1/* 2 * Test driver for signature functions. 3 * Currently supports signing and verifying precalculated hashes, using 4 * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1. 5 */ 6/* Copyright The Mbed TLS Contributors 7 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 8 */ 9 10#include <test/helpers.h> 11 12#if defined(PSA_CRYPTO_DRIVER_TEST) 13#include "psa/crypto.h" 14#include "psa_crypto_core.h" 15#include "psa_crypto_ecp.h" 16#include "psa_crypto_hash.h" 17#include "psa_crypto_rsa.h" 18#include "mbedtls/ecp.h" 19 20#include "test/drivers/hash.h" 21#include "test/drivers/signature.h" 22#include "test/drivers/hash.h" 23 24#include "mbedtls/ecdsa.h" 25 26#include "test/random.h" 27 28#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) 29#include "libtestdriver1/library/psa_crypto_ecp.h" 30#include "libtestdriver1/library/psa_crypto_hash.h" 31#include "libtestdriver1/library/psa_crypto_rsa.h" 32#endif 33 34#include <string.h> 35 36mbedtls_test_driver_signature_hooks_t 37 mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; 38mbedtls_test_driver_signature_hooks_t 39 mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; 40 41psa_status_t sign_hash( 42 const psa_key_attributes_t *attributes, 43 const uint8_t *key_buffer, 44 size_t key_buffer_size, 45 psa_algorithm_t alg, 46 const uint8_t *hash, 47 size_t hash_length, 48 uint8_t *signature, 49 size_t signature_size, 50 size_t *signature_length) 51{ 52 if (attributes->type == PSA_KEY_TYPE_RSA_KEY_PAIR) { 53 if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || 54 PSA_ALG_IS_RSA_PSS(alg)) { 55#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 56 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ 57 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)) 58 return libtestdriver1_mbedtls_psa_rsa_sign_hash( 59 (const libtestdriver1_psa_key_attributes_t *) attributes, 60 key_buffer, key_buffer_size, 61 alg, hash, hash_length, 62 signature, signature_size, signature_length); 63#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ 64 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) 65 return mbedtls_psa_rsa_sign_hash( 66 attributes, 67 key_buffer, key_buffer_size, 68 alg, hash, hash_length, 69 signature, signature_size, signature_length); 70#endif 71 } else { 72 return PSA_ERROR_INVALID_ARGUMENT; 73 } 74 } else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) { 75 if (PSA_ALG_IS_ECDSA(alg)) { 76#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 77 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ 78 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) 79 return libtestdriver1_mbedtls_psa_ecdsa_sign_hash( 80 (const libtestdriver1_psa_key_attributes_t *) attributes, 81 key_buffer, key_buffer_size, 82 alg, hash, hash_length, 83 signature, signature_size, signature_length); 84#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ 85 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) 86 return mbedtls_psa_ecdsa_sign_hash( 87 attributes, 88 key_buffer, key_buffer_size, 89 alg, hash, hash_length, 90 signature, signature_size, signature_length); 91#endif 92 } else { 93 return PSA_ERROR_INVALID_ARGUMENT; 94 } 95 } 96 97 (void) attributes; 98 (void) key_buffer; 99 (void) key_buffer_size; 100 (void) alg; 101 (void) hash; 102 (void) hash_length; 103 (void) signature; 104 (void) signature_size; 105 (void) signature_length; 106 return PSA_ERROR_NOT_SUPPORTED; 107} 108 109psa_status_t verify_hash( 110 const psa_key_attributes_t *attributes, 111 const uint8_t *key_buffer, 112 size_t key_buffer_size, 113 psa_algorithm_t alg, 114 const uint8_t *hash, 115 size_t hash_length, 116 const uint8_t *signature, 117 size_t signature_length) 118{ 119 if (PSA_KEY_TYPE_IS_RSA(attributes->type)) { 120 if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || 121 PSA_ALG_IS_RSA_PSS(alg)) { 122#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 123 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ 124 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)) 125 return libtestdriver1_mbedtls_psa_rsa_verify_hash( 126 (const libtestdriver1_psa_key_attributes_t *) attributes, 127 key_buffer, key_buffer_size, 128 alg, hash, hash_length, 129 signature, signature_length); 130#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ 131 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) 132 return mbedtls_psa_rsa_verify_hash( 133 attributes, 134 key_buffer, key_buffer_size, 135 alg, hash, hash_length, 136 signature, signature_length); 137#endif 138 } else { 139 return PSA_ERROR_INVALID_ARGUMENT; 140 } 141 } else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) { 142 if (PSA_ALG_IS_ECDSA(alg)) { 143#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 144 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ 145 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) 146 return libtestdriver1_mbedtls_psa_ecdsa_verify_hash( 147 (const libtestdriver1_psa_key_attributes_t *) attributes, 148 key_buffer, key_buffer_size, 149 alg, hash, hash_length, 150 signature, signature_length); 151#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ 152 defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) 153 return mbedtls_psa_ecdsa_verify_hash( 154 attributes, 155 key_buffer, key_buffer_size, 156 alg, hash, hash_length, 157 signature, signature_length); 158#endif 159 } else { 160 return PSA_ERROR_INVALID_ARGUMENT; 161 } 162 } 163 164 (void) attributes; 165 (void) key_buffer; 166 (void) key_buffer_size; 167 (void) alg; 168 (void) hash; 169 (void) hash_length; 170 (void) signature; 171 (void) signature_length; 172 return PSA_ERROR_NOT_SUPPORTED; 173} 174 175psa_status_t mbedtls_test_transparent_signature_sign_message( 176 const psa_key_attributes_t *attributes, 177 const uint8_t *key_buffer, 178 size_t key_buffer_size, 179 psa_algorithm_t alg, 180 const uint8_t *input, 181 size_t input_length, 182 uint8_t *signature, 183 size_t signature_size, 184 size_t *signature_length) 185{ 186 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 187 size_t hash_length; 188 uint8_t hash[PSA_HASH_MAX_SIZE]; 189 190 ++mbedtls_test_driver_signature_sign_hooks.hits; 191 192 if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) { 193 return mbedtls_test_driver_signature_sign_hooks.forced_status; 194 } 195 196 if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) { 197 if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) { 198 return PSA_ERROR_BUFFER_TOO_SMALL; 199 } 200 201 memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output, 202 mbedtls_test_driver_signature_sign_hooks.forced_output_length); 203 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; 204 205 return PSA_SUCCESS; 206 } 207 208#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 209 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) 210 status = libtestdriver1_mbedtls_psa_hash_compute( 211 PSA_ALG_SIGN_GET_HASH(alg), input, input_length, 212 hash, sizeof(hash), &hash_length); 213#elif defined(MBEDTLS_PSA_BUILTIN_HASH) 214 status = mbedtls_psa_hash_compute( 215 PSA_ALG_SIGN_GET_HASH(alg), input, input_length, 216 hash, sizeof(hash), &hash_length); 217#else 218 (void) input; 219 (void) input_length; 220 status = PSA_ERROR_NOT_SUPPORTED; 221#endif 222 if (status != PSA_SUCCESS) { 223 return status; 224 } 225 226 return sign_hash(attributes, key_buffer, key_buffer_size, 227 alg, hash, hash_length, 228 signature, signature_size, signature_length); 229} 230 231psa_status_t mbedtls_test_opaque_signature_sign_message( 232 const psa_key_attributes_t *attributes, 233 const uint8_t *key, 234 size_t key_length, 235 psa_algorithm_t alg, 236 const uint8_t *input, 237 size_t input_length, 238 uint8_t *signature, 239 size_t signature_size, 240 size_t *signature_length) 241{ 242 (void) attributes; 243 (void) key; 244 (void) key_length; 245 (void) alg; 246 (void) input; 247 (void) input_length; 248 (void) signature; 249 (void) signature_size; 250 (void) signature_length; 251 252 return PSA_ERROR_NOT_SUPPORTED; 253} 254 255psa_status_t mbedtls_test_transparent_signature_verify_message( 256 const psa_key_attributes_t *attributes, 257 const uint8_t *key_buffer, 258 size_t key_buffer_size, 259 psa_algorithm_t alg, 260 const uint8_t *input, 261 size_t input_length, 262 const uint8_t *signature, 263 size_t signature_length) 264{ 265 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 266 size_t hash_length; 267 uint8_t hash[PSA_HASH_MAX_SIZE]; 268 269 ++mbedtls_test_driver_signature_verify_hooks.hits; 270 271 if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) { 272 return mbedtls_test_driver_signature_verify_hooks.forced_status; 273 } 274 275#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 276 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) 277 status = libtestdriver1_mbedtls_psa_hash_compute( 278 PSA_ALG_SIGN_GET_HASH(alg), input, input_length, 279 hash, sizeof(hash), &hash_length); 280#elif defined(MBEDTLS_PSA_BUILTIN_HASH) 281 status = mbedtls_psa_hash_compute( 282 PSA_ALG_SIGN_GET_HASH(alg), input, input_length, 283 hash, sizeof(hash), &hash_length); 284#else 285 (void) input; 286 (void) input_length; 287 status = PSA_ERROR_NOT_SUPPORTED; 288#endif 289 if (status != PSA_SUCCESS) { 290 return status; 291 } 292 293 return verify_hash(attributes, key_buffer, key_buffer_size, 294 alg, hash, hash_length, 295 signature, signature_length); 296} 297 298psa_status_t mbedtls_test_opaque_signature_verify_message( 299 const psa_key_attributes_t *attributes, 300 const uint8_t *key, 301 size_t key_length, 302 psa_algorithm_t alg, 303 const uint8_t *input, 304 size_t input_length, 305 const uint8_t *signature, 306 size_t signature_length) 307{ 308 (void) attributes; 309 (void) key; 310 (void) key_length; 311 (void) alg; 312 (void) input; 313 (void) input_length; 314 (void) signature; 315 (void) signature_length; 316 317 return PSA_ERROR_NOT_SUPPORTED; 318} 319 320psa_status_t mbedtls_test_transparent_signature_sign_hash( 321 const psa_key_attributes_t *attributes, 322 const uint8_t *key_buffer, size_t key_buffer_size, 323 psa_algorithm_t alg, 324 const uint8_t *hash, size_t hash_length, 325 uint8_t *signature, size_t signature_size, size_t *signature_length) 326{ 327 ++mbedtls_test_driver_signature_sign_hooks.hits; 328 329 if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) { 330 return mbedtls_test_driver_signature_sign_hooks.forced_status; 331 } 332 333 if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) { 334 if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) { 335 return PSA_ERROR_BUFFER_TOO_SMALL; 336 } 337 memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output, 338 mbedtls_test_driver_signature_sign_hooks.forced_output_length); 339 *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; 340 return PSA_SUCCESS; 341 } 342 343 return sign_hash(attributes, key_buffer, key_buffer_size, 344 alg, hash, hash_length, 345 signature, signature_size, signature_length); 346} 347 348psa_status_t mbedtls_test_opaque_signature_sign_hash( 349 const psa_key_attributes_t *attributes, 350 const uint8_t *key, size_t key_length, 351 psa_algorithm_t alg, 352 const uint8_t *hash, size_t hash_length, 353 uint8_t *signature, size_t signature_size, size_t *signature_length) 354{ 355 (void) attributes; 356 (void) key; 357 (void) key_length; 358 (void) alg; 359 (void) hash; 360 (void) hash_length; 361 (void) signature; 362 (void) signature_size; 363 (void) signature_length; 364 365 return PSA_ERROR_NOT_SUPPORTED; 366} 367 368psa_status_t mbedtls_test_transparent_signature_verify_hash( 369 const psa_key_attributes_t *attributes, 370 const uint8_t *key_buffer, size_t key_buffer_size, 371 psa_algorithm_t alg, 372 const uint8_t *hash, size_t hash_length, 373 const uint8_t *signature, size_t signature_length) 374{ 375 ++mbedtls_test_driver_signature_verify_hooks.hits; 376 377 if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) { 378 return mbedtls_test_driver_signature_verify_hooks.forced_status; 379 } 380 381 return verify_hash(attributes, key_buffer, key_buffer_size, 382 alg, hash, hash_length, 383 signature, signature_length); 384} 385 386psa_status_t mbedtls_test_opaque_signature_verify_hash( 387 const psa_key_attributes_t *attributes, 388 const uint8_t *key, size_t key_length, 389 psa_algorithm_t alg, 390 const uint8_t *hash, size_t hash_length, 391 const uint8_t *signature, size_t signature_length) 392{ 393 (void) attributes; 394 (void) key; 395 (void) key_length; 396 (void) alg; 397 (void) hash; 398 (void) hash_length; 399 (void) signature; 400 (void) signature_length; 401 return PSA_ERROR_NOT_SUPPORTED; 402} 403 404#endif /* PSA_CRYPTO_DRIVER_TEST */ 405