_buffer_size,
80 alg, hash, hash_length,
81 signature, signature_size, signature_length ) );
82#endif
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]83 }
84 else
85 {
86 return( PSA_ERROR_INVALID_ARGUMENT );
87 }
88 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]89 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
90 {
91 if( PSA_ALG_IS_ECDSA( alg ) )
92 {
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]93#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
94 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \
95 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]96 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
97 attributes,
98 key_buffer, key_buffer_size,
99 alg, hash, hash_length,
100 signature, signature_size, signature_length ) );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]101#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
102 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
103 return( mbedtls_psa_ecdsa_sign_hash(
104 attributes,
105 key_buffer, key_buffer_size,
106 alg, hash, hash_length,
107 signature, signature_size, signature_length ) );
108#endif
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]109 }
110 else
111 {
112 return( PSA_ERROR_INVALID_ARGUMENT );
113 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]114 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]115
116 (void)attributes;
117 (void)key_buffer;
118 (void)key_buffer_size;
119 (void)alg;
120 (void)hash;
121 (void)hash_length;
122 (void)signature;
123 (void)signature_size;
124 (void)signature_length;
125 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]126}
127
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]128psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]129 const psa_key_attributes_t *attributes,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]130 const uint8_t *key_buffer,
131 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]132 psa_algorithm_t alg,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]133 const uint8_t *hash,
134 size_t hash_length,
135 const uint8_t *signature,
136 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]137{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]138 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
139 {
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]140 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
141 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]142 {
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]143#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
144 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \
145 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]146 return( mbedtls_transparent_test_driver_rsa_verify_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]147 attributes,
148 key_buffer, key_buffer_size,
149 alg, hash, hash_length,
150 signature, signature_length ) );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]151#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
152 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
153 return( mbedtls_psa_rsa_verify_hash(
154 attributes,
155 key_buffer, key_buffer_size,
156 alg, hash, hash_length,
157 signature, signature_length ) );
158#endif
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]159 }
160 else
161 {
162 return( PSA_ERROR_INVALID_ARGUMENT );
163 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]164 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]165 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
166 {
167 if( PSA_ALG_IS_ECDSA( alg ) )
168 {
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]169#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
170 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \
171 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]172 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
173 attributes,
174 key_buffer, key_buffer_size,
175 alg, hash, hash_length,
176 signature, signature_length ) );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]177#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
178 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
179 return( mbedtls_psa_ecdsa_verify_hash(
180 attributes,
181 key_buffer, key_buffer_size,
182 alg, hash, hash_length,
183 signature, signature_length ) );
184#endif
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]185 }
186 else
187 {
188 return( PSA_ERROR_INVALID_ARGUMENT );
189 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]190 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]191
192 (void)attributes;
193 (void)key_buffer;
194 (void)key_buffer_size;
195 (void)alg;
196 (void)hash;
197 (void)hash_length;
198 (void)signature;
199 (void)signature_length;
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]200 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]201}
202
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]203psa_status_t mbedtls_test_transparent_signature_sign_message(
204 const psa_key_attributes_t *attributes,
205 const uint8_t *key_buffer,
206 size_t key_buffer_size,
207 psa_algorithm_t alg,
208 const uint8_t *input,
209 size_t input_length,
210 uint8_t *signature,
211 size_t signature_size,
212 size_t *signature_length )
213{
214 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
215 size_t hash_length;
216 uint8_t hash[PSA_HASH_MAX_SIZE];
217
218 ++mbedtls_test_driver_signature_sign_hooks.hits;
219
220 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
221 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
222
223 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
224 {
225 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
226 return( PSA_ERROR_BUFFER_TOO_SMALL );
227
228 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
229 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
230 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
231
232 return( PSA_SUCCESS );
233 }
234
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]235#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]236 status = mbedtls_transparent_test_driver_hash_compute(
237 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
