TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 088d5d0c1b070faaae39444de9cde1b4e83bd697 / . / tests / src / drivers / test_driver_signature.c
blob: cf7edc935d2d56b242c24fa7e69f06ff85d722ab [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]28#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]29#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]30#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]31#include "psa_crypto_ecp.h"
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]32#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]33#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]34#include "mbedtls/ecp.h"
35
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]36#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]37
38#include "mbedtls/md.h"
39#include "mbedtls/ecdsa.h"
40
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]41#include "test/random.h"
42
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]43#include <string.h>
44
Ronald Cronc4bc12e2021-04-13 12:41:34 +0200[diff] [blame]45mbedtls_test_driver_signature_hooks_t
46 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
47mbedtls_test_driver_signature_hooks_t
48 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]49
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]50psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]51 const psa_key_attributes_t *attributes,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]52 const uint8_t *key_buffer,
53 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]54 psa_algorithm_t alg,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]55 const uint8_t *hash,
56 size_t hash_length,
57 uint8_t *signature,
58 size_t signature_size,
59 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]60{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]61 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
62 {
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]63 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
64 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]65 {
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]66#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
67 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \
68 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]69 return( mbedtls_transparent_test_driver_rsa_sign_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]70 attributes,
71 key_buffer, key_buffer_size,
72 alg, hash, hash_length,
73 signature, signature_size, signature_length ) );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]74#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
75 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
76 return( mbedtls_psa_rsa_sign_hash(
77 attributes,
78 key_buffer, key_buffer_size,
79 alg, hash, hash_length,
80 signature, signature_size, signature_length ) );
81#endif
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]82 }
83 else
84 {
85 return( PSA_ERROR_INVALID_ARGUMENT );
86 }
87 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]88 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
89 {
90 if( PSA_ALG_IS_ECDSA( alg ) )
91 {
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]92#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
93 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \
94 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]95 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
96 attributes,
97 key_buffer, key_buffer_size,
98 alg, hash, hash_length,
99 signature, signature_size, signature_length ) );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]100#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
101 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
102 return( mbedtls_psa_ecdsa_sign_hash(
103 attributes,
104 key_buffer, key_buffer_size,
105 alg, hash, hash_length,
106 signature, signature_size, signature_length ) );
107#endif
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]108 }
109 else
110 {
111 return( PSA_ERROR_INVALID_ARGUMENT );
112 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]113 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]114
115 (void)attributes;
116 (void)key_buffer;
117 (void)key_buffer_size;
118 (void)alg;
119 (void)hash;
120 (void)hash_length;
121 (void)signature;
122 (void)signature_size;
123 (void)signature_length;
124 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]125}
126
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]127psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]128 const psa_key_attributes_t *attributes,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]129 const uint8_t *key_buffer,
130 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]131 psa_algorithm_t alg,
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]132 const uint8_t *hash,
133 size_t hash_length,
134 const uint8_t *signature,
135 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]136{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]137 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
138 {
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]139 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
140 PSA_ALG_IS_RSA_PSS( alg) )
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]141 {
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]142#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
143 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \
144 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]145 return( mbedtls_transparent_test_driver_rsa_verify_hash(
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]146 attributes,
147 key_buffer, key_buffer_size,
148 alg, hash, hash_length,
149 signature, signature_length ) );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]150#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
151 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
152 return( mbedtls_psa_rsa_verify_hash(
153 attributes,
154 key_buffer, key_buffer_size,
155 alg, hash, hash_length,
156 signature, signature_length ) );
157#endif
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]158 }
159 else
160 {
161 return( PSA_ERROR_INVALID_ARGUMENT );
162 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]163 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]164 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
165 {
166 if( PSA_ALG_IS_ECDSA( alg ) )
167 {
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]168#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
169 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \
170 defined(MBEDTLS_PSA_CRYPTO_CONFIG)
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]171 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
172 attributes,
173 key_buffer, key_buffer_size,
174 alg, hash, hash_length,
175 signature, signature_length ) );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]176#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
177 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
178 return( mbedtls_psa_ecdsa_verify_hash(
179 attributes,
180 key_buffer, key_buffer_size,
181 alg, hash, hash_length,
182 signature, signature_length ) );
183#endif
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]184 }
185 else
186 {
187 return( PSA_ERROR_INVALID_ARGUMENT );
188 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]189 }
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]190
191 (void)attributes;
192 (void)key_buffer;
193 (void)key_buffer_size;
194 (void)alg;
195 (void)hash;
196 (void)hash_length;
197 (void)signature;
198 (void)signature_length;
Ronald Cron4bcccc62021-04-09 15:32:03 +0200[diff] [blame]199 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]200}
