Dispatch sign/verify funtions through the driver interface
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
parent
38cbaf2881
commit
50eac35d58
@ -2535,20 +2535,9 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key,
|
|||||||
|
|
||||||
if( operation == PSA_SIGN_MESSAGE )
|
if( operation == PSA_SIGN_MESSAGE )
|
||||||
{
|
{
|
||||||
size_t hash_length;
|
status = psa_driver_wrapper_sign_message(
|
||||||
uint8_t hash[PSA_HASH_MAX_SIZE];
|
|
||||||
|
|
||||||
status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ),
|
|
||||||
input, input_length,
|
|
||||||
hash, sizeof( hash ),
|
|
||||||
&hash_length );
|
|
||||||
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
goto exit;
|
|
||||||
|
|
||||||
status = psa_driver_wrapper_sign_hash(
|
|
||||||
&attributes, slot->key.data, slot->key.bytes,
|
&attributes, slot->key.data, slot->key.bytes,
|
||||||
alg, hash, hash_length,
|
alg, input, input_length,
|
||||||
signature, signature_size, signature_length );
|
signature, signature_size, signature_length );
|
||||||
}
|
}
|
||||||
else if( operation == PSA_SIGN_HASH )
|
else if( operation == PSA_SIGN_HASH )
|
||||||
@ -2624,20 +2613,9 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key,
|
|||||||
|
|
||||||
if( operation == PSA_VERIFY_MESSAGE )
|
if( operation == PSA_VERIFY_MESSAGE )
|
||||||
{
|
{
|
||||||
size_t hash_length;
|
status = psa_driver_wrapper_verify_message(
|
||||||
uint8_t hash[PSA_HASH_MAX_SIZE];
|
|
||||||
|
|
||||||
status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ),
|
|
||||||
input, input_length,
|
|
||||||
hash, sizeof( hash ),
|
|
||||||
&hash_length );
|
|
||||||
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
goto exit;
|
|
||||||
|
|
||||||
status = psa_driver_wrapper_verify_hash(
|
|
||||||
&attributes, slot->key.data, slot->key.bytes,
|
&attributes, slot->key.data, slot->key.bytes,
|
||||||
alg, hash, hash_length,
|
alg, input, input_length,
|
||||||
signature, signature_length );
|
signature, signature_length );
|
||||||
}
|
}
|
||||||
else if( operation == PSA_VERIFY_HASH )
|
else if( operation == PSA_VERIFY_HASH )
|
||||||
@ -2648,13 +2626,41 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key,
|
|||||||
signature, signature_length );
|
signature, signature_length );
|
||||||
}
|
}
|
||||||
|
|
||||||
exit:
|
|
||||||
unlock_status = psa_unlock_key_slot( slot );
|
unlock_status = psa_unlock_key_slot( slot );
|
||||||
|
|
||||||
return( ( status == PSA_SUCCESS ) ? unlock_status : status );
|
return( ( status == PSA_SUCCESS ) ? unlock_status : status );
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_sign_message_internal(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
uint8_t *signature,
|
||||||
|
size_t signature_size,
|
||||||
|
size_t *signature_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
size_t hash_length;
|
||||||
|
uint8_t hash[PSA_HASH_MAX_SIZE];
|
||||||
|
|
||||||
|
status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ),
|
||||||
|
input, input_length,
|
||||||
|
hash, sizeof( hash ),
|
||||||
|
&hash_length );
|
||||||
|
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return status;
|
||||||
|
|
||||||
|
return psa_sign_hash_internal(
|
||||||
|
attributes, key_buffer, key_buffer_size,
|
||||||
|
alg, hash, hash_length,
|
||||||
|
signature, signature_size, signature_length );
|
||||||
|
}
|
||||||
|
|
||||||
psa_status_t psa_sign_message( mbedtls_svc_key_id_t key,
|
psa_status_t psa_sign_message( mbedtls_svc_key_id_t key,
|
||||||
psa_algorithm_t alg,
|
psa_algorithm_t alg,
|
||||||
const uint8_t * input,
|
const uint8_t * input,
|
||||||
@ -2668,6 +2674,34 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key,
|
|||||||
signature, signature_size, signature_length );
|
signature, signature_size, signature_length );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_verify_message_internal(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
const uint8_t *signature,
|
||||||
|
size_t signature_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
size_t hash_length;
|
||||||
|
uint8_t hash[PSA_HASH_MAX_SIZE];
|
||||||
|
|
||||||
|
status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ),
|
||||||
|
input, input_length,
|
||||||
|
hash, sizeof( hash ),
|
||||||
|
&hash_length );
|
||||||
|
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return status;
|
||||||
|
|
||||||
|
return psa_verify_hash_internal(
|
||||||
|
attributes, key_buffer, key_buffer_size,
|
||||||
|
alg, hash, hash_length,
|
||||||
|
signature, signature_length );
|
||||||
|
}
|
||||||
|
|
||||||
psa_status_t psa_verify_message( mbedtls_svc_key_id_t key,
|
psa_status_t psa_verify_message( mbedtls_svc_key_id_t key,
|
||||||
psa_algorithm_t alg,
|
psa_algorithm_t alg,
|
||||||
const uint8_t * input,
|
const uint8_t * input,
|
||||||
|
@ -377,6 +377,79 @@ psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes,
|
|||||||
uint8_t *key_buffer,
|
uint8_t *key_buffer,
|
||||||
size_t key_buffer_size,
|
size_t key_buffer_size,
|
||||||
size_t *key_buffer_length );
|
size_t *key_buffer_length );
|
||||||
|
/** Sign a message with a private key. For hash-and-sign algorithms,
|
||||||
|
* this includes the hashing step.
|
||||||
|
*
|
||||||
|
* \note The signature of this function is that of a PSA driver
|
||||||
|
* sign_message entry point. This function behaves as a sign_message
|
||||||
|
* entry point as defined in the PSA driver interface specification for
|
||||||
|
* transparent drivers.
|
||||||
|
*
|
||||||
|
* \param[in] attributes The attributes of the key to use for the
|
||||||
|
* operation.
|
||||||
|
* \param[in] key_buffer The buffer containing the key context.
|
||||||
|
* \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||||
|
* \param[in] alg A signature algorithm that is compatible with
|
||||||
|
* the type of the key.
|
||||||
|
* \param[in] input The input message to sign.
|
||||||
|
* \param[in] input_length Size of the \p input buffer in bytes.
|
||||||
|
* \param[out] signature Buffer where the signature is to be written.
|
||||||
|
* \param[in] signature_size Size of the \p signature buffer in bytes.
|
||||||
|
* \param[out] signature_length On success, the number of bytes
|
||||||
|
* that make up the returned signature value.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS
|
||||||
|
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||||
|
* The size of the \p signature buffer is too small. You can
|
||||||
|
* determine a sufficient buffer size by calling
|
||||||
|
* #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
|
||||||
|
* where \c key_type and \c key_bits are the type and bit-size
|
||||||
|
* respectively of the key.
|
||||||
|
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||||
|
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
* \retval #PSA_ERROR_CORRUPTION_DETECTED
|
||||||
|
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
|
||||||
|
*/
|
||||||
|
psa_status_t psa_sign_message_internal(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg, const uint8_t *input, size_t input_length,
|
||||||
|
uint8_t *signature, size_t signature_size, size_t *signature_length );
|
||||||
|
|
||||||
|
/** Verify the signature of a message with a public key, using
|
||||||
|
* a hash-and-sign verification algorithm.
|
||||||
|
*
|
||||||
|
* \note The signature of this function is that of a PSA driver
|
||||||
|
* verify_message entry point. This function behaves as a verify_message
|
||||||
|
* entry point as defined in the PSA driver interface specification for
|
||||||
|
* transparent drivers.
|
||||||
|
*
|
||||||
|
* \param[in] attributes The attributes of the key to use for the
|
||||||
|
* operation.
|
||||||
|
* \param[in] key_buffer The buffer containing the key context.
|
||||||
|
* \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||||
|
* \param[in] alg A signature algorithm that is compatible with
|
||||||
|
* the type of the key.
|
||||||
|
* \param[in] input The message whose signature is to be verified.
|
||||||
|
* \param[in] input_length Size of the \p input buffer in bytes.
|
||||||
|
* \param[in] signature Buffer containing the signature to verify.
|
||||||
|
* \param[in] signature_length Size of the \p signature buffer in bytes.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS
|
||||||
|
* The signature is valid.
|
||||||
|
* \retval #PSA_ERROR_INVALID_SIGNATURE
|
||||||
|
* The calculation was performed successfully, but the passed
|
||||||
|
* signature is not a valid signature.
|
||||||
|
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||||
|
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
*/
|
||||||
|
psa_status_t psa_verify_message_internal(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg, const uint8_t *input, size_t input_length,
|
||||||
|
const uint8_t *signature, size_t signature_length );
|
||||||
|
|
||||||
/** Sign an already-calculated hash with a private key.
|
/** Sign an already-calculated hash with a private key.
|
||||||
*
|
*
|
||||||
|
@ -65,6 +65,210 @@
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Start delegation functions */
|
/* Start delegation functions */
|
||||||
|
psa_status_t psa_driver_wrapper_sign_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
uint8_t *signature,
|
||||||
|
size_t signature_size,
|
||||||
|
size_t *signature_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
/* Try dynamically-registered SE interface first */
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||||
|
const psa_drv_se_t *drv;
|
||||||
|
psa_drv_se_context_t *drv_context;
|
||||||
|
|
||||||
|
if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
|
||||||
|
{
|
||||||
|
if( drv->asymmetric == NULL ||
|
||||||
|
drv->asymmetric->p_sign == NULL )
|
||||||
|
{
|
||||||
|
/* Key is defined in SE, but we have no way to exercise it */
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
}
|
||||||
|
|
||||||
|
size_t hash_length;
|
||||||
|
uint8_t hash[PSA_HASH_MAX_SIZE];
|
||||||
|
|
||||||
|
status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ),
|
||||||
|
input, input_length,
|
||||||
|
hash, sizeof( hash ),
|
||||||
|
&hash_length );
|
||||||
|
|
||||||
|
if( status != PSA_ERROR_NOT_SUPPORTED )
|
||||||
|
return( status );
|
||||||
|
|
||||||
|
return( drv->asymmetric->p_sign(
|
||||||
|
drv_context, *( (psa_key_slot_number_t *)key_buffer ),
|
||||||
|
alg, hash, hash_length,
|
||||||
|
signature, signature_size, signature_length ) );
|
||||||
|
}
|
||||||
|
#endif /* PSA_CRYPTO_SE_C */
|
||||||
|
|
||||||
|
psa_key_location_t location =
|
||||||
|
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
|
||||||
|
|
||||||
|
switch( location )
|
||||||
|
{
|
||||||
|
case PSA_KEY_LOCATION_LOCAL_STORAGE:
|
||||||
|
/* Key is stored in the slot in export representation, so
|
||||||
|
* cycle through all known transparent accelerators */
|
||||||
|
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||||
|
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||||
|
status = mbedtls_test_transparent_signature_sign_message(
|
||||||
|
attributes,
|
||||||
|
key_buffer,
|
||||||
|
key_buffer_size,
|
||||||
|
alg,
|
||||||
|
input,
|
||||||
|
input_length,
|
||||||
|
signature,
|
||||||
|
signature_size,
|
||||||
|
signature_length );
|
||||||
|
/* Declared with fallback == true */
|
||||||
|
if( status != PSA_ERROR_NOT_SUPPORTED )
|
||||||
|
return( status );
|
||||||
|
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||||
|
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||||
|
/* Fell through, meaning no accelerator supports this operation */
|
||||||
|
return( psa_sign_message_internal( attributes,
|
||||||
|
key_buffer,
|
||||||
|
key_buffer_size,
|
||||||
|
alg,
|
||||||
|
input,
|
||||||
|
input_length,
|
||||||
|
signature,
|
||||||
|
signature_size,
|
||||||
|
signature_length ) );
|
||||||
|
|
||||||
|
/* Add cases for opaque driver here */
|
||||||
|
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||||
|
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||||
|
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
|
||||||
|
return( mbedtls_test_opaque_signature_sign_message(
|
||||||
|
attributes,
|
||||||
|
key_buffer,
|
||||||
|
key_buffer_size,
|
||||||
|
alg,
|
||||||
|
input,
|
||||||
|
input_length,
|
||||||
|
signature,
|
||||||
|
signature_size,
|
||||||
|
signature_length ) );
|
||||||
|
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||||
|
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||||
|
default:
|
||||||
|
/* Key is declared with a lifetime not known to us */
|
||||||
|
(void)status;
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_driver_wrapper_verify_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
const uint8_t *signature,
|
||||||
|
size_t signature_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
/* Try dynamically-registered SE interface first */
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||||
|
const psa_drv_se_t *drv;
|
||||||
|
psa_drv_se_context_t *drv_context;
|
||||||
|
|
||||||
|
if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
|
||||||
|
{
|
||||||
|
if( drv->asymmetric == NULL ||
|
||||||
|
drv->asymmetric->p_verify == NULL )
|
||||||
|
{
|
||||||
|
/* Key is defined in SE, but we have no way to exercise it */
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
}
|
||||||
|
|
||||||
|
size_t hash_length;
|
||||||
|
uint8_t hash[PSA_HASH_MAX_SIZE];
|
||||||
|
|
||||||
|
status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ),
|
||||||
|
input, input_length,
|
||||||
|
hash, sizeof( hash ),
|
||||||
|
&hash_length );
|
||||||
|
|
||||||
|
if( status != PSA_ERROR_NOT_SUPPORTED )
|
||||||
|
return( status );
|
||||||
|
|
||||||
|
return( drv->asymmetric->p_verify(
|
||||||
|
drv_context, *( (psa_key_slot_number_t *)key_buffer ),
|
||||||
|
alg, hash, hash_length,
|
||||||
|
signature, signature_length ) );
|
||||||
|
}
|
||||||
|
#endif /* PSA_CRYPTO_SE_C */
|
||||||
|
|
||||||
|
psa_key_location_t location =
|
||||||
|
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
|
||||||
|
|
||||||
|
switch( location )
|
||||||
|
{
|
||||||
|
case PSA_KEY_LOCATION_LOCAL_STORAGE:
|
||||||
|
/* Key is stored in the slot in export representation, so
|
||||||
|
* cycle through all known transparent accelerators */
|
||||||
|
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||||
|
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||||
|
status = mbedtls_test_transparent_signature_verify_message(
|
||||||
|
attributes,
|
||||||
|
key_buffer,
|
||||||
|
key_buffer_size,
|
||||||
|
alg,
|
||||||
|
input,
|
||||||
|
input_length,
|
||||||
|
signature,
|
||||||
|
signature_length );
|
||||||
|
/* Declared with fallback == true */
|
||||||
|
if( status != PSA_ERROR_NOT_SUPPORTED )
|
||||||
|
return( status );
|
||||||
|
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||||
|
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||||
|
|
||||||
|
return( psa_verify_message_internal( attributes,
|
||||||
|
key_buffer,
|
||||||
|
key_buffer_size,
|
||||||
|
alg,
|
||||||
|
input,
|
||||||
|
input_length,
|
||||||
|
signature,
|
||||||
|
signature_length ) );
|
||||||
|
|
||||||
|
/* Add cases for opaque driver here */
|
||||||
|
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||||
|
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||||
|
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
|
||||||
|
return( mbedtls_test_opaque_signature_verify_message(
|
||||||
|
attributes,
|
||||||
|
key_buffer,
|
||||||
|
key_buffer_size,
|
||||||
|
alg,
|
||||||
|
input,
|
||||||
|
input_length,
|
||||||
|
signature,
|
||||||
|
signature_length ) );
|
||||||
|
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||||
|
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||||
|
default:
|
||||||
|
/* Key is declared with a lifetime not known to us */
|
||||||
|
(void)status;
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
psa_status_t psa_driver_wrapper_sign_hash(
|
psa_status_t psa_driver_wrapper_sign_hash(
|
||||||
const psa_key_attributes_t *attributes,
|
const psa_key_attributes_t *attributes,
|
||||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
@ -28,6 +28,27 @@
|
|||||||
/*
|
/*
|
||||||
* Signature functions
|
* Signature functions
|
||||||
*/
|
*/
|
||||||
|
psa_status_t psa_driver_wrapper_sign_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
uint8_t *signature,
|
||||||
|
size_t signature_size,
|
||||||
|
size_t *signature_length );
|
||||||
|
|
||||||
|
psa_status_t psa_driver_wrapper_verify_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
const uint8_t *signature,
|
||||||
|
size_t signature_length );
|
||||||
|
|
||||||
psa_status_t psa_driver_wrapper_sign_hash(
|
psa_status_t psa_driver_wrapper_sign_hash(
|
||||||
const psa_key_attributes_t *attributes,
|
const psa_key_attributes_t *attributes,
|
||||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
@ -54,6 +54,48 @@ extern mbedtls_test_driver_signature_hooks_t
|
|||||||
extern mbedtls_test_driver_signature_hooks_t
|
extern mbedtls_test_driver_signature_hooks_t
|
||||||
mbedtls_test_driver_signature_verify_hooks;
|
mbedtls_test_driver_signature_verify_hooks;
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_transparent_signature_sign_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key,
|
||||||
|
size_t key_length,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
uint8_t *signature,
|
||||||
|
size_t signature_size,
|
||||||
|
size_t *signature_length );
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_opaque_signature_sign_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key,
|
||||||
|
size_t key_length,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
uint8_t *signature,
|
||||||
|
size_t signature_size,
|
||||||
|
size_t *signature_length );
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_transparent_signature_verify_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key,
|
||||||
|
size_t key_length,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
const uint8_t *signature,
|
||||||
|
size_t signature_length );
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_opaque_signature_verify_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key,
|
||||||
|
size_t key_length,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
const uint8_t *signature,
|
||||||
|
size_t signature_length );
|
||||||
|
|
||||||
psa_status_t mbedtls_test_transparent_signature_sign_hash(
|
psa_status_t mbedtls_test_transparent_signature_sign_hash(
|
||||||
const psa_key_attributes_t *attributes,
|
const psa_key_attributes_t *attributes,
|
||||||
const uint8_t *key, size_t key_length,
|
const uint8_t *key, size_t key_length,
|
||||||
|
@ -29,6 +29,7 @@
|
|||||||
#include "psa/crypto.h"
|
#include "psa/crypto.h"
|
||||||
#include "psa_crypto_core.h"
|
#include "psa_crypto_core.h"
|
||||||
#include "psa_crypto_ecp.h"
|
#include "psa_crypto_ecp.h"
|
||||||
|
#include "psa_crypto_hash.h"
|
||||||
#include "psa_crypto_rsa.h"
|
#include "psa_crypto_rsa.h"
|
||||||
#include "mbedtls/ecp.h"
|
#include "mbedtls/ecp.h"
|
||||||
|
|
||||||
@ -46,30 +47,17 @@ mbedtls_test_driver_signature_hooks_t
|
|||||||
mbedtls_test_driver_signature_hooks_t
|
mbedtls_test_driver_signature_hooks_t
|
||||||
mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
|
mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
|
||||||
|
|
||||||
psa_status_t mbedtls_test_transparent_signature_sign_hash(
|
psa_status_t sign_hash(
|
||||||
const psa_key_attributes_t *attributes,
|
const psa_key_attributes_t *attributes,
|
||||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
psa_algorithm_t alg,
|
psa_algorithm_t alg,
|
||||||
const uint8_t *hash, size_t hash_length,
|
const uint8_t *hash,
|
||||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
size_t hash_length,
|
||||||
|
uint8_t *signature,
|
||||||
|
size_t signature_size,
|
||||||
|
size_t *signature_length )
|
||||||
{
|
{
|
||||||
++mbedtls_test_driver_signature_sign_hooks.hits;
|
|
||||||
|
|
||||||
if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
|
|
||||||
return( mbedtls_test_driver_signature_sign_hooks.forced_status );
|
|
||||||
|
|
||||||
if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
|
|
||||||
{
|
|
||||||
if( mbedtls_test_driver_signature_sign_hooks.forced_output_length >
|
|
||||||
signature_size )
|
|
||||||
return( PSA_ERROR_BUFFER_TOO_SMALL );
|
|
||||||
memcpy( signature,
|
|
||||||
mbedtls_test_driver_signature_sign_hooks.forced_output,
|
|
||||||
mbedtls_test_driver_signature_sign_hooks.forced_output_length );
|
|
||||||
*signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
|
|
||||||
return( PSA_SUCCESS );
|
|
||||||
}
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
|
#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
|
||||||
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
||||||
if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
||||||
@ -124,38 +112,16 @@ psa_status_t mbedtls_test_transparent_signature_sign_hash(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
psa_status_t mbedtls_test_opaque_signature_sign_hash(
|
psa_status_t verify_hash(
|
||||||
const psa_key_attributes_t *attributes,
|
const psa_key_attributes_t *attributes,
|
||||||
const uint8_t *key, size_t key_length,
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
psa_algorithm_t alg,
|
psa_algorithm_t alg,
|
||||||
const uint8_t *hash, size_t hash_length,
|
const uint8_t *hash,
|
||||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
size_t hash_length,
|
||||||
|
const uint8_t *signature,
|
||||||
|
size_t signature_length )
|
||||||
{
|
{
|
||||||
(void) attributes;
|
|
||||||
(void) key;
|
|
||||||
(void) key_length;
|
|
||||||
(void) alg;
|
|
||||||
(void) hash;
|
|
||||||
(void) hash_length;
|
|
||||||
(void) signature;
|
|
||||||
(void) signature_size;
|
|
||||||
(void) signature_length;
|
|
||||||
|
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
|
||||||
}
|
|
||||||
|
|
||||||
psa_status_t mbedtls_test_transparent_signature_verify_hash(
|
|
||||||
const psa_key_attributes_t *attributes,
|
|
||||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
|
||||||
psa_algorithm_t alg,
|
|
||||||
const uint8_t *hash, size_t hash_length,
|
|
||||||
const uint8_t *signature, size_t signature_length )
|
|
||||||
{
|
|
||||||
++mbedtls_test_driver_signature_verify_hooks.hits;
|
|
||||||
|
|
||||||
if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
|
|
||||||
return( mbedtls_test_driver_signature_verify_hooks.forced_status );
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
|
#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
|
||||||
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
||||||
if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
|
if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
|
||||||
@ -204,6 +170,191 @@ psa_status_t mbedtls_test_transparent_signature_verify_hash(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_transparent_signature_sign_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
uint8_t *signature,
|
||||||
|
size_t signature_size,
|
||||||
|
size_t *signature_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
size_t hash_length;
|
||||||
|
uint8_t hash[PSA_HASH_MAX_SIZE];
|
||||||
|
|
||||||
|
++mbedtls_test_driver_signature_sign_hooks.hits;
|
||||||
|
|
||||||
|
if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
|
||||||
|
return( mbedtls_test_driver_signature_sign_hooks.forced_status );
|
||||||
|
|
||||||
|
if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
|
||||||
|
{
|
||||||
|
if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
|
||||||
|
return( PSA_ERROR_BUFFER_TOO_SMALL );
|
||||||
|
|
||||||
|
memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
|
||||||
|
mbedtls_test_driver_signature_sign_hooks.forced_output_length );
|
||||||
|
*signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
|
||||||
|
|
||||||
|
return( PSA_SUCCESS );
|
||||||
|
}
|
||||||
|
|
||||||
|
status = mbedtls_transparent_test_driver_hash_compute(
|
||||||
|
PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
|
||||||
|
hash, sizeof( hash ), &hash_length );
|
||||||
|
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return status;
|
||||||
|
|
||||||
|
return sign_hash( attributes, key_buffer, key_buffer_size,
|
||||||
|
alg, hash, hash_length,
|
||||||
|
signature, signature_size, signature_length );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_opaque_signature_sign_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key,
|
||||||
|
size_t key_length,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
uint8_t *signature,
|
||||||
|
size_t signature_size,
|
||||||
|
size_t *signature_length )
|
||||||
|
{
|
||||||
|
(void) attributes;
|
||||||
|
(void) key;
|
||||||
|
(void) key_length;
|
||||||
|
(void) alg;
|
||||||
|
(void) input;
|
||||||
|
(void) input_length;
|
||||||
|
(void) signature;
|
||||||
|
(void) signature_size;
|
||||||
|
(void) signature_length;
|
||||||
|