238 hash, sizeof( hash ), &hash_length );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]239#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
240 status = mbedtls_psa_hash_compute(
241 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
242 hash, sizeof( hash ), &hash_length );
243#else
244 (void) input;
245 (void) input_length;
246 status = PSA_ERROR_NOT_SUPPORTED;
247#endif
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]248 if( status != PSA_SUCCESS )
249 return status;
250
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]251 return( sign_hash( attributes, key_buffer, key_buffer_size,
252 alg, hash, hash_length,
253 signature, signature_size, signature_length ) );
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]254}
255
256psa_status_t mbedtls_test_opaque_signature_sign_message(
257 const psa_key_attributes_t *attributes,
258 const uint8_t *key,
259 size_t key_length,
260 psa_algorithm_t alg,
261 const uint8_t *input,
262 size_t input_length,
263 uint8_t *signature,
264 size_t signature_size,
265 size_t *signature_length )
266{
267 (void) attributes;
268 (void) key;
269 (void) key_length;
270 (void) alg;
271 (void) input;
272 (void) input_length;
273 (void) signature;
274 (void) signature_size;
275 (void) signature_length;
276
277 return( PSA_ERROR_NOT_SUPPORTED );
278}
279
280psa_status_t mbedtls_test_transparent_signature_verify_message(
281 const psa_key_attributes_t *attributes,
282 const uint8_t *key_buffer,
283 size_t key_buffer_size,
284 psa_algorithm_t alg,
285 const uint8_t *input,
286 size_t input_length,
287 const uint8_t *signature,
288 size_t signature_length )
289{
290 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
291 size_t hash_length;
292 uint8_t hash[PSA_HASH_MAX_SIZE];
293
294 ++mbedtls_test_driver_signature_verify_hooks.hits;
295
296 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
297 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
298
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]299#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]300 status = mbedtls_transparent_test_driver_hash_compute(
301 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
302 hash, sizeof( hash ), &hash_length );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]303#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
304 status = mbedtls_psa_hash_compute(
305 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
306 hash, sizeof( hash ), &hash_length );
307#else
308 (void) input;
309 (void) input_length;
310 status = PSA_ERROR_NOT_SUPPORTED;
311#endif
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]312 if( status != PSA_SUCCESS )
313 return status;
314
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]315 return( verify_hash( attributes, key_buffer, key_buffer_size,
316 alg, hash, hash_length,
317 signature, signature_length ) );
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]318}
319
320psa_status_t mbedtls_test_opaque_signature_verify_message(
321 const psa_key_attributes_t *attributes,
322 const uint8_t *key,
323 size_t key_length,
324 psa_algorithm_t alg,
325 const uint8_t *input,
326 size_t input_length,
327 const uint8_t *signature,
328 size_t signature_length )
329{
330 (void) attributes;
331 (void) key;
332 (void) key_length;
333 (void) alg;
334 (void) input;
335 (void) input_length;
336 (void) signature;
337 (void) signature_length;
338
339 return( PSA_ERROR_NOT_SUPPORTED );
340}
341
342psa_status_t mbedtls_test_transparent_signature_sign_hash(
343 const psa_key_attributes_t *attributes,
344 const uint8_t *key_buffer, size_t key_buffer_size,
345 psa_algorithm_t alg,
346 const uint8_t *hash, size_t hash_length,
347 uint8_t *signature, size_t signature_size, size_t *signature_length )
348{
349 ++mbedtls_test_driver_signature_sign_hooks.hits;
350
351 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
352 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
353
354 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
355 {
356 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
357 return( PSA_ERROR_BUFFER_TOO_SMALL );
358 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
359 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
360 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
361 return( PSA_SUCCESS );
362 }
363
364 return sign_hash( attributes, key_buffer, key_buffer_size,
365 alg, hash, hash_length,
366 signature, signature_size, signature_length );
367}
368
369psa_status_t mbedtls_test_opaque_signature_sign_hash(
370 const psa_key_attributes_t *attributes,
371 const uint8_t *key, size_t key_length,
372 psa_algorithm_t alg,
373 const uint8_t *hash, size_t hash_length,
374 uint8_t *signature, size_t signature_size, size_t *signature_length )
375{
376 (void) attributes;
377 (void) key;
378 (void) key_length;
379 (void) alg;
380 (void) hash;
381 (void) hash_length;
382 (void) signature;
383 (void) signature_size;
384 (void) signature_length;
385
386 return( PSA_ERROR_NOT_SUPPORTED );
387}
388
389psa_status_t mbedtls_test_transparent_signature_verify_hash(
390 const psa_key_attributes_t *attributes,
391 const uint8_t *key_buffer, size_t key_buffer_size,
392 psa_algorithm_t alg,
393 const uint8_t *hash, size_t hash_length,
394 const uint8_t *signature, size_t signature_length )
395{
396 ++mbedtls_test_driver_signature_verify_hooks.hits;
397
398 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
399 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
400
401 return verify_hash( attributes, key_buffer, key_buffer_size,
402 alg, hash, hash_length,
403 signature, signature_length );
404}
405
Ronald Cronc4bc12e2021-04-13 12:41:34 +0200[diff] [blame]406psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]407 const psa_key_attributes_t *attributes,
408 const uint8_t *key, size_t key_length,
409 psa_algorithm_t alg,
410 const uint8_t *hash, size_t hash_length,
411 const uint8_t *signature, size_t signature_length )
412{
413 (void) attributes;
414 (void) key;
415 (void) key_length;
416 (void) alg;
417 (void) hash;
418 (void) hash_length;
419 (void) signature;
420 (void) signature_length;
421 return( PSA_ERROR_NOT_SUPPORTED );
422}
423
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]424#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */