1 /*
2 * Test driver for signature functions.
3 * Currently supports signing and verifying precalculated hashes, using
4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
5 */
6 /* Copyright The Mbed TLS Contributors
7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 */
21
22 #include <test/helpers.h>
23
24 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
25 #include "psa/crypto.h"
26 #include "psa_crypto_core.h"
27 #include "psa_crypto_ecp.h"
28 #include "psa_crypto_hash.h"
29 #include "psa_crypto_rsa.h"
30 #include "mbedtls/ecp.h"
31
32 #include "test/drivers/hash.h"
33 #include "test/drivers/signature.h"
34 #include "test/drivers/hash.h"
35
36 #include "mbedtls/md.h"
37 #include "mbedtls/ecdsa.h"
38
39 #include "test/random.h"
40
41 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
42 #include "libtestdriver1/library/psa_crypto_ecp.h"
43 #include "libtestdriver1/library/psa_crypto_hash.h"
44 #include "libtestdriver1/library/psa_crypto_rsa.h"
45 #endif
46
47 #include <string.h>
48
49 mbedtls_test_driver_signature_hooks_t
50 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
51 mbedtls_test_driver_signature_hooks_t
52 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
53
sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)54 psa_status_t sign_hash(
55 const psa_key_attributes_t *attributes,
56 const uint8_t *key_buffer,
57 size_t key_buffer_size,
58 psa_algorithm_t alg,
59 const uint8_t *hash,
60 size_t hash_length,
61 uint8_t *signature,
62 size_t signature_size,
63 size_t *signature_length )
64 {
65 if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
66 {
67 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
68 PSA_ALG_IS_RSA_PSS( alg) )
69 {
70 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
71 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
72 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) )
73 return( libtestdriver1_mbedtls_psa_rsa_sign_hash(
74 (const libtestdriver1_psa_key_attributes_t *) attributes,
75 key_buffer, key_buffer_size,
76 alg, hash, hash_length,
77 signature, signature_size, signature_length ) );
78 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
79 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
80 return( mbedtls_psa_rsa_sign_hash(
81 attributes,
82 key_buffer, key_buffer_size,
83 alg, hash, hash_length,
84 signature, signature_size, signature_length ) );
85 #endif
86 }
87 else
88 {
89 return( PSA_ERROR_INVALID_ARGUMENT );
90 }
91 }
92 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
93 {
94 if( PSA_ALG_IS_ECDSA( alg ) )
95 {
96 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
97 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
98 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) )
99 return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash(
100 (const libtestdriver1_psa_key_attributes_t *) attributes,
101 key_buffer, key_buffer_size,
102 alg, hash, hash_length,
103 signature, signature_size, signature_length ) );
104 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
105 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
106 return( mbedtls_psa_ecdsa_sign_hash(
107 attributes,
108 key_buffer, key_buffer_size,
109 alg, hash, hash_length,
110 signature, signature_size, signature_length ) );
111 #endif
112 }
113 else
114 {
115 return( PSA_ERROR_INVALID_ARGUMENT );
116 }
117 }
118
119 (void)attributes;
120 (void)key_buffer;
121 (void)key_buffer_size;
122 (void)alg;
123 (void)hash;
124 (void)hash_length;
125 (void)signature;
126 (void)signature_size;
127 (void)signature_length;
128 return( PSA_ERROR_NOT_SUPPORTED );
129 }
130
verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)131 psa_status_t verify_hash(
132 const psa_key_attributes_t *attributes,
133 const uint8_t *key_buffer,
134 size_t key_buffer_size,
135 psa_algorithm_t alg,
136 const uint8_t *hash,
137 size_t hash_length,
138 const uint8_t *signature,
139 size_t signature_length )
140 {
141 if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
142 {
143 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
144 PSA_ALG_IS_RSA_PSS( alg) )
145 {
146 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
147 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
148 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) )
149 return( libtestdriver1_mbedtls_psa_rsa_verify_hash(
150 (const libtestdriver1_psa_key_attributes_t *) attributes,
151 key_buffer, key_buffer_size,
152 alg, hash, hash_length,
153 signature, signature_length ) );
154 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