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_transparent_signature_verify_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
const uint8_t *signature,
|
||||||
|
size_t signature_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
size_t hash_length;
|
||||||
|
uint8_t hash[PSA_HASH_MAX_SIZE];
|
||||||
|
|
||||||
|
++mbedtls_test_driver_signature_verify_hooks.hits;
|
||||||
|
|
||||||
|
if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
|
||||||
|
return( mbedtls_test_driver_signature_verify_hooks.forced_status );
|
||||||
|
|
||||||
|
status = mbedtls_transparent_test_driver_hash_compute(
|
||||||
|
PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
|
||||||
|
hash, sizeof( hash ), &hash_length );
|
||||||
|
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return status;
|
||||||
|
|
||||||
|
return verify_hash( attributes, key_buffer, key_buffer_size,
|
||||||
|
alg, hash, hash_length,
|
||||||
|
signature, signature_length );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_opaque_signature_verify_message(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key,
|
||||||
|
size_t key_length,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *input,
|
||||||
|
size_t input_length,
|
||||||
|
const uint8_t *signature,
|
||||||
|
size_t signature_length )
|
||||||
|
{
|
||||||
|
(void) attributes;
|
||||||
|
(void) key;
|
||||||
|
(void) key_length;
|
||||||
|
(void) alg;
|
||||||
|
(void) input;
|
||||||
|
(void) input_length;
|
||||||
|
(void) signature;
|
||||||
|
(void) signature_length;
|
||||||
|
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_transparent_signature_sign_hash(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *hash, size_t hash_length,
|
||||||
|
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||||
|
{
|
||||||
|
++mbedtls_test_driver_signature_sign_hooks.hits;
|
||||||
|
|
||||||
|
if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
|
||||||
|
return( mbedtls_test_driver_signature_sign_hooks.forced_status );
|
||||||
|
|
||||||
|
if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
|
||||||
|
{
|
||||||
|
if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
|
||||||
|
return( PSA_ERROR_BUFFER_TOO_SMALL );
|
||||||
|
memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
|
||||||
|
mbedtls_test_driver_signature_sign_hooks.forced_output_length );
|
||||||
|
*signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
|
||||||
|
return( PSA_SUCCESS );
|
||||||
|
}
|
||||||
|
|
||||||
|
return sign_hash( attributes, key_buffer, key_buffer_size,
|
||||||
|
alg, hash, hash_length,
|
||||||
|
signature, signature_size, signature_length );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_opaque_signature_sign_hash(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key, size_t key_length,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *hash, size_t hash_length,
|
||||||
|
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||||
|
{
|
||||||
|
(void) attributes;
|
||||||
|
(void) key;
|
||||||
|
(void) key_length;
|
||||||
|
(void) alg;
|
||||||
|
(void) hash;
|
||||||
|
(void) hash_length;
|
||||||
|
(void) signature;
|
||||||
|
(void) signature_size;
|
||||||
|
(void) signature_length;
|
||||||
|
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_test_transparent_signature_verify_hash(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *hash, size_t hash_length,
|
||||||
|
const uint8_t *signature, size_t signature_length )
|
||||||
|
{
|
||||||
|
++mbedtls_test_driver_signature_verify_hooks.hits;
|
||||||
|
|
||||||
|
if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
|
||||||
|
return( mbedtls_test_driver_signature_verify_hooks.forced_status );
|
||||||
|
|
||||||
|
return verify_hash( attributes, key_buffer, key_buffer_size,
|
||||||
|
alg, hash, hash_length,
|
||||||
|
signature, signature_length );
|
||||||
|
}
|
||||||
|
|
||||||
psa_status_t mbedtls_test_opaque_signature_verify_hash(
|
psa_status_t mbedtls_test_opaque_signature_verify_hash(
|
||||||
const psa_key_attributes_t *attributes,
|
const psa_key_attributes_t *attributes,
|
||||||
const uint8_t *key, size_t key_length,
|
const uint8_t *key, size_t key_length,
|
||||||
|
Loading…
Reference in New Issue
Block a user