TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 81ca97e080c9449cf6550a5d4fd8943cf60444c4 / . / tests / src / drivers / test_driver_signature.c
blob: 86f03195b0f028ab47250d5d2b05b44b7a5b898a [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
Mateusz Starzyk2c09c9b2021-05-14 22:20:10 +0200[diff] [blame]22#include <test/helpers.h>
23
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]24#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]25#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]26#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]27#include "psa_crypto_ecp.h"
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]28#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]29#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]30#include "mbedtls/ecp.h"
31
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]32#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]33
34#include "mbedtls/md.h"
35#include "mbedtls/ecdsa.h"
36
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]37#include "test/random.h"
38
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]39#include <string.h>
40
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]41mbedtls_test_driver_signature_hooks_t
42 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
43mbedtls_test_driver_signature_hooks_t
44 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]45
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]46psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]47 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]48 const uint8_t *key_buffer,
49 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]50 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]51 const uint8_t *hash,
52 size_t hash_length,
53 uint8_t *signature,
54 size_t signature_size,
55 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]56{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]57 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
58 {
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]59 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
60 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]61 {
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]62#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
63 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
64 return( mbedtls_transparent_test_driver_rsa_sign_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]65 attributes,
66 key_buffer, key_buffer_size,
67 alg, hash, hash_length,
68 signature, signature_size, signature_length ) );
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]69#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
70 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]71 }
72 else
73 {
74 return( PSA_ERROR_INVALID_ARGUMENT );
75 }
76 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]77 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
78 {
79 if( PSA_ALG_IS_ECDSA( alg ) )
80 {
81#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
82 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
83 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
84 attributes,
85 key_buffer, key_buffer_size,
86 alg, hash, hash_length,
87 signature, signature_size, signature_length ) );
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]88#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
89 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]90 }
91 else
92 {
93 return( PSA_ERROR_INVALID_ARGUMENT );
94 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]95 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]96
97 (void)attributes;
98 (void)key_buffer;
99 (void)key_buffer_size;
100 (void)alg;
101 (void)hash;
102 (void)hash_length;
103 (void)signature;
104 (void)signature_size;
105 (void)signature_length;
106 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]107}
108
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]109psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]110 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]111 const uint8_t *key_buffer,
112 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]113 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]114 const uint8_t *hash,
115 size_t hash_length,
116 const uint8_t *signature,
117 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]118{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]119 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
120 {
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]121 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
122 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]123 {
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]124#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
125 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
126 return( mbedtls_transparent_test_driver_rsa_verify_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]127 attributes,
128 key_buffer, key_buffer_size,
129 alg, hash, hash_length,
130 signature, signature_length ) );
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]131#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
132 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]133 }
134 else
135 {
136 return( PSA_ERROR_INVALID_ARGUMENT );
137 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]138 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]139 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
140 {
141 if( PSA_ALG_IS_ECDSA( alg ) )
142 {
143#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
144 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
145 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
146 attributes,
147 key_buffer, key_buffer_size,
148 alg, hash, hash_length,
149 signature, signature_length ) );
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]150#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
151 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]152 }
153 else
154 {
155 return( PSA_ERROR_INVALID_ARGUMENT );
156 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]157 }
Ronald Cron81ca97e2021-04-09 15:32:03 +0200[diff] [blame^]158
159 (void)attributes;
160 (void)key_buffer;
161 (void)key_buffer_size;
162 (void)alg;
163 (void)hash;
164 (void)hash_length;
165 (void)signature;
166 (void)signature_length;
167
168 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]169}