155 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
156 return( mbedtls_psa_rsa_verify_hash(
157 attributes,
158 key_buffer, key_buffer_size,
159 alg, hash, hash_length,
160 signature, signature_length ) );
161 #endif
162 }
163 else
164 {
165 return( PSA_ERROR_INVALID_ARGUMENT );
166 }
167 }
168 else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
169 {
170 if( PSA_ALG_IS_ECDSA( alg ) )
171 {
172 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
173 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
174 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) )
175 return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash(
176 (const libtestdriver1_psa_key_attributes_t *) attributes,
177 key_buffer, key_buffer_size,
178 alg, hash, hash_length,
179 signature, signature_length ) );
180 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
181 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
182 return( mbedtls_psa_ecdsa_verify_hash(
183 attributes,
184 key_buffer, key_buffer_size,
185 alg, hash, hash_length,
186 signature, signature_length ) );
187 #endif
188 }
189 else
190 {
191 return( PSA_ERROR_INVALID_ARGUMENT );
192 }
193 }
194
195 (void)attributes;
196 (void)key_buffer;
197 (void)key_buffer_size;
198 (void)alg;
199 (void)hash;
200 (void)hash_length;
201 (void)signature;
202 (void)signature_length;
203 return( PSA_ERROR_NOT_SUPPORTED );
204 }
205
mbedtls_test_transparent_signature_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)206 psa_status_t mbedtls_test_transparent_signature_sign_message(
207 const psa_key_attributes_t *attributes,
208 const uint8_t *key_buffer,
209 size_t key_buffer_size,
210 psa_algorithm_t alg,
211 const uint8_t *input,
212 size_t input_length,
213 uint8_t *signature,
214 size_t signature_size,
215 size_t *signature_length )
216 {
217 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
218 size_t hash_length;
219 uint8_t hash[PSA_HASH_MAX_SIZE];
220
221 ++mbedtls_test_driver_signature_sign_hooks.hits;
222
223 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
224 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
225
226 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
227 {
228 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
229 return( PSA_ERROR_BUFFER_TOO_SMALL );
230
231 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
232 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
233 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
234
235 return( PSA_SUCCESS );
236 }
237
238 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
239 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
240 status = libtestdriver1_mbedtls_psa_hash_compute(
241 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
242 hash, sizeof( hash ), &hash_length );
243 #elif defined(MBEDTLS_PSA_BUILTIN_HASH)
244 status = mbedtls_psa_hash_compute(
245 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
246 hash, sizeof( hash ), &hash_length );
247 #else
248 (void) input;
249 (void) input_length;
250 status = PSA_ERROR_NOT_SUPPORTED;
251 #endif
252 if( status != PSA_SUCCESS )
253 return status;
254
255 return( sign_hash( attributes, key_buffer, key_buffer_size,
256 alg, hash, hash_length,
257 signature, signature_size, signature_length ) );
258 }
259
mbedtls_test_opaque_signature_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)260 psa_status_t mbedtls_test_opaque_signature_sign_message(
261 const psa_key_attributes_t *attributes,
262 const uint8_t *key,
263 size_t key_length,
264 psa_algorithm_t alg,
265 const uint8_t *input,
266 size_t input_length,
267 uint8_t *signature,
268 size_t signature_size,
269 size_t *signature_length )
270 {
271 (void) attributes;
272 (void) key;
273 (void) key_length;
274 (void) alg;
275 (void) input;
276 (void) input_length;
277 (void) signature;
278 (void) signature_size;
279 (void) signature_length;
280
281 return( PSA_ERROR_NOT_SUPPORTED );
282 }
283
mbedtls_test_transparent_signature_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)284 psa_status_t mbedtls_test_transparent_signature_verify_message(
285 const psa_key_attributes_t *attributes,
286 const uint8_t *key_buffer,
287 size_t key_buffer_size,
288 psa_algorithm_t alg,
289 const uint8_t *input,
290 size_t input_length,
291 const uint8_t *signature,
292 size_t signature_length )
293 {
294 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
295 size_t hash_length;
296 uint8_t hash[PSA_HASH_MAX_SIZE];
297
298 ++mbedtls_test_driver_signature_verify_hooks.hits;
299
300 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
301 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
302
303 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
304 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
305 status = libtestdriver1_mbedtls_psa_hash_compute(
306 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
307 hash, sizeof( hash ), &hash_length );
308 #elif defined(MBEDTLS_PSA_BUILTIN_HASH)
309 status = mbedtls_psa_hash_compute(
310 PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
311 hash, sizeof( hash ), &hash_length );
312 #else
313 (void) input;
314 (void) input_length;
315 status = PSA_ERROR_NOT_SUPPORTED;
316 #endif
317 if( status != PSA_SUCCESS )
318 return status;
319
320 return( verify_hash( attributes, key_buffer, key_buffer_size,
321 alg, hash, hash_length,
322 signature, signature_length ) );
323 }
324
mbedtls_test_opaque_signature_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)325 psa_status_t mbedtls_test_opaque_signature_verify_message(
326 const psa_key_attributes_t *attributes,
327 const uint8_t *key,
328 size_t key_length,
329 psa_algorithm_t alg,
330 const uint8_t *input,
331 size_t input_length,
332 const uint8_t *signature,
333 size_t signature_length )
334 {
335 (void) attributes;
336 (void) key;
337 (void) key_length;
338 (void) alg;
339 (void) input;
340 (void) input_length;
341 (void) signature;
342 (void) signature_length;
343
344 return( PSA_ERROR_NOT_SUPPORTED );
345 }
346
mbedtls_test_transparent_signature_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)347 psa_status_t mbedtls_test_transparent_signature_sign_hash(
348 const psa_key_attributes_t *attributes,
349 const uint8_t *key_buffer, size_t key_buffer_size,
350 psa_algorithm_t alg,
351 const uint8_t *hash, size_t hash_length,
352 uint8_t *signature, size_t signature_size, size_t *signature_length )
353 {
354 ++mbedtls_test_driver_signature_sign_hooks.hits;
355
356 if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
357 return( mbedtls_test_driver_signature_sign_hooks.forced_status );
358
359 if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
360 {
361 if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
362 return( PSA_ERROR_BUFFER_TOO_SMALL );
363 memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
364 mbedtls_test_driver_signature_sign_hooks.forced_output_length );
365 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
366 return( PSA_SUCCESS );
367 }
368
369 return( sign_hash( attributes, key_buffer, key_buffer_size,
370 alg, hash, hash_length,
371 signature, signature_size, signature_length ) );
372 }
373
mbedtls_test_opaque_signature_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)374 psa_status_t mbedtls_test_opaque_signature_sign_hash(
375 const psa_key_attributes_t *attributes,
376 const uint8_t *key, size_t key_length,
377 psa_algorithm_t alg,
378 const uint8_t *hash, size_t hash_length,
379 uint8_t *signature, size_t signature_size, size_t *signature_length )
380 {
381 (void) attributes;
382 (void) key;
383 (void) key_length;
384 (void) alg;
385 (void) hash;
386 (void) hash_length;
387 (void) signature;
388 (void) signature_size;
389 (void) signature_length;
390
391 return( PSA_ERROR_NOT_SUPPORTED );
392 }
393
mbedtls_test_transparent_signature_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)394 psa_status_t mbedtls_test_transparent_signature_verify_hash(
395 const psa_key_attributes_t *attributes,
396 const uint8_t *key_buffer, size_t key_buffer_size,
397 psa_algorithm_t alg,
398 const uint8_t *hash, size_t hash_length,
399 const uint8_t *signature, size_t signature_length )
400 {
401 ++mbedtls_test_driver_signature_verify_hooks.hits;
402
403 if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
404 return( mbedtls_test_driver_signature_verify_hooks.forced_status );
405
406 return verify_hash( attributes, key_buffer, key_buffer_size,
407 alg, hash, hash_length,
408 signature, signature_length );
409 }
410
mbedtls_test_opaque_signature_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)411 psa_status_t mbedtls_test_opaque_signature_verify_hash(
412 const psa_key_attributes_t *attributes,
413 const uint8_t *key, size_t key_length,
414 psa_algorithm_t alg,
415 const uint8_t *hash, size_t hash_length,
416 const uint8_t *signature, size_t signature_length )
417 {
418 (void) attributes;
419 (void) key;
420 (void) key_length;
421 (void) alg;
422 (void) hash;
423 (void) hash_length;
424 (void) signature;
425 (void) signature_length;
426 return( PSA_ERROR_NOT_SUPPORTED );
427 }
428
429 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
430