1 /*
2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
5 */
6 /* Copyright The Mbed TLS Contributors
7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 */
21
22 #if !defined(MBEDTLS_CONFIG_FILE)
23 #include "mbedtls/config.h"
24 #else
25 #include MBEDTLS_CONFIG_FILE
26 #endif
27
28 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
29 #include "psa/crypto.h"
30 #include "psa_crypto_core.h"
31 #include "psa_crypto_ecp.h"
32 #include "psa_crypto_hash.h"
33 #include "psa_crypto_rsa.h"
34 #include "mbedtls/ecp.h"
35
36 #include "test/drivers/hash.h"
37 #include "test/drivers/signature.h"
38 #include "test/drivers/hash.h"
39
40 #include "mbedtls/md.h"
41 #include "mbedtls/ecdsa.h"
42
43 #include "test/random.h"
44
45 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
46 #include "libtestdriver1/library/psa_crypto_ecp.h"
47 #include "libtestdriver1/library/psa_crypto_hash.h"
48 #include "libtestdriver1/library/psa_crypto_rsa.h"
49 #endif
50
51 #include <string.h>
52
53 mbedtls_test_driver_signature_hooks_t
54 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
55 mbedtls_test_driver_signature_hooks_t
56 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
57
sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)58 psa_status_t sign_hash(
59 const psa_key_attributes_t *attributes,
60 const uint8_t *key_buffer,
61 size_t key_buffer_size,
62 psa_algorithm_t alg,
63 const uint8_t *hash,
64 size_t hash_length,
65 uint8_t *signature,
66 size_t signature_size,
67 size_t *signature_length )
68 {
69 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
70 {
71 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
72 PSA_ALG_IS_RSA_PSS( alg) )
73 {
74 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
75 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
76 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) )
77 return( libtestdriver1_mbedtls_psa_rsa_sign_hash(
78 (const libtestdriver1_psa_key_attributes_t *) attributes,
79 key_buffer, key_buffer_size,
80 alg, hash, hash_length,
81 signature, signature_size, signature_length ) );
82 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
83 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
84 return( mbedtls_psa_rsa_sign_hash(
85 attributes,
86 key_buffer, key_buffer_size,
87 alg, hash, hash_length,
88 signature, signature_size, signature_length ) );
89 #endif
90 }
91 else
92 {
93 return( PSA_ERROR_INVALID_ARGUMENT );
94 }
95 }
96 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
97 {
98 if( PSA_ALG_IS_ECDSA( alg ) )
99 {
100 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
101 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
102 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) )
103 return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash(
104 (const libtestdriver1_psa_key_attributes_t *) attributes,
105 key_buffer, key_buffer_size,
106 alg, hash, hash_length,
107 signature, signature_size, signature_length ) );
108 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
109 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
110 return( mbedtls_psa_ecdsa_sign_hash(
111 attributes,
112 key_buffer, key_buffer_size,
113 alg, hash, hash_length,
114 signature, signature_size, signature_length ) );
115 #endif
116 }
117 else
118 {
119 return( PSA_ERROR_INVALID_ARGUMENT );
120 }
121 }
122
123 (void)attributes;
124 (void)key_buffer;
125 (void)key_buffer_size;
126 (void)alg;
127 (void)hash;
128 (void)hash_length;
129 (void)signature;
130 (void)signature_size;
131 (void)signature_length;
132 return( PSA_ERROR_NOT_SUPPORTED );
133 }
134
verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)135 psa_status_t verify_hash(
136 const psa_key_attributes_t *attributes,
137 const uint8_t *key_buffer,
138 size_t key_buffer_size,
139 psa_algorithm_t alg,
140 const uint8_t *hash,
141 size_t hash_length,
142 const uint8_t *signature,
143 size_t signature_length )
144 {
145 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
146 {
147 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
148 PSA_ALG_IS_RSA_PSS( alg) )
149 {
150 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
151 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
152 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) )
153 return( libtestdriver1_mbedtls_psa_rsa_verify_hash(
154 (const libtestdriver1_psa_key_attributes_t *) attributes,
155 key_buffer, key_buffer_size,
156 alg, hash, hash_length,
157 signature, signature_length ) );
158 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
159 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
160 return( mbedtls_psa_rsa_verify_hash(
161 attributes,
162 key_buffer, key_buffer_size,
163 alg, hash, hash_length,
164 signature, signature_length ) );
165 #endif
166 }
167 else
168 {
169 return( PSA_ERROR_INVALID_ARGUMENT );
170 }
171 }
172 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
173 {
174 if( PSA_ALG_IS_ECDSA( alg ) )
175 {
176 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
177 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
178 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) )
179 return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash(
180 (const libtestdriver1_psa_key_attributes_t *) attributes,
181 key_buffer, key_buffer_size,
182 alg, hash, hash_length,
183 signature, signature_length ) );
184 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
185 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
186 return( mbedtls_psa_ecdsa_verify_hash(
187 attributes,
188 key_buffer, key_buffer_size,
189 alg, hash, hash_length,
190 signature, signature_length ) );
191 #endif
192 }
193 else
194 {
195 return( PSA_ERROR_INVALID_ARGUMENT );
196 }
197 }
198
199 (void)attributes;
200 (void)key_buffer;
201 (void)key_buffer_size;
202 (void)alg;
203 (void)hash;
204 (void)hash_length;
205 (void)signature;
206 (void)signature_length;
207 return( PSA_ERROR_NOT_SUPPORTED );
208 }
209
mbedtls_test_transparent_signature_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)210 psa_status_t mbedtls_test_transparent_signature_sign_message(
211 const psa_key_attributes_t *attributes,
212 const uint8_t *key_buffer,
213 size_t key_buffer_size,
214 psa_algorithm_t alg,
215 const uint8_t *input,
216 size_t input_length,
217 uint8_t *signature,
218 size_t signature_size,
219 size_t *signature_length )
220 {
221 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
222 size_t hash_length;
223 uint8_t hash[PSA_HASH_MAX_SIZE];
224
225 ++mbedtls_test_driver_signature_sign_hooks.hits;
226
227 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
228 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
229
230 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
231 {
232 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
233 return( PSA_ERROR_BUFFER_TOO_SMALL );
234
235 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
236 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
237 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
238
239 return( PSA_SUCCESS );
240 }
241
242 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
243 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
244 status = libtestdriver1_mbedtls_psa_hash_compute(
245 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
246 hash, sizeof( hash ), &hash_length );
247 #elif defined(MBEDTLS_PSA_BUILTIN_HASH)
248 status = mbedtls_psa_hash_compute(
249 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
250 hash, sizeof( hash ), &hash_length );
251 #else
252 (void) input;
253 (void) input_length;
254 status = PSA_ERROR_NOT_SUPPORTED;
255 #endif
256 if( status != PSA_SUCCESS )
257 return status;
258
259 return( sign_hash( attributes, key_buffer, key_buffer_size,
260 alg, hash, hash_length,
261 signature, signature_size, signature_length ) );
262 }
263
mbedtls_test_opaque_signature_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)264 psa_status_t mbedtls_test_opaque_signature_sign_message(
265 const psa_key_attributes_t *attributes,
266 const uint8_t *key,
267 size_t key_length,
268 psa_algorithm_t alg,
269 const uint8_t *input,
270 size_t input_length,
271 uint8_t *signature,
272 size_t signature_size,
273 size_t *signature_length )
274 {
275 (void) attributes;
276 (void) key;
277 (void) key_length;
278 (void) alg;
279 (void) input;
280 (void) input_length;
281 (void) signature;
282 (void) signature_size;
283 (void) signature_length;
284
285 return( PSA_ERROR_NOT_SUPPORTED );
286 }
287
mbedtls_test_transparent_signature_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)288 psa_status_t mbedtls_test_transparent_signature_verify_message(
289 const psa_key_attributes_t *attributes,
290 const uint8_t *key_buffer,
291 size_t key_buffer_size,
292 psa_algorithm_t alg,
293 const uint8_t *input,
294 size_t input_length,
295 const uint8_t *signature,
296 size_t signature_length )
297 {
298 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
299 size_t hash_length;
300 uint8_t hash[PSA_HASH_MAX_SIZE];
301
302 ++mbedtls_test_driver_signature_verify_hooks.hits;
303
304 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
