Basic tests
Sign Hash, Verify Hash and Sign and Verify Hash. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
parent
296ede99c9
commit
712d512007
2 changed files with 303 additions and 0 deletions
|
@ -4145,6 +4145,18 @@ PSA sign hash: deterministic ECDSA SECP384R1 SHA-256
|
|||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
|
||||
sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f"
|
||||
|
||||
PSA sign hash: interruptible ECDSA SECP256R1 SHA - 256
|
||||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
|
||||
|
||||
PSA sign hash: interruptible ECDSA SECP256R1 SHA - 384
|
||||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
|
||||
sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca"
|
||||
|
||||
PSA sign hash: interruptible ECDSA SECP384R1 SHA - 256
|
||||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
|
||||
sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f"
|
||||
|
||||
PSA sign hash: RSA PKCS#1 v1.5 SHA-256, wrong hash size
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
|
||||
sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
@ -4249,6 +4261,31 @@ PSA sign/verify hash: deterministic ECDSA SECP384R1 SHA-256
|
|||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
|
||||
sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
|
||||
|
||||
PSA sign / verify hash interruptible: randomized ECDSA SECP256R1 SHA - 256
|
||||
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
|
||||
|
||||
PSA sign / verify hash interruptible: deterministic ECDSA SECP256R1 SHA - 256
|
||||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
|
||||
|
||||
PSA sign / verify hash interruptible: randomized ECDSA SECP256R1 SHA - 384
|
||||
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
|
||||
sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
|
||||
|
||||
PSA sign / verify hash interruptible: deterministic ECDSA SECP256R1 SHA - 384
|
||||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
|
||||
sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
|
||||
|
||||
PSA sign / verify hash interruptible: randomized ECDSA SECP384R1 SHA - 256
|
||||
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
|
||||
sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
|
||||
|
||||
PSA sign / verify hash interruptible: deterministic ECDSA SECP384R1 SHA - 256
|
||||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
|
||||
sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
|
||||
|
||||
|
||||
PSA verify hash: RSA PKCS#1 v1.5 SHA-256, good signature
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
|
||||
|
@ -4369,6 +4406,14 @@ PSA verify hash with keypair: ECDSA SECP256R1, good
|
|||
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
|
||||
|
||||
PSA verify hash interruptible: ECDSA SECP256R1, good
|
||||
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
verify_hash_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
|
||||
|
||||
PSA verify hash interruptible with keypair: ECDSA SECP256R1, good
|
||||
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
|
||||
|
||||
PSA verify hash: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
|
||||
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
|
||||
|
|
|
@ -6444,6 +6444,89 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
|
||||
void sign_hash_interruptible(int key_type_arg, data_t *key_data,
|
||||
int alg_arg, data_t *input_data,
|
||||
data_t *output_data)
|
||||
{
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_type_t key_type = key_type_arg;
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
size_t key_bits;
|
||||
unsigned char *signature = NULL;
|
||||
size_t signature_size;
|
||||
size_t signature_length = 0xdeadbeef;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_status_t status = PSA_OPERATION_INCOMPLETE;
|
||||
size_t num_ops = 0;
|
||||
size_t num_ops_prior = 0;
|
||||
psa_sign_hash_interruptible_operation_t operation =
|
||||
psa_sign_hash_interruptible_operation_init();
|
||||
|
||||
PSA_ASSERT(psa_crypto_init());
|
||||
|
||||
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
|
||||
psa_set_key_algorithm(&attributes, alg);
|
||||
psa_set_key_type(&attributes, key_type);
|
||||
|
||||
PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
|
||||
&key));
|
||||
PSA_ASSERT(psa_get_key_attributes(key, &attributes));
|
||||
key_bits = psa_get_key_bits(&attributes);
|
||||
|
||||
/* Allocate a buffer which has the size advertised by the
|
||||
* library. */
|
||||
signature_size = PSA_SIGN_OUTPUT_SIZE(key_type,
|
||||
key_bits, alg);
|
||||
TEST_ASSERT(signature_size != 0);
|
||||
TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE);
|
||||
ASSERT_ALLOC(signature, signature_size);
|
||||
|
||||
num_ops_prior = psa_sign_hash_get_num_ops(&operation);
|
||||
TEST_ASSERT(num_ops_prior == 0);
|
||||
|
||||
/* Start performing the signature. */
|
||||
PSA_ASSERT(psa_sign_hash_start(&operation, key, alg,
|
||||
input_data->x, input_data->len));
|
||||
|
||||
num_ops_prior = psa_sign_hash_get_num_ops(&operation);
|
||||
TEST_ASSERT(num_ops_prior == 0);
|
||||
|
||||
/* Continue performing the signature until complete. */
|
||||
while (status == PSA_OPERATION_INCOMPLETE) {
|
||||
status = psa_sign_hash_complete(&operation, signature, signature_size,
|
||||
&signature_length);
|
||||
|
||||
if (status == PSA_SUCCESS || status == PSA_OPERATION_INCOMPLETE) {
|
||||
num_ops = psa_sign_hash_get_num_ops(&operation);
|
||||
|
||||
TEST_ASSERT(num_ops > num_ops_prior);
|
||||
num_ops_prior = num_ops;
|
||||
}
|
||||
}
|
||||
|
||||
TEST_ASSERT(status == PSA_SUCCESS);
|
||||
|
||||
/* Verify that the signature is what is expected. */
|
||||
ASSERT_COMPARE(output_data->x, output_data->len,
|
||||
signature, signature_length);
|
||||
|
||||
PSA_ASSERT(psa_sign_hash_abort(&operation));
|
||||
|
||||
exit:
|
||||
|
||||
/*
|
||||
* Key attributes may have been returned by psa_get_key_attributes()
|
||||
* thus reset them as required.
|
||||
*/
|
||||
psa_reset_key_attributes(&attributes);
|
||||
|
||||
psa_destroy_key(key);
|
||||
mbedtls_free(signature);
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void sign_hash_fail(int key_type_arg, data_t *key_data,
|
||||
int alg_arg, data_t *input_data,
|
||||
|
@ -6559,6 +6642,116 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
|
||||
void sign_verify_hash_interruptible(int key_type_arg, data_t *key_data,
|
||||
int alg_arg, data_t *input_data)
|
||||
{
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_type_t key_type = key_type_arg;
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
size_t key_bits;
|
||||
unsigned char *signature = NULL;
|
||||
size_t signature_size;
|
||||
size_t signature_length = 0xdeadbeef;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_status_t status = PSA_OPERATION_INCOMPLETE;
|
||||
psa_sign_hash_interruptible_operation_t sign_operation =
|
||||
psa_sign_hash_interruptible_operation_init();
|
||||
psa_verify_hash_interruptible_operation_t verify_operation =
|
||||
psa_verify_hash_interruptible_operation_init();
|
||||
|
||||
PSA_ASSERT(psa_crypto_init());
|
||||
|
||||
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH);
|
||||
psa_set_key_algorithm(&attributes, alg);
|
||||
psa_set_key_type(&attributes, key_type);
|
||||
|
||||
PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
|
||||
&key));
|
||||
PSA_ASSERT(psa_get_key_attributes(key, &attributes));
|
||||
key_bits = psa_get_key_bits(&attributes);
|
||||
|
||||
/* Allocate a buffer which has the size advertised by the
|
||||
* library. */
|
||||
signature_size = PSA_SIGN_OUTPUT_SIZE(key_type,
|
||||
key_bits, alg);
|
||||
TEST_ASSERT(signature_size != 0);
|
||||
TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE);
|
||||
ASSERT_ALLOC(signature, signature_size);
|
||||
|
||||
/* Start performing the signature. */
|
||||
PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg,
|
||||
input_data->x, input_data->len));
|
||||
|
||||
/* Continue performing the signature until complete. */
|
||||
while (status == PSA_OPERATION_INCOMPLETE) {
|
||||
|
||||
status = psa_sign_hash_complete(&sign_operation, signature, signature_size,
|
||||
&signature_length);
|
||||
}
|
||||
|
||||
TEST_ASSERT(status == PSA_SUCCESS);
|
||||
|
||||
PSA_ASSERT(psa_sign_hash_abort(&sign_operation));
|
||||
|
||||
/* Check that the signature length looks sensible. */
|
||||
TEST_LE_U(signature_length, signature_size);
|
||||
TEST_ASSERT(signature_length > 0);
|
||||
|
||||
status = PSA_OPERATION_INCOMPLETE;
|
||||
|
||||
/* Start verification. */
|
||||
PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg,
|
||||
input_data->x, input_data->len,
|
||||
signature, signature_length));
|
||||
|
||||
/* Continue performing the signature until complete. */
|
||||
while (status == PSA_OPERATION_INCOMPLETE) {
|
||||
status = psa_verify_hash_complete(&verify_operation);
|
||||
}
|
||||
|
||||
TEST_ASSERT(status == PSA_SUCCESS);
|
||||
|
||||
PSA_ASSERT(psa_verify_hash_abort(&verify_operation));
|
||||
|
||||
verify_operation = psa_verify_hash_interruptible_operation_init();
|
||||
|
||||
if (input_data->len != 0) {
|
||||
/* Flip a bit in the input and verify that the signature is now
|
||||
* detected as invalid. Flip a bit at the beginning, not at the end,
|
||||
* because ECDSA may ignore the last few bits of the input. */
|
||||
input_data->x[0] ^= 1;
|
||||
|
||||
status = PSA_OPERATION_INCOMPLETE;
|
||||
|
||||
/* Start verification. */
|
||||
PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg,
|
||||
input_data->x, input_data->len,
|
||||
signature, signature_length));
|
||||
|
||||
/* Continue performing the signature until complete. */
|
||||
while (status == PSA_OPERATION_INCOMPLETE) {
|
||||
status = psa_verify_hash_complete(&verify_operation);
|
||||
}
|
||||
|
||||
TEST_ASSERT(status == PSA_ERROR_INVALID_SIGNATURE);
|
||||
}
|
||||
|
||||
PSA_ASSERT(psa_verify_hash_abort(&verify_operation));
|
||||
|
||||
exit:
|
||||
/*
|
||||
* Key attributes may have been returned by psa_get_key_attributes()
|
||||
* thus reset them as required.
|
||||
*/
|
||||
psa_reset_key_attributes(&attributes);
|
||||
|
||||
psa_destroy_key(key);
|
||||
mbedtls_free(signature);
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void verify_hash(int key_type_arg, data_t *key_data,
|
||||
int alg_arg, data_t *hash_data,
|
||||
|
@ -6591,6 +6784,71 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
|
||||
void verify_hash_interruptible(int key_type_arg, data_t *key_data,
|
||||
int alg_arg, data_t *hash_data,
|
||||
data_t *signature_data)
|
||||
{
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_type_t key_type = key_type_arg;
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_status_t status = PSA_OPERATION_INCOMPLETE;
|
||||
size_t num_ops = 0;
|
||||
size_t num_ops_prior = 0;
|
||||
psa_verify_hash_interruptible_operation_t operation =
|
||||
psa_verify_hash_interruptible_operation_init();
|
||||
|
||||
TEST_LE_U(signature_data->len, PSA_SIGNATURE_MAX_SIZE);
|
||||
|
||||
PSA_ASSERT(psa_crypto_init());
|
||||
|
||||
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
|
||||
psa_set_key_algorithm(&attributes, alg);
|
||||
psa_set_key_type(&attributes, key_type);
|
||||
|
||||
PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
|
||||
&key));
|
||||
|
||||
num_ops_prior = psa_verify_hash_get_num_ops(&operation);
|
||||
|
||||
TEST_ASSERT(num_ops_prior == 0);
|
||||
|
||||
/* Start verification. */
|
||||
PSA_ASSERT(psa_verify_hash_start(&operation, key, alg,
|
||||
hash_data->x, hash_data->len,
|
||||
signature_data->x, signature_data->len)
|
||||
);
|
||||
|
||||
num_ops_prior = psa_verify_hash_get_num_ops(&operation);
|
||||
|
||||
TEST_ASSERT(num_ops_prior == 0);
|
||||
|
||||
/* Continue performing the signature until complete. */
|
||||
while (status == PSA_OPERATION_INCOMPLETE) {
|
||||
status = psa_verify_hash_complete(&operation);
|
||||
|
||||
if (status == PSA_SUCCESS || status == PSA_OPERATION_INCOMPLETE) {
|
||||
num_ops = psa_verify_hash_get_num_ops(&operation);
|
||||
|
||||
TEST_ASSERT(num_ops > num_ops_prior);
|
||||
num_ops_prior = num_ops;
|
||||
}
|
||||
}
|
||||
|
||||
TEST_ASSERT(status == PSA_SUCCESS);
|
||||
|
||||
PSA_ASSERT(psa_verify_hash_abort(&operation));
|
||||
|
||||
exit:
|
||||
psa_reset_key_attributes(&attributes);
|
||||
psa_destroy_key(key);
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void verify_hash_fail(int key_type_arg, data_t *key_data,
|
||||
int alg_arg, data_t *hash_data,
|
||||
|
|
Loading…
Reference in a new issue