TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / e36f5b1c11841ce564c652dc574c252de6265c28 / . / tests / src / drivers / test_driver_signature.c
blob: e573b723c9ce584aa4ff56c3c386714b0252bdfb [file] [log] [blame]
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]1/*
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]20 */
21
Mateusz Starzyk2c09c9b2021-05-14 22:20:10 +0200[diff] [blame]22#include <test/helpers.h>
23
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]24#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]25#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]26#include "psa_crypto_core.h"
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]27#include "psa_crypto_ecp.h"
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]28#include "psa_crypto_hash.h"
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]29#include "psa_crypto_rsa.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]30#include "mbedtls/ecp.h"
31
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]32#include "test/drivers/signature.h"
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]33
34#include "mbedtls/md.h"
35#include "mbedtls/ecdsa.h"
36
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]37#include "test/random.h"
38
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]39#include <string.h>
40
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]41mbedtls_test_driver_signature_hooks_t
42 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
43mbedtls_test_driver_signature_hooks_t
44 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]45
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]46psa_status_t sign_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]47 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]48 const uint8_t *key_buffer,
49 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]50 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]51 const uint8_t *hash,
52 size_t hash_length,
53 uint8_t *signature,
54 size_t signature_size,
55 size_t *signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]56{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]57#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
58 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
59 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
60 {
61 return( mbedtls_transparent_test_driver_rsa_sign_hash(
62 attributes,
63 key_buffer, key_buffer_size,
64 alg, hash, hash_length,
65 signature, signature_size, signature_length ) );
66 }
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]67 else
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]68#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
69 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
70
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]71#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
72 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
73 if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
74 {
75 if(
76#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
77 PSA_ALG_IS_ECDSA( alg )
78#else
79 PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
80#endif
81 )
82 {
83 return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
84 attributes,
85 key_buffer, key_buffer_size,
86 alg, hash, hash_length,
87 signature, signature_size, signature_length ) );
88 }
89 else
90 {
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]91 return PSA_ERROR_INVALID_ARGUMENT ;
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]92 }
93 }
94 else
95#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
96 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
97 {
98 (void)attributes;
99 (void)key_buffer;
100 (void)key_buffer_size;
101 (void)alg;
102 (void)hash;
103 (void)hash_length;
104 (void)signature;
105 (void)signature_size;
106 (void)signature_length;
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]107 return PSA_ERROR_NOT_SUPPORTED ;
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]108 }
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]109}
110
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]111psa_status_t verify_hash(
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]112 const psa_key_attributes_t *attributes,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]113 const uint8_t *key_buffer,
114 size_t key_buffer_size,
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]115 psa_algorithm_t alg,
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]116 const uint8_t *hash,
117 size_t hash_length,
118 const uint8_t *signature,
119 size_t signature_length )
Steven Cooremana70d5882020-07-16 20:26:18 +0200[diff] [blame]120{
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]121#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
122 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
123 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
124 {
125 return( mbedtls_transparent_test_driver_rsa_verify_hash(
126 attributes,
127 key_buffer, key_buffer_size,
128 alg, hash, hash_length,
129 signature, signature_length ) );
130 }
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]131 else
Ronald Crond2fb8542020-12-09 15:18:01 +0100[diff] [blame]132#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
133 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
134
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]135#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
136 defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
137 if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]138 {
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]139 if( PSA_ALG_IS_ECDSA( alg ) )
140 {
141 return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
142 attributes,
143 key_buffer, key_buffer_size,
144 alg, hash, hash_length,
145 signature, signature_length ) );
146 }
147 else
148 {
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]149 return PSA_ERROR_INVALID_ARGUMENT ;
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]150 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]151 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]152 else
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]153#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
154 * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]155 {
Ronald Cronb5399a82020-12-10 09:35:33 +0100[diff] [blame]156 (void)attributes;
157 (void)key_buffer;
158 (void)key_buffer_size;
159 (void)alg;
160 (void)hash;
161 (void)hash_length;
162 (void)signature;
163 (void)signature_length;
164
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]165 return PSA_ERROR_NOT_SUPPORTED ;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]166 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]167}
168
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]169psa_status_t mbedtls_test_transparent_signature_sign_message(
170 const psa_key_attributes_t *attributes,
171 const uint8_t *key_buffer,
172 size_t key_buffer_size,
173 psa_algorithm_t alg,
174 const uint8_t *input,
175 size_t input_length,
176 uint8_t *signature,
177 size_t signature_size,
178 size_t *signature_length )
179{
180 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
181 size_t hash_length;
182 uint8_t hash[PSA_HASH_MAX_SIZE];
183
184 ++mbedtls_test_driver_signature_sign_hooks.hits;
185
186 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]187 return mbedtls_test_driver_signature_sign_hooks.forced_status ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]188
189 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
190 {
191 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]192 return PSA_ERROR_BUFFER_TOO_SMALL ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]193
194 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
195 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
196 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
197
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]198 return PSA_SUCCESS ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]199 }
200
201 status = mbedtls_transparent_test_driver_hash_compute(
202 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
203 hash, sizeof( hash ), &hash_length );
204
205 if( status != PSA_SUCCESS )
206 return status;
207
208 return sign_hash( attributes, key_buffer, key_buffer_size,
209 alg, hash, hash_length,
210 signature, signature_size, signature_length );
211}
212
213psa_status_t mbedtls_test_opaque_signature_sign_message(
214 const psa_key_attributes_t *attributes,
215 const uint8_t *key,
216 size_t key_length,
217 psa_algorithm_t alg,
218 const uint8_t *input,
219 size_t input_length,
220 uint8_t *signature,
221 size_t signature_size,
222 size_t *signature_length )
223{
224 (void) attributes;
225 (void) key;
226 (void) key_length;
227 (void) alg;
228 (void) input;
229 (void) input_length;
230 (void) signature;
231 (void) signature_size;
232 (void) signature_length;
233
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]234 return PSA_ERROR_NOT_SUPPORTED ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]235}
236
237psa_status_t mbedtls_test_transparent_signature_verify_message(
238 const psa_key_attributes_t *attributes,
239 const uint8_t *key_buffer,
240 size_t key_buffer_size,
241 psa_algorithm_t alg,
242 const uint8_t *input,
243 size_t input_length,
244 const uint8_t *signature,
245 size_t signature_length )
246{
247 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
248 size_t hash_length;
249 uint8_t hash[PSA_HASH_MAX_SIZE];
250
251 ++mbedtls_test_driver_signature_verify_hooks.hits;
252
253 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]254 return mbedtls_test_driver_signature_verify_hooks.forced_status ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]255
256 status = mbedtls_transparent_test_driver_hash_compute(
257 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
258 hash, sizeof( hash ), &hash_length );
259
260 if( status != PSA_SUCCESS )
261 return status;
262
263 return verify_hash( attributes, key_buffer, key_buffer_size,
264 alg, hash, hash_length,
265 signature, signature_length );
266}
267
268psa_status_t mbedtls_test_opaque_signature_verify_message(
269 const psa_key_attributes_t *attributes,
270 const uint8_t *key,
271 size_t key_length,
272 psa_algorithm_t alg,
273 const uint8_t *input,
274 size_t input_length,
275 const uint8_t *signature,
276 size_t signature_length )
277{
278 (void) attributes;
279 (void) key;
280 (void) key_length;
281 (void) alg;
282 (void) input;
283 (void) input_length;
284 (void) signature;
285 (void) signature_length;
286
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]287 return PSA_ERROR_NOT_SUPPORTED ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]288}
289
290psa_status_t mbedtls_test_transparent_signature_sign_hash(
291 const psa_key_attributes_t *attributes,
292 const uint8_t *key_buffer, size_t key_buffer_size,
293 psa_algorithm_t alg,
294 const uint8_t *hash, size_t hash_length,
295 uint8_t *signature, size_t signature_size, size_t *signature_length )
296{
297 ++mbedtls_test_driver_signature_sign_hooks.hits;
298
299 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]300 return mbedtls_test_driver_signature_sign_hooks.forced_status ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]301
302 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
303 {
304 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]305 return PSA_ERROR_BUFFER_TOO_SMALL ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]306 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
307 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
308 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]309 return PSA_SUCCESS ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]310 }
311
312 return sign_hash( attributes, key_buffer, key_buffer_size,
313 alg, hash, hash_length,
314 signature, signature_size, signature_length );
315}
316
317psa_status_t mbedtls_test_opaque_signature_sign_hash(
318 const psa_key_attributes_t *attributes,
319 const uint8_t *key, size_t key_length,
320 psa_algorithm_t alg,
321 const uint8_t *hash, size_t hash_length,
322 uint8_t *signature, size_t signature_size, size_t *signature_length )
323{
324 (void) attributes;
325 (void) key;
326 (void) key_length;
327 (void) alg;
328 (void) hash;
329 (void) hash_length;
330 (void) signature;
331 (void) signature_size;
332 (void) signature_length;
333
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]334 return PSA_ERROR_NOT_SUPPORTED ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]335}
336
337psa_status_t mbedtls_test_transparent_signature_verify_hash(
338 const psa_key_attributes_t *attributes,
339 const uint8_t *key_buffer, size_t key_buffer_size,
340 psa_algorithm_t alg,
341 const uint8_t *hash, size_t hash_length,
342 const uint8_t *signature, size_t signature_length )
343{
344 ++mbedtls_test_driver_signature_verify_hooks.hits;
345
346 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]347 return mbedtls_test_driver_signature_verify_hooks.forced_status ;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200[diff] [blame]348
349 return verify_hash( attributes, key_buffer, key_buffer_size,
350 alg, hash, hash_length,
351 signature, signature_length );
352}
353
Ronald Cron7f13fa22021-04-13 12:41:34 +0200[diff] [blame]354psa_status_t mbedtls_test_opaque_signature_verify_hash(
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]355 const psa_key_attributes_t *attributes,
356 const uint8_t *key, size_t key_length,
357 psa_algorithm_t alg,
358 const uint8_t *hash, size_t hash_length,
359 const uint8_t *signature, size_t signature_length )
360{
361 (void) attributes;
362 (void) key;
363 (void) key_length;
364 (void) alg;
365 (void) hash;
366 (void) hash_length;
367 (void) signature;
368 (void) signature_length;
Mateusz Starzyke36f5b12021-07-22 16:43:35 +0200[diff] [blame^]369 return PSA_ERROR_NOT_SUPPORTED ;
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]370}
371
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]372#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */