126 lines
4.1 KiB
C
126 lines
4.1 KiB
C
#include <stdio.h>
|
|
#include <stdbool.h>
|
|
#include <string.h>
|
|
#include "log.h"
|
|
#include "ecdsa.h"
|
|
#include "iot_config.h"
|
|
|
|
static bool
|
|
_test_sign_verify_pass(KEYSTORAGE_SLOT slot,
|
|
HASH_TYPE hash_type,
|
|
KEYPAIR_TYPE keypair_type,
|
|
SIGN_TYPE sign_type)
|
|
{
|
|
const char * data = "Test data";
|
|
uint8_t signature[512];
|
|
size_t signature_sz;
|
|
uint8_t hash[64];
|
|
size_t hash_sz;
|
|
|
|
uint8_t public_key[1024];
|
|
size_t public_key_sz;
|
|
|
|
if (IOTELIC_OK != hash_create(hash_type, (uint8_t *)data, strlen(data), hash, sizeof(hash), &hash_sz)) {
|
|
LOG("Can't create hash (%s)", hash_name(hash_type));
|
|
return false;
|
|
}
|
|
|
|
if (IOTELIC_OK != keypair_create(slot, keypair_type)) {
|
|
LOG("Can't create keypair (%s)", keypair_name(keypair_type));
|
|
return false;
|
|
}
|
|
|
|
if (IOTELIC_OK != ecdsa_sign(slot,
|
|
hash_type, hash, sizeof(hash),
|
|
signature, sizeof(signature), &signature_sz, sign_type)) {
|
|
LOG("Can't sign data (%s)", keypair_name(keypair_type));
|
|
return false;
|
|
}
|
|
|
|
if (IOTELIC_OK != keypair_get_pubkey(slot, public_key, sizeof(public_key), &public_key_sz, &keypair_type)) {
|
|
LOG("Can't load public key from slot (%s)", keypair_name(keypair_type));
|
|
return false;
|
|
}
|
|
|
|
if (ECDSA_VERIFY_OK != ecdsa_verify(keypair_type, public_key, public_key_sz,
|
|
hash_type, hash, sizeof(hash),
|
|
signature, signature_sz, sign_type)) {
|
|
LOG("Signature verification error (%s)", keypair_name(keypair_type));
|
|
return false;
|
|
}
|
|
|
|
LOG(" Sign/Verify (%s) ok", keypair_name(keypair_type));
|
|
|
|
return true;
|
|
}
|
|
|
|
bool
|
|
test_ecdsa(void)
|
|
{
|
|
if (!_test_sign_verify_pass(KEY_SLOT_1,
|
|
HASH_SHA_256,
|
|
KEYPAIR_EC_SECP256R1,
|
|
SIGN_COMMON)) {
|
|
LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_SECP256R1));
|
|
return false;
|
|
}
|
|
if (!_test_sign_verify_pass(KEY_SLOT_2,
|
|
HASH_SHA_384,
|
|
KEYPAIR_EC_SECP192K1,
|
|
SIGN_COMMON)) {
|
|
LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_SECP192K1));
|
|
return false;
|
|
}
|
|
if (!_test_sign_verify_pass(KEY_SLOT_3,
|
|
HASH_SHA_256,
|
|
KEYPAIR_EC_SECP384R1,
|
|
SIGN_COMMON)) {
|
|
LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_SECP384R1));
|
|
return false;
|
|
}
|
|
if (!_test_sign_verify_pass(KEY_SLOT_0,
|
|
HASH_SHA_256,
|
|
KEYPAIR_EC_SECP521R1,
|
|
SIGN_COMMON)) {
|
|
LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_ED25519));
|
|
return false;
|
|
}
|
|
|
|
if (!_test_sign_verify_pass(KEY_SLOT_1,
|
|
HASH_SHA_512,
|
|
KEYPAIR_EC_ED25519,
|
|
SIGN_COMMON)) {
|
|
LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_EC_SECP192K1));
|
|
return false;
|
|
}
|
|
#if (TARGET_VERSION == TARGET_KUNLUN3)
|
|
if (!_test_sign_verify_pass(KEY_SLOT_2,
|
|
HASH_SHA_384,
|
|
KEYPAIR_RSA_2048,
|
|
SIGN_PSS)) {
|
|
LOG("Sign/Verify PSS (%s) fail", keypair_name(KEYPAIR_RSA_2048));
|
|
return false;
|
|
}
|
|
|
|
if (!_test_sign_verify_pass(KEY_SLOT_3,
|
|
HASH_SHA_512,
|
|
KEYPAIR_RSA_3072,
|
|
SIGN_COMMON)) {
|
|
LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_RSA_3072));
|
|
return false;
|
|
}
|
|
|
|
if (!_test_sign_verify_pass(KEY_SLOT_0,
|
|
HASH_SHA_256,
|
|
KEYPAIR_RSA_4096,
|
|
SIGN_COMMON)) {
|
|
LOG("Sign/Verify (%s) fail", keypair_name(KEYPAIR_RSA_4096));
|
|
return false;
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
return true;
|
|
}
|