170
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]171psa_status_t mbedtls_test_transparent_signature_sign_message(
172 const psa_key_attributes_t *attributes,
173 const uint8_t *key_buffer,
174 size_t key_buffer_size,
175 psa_algorithm_t alg,
176 const uint8_t *input,
177 size_t input_length,
178 uint8_t *signature,
179 size_t signature_size,
180 size_t *signature_length )
181{
182 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
183 size_t hash_length;
184 uint8_t hash[PSA_HASH_MAX_SIZE];
185
186 ++mbedtls_test_driver_signature_sign_hooks.hits;
187
188 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
189 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
190
191 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
192 {
193 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
194 return( PSA_ERROR_BUFFER_TOO_SMALL );
195
196 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
197 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
198 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
199
200 return( PSA_SUCCESS );
201 }
202
203 status = mbedtls_transparent_test_driver_hash_compute(
204 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
205 hash, sizeof( hash ), &hash_length );
206
207 if( status != PSA_SUCCESS )
208 return status;
209
210 return sign_hash( attributes, key_buffer, key_buffer_size,
211 alg, hash, hash_length,
212 signature, signature_size, signature_length );
213}
214
215psa_status_t mbedtls_test_opaque_signature_sign_message(
216 const psa_key_attributes_t *attributes,
217 const uint8_t *key,
218 size_t key_length,
219 psa_algorithm_t alg,
220 const uint8_t *input,
221 size_t input_length,
222 uint8_t *signature,
223 size_t signature_size,
224 size_t *signature_length )
225{
226 (void) attributes;
227 (void) key;
228 (void) key_length;
229 (void) alg;
230 (void) input;
231 (void) input_length;
232 (void) signature;
233 (void) signature_size;
234 (void) signature_length;
235
236 return( PSA_ERROR_NOT_SUPPORTED );
237}
238
239psa_status_t mbedtls_test_transparent_signature_verify_message(
240 const psa_key_attributes_t *attributes,
241 const uint8_t *key_buffer,
242 size_t key_buffer_size,
243 psa_algorithm_t alg,
244 const uint8_t *input,
245 size_t input_length,
246 const uint8_t *signature,
247 size_t signature_length )
248{
249 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
250 size_t hash_length;
251 uint8_t hash[PSA_HASH_MAX_SIZE];
252
253 ++mbedtls_test_driver_signature_verify_hooks.hits;
254
255 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
256 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
257
258 status = mbedtls_transparent_test_driver_hash_compute(
259 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
260 hash, sizeof( hash ), &hash_length );
261
262 if( status != PSA_SUCCESS )
263 return status;
264
265 return verify_hash( attributes, key_buffer, key_buffer_size,
266 alg, hash, hash_length,
267 signature, signature_length );
268}
269
270psa_status_t mbedtls_test_opaque_signature_verify_message(
271 const psa_key_attributes_t *attributes,
272 const uint8_t *key,
273 size_t key_length,
274 psa_algorithm_t alg,
275 const uint8_t *input,
276 size_t input_length,
277 const uint8_t *signature,
278 size_t signature_length )
279{
280 (void) attributes;
281 (void) key;
282 (void) key_length;
283 (void) alg;
284 (void) input;
285 (void) input_length;
286 (void) signature;
287 (void) signature_length;
288
289 return( PSA_ERROR_NOT_SUPPORTED );
290}
291
292psa_status_t mbedtls_test_transparent_signature_sign_hash(
293 const psa_key_attributes_t *attributes,
294 const uint8_t *key_buffer, size_t key_buffer_size,
295 psa_algorithm_t alg,
296 const uint8_t *hash, size_t hash_length,
297 uint8_t *signature, size_t signature_size, size_t *signature_length )
298{
299 ++mbedtls_test_driver_signature_sign_hooks.hits;
300
301 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
302 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
303
304 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
305 {
306 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
307 return( PSA_ERROR_BUFFER_TOO_SMALL );
308 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
309 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
310 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
311 return( PSA_SUCCESS );
312 }
313
314 return sign_hash( attributes, key_buffer, key_buffer_size,
315 alg, hash, hash_length,
316 signature, signature_size, signature_length );
317}
318
319psa_status_t mbedtls_test_opaque_signature_sign_hash(
320 const psa_key_attributes_t *attributes,
321 const uint8_t *key, size_t key_length,
322 psa_algorithm_t alg,
323 const uint8_t *hash, size_t hash_length,
324 uint8_t *signature, size_t signature_size, size_t *signature_length )
325{
326 (void) attributes;
327 (void) key;
328 (void) key_length;
329 (void) alg;
330 (void) hash;
331 (void) hash_length;
332 (void) signature;
333 (void) signature_size;
334 (void) signature_length;
335
336 return( PSA_ERROR_NOT_SUPPORTED );
337}
338
339psa_status_t mbedtls_test_transparent_signature_verify_hash(
340 const psa_key_attributes_t *attributes,
341 const uint8_t *key_buffer, size_t key_buffer_size,
342 psa_algorithm_t alg,
343 const uint8_t *hash, size_t hash_length,
344 const uint8_t *signature, size_t signature_length )
345{
346 ++mbedtls_test_driver_signature_verify_hooks.hits;
347
348 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
349 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
350
351 return verify_hash( attributes, key_buffer, key_buffer_size,
352 alg, hash, hash_length,
353 signature, signature_length );
354}
355
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]356psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]357 const psa_key_attributes_t *attributes,
358 const uint8_t *key, size_t key_length,
359 psa_algorithm_t alg,
360 const uint8_t *hash, size_t hash_length,
361 const uint8_t *signature, size_t signature_length )
362{
363 (void) attributes;
364 (void) key;
365 (void) key_length;
366 (void) alg;
367 (void) hash;
368 (void) hash_length;
369 (void) signature;
370 (void) signature_length;
371 return( PSA_ERROR_NOT_SUPPORTED );
372}
373
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]374#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */