• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Test driver for signature functions.
3  * Currently supports signing and verifying precalculated hashes, using
4  * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
5  */
6 /*  Copyright The Mbed TLS Contributors
7  *  SPDX-License-Identifier: Apache-2.0
8  *
9  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
10  *  not use this file except in compliance with the License.
11  *  You may obtain a copy of the License at
12  *
13  *  http://www.apache.org/licenses/LICENSE-2.0
14  *
15  *  Unless required by applicable law or agreed to in writing, software
16  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18  *  See the License for the specific language governing permissions and
19  *  limitations under the License.
20  */
21 
22 #include <test/helpers.h>
23 
24 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
25 #include "psa/crypto.h"
26 #include "psa_crypto_core.h"
27 #include "psa_crypto_ecp.h"
28 #include "psa_crypto_hash.h"
29 #include "psa_crypto_rsa.h"
30 #include "mbedtls/ecp.h"
31 
32 #include "test/drivers/hash.h"
33 #include "test/drivers/signature.h"
34 #include "test/drivers/hash.h"
35 
36 #include "mbedtls/md.h"
37 #include "mbedtls/ecdsa.h"
38 
39 #include "test/random.h"
40 
41 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
42 #include "libtestdriver1/library/psa_crypto_ecp.h"
43 #include "libtestdriver1/library/psa_crypto_hash.h"
44 #include "libtestdriver1/library/psa_crypto_rsa.h"
45 #endif
46 
47 #include <string.h>
48 
49 mbedtls_test_driver_signature_hooks_t
50     mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
51 mbedtls_test_driver_signature_hooks_t
52     mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
53 
sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)54 psa_status_t sign_hash(
55     const psa_key_attributes_t *attributes,
56     const uint8_t *key_buffer,
57     size_t key_buffer_size,
58     psa_algorithm_t alg,
59     const uint8_t *hash,
60     size_t hash_length,
61     uint8_t *signature,
62     size_t signature_size,
63     size_t *signature_length)
64 {
65     if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
66         if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
67             PSA_ALG_IS_RSA_PSS(alg)) {
68 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
69             (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
70             defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS))
71             return libtestdriver1_mbedtls_psa_rsa_sign_hash(
72                 (const libtestdriver1_psa_key_attributes_t *) attributes,
73                 key_buffer, key_buffer_size,
74                 alg, hash, hash_length,
75                 signature, signature_size, signature_length);
76 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
77             defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
78             return mbedtls_psa_rsa_sign_hash(
79                 attributes,
80                 key_buffer, key_buffer_size,
81                 alg, hash, hash_length,
82                 signature, signature_size, signature_length);
83 #endif
84         } else {
85             return PSA_ERROR_INVALID_ARGUMENT;
86         }
87     } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
88         if (PSA_ALG_IS_ECDSA(alg)) {
89 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
90             (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
91             defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA))
92             return libtestdriver1_mbedtls_psa_ecdsa_sign_hash(
93                 (const libtestdriver1_psa_key_attributes_t *) attributes,
94                 key_buffer, key_buffer_size,
95                 alg, hash, hash_length,
96                 signature, signature_size, signature_length);
97 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
98             defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
99             return mbedtls_psa_ecdsa_sign_hash(
100                 attributes,
101                 key_buffer, key_buffer_size,
102                 alg, hash, hash_length,
103                 signature, signature_size, signature_length);
104 #endif
105         } else {
106             return PSA_ERROR_INVALID_ARGUMENT;
107         }
108     }
109 
110     (void) attributes;
111     (void) key_buffer;
112     (void) key_buffer_size;
113     (void) alg;
114     (void) hash;
115     (void) hash_length;
116     (void) signature;
117     (void) signature_size;
118     (void) signature_length;
119     return PSA_ERROR_NOT_SUPPORTED;
120 }
121 
verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)122 psa_status_t verify_hash(
123     const psa_key_attributes_t *attributes,
124     const uint8_t *key_buffer,
125     size_t key_buffer_size,
126     psa_algorithm_t alg,
127     const uint8_t *hash,
128     size_t hash_length,
129     const uint8_t *signature,
130     size_t signature_length)
131 {
132     if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) {
133         if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
134             PSA_ALG_IS_RSA_PSS(alg)) {
135 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
136             (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
137             defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS))
138             return libtestdriver1_mbedtls_psa_rsa_verify_hash(
139                 (const libtestdriver1_psa_key_attributes_t *) attributes,
140                 key_buffer, key_buffer_size,
141                 alg, hash, hash_length,
142                 signature, signature_length);
143 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
144             defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
145             return mbedtls_psa_rsa_verify_hash(
146                 attributes,
147                 key_buffer, key_buffer_size,
148                 alg, hash, hash_length,
149                 signature, signature_length);
150 #endif
151         } else {
152             return PSA_ERROR_INVALID_ARGUMENT;
153         }
154     } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
155         if (PSA_ALG_IS_ECDSA(alg)) {
156 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
157             (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
158             defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA))
159             return libtestdriver1_mbedtls_psa_ecdsa_verify_hash(
160                 (const libtestdriver1_psa_key_attributes_t *) attributes,
161                 key_buffer, key_buffer_size,
162                 alg, hash, hash_length,
163                 signature, signature_length);
164 #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
165             defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
166             return mbedtls_psa_ecdsa_verify_hash(
167                 attributes,
168                 key_buffer, key_buffer_size,
169                 alg, hash, hash_length,
170                 signature, signature_length);
171 #endif
172         } else {
173             return PSA_ERROR_INVALID_ARGUMENT;
174         }
175     }
176 
177     (void) attributes;
178     (void) key_buffer;
179     (void) key_buffer_size;
180     (void) alg;
181     (void) hash;
182     (void) hash_length;
183     (void) signature;
184     (void) signature_length;
185     return PSA_ERROR_NOT_SUPPORTED;
186 }
187 
mbedtls_test_transparent_signature_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)188 psa_status_t mbedtls_test_transparent_signature_sign_message(
189     const psa_key_attributes_t *attributes,
190     const uint8_t *key_buffer,
191     size_t key_buffer_size,
192     psa_algorithm_t alg,
193     const uint8_t *input,
194     size_t input_length,
195     uint8_t *signature,
196     size_t signature_size,
197     size_t *signature_length)
198 {
199     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
200     size_t hash_length;
201     uint8_t hash[PSA_HASH_MAX_SIZE];
202 
203     ++mbedtls_test_driver_signature_sign_hooks.hits;
204 
205     if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) {
206         return mbedtls_test_driver_signature_sign_hooks.forced_status;
207     }
208 
209     if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
210         if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) {
211             return PSA_ERROR_BUFFER_TOO_SMALL;
212         }
213 
214         memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
215                mbedtls_test_driver_signature_sign_hooks.forced_output_length);
216         *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
217 
218         return PSA_SUCCESS;
219     }
220 
221 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
222     defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
223     status = libtestdriver1_mbedtls_psa_hash_compute(
224         PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
225         hash, sizeof(hash), &hash_length);
226 #elif defined(MBEDTLS_PSA_BUILTIN_HASH)
227     status = mbedtls_psa_hash_compute(
228         PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
229         hash, sizeof(hash), &hash_length);
230 #else
231     (void) input;
232     (void) input_length;
233     status = PSA_ERROR_NOT_SUPPORTED;
234 #endif
235     if (status != PSA_SUCCESS) {
236         return status;
237     }
238 
239     return sign_hash(attributes, key_buffer, key_buffer_size,
240                      alg, hash, hash_length,
241                      signature, signature_size, signature_length);
242 }
243 
mbedtls_test_opaque_signature_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)244 psa_status_t mbedtls_test_opaque_signature_sign_message(
245     const psa_key_attributes_t *attributes,
246     const uint8_t *key,
247     size_t key_length,
248     psa_algorithm_t alg,
249     const uint8_t *input,
250     size_t input_length,
251     uint8_t *signature,
252     size_t signature_size,
253     size_t *signature_length)
254 {
255     (void) attributes;
256     (void) key;
257     (void) key_length;
258     (void) alg;
259     (void) input;
260     (void) input_length;
261     (void) signature;
262     (void) signature_size;
263     (void) signature_length;
264 
265     return PSA_ERROR_NOT_SUPPORTED;
266 }
267 
mbedtls_test_transparent_signature_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)268 psa_status_t mbedtls_test_transparent_signature_verify_message(
269     const psa_key_attributes_t *attributes,
270     const uint8_t *key_buffer,
271     size_t key_buffer_size,
272     psa_algorithm_t alg,
273     const uint8_t *input,
274     size_t input_length,
275     const uint8_t *signature,
276     size_t signature_length)
277 {
278     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
279     size_t hash_length;
280     uint8_t hash[PSA_HASH_MAX_SIZE];
281 
282     ++mbedtls_test_driver_signature_verify_hooks.hits;
283 
284     if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) {
285         return mbedtls_test_driver_signature_verify_hooks.forced_status;
286     }
287 
288 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
289     defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
290     status = libtestdriver1_mbedtls_psa_hash_compute(
291         PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
292         hash, sizeof(hash), &hash_length);
293 #elif defined(MBEDTLS_PSA_BUILTIN_HASH)
294     status = mbedtls_psa_hash_compute(
295         PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
296         hash, sizeof(hash), &hash_length);
297 #else
298     (void) input;
299     (void) input_length;
300     status = PSA_ERROR_NOT_SUPPORTED;
301 #endif
302     if (status != PSA_SUCCESS) {
303         return status;
304     }
305 
306     return verify_hash(attributes, key_buffer, key_buffer_size,
307                        alg, hash, hash_length,
308                        signature, signature_length);
309 }
310 
mbedtls_test_opaque_signature_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)311 psa_status_t mbedtls_test_opaque_signature_verify_message(
312     const psa_key_attributes_t *attributes,
313     const uint8_t *key,
314     size_t key_length,
315     psa_algorithm_t alg,
316     const uint8_t *input,
317     size_t input_length,
318     const uint8_t *signature,
319     size_t signature_length)
320 {
321     (void) attributes;
322     (void) key;
323     (void) key_length;
324     (void) alg;
325     (void) input;
326     (void) input_length;
327     (void) signature;
328     (void) signature_length;
329 
330     return PSA_ERROR_NOT_SUPPORTED;
331 }
332 
mbedtls_test_transparent_signature_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)333 psa_status_t mbedtls_test_transparent_signature_sign_hash(
334     const psa_key_attributes_t *attributes,
335     const uint8_t *key_buffer, size_t key_buffer_size,
336     psa_algorithm_t alg,
337     const uint8_t *hash, size_t hash_length,
338     uint8_t *signature, size_t signature_size, size_t *signature_length)
339 {
340     ++mbedtls_test_driver_signature_sign_hooks.hits;
341 
342     if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) {
343         return mbedtls_test_driver_signature_sign_hooks.forced_status;
344     }
345 
346     if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
347         if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) {
348             return PSA_ERROR_BUFFER_TOO_SMALL;
349         }
350         memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
351                mbedtls_test_driver_signature_sign_hooks.forced_output_length);
352         *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
353         return PSA_SUCCESS;
354     }
355 
356     return sign_hash(attributes, key_buffer, key_buffer_size,
357                      alg, hash, hash_length,
358                      signature, signature_size, signature_length);
359 }
360 
mbedtls_test_opaque_signature_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)361 psa_status_t mbedtls_test_opaque_signature_sign_hash(
362     const psa_key_attributes_t *attributes,
363     const uint8_t *key, size_t key_length,
364     psa_algorithm_t alg,
365     const uint8_t *hash, size_t hash_length,
366     uint8_t *signature, size_t signature_size, size_t *signature_length)
367 {
368     (void) attributes;
369     (void) key;
370     (void) key_length;
371     (void) alg;
372     (void) hash;
373     (void) hash_length;
374     (void) signature;
375     (void) signature_size;
376     (void) signature_length;
377 
378     return PSA_ERROR_NOT_SUPPORTED;
379 }
380 
mbedtls_test_transparent_signature_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)381 psa_status_t mbedtls_test_transparent_signature_verify_hash(
382     const psa_key_attributes_t *attributes,
383     const uint8_t *key_buffer, size_t key_buffer_size,
384     psa_algorithm_t alg,
385     const uint8_t *hash, size_t hash_length,
386     const uint8_t *signature, size_t signature_length)
387 {
388     ++mbedtls_test_driver_signature_verify_hooks.hits;
389 
390     if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) {
391         return mbedtls_test_driver_signature_verify_hooks.forced_status;
392     }
393 
394     return verify_hash(attributes, key_buffer, key_buffer_size,
395                        alg, hash, hash_length,
396                        signature, signature_length);
397 }
398 
mbedtls_test_opaque_signature_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)399 psa_status_t mbedtls_test_opaque_signature_verify_hash(
400     const psa_key_attributes_t *attributes,
401     const uint8_t *key, size_t key_length,
402     psa_algorithm_t alg,
403     const uint8_t *hash, size_t hash_length,
404     const uint8_t *signature, size_t signature_length)
405 {
406     (void) attributes;
407     (void) key;
408     (void) key_length;
409     (void) alg;
410     (void) hash;
411     (void) hash_length;
412     (void) signature;
413     (void) signature_length;
414     return PSA_ERROR_NOT_SUPPORTED;
415 }
416 
417 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
418