1 /*
2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
5 */
6 /* Copyright The Mbed TLS Contributors
7 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8 */
9
10 #include <test/helpers.h>
11
12 #if defined(PSA_CRYPTO_DRIVER_TEST)
13 #include "psa/crypto.h"
14 #include "psa_crypto_core.h"
15 #include "psa_crypto_ecp.h"
16 #include "psa_crypto_hash.h"
17 #include "psa_crypto_rsa.h"
18 #include "mbedtls/ecp.h"
19
20 #include "test/drivers/hash.h"
21 #include "test/drivers/signature.h"
22 #include "test/drivers/hash.h"
23
24 #include "mbedtls/md.h"
25 #include "mbedtls/ecdsa.h"
26
27 #include "test/random.h"
28
29 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
30 #include "libtestdriver1/library/psa_crypto_ecp.h"
31 #include "libtestdriver1/library/psa_crypto_hash.h"
32 #include "libtestdriver1/library/psa_crypto_rsa.h"
33 #endif
34
35 #include <string.h>
36
37 mbedtls_test_driver_signature_hooks_t
38 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
39 mbedtls_test_driver_signature_hooks_t
40 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
41
sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)42 psa_status_t sign_hash(
43 const psa_key_attributes_t *attributes,
44 const uint8_t *key_buffer,
45 size_t key_buffer_size,
46 psa_algorithm_t alg,
47 const uint8_t *hash,
48 size_t hash_length,
49 uint8_t *signature,
50 size_t signature_size,
51 size_t *signature_length)
52 {
53 if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
54 if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
55 PSA_ALG_IS_RSA_PSS(alg)) {
56 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
57 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
58 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS))
59 return libtestdriver1_mbedtls_psa_rsa_sign_hash(
60 (const libtestdriver1_psa_key_attributes_t *) attributes,
61 key_buffer, key_buffer_size,
62 alg, hash, hash_length,
63 signature, signature_size, signature_length);
64 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
65 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
66 return mbedtls_psa_rsa_sign_hash(
67 attributes,
68 key_buffer, key_buffer_size,
69 alg, hash, hash_length,
70 signature, signature_size, signature_length);
71 #endif
72 } else {
73 return PSA_ERROR_INVALID_ARGUMENT;
74 }
75 } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
76 if (PSA_ALG_IS_ECDSA(alg)) {
77 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
78 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
79 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA))
80 return libtestdriver1_mbedtls_psa_ecdsa_sign_hash(
81 (const libtestdriver1_psa_key_attributes_t *) attributes,
82 key_buffer, key_buffer_size,
83 alg, hash, hash_length,
84 signature, signature_size, signature_length);
85 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
86 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
87 return mbedtls_psa_ecdsa_sign_hash(
88 attributes,
89 key_buffer, key_buffer_size,
90 alg, hash, hash_length,
91 signature, signature_size, signature_length);
92 #endif
93 } else {
94 return PSA_ERROR_INVALID_ARGUMENT;
95 }
96 }
97
98 (void) attributes;
99 (void) key_buffer;
100 (void) key_buffer_size;
101 (void) alg;
102 (void) hash;
103 (void) hash_length;
104 (void) signature;
105 (void) signature_size;
106 (void) signature_length;
107 return PSA_ERROR_NOT_SUPPORTED;
108 }
109
verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)110 psa_status_t verify_hash(
111 const psa_key_attributes_t *attributes,
112 const uint8_t *key_buffer,
113 size_t key_buffer_size,
114 psa_algorithm_t alg,
115 const uint8_t *hash,
116 size_t hash_length,
117 const uint8_t *signature,
118 size_t signature_length)
119 {
120 if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) {
121 if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
122 PSA_ALG_IS_RSA_PSS(alg)) {
123 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
124 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
125 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS))
126 return libtestdriver1_mbedtls_psa_rsa_verify_hash(
127 (const libtestdriver1_psa_key_attributes_t *) attributes,
128 key_buffer, key_buffer_size,
129 alg, hash, hash_length,
130 signature, signature_length);
131 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
132 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
133 return mbedtls_psa_rsa_verify_hash(
134 attributes,
135 key_buffer, key_buffer_size,
