#include #include #include #include "log.h" #include "ecdsa.h" #include "iot_config.h" static bool _test_sign_verify_pass(KEYSTORAGE_SLOT slot, HASH_TYPE hash_type, KEYPAIR_TYPE keypair_type, SIGN_TYPE sign_type) { const char * data = "Test data"; uint8_t signature[512]; size_t signature_sz; uint8_t hash[64]; size_t hash_sz; uint8_t public_key[1024]; size_t public_key_sz; if (IOTELIC_OK != hash_create(hash_type, (uint8_t *)data, strlen(data), hash, sizeof(hash), &hash_sz)) { LOG("Can't create hash (%s)", hash_name(hash_type)); return false; } if (IOTELIC_OK != keypair_create(slot, keypair_type)) { LOG("Can't create keypair (%s)", keypair_name(keypair_type)); return false; } if (IOTELIC_OK != ecdsa_sign(slot, hash_type, hash, sizeof(hash), signature, sizeof(signature), &signature_sz, sign_type)) { LOG("Can't sign data (%s)", keypair_name(keypair_type)); return false; } if (IOTELIC_OK != keypair_get_pubkey(slot, public_key, sizeof(public_key), &public_key_sz, &keypair_type)) { LOG("Can't load public key from slot (%s)", keypair_name(keypair_type)); return false; } if (ECDSA_VERIFY_OK != ecdsa_verify(keypair_type, public_key, public_key_sz, hash_type, hash, sizeof(hash), signature, signature_sz, sign_type)) { LOG("Signature verification error (%s)", keypair_name(keypair_type)); return false; } LOG(" Sign/Verify (%s) ok", keypair_name(keypair_type)); return true; } bool test_ecdsa(void) { if (!_test_sign_verify_pass(KEY_SLOT_1, HASH_SHA_256, KEYPAIR_EC_SECP256R1, SIGN_COMMON)) { LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_SECP256R1)); return false; } if (!_test_sign_verify_pass(KEY_SLOT_2, HASH_SHA_384, KEYPAIR_EC_SECP192K1, SIGN_COMMON)) { LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_SECP192K1)); return false; } if (!_test_sign_verify_pass(KEY_SLOT_3, HASH_SHA_256, KEYPAIR_EC_SECP384R1, SIGN_COMMON)) { LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_SECP384R1)); return false; } if (!_test_sign_verify_pass(KEY_SLOT_0, HASH_SHA_256, KEYPAIR_EC_SECP521R1, SIGN_COMMON)) { LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_ED25519)); return false; } if (!_test_sign_verify_pass(KEY_SLOT_1, HASH_SHA_512, KEYPAIR_EC_ED25519, SIGN_COMMON)) { LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_SECP192K1)); return false; } #if (TARGET_VERSION == TARGET_KUNLUN3) if (!_test_sign_verify_pass(KEY_SLOT_2, HASH_SHA_384, KEYPAIR_RSA_2048, SIGN_PSS)) { LOG("Sign/Verify PSS (%s) fail", keypair_name(KEYPAIR_RSA_2048)); return false; } if (!_test_sign_verify_pass(KEY_SLOT_3, HASH_SHA_512, KEYPAIR_RSA_3072, SIGN_COMMON)) { LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_RSA_3072)); return false; } if (!_test_sign_verify_pass(KEY_SLOT_0, HASH_SHA_256, KEYPAIR_RSA_4096, SIGN_COMMON)) { LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_RSA_4096)); return false; } #endif return true; }