305 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
306
307 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
308 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
309 status = libtestdriver1_mbedtls_psa_hash_compute(
310 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
311 hash, sizeof( hash ), &hash_length );
312 #elif defined(MBEDTLS_PSA_BUILTIN_HASH)
313 status = mbedtls_psa_hash_compute(
314 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
315 hash, sizeof( hash ), &hash_length );
316 #else
317 (void) input;
318 (void) input_length;
319 status = PSA_ERROR_NOT_SUPPORTED;
320 #endif
321 if( status != PSA_SUCCESS )
322 return status;
323
324 return( verify_hash( attributes, key_buffer, key_buffer_size,
325 alg, hash, hash_length,
326 signature, signature_length ) );
327 }
328
mbedtls_test_opaque_signature_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)329 psa_status_t mbedtls_test_opaque_signature_verify_message(
330 const psa_key_attributes_t *attributes,
331 const uint8_t *key,
332 size_t key_length,
333 psa_algorithm_t alg,
334 const uint8_t *input,
335 size_t input_length,
336 const uint8_t *signature,
337 size_t signature_length )
338 {
339 (void) attributes;
340 (void) key;
341 (void) key_length;
342 (void) alg;
343 (void) input;
344 (void) input_length;
345 (void) signature;
346 (void) signature_length;
347
348 return( PSA_ERROR_NOT_SUPPORTED );
349 }
350
mbedtls_test_transparent_signature_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)351 psa_status_t mbedtls_test_transparent_signature_sign_hash(
352 const psa_key_attributes_t *attributes,
353 const uint8_t *key_buffer, size_t key_buffer_size,
354 psa_algorithm_t alg,
355 const uint8_t *hash, size_t hash_length,
356 uint8_t *signature, size_t signature_size, size_t *signature_length )
357 {
358 ++mbedtls_test_driver_signature_sign_hooks.hits;
359
360 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
361 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
362
363 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
364 {
365 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
366 return( PSA_ERROR_BUFFER_TOO_SMALL );
367 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
368 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
369 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
370 return( PSA_SUCCESS );
371 }
372
373 return( sign_hash( attributes, key_buffer, key_buffer_size,
374 alg, hash, hash_length,
375 signature, signature_size, signature_length ) );
376 }
377
mbedtls_test_opaque_signature_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)378 psa_status_t mbedtls_test_opaque_signature_sign_hash(
379 const psa_key_attributes_t *attributes,
380 const uint8_t *key, size_t key_length,
381 psa_algorithm_t alg,
382 const uint8_t *hash, size_t hash_length,
383 uint8_t *signature, size_t signature_size, size_t *signature_length )
384 {
385 (void) attributes;
386 (void) key;
387 (void) key_length;
388 (void) alg;
389 (void) hash;
390 (void) hash_length;
391 (void) signature;
392 (void) signature_size;
393 (void) signature_length;
394
395 return( PSA_ERROR_NOT_SUPPORTED );
396 }
397
mbedtls_test_transparent_signature_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)398 psa_status_t mbedtls_test_transparent_signature_verify_hash(
399 const psa_key_attributes_t *attributes,
400 const uint8_t *key_buffer, size_t key_buffer_size,
401 psa_algorithm_t alg,
402 const uint8_t *hash, size_t hash_length,
403 const uint8_t *signature, size_t signature_length )
404 {
405 ++mbedtls_test_driver_signature_verify_hooks.hits;
406
407 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
408 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
409
410 return verify_hash( attributes, key_buffer, key_buffer_size,
411 alg, hash, hash_length,
412 signature, signature_length );
413 }
414
mbedtls_test_opaque_signature_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)415 psa_status_t mbedtls_test_opaque_signature_verify_hash(
416 const psa_key_attributes_t *attributes,
417 const uint8_t *key, size_t key_length,
418 psa_algorithm_t alg,
419 const uint8_t *hash, size_t hash_length,
420 const uint8_t *signature, size_t signature_length )
421 {
422 (void) attributes;
423 (void) key;
424 (void) key_length;
425 (void) alg;
426 (void) hash;
427 (void) hash_length;
428 (void) signature;
429 (void) signature_length;
430 return( PSA_ERROR_NOT_SUPPORTED );
431 }
432
433 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
434