136 alg, hash, hash_length,
137 signature, signature_length);
138 #endif
139 } else {
140 return PSA_ERROR_INVALID_ARGUMENT;
141 }
142 } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
143 if (PSA_ALG_IS_ECDSA(alg)) {
144 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
145 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
146 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA))
147 return libtestdriver1_mbedtls_psa_ecdsa_verify_hash(
148 (const libtestdriver1_psa_key_attributes_t *) attributes,
149 key_buffer, key_buffer_size,
150 alg, hash, hash_length,
151 signature, signature_length);
152 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
153 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
154 return mbedtls_psa_ecdsa_verify_hash(
155 attributes,
156 key_buffer, key_buffer_size,
157 alg, hash, hash_length,
158 signature, signature_length);
159 #endif
160 } else {
161 return PSA_ERROR_INVALID_ARGUMENT;
162 }
163 }
164
165 (void) attributes;
166 (void) key_buffer;
167 (void) key_buffer_size;
168 (void) alg;
169 (void) hash;
170 (void) hash_length;
171 (void) signature;
172 (void) signature_length;
173 return PSA_ERROR_NOT_SUPPORTED;
174 }
175
mbedtls_test_transparent_signature_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)176 psa_status_t mbedtls_test_transparent_signature_sign_message(
177 const psa_key_attributes_t *attributes,
178 const uint8_t *key_buffer,
179 size_t key_buffer_size,
180 psa_algorithm_t alg,
181 const uint8_t *input,
182 size_t input_length,
183 uint8_t *signature,
184 size_t signature_size,
185 size_t *signature_length)
186 {
187 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
188 size_t hash_length;
189 uint8_t hash[PSA_HASH_MAX_SIZE];
190
191 ++mbedtls_test_driver_signature_sign_hooks.hits;
192
193 if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) {
194 return mbedtls_test_driver_signature_sign_hooks.forced_status;
195 }
196
197 if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
198 if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) {
199 return PSA_ERROR_BUFFER_TOO_SMALL;
200 }
201
202 memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
203 mbedtls_test_driver_signature_sign_hooks.forced_output_length);
204 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
205
206 return PSA_SUCCESS;
207 }
208
209 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
210 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
211 status = libtestdriver1_mbedtls_psa_hash_compute(
212 PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
213 hash, sizeof(hash), &hash_length);
214 #elif defined(MBEDTLS_PSA_BUILTIN_HASH)
215 status = mbedtls_psa_hash_compute(
216 PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
217 hash, sizeof(hash), &hash_length);
218 #else
219 (void) input;
220 (void) input_length;
221 status = PSA_ERROR_NOT_SUPPORTED;
222 #endif
223 if (status != PSA_SUCCESS) {
224 return status;
225 }
226
227 return sign_hash(attributes, key_buffer, key_buffer_size,
228 alg, hash, hash_length,
229 signature, signature_size, signature_length);
230 }
231
mbedtls_test_opaque_signature_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)232 psa_status_t mbedtls_test_opaque_signature_sign_message(
233 const psa_key_attributes_t *attributes,
234 const uint8_t *key,
235 size_t key_length,
236 psa_algorithm_t alg,
237 const uint8_t *input,
238 size_t input_length,
239 uint8_t *signature,
240 size_t signature_size,
241 size_t *signature_length)
242 {
243 (void) attributes;
244 (void) key;
245 (void) key_length;
246 (void) alg;
247 (void) input;
248 (void) input_length;
249 (void) signature;
250 (void) signature_size;
251 (void) signature_length;
252
253 return PSA_ERROR_NOT_SUPPORTED;
254 }
255
mbedtls_test_transparent_signature_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)256 psa_status_t mbedtls_test_transparent_signature_verify_message(
257 const psa_key_attributes_t *attributes,
258 const uint8_t *key_buffer,
259 size_t key_buffer_size,
260 psa_algorithm_t alg,
261 const uint8_t *input,
262 size_t input_length,
263 const uint8_t *signature,
264 size_t signature_length)
265 {
266 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
267 size_t hash_length;
268 uint8_t hash[PSA_HASH_MAX_SIZE];
269
270 ++mbedtls_test_driver_signature_verify_hooks.hits;
271
272 if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) {
273 return mbedtls_test_driver_signature_verify_hooks.forced_status;
274 }
275
276 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
277 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
278 status = libtestdriver1_mbedtls_psa_hash_compute(
279 PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
280 hash, sizeof(hash), &hash_length);
281 #elif defined(MBEDTLS_PSA_BUILTIN_HASH)
282 status = mbedtls_psa_hash_compute(
283 PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
284 hash, sizeof(hash), &hash_length);
285 #else
286 (void) input;
287 (void) input_length;
288 status = PSA_ERROR_NOT_SUPPORTED;
289 #endif
290 if (status != PSA_SUCCESS) {
291 return status;
292 }
293
294 return verify_hash(attributes, key_buffer, key_buffer_size,
295 alg, hash, hash_length,
296 signature, signature_length);
297 }
298
mbedtls_test_opaque_signature_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)299 psa_status_t mbedtls_test_opaque_signature_verify_message(
300 const psa_key_attributes_t *attributes,
301 const uint8_t *key,
302 size_t key_length,
303 psa_algorithm_t alg,
304 const uint8_t *input,
305 size_t input_length,
306 const uint8_t *signature,
307 size_t signature_length)
308 {
309 (void) attributes;
310 (void) key;
311 (void) key_length;
312 (void) alg;
313 (void) input;
314 (void) input_length;
315 (void) signature;
316 (void) signature_length;
317
318 return PSA_ERROR_NOT_SUPPORTED;
319 }
320
mbedtls_test_transparent_signature_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)321 psa_status_t mbedtls_test_transparent_signature_sign_hash(
322 const psa_key_attributes_t *attributes,
323 const uint8_t *key_buffer, size_t key_buffer_size,
324 psa_algorithm_t alg,
325 const uint8_t *hash, size_t hash_length,
326 uint8_t *signature, size_t signature_size, size_t *signature_length)
327 {
328 ++mbedtls_test_driver_signature_sign_hooks.hits;
329
330 if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) {
331 return mbedtls_test_driver_signature_sign_hooks.forced_status;
332 }
333
334 if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
335 if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) {
336 return PSA_ERROR_BUFFER_TOO_SMALL;
337 }
338 memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
339 mbedtls_test_driver_signature_sign_hooks.forced_output_length);
340 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
341 return PSA_SUCCESS;
342 }
343
344 return sign_hash(attributes, key_buffer, key_buffer_size,
345 alg, hash, hash_length,
346 signature, signature_size, signature_length);
347 }
348
mbedtls_test_opaque_signature_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)349 psa_status_t mbedtls_test_opaque_signature_sign_hash(
350 const psa_key_attributes_t *attributes,
351 const uint8_t *key, size_t key_length,
352 psa_algorithm_t alg,
353 const uint8_t *hash, size_t hash_length,
354 uint8_t *signature, size_t signature_size, size_t *signature_length)
355 {
356 (void) attributes;
357 (void) key;
358 (void) key_length;
359 (void) alg;
360 (void) hash;
361 (void) hash_length;
362 (void) signature;
363 (void) signature_size;
364 (void) signature_length;
365
366 return PSA_ERROR_NOT_SUPPORTED;
367 }
368
mbedtls_test_transparent_signature_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)369 psa_status_t mbedtls_test_transparent_signature_verify_hash(
370 const psa_key_attributes_t *attributes,
371 const uint8_t *key_buffer, size_t key_buffer_size,
372 psa_algorithm_t alg,
373 const uint8_t *hash, size_t hash_length,
374 const uint8_t *signature, size_t signature_length)
375 {
376 ++mbedtls_test_driver_signature_verify_hooks.hits;
377
378 if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) {
379 return mbedtls_test_driver_signature_verify_hooks.forced_status;
380 }
381
382 return verify_hash(attributes, key_buffer, key_buffer_size,
383 alg, hash, hash_length,
384 signature, signature_length);
385 }
386
mbedtls_test_opaque_signature_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)387 psa_status_t mbedtls_test_opaque_signature_verify_hash(
388 const psa_key_attributes_t *attributes,
389 const uint8_t *key, size_t key_length,
390 psa_algorithm_t alg,
391 const uint8_t *hash, size_t hash_length,
392 const uint8_t *signature, size_t signature_length)
393 {
394 (void) attributes;
395 (void) key;
396 (void) key_length;
397 (void) alg;
398 (void) hash;
399 (void) hash_length;
400 (void) signature;
401 (void) signature_length;
402 return PSA_ERROR_NOT_SUPPORTED;
403 }
404
405 #endif /* PSA_CRYPTO_DRIVER_TEST */
406