201
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]202psa_status_t mbedtls_test_transparent_signature_sign_message(
203 const psa_key_attributes_t *attributes,
204 const uint8_t *key_buffer,
205 size_t key_buffer_size,
206 psa_algorithm_t alg,
207 const uint8_t *input,
208 size_t input_length,
209 uint8_t *signature,
210 size_t signature_size,
211 size_t *signature_length )
212{
213 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
214 size_t hash_length;
215 uint8_t hash[PSA_HASH_MAX_SIZE];
216
217 ++mbedtls_test_driver_signature_sign_hooks.hits;
218
219 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
220 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
221
222 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
223 {
224 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
225 return( PSA_ERROR_BUFFER_TOO_SMALL );
226
227 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
228 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
229 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
230
231 return( PSA_SUCCESS );
232 }
233
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]234#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]235 status = mbedtls_transparent_test_driver_hash_compute(
236 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
237 hash, sizeof( hash ), &hash_length );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]238#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
239 status = mbedtls_psa_hash_compute(
240 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
241 hash, sizeof( hash ), &hash_length );
242#else
243 (void) input;
244 (void) input_length;
245 status = PSA_ERROR_NOT_SUPPORTED;
246#endif
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]247 if( status != PSA_SUCCESS )
248 return status;
249
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]250 return( sign_hash( attributes, key_buffer, key_buffer_size,
251 alg, hash, hash_length,
252 signature, signature_size, signature_length ) );
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]253}
254
255psa_status_t mbedtls_test_opaque_signature_sign_message(
256 const psa_key_attributes_t *attributes,
257 const uint8_t *key,
258 size_t key_length,
259 psa_algorithm_t alg,
260 const uint8_t *input,
261 size_t input_length,
262 uint8_t *signature,
263 size_t signature_size,
264 size_t *signature_length )
265{
266 (void) attributes;
267 (void) key;
268 (void) key_length;
269 (void) alg;
270 (void) input;
271 (void) input_length;
272 (void) signature;
273 (void) signature_size;
274 (void) signature_length;
275
276 return( PSA_ERROR_NOT_SUPPORTED );
277}
278
279psa_status_t mbedtls_test_transparent_signature_verify_message(
280 const psa_key_attributes_t *attributes,
281 const uint8_t *key_buffer,
282 size_t key_buffer_size,
283 psa_algorithm_t alg,
284 const uint8_t *input,
285 size_t input_length,
286 const uint8_t *signature,
287 size_t signature_length )
288{
289 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
290 size_t hash_length;
291 uint8_t hash[PSA_HASH_MAX_SIZE];
292
293 ++mbedtls_test_driver_signature_verify_hooks.hits;
294
295 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
296 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
297
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]298#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]299 status = mbedtls_transparent_test_driver_hash_compute(
300 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
301 hash, sizeof( hash ), &hash_length );
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]302#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
303 status = mbedtls_psa_hash_compute(
304 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
305 hash, sizeof( hash ), &hash_length );
306#else
307 (void) input;
308 (void) input_length;
309 status = PSA_ERROR_NOT_SUPPORTED;
310#endif
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]311 if( status != PSA_SUCCESS )
312 return status;
313
Ronald Cron2091eed2021-04-09 11:09:54 +0200[diff] [blame]314 return( verify_hash( attributes, key_buffer, key_buffer_size,
315 alg, hash, hash_length,
316 signature, signature_length ) );
gabor-mezei-armc53f4f62021-04-22 11:32:19 +0200[diff] [blame]317}
318
319psa_status_t mbedtls_test_opaque_signature_verify_message(
320 const psa_key_attributes_t *attributes,
321 const uint8_t *key,
322 size_t key_length,
323 psa_algorithm_t alg,
324 const uint8_t *input,
325 size_t input_length,
326 const uint8_t *signature,
327 size_t signature_length )
328{
329 (void) attributes;
330 (void) key;
331 (void) key_length;
332 (void) alg;
333 (void) input;
334 (void) input_length;
335 (void) signature;
336 (void) signature_length;
337
338 return( PSA_ERROR_NOT_SUPPORTED );
339}
340
341psa_status_t mbedtls_test_transparent_signature_sign_hash(
342 const psa_key_attributes_t *attributes,
343 const uint8_t *key_buffer, size_t key_buffer_size,
344 psa_algorithm_t alg,
345 const uint8_t *hash, size_t hash_length,
346 uint8_t *signature, size_t signature_size, size_t *signature_length )
347{
348 ++mbedtls_test_driver_signature_sign_hooks.hits;
349
350 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
351 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
352
353 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
354 {
355 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
356 return( PSA_ERROR_BUFFER_TOO_SMALL );
357 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
358 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
359 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
360 return( PSA_SUCCESS );
361 }
362
363 return sign_hash( attributes, key_buffer, key_buffer_size,
364 alg, hash, hash_length,
365 signature, signature_size, signature_length );
366}
367
368psa_status_t mbedtls_test_opaque_signature_sign_hash(
369 const psa_key_attributes_t *attributes,
370 const uint8_t *key, size_t key_length,
371 psa_algorithm_t alg,
372 const uint8_t *hash, size_t hash_length,
373 uint8_t *signature, size_t signature_size, size_t *signature_length )
374{
375 (void) attributes;
376 (void) key;
377 (void) key_length;
378 (void) alg;
379 (void) hash;
380 (void) hash_length;
381 (void) signature;
382 (void) signature_size;
383 (void) signature_length;
384
385 return( PSA_ERROR_NOT_SUPPORTED );
386}
387
388psa_status_t mbedtls_test_transparent_signature_verify_hash(
389 const psa_key_attributes_t *attributes,
390 const uint8_t *key_buffer, size_t key_buffer_size,
391 psa_algorithm_t alg,
392 const uint8_t *hash, size_t hash_length,
393 const uint8_t *signature, size_t signature_length )
394{
395 ++mbedtls_test_driver_signature_verify_hooks.hits;
396
397 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
398 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
399
400 return verify_hash( attributes, key_buffer, key_buffer_size,
401 alg, hash, hash_length,
402 signature, signature_length );
403}
404
Ronald Cronc4bc12e2021-04-13 12:41:34 +0200[diff] [blame]405psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]406 const psa_key_attributes_t *attributes,
407 const uint8_t *key, size_t key_length,
408 psa_algorithm_t alg,
409 const uint8_t *hash, size_t hash_length,
410 const uint8_t *signature, size_t signature_length )
411{
412 (void) attributes;
413 (void) key;
414 (void) key_length;
415 (void) alg;
416 (void) hash;
417 (void) hash_length;
418 (void) signature;
419 (void) signature_length;
420 return( PSA_ERROR_NOT_SUPPORTED );
421}
422
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]423#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */