pki_mbedcrypto: Added pki_sign_data() and pki_verify_data_signature()

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-05-02 18:07:47 +02:00 · 2019-05-02 18:07:47 +02:00 · 7bc53f3957
--- a/src/pki_mbedcrypto.c
+++ b/src/pki_mbedcrypto.c
@ -1246,6 +1246,160 @@ ssh_signature pki_do_sign_hash(const ssh_key privkey,
    return sig;
 }

+/**
+ * @internal
+ *
+ * @brief Sign the given input data. The digest of to be signed is calculated
+ * internally as necessary.
+ *
+ * @param[in]   privkey     The private key to be used for signing.
+ * @param[in]   hash_type   The digest algorithm to be used.
+ * @param[in]   input       The data to be signed.
+ * @param[in]   input_len   The length of the data to be signed.
+ *
+ * @return  a newly allocated ssh_signature or NULL on error.
+ */
+ssh_signature pki_sign_data(const ssh_key privkey,
+                            enum ssh_digest_e hash_type,
+                            const unsigned char *input,
+                            size_t input_len)
+{
+    unsigned char hash[SHA512_DIGEST_LEN] = {0};
+    uint32_t hlen = 0;
+
+    if (privkey == NULL || !ssh_key_is_private(privkey) || input == NULL) {
+        SSH_LOG(SSH_LOG_TRACE, "Bad parameter provided to "
+                               "pki_sign_data()");
+        return NULL;
+    }
+
+    switch (hash_type) {
+    case SSH_DIGEST_SHA256:
+        sha256(input, input_len, hash);
+        hlen = SHA256_DIGEST_LEN;
+        break;
+    case SSH_DIGEST_SHA384:
+        sha384(input, input_len, hash);
+        hlen = SHA384_DIGEST_LEN;
+        break;
+    case SSH_DIGEST_SHA512:
+        sha512(input, input_len, hash);
+        hlen = SHA512_DIGEST_LEN;
+        break;
+    case SSH_DIGEST_AUTO:
+    case SSH_DIGEST_SHA1:
+        sha1(input, input_len, hash);
+        hlen = SHA_DIGEST_LEN;
+        break;
+    default:
+        SSH_LOG(SSH_LOG_TRACE, "Unknown hash algorithm for type: %d",
+                hash_type);
+        return NULL;
+    }
+
+    return pki_do_sign_hash(privkey, hash, hlen, hash_type);
+}
+
+/**
+ * @internal
+ *
+ * @brief Verify the signature of a given input. The digest of the input is
+ * calculated internally as necessary.
+ *
+ * @param[in]   signature   The signature to be verified.
+ * @param[in]   pubkey      The public key used to verify the signature.
+ * @param[in]   input       The signed data.
+ * @param[in]   input_len   The length of the signed data.
+ *
+ * @return  SSH_OK if the signature is valid; SSH_ERROR otherwise.
+ */
+int pki_verify_data_signature(ssh_signature signature,
+                              const ssh_key pubkey,
+                              const unsigned char *input,
+                              size_t input_len)
+{
+
+    unsigned char hash[SHA512_DIGEST_LEN] = {0};
+    uint32_t hlen = 0;
+
+    mbedtls_md_type_t md = 0;
+
+    int rc;
+
+    if (pubkey == NULL || ssh_key_is_private(pubkey) || input == NULL ||
+        signature == NULL)
+    {
+        SSH_LOG(SSH_LOG_TRACE, "Bad parameter provided to "
+                               "pki_verify_data_signature()");
+        return SSH_ERROR;
+    }
+
+    switch (signature->hash_type) {
+    case SSH_DIGEST_SHA256:
+        sha256(input, input_len, hash);
+        hlen = SHA256_DIGEST_LEN;
+        md = MBEDTLS_MD_SHA256;
+        break;
+    case SSH_DIGEST_SHA384:
+        sha384(input, input_len, hash);
+        hlen = SHA384_DIGEST_LEN;
+        md = MBEDTLS_MD_SHA384;
+        break;
+    case SSH_DIGEST_SHA512:
+        sha512(input, input_len, hash);
+        hlen = SHA512_DIGEST_LEN;
+        md = MBEDTLS_MD_SHA512;
+        break;
+    case SSH_DIGEST_AUTO:
+    case SSH_DIGEST_SHA1:
+        sha1(input, input_len, hash);
+        hlen = SHA_DIGEST_LEN;
+        md = MBEDTLS_MD_SHA1;
+        break;
+    default:
+        SSH_LOG(SSH_LOG_TRACE, "Unknown sig->hash_type: %d",
+                signature->hash_type);
+        return SSH_ERROR;
+    }
+
+    switch (pubkey->type) {
+        case SSH_KEYTYPE_RSA:
+        case SSH_KEYTYPE_RSA_CERT01:
+            rc = mbedtls_pk_verify(pubkey->rsa, md, hash, hlen,
+                    ssh_string_data(signature->rsa_sig),
+                    ssh_string_len(signature->rsa_sig));
+            if (rc != 0) {
+                char error_buf[100];
+                mbedtls_strerror(rc, error_buf, 100);
+                SSH_LOG(SSH_LOG_TRACE, "RSA error: %s", error_buf);
+                return SSH_ERROR;
+            }
+            break;
+        case SSH_KEYTYPE_ECDSA_P256:
+        case SSH_KEYTYPE_ECDSA_P384:
+        case SSH_KEYTYPE_ECDSA_P521:
+        case SSH_KEYTYPE_ECDSA_P256_CERT01:
+        case SSH_KEYTYPE_ECDSA_P384_CERT01:
+        case SSH_KEYTYPE_ECDSA_P521_CERT01:
+            rc = mbedtls_ecdsa_verify(&pubkey->ecdsa->grp, hash, hlen,
+                    &pubkey->ecdsa->Q, signature->ecdsa_sig.r,
+                    signature->ecdsa_sig.s);
+            if (rc != 0) {
+                char error_buf[100];
+                mbedtls_strerror(rc, error_buf, 100);
+                SSH_LOG(SSH_LOG_TRACE, "ECDSA error: %s", error_buf);
+                return SSH_ERROR;
+
+            }
+            break;
+        default:
+            SSH_LOG(SSH_LOG_TRACE, "Unknown public key type");
+            return SSH_ERROR;
+    }
+
+    return SSH_OK;
+}
+
 const char *pki_key_ecdsa_nid_to_name(int nid)
 {
    switch (nid) {
--- a/tests/unittests/torture_pki_dsa.c
+++ b/tests/unittests/torture_pki_dsa.c
@ -168,7 +168,7 @@ static void torture_pki_dsa_import_privkey_base64(void **state)
    SSH_KEY_FREE(key);
 }

-#ifdef HAVE_LIBCRYPTO
+#if defined(HAVE_LIBCRYPTO) || defined(HAVE_LIBMBEDCRYPTO)
 static int test_sign_verify_data(ssh_key key,
                                 enum ssh_digest_e hash_type,
                                 const unsigned char *input,
@ -228,7 +228,8 @@ static void torture_pki_sign_data_dsa(void **state)
    /* Cleanup */
    SSH_KEY_FREE(key);
 }
-
+#endif
+#ifdef HAVE_LIBCRYPTO
 static void torture_pki_dsa_write_privkey(void **state)
 {
    ssh_key origkey = NULL;
@ -768,6 +769,8 @@ int torture_run_tests(void)
        cmocka_unit_test_setup_teardown(torture_pki_dsa_write_privkey,
                                 setup_dsa_key,
                                 teardown),
+#endif
+#if defined(HAVE_LIBCRYPTO) || defined(HAVE_LIBMBEDCRYPTO)
        cmocka_unit_test(torture_pki_sign_data_dsa),
 #endif
        cmocka_unit_test(torture_pki_dsa_import_privkey_base64_passphrase),
--- a/tests/unittests/torture_pki_ecdsa.c
+++ b/tests/unittests/torture_pki_ecdsa.c
@ -610,8 +610,7 @@ static void torture_pki_ecdsa_cert_verify(void **state)
    ssh_free(session);
 }

-#ifdef HAVE_LIBCRYPTO
-
+#if defined(HAVE_LIBCRYPTO) || defined(HAVE_LIBMBEDCRYPTO)
 static int test_sign_verify_data(ssh_key key,
                                 enum ssh_digest_e hash_type,
                                 const unsigned char *input,
@ -671,7 +670,8 @@ static void torture_pki_sign_data_ecdsa(void **state)
    /* Cleanup */
    SSH_KEY_FREE(key);
 }
-
+#endif
+#ifdef HAVE_LIBCRYPTO
 static void torture_pki_ecdsa_write_privkey(void **state)
 {
    ssh_key origkey = NULL;
@ -899,8 +899,10 @@ int torture_run_tests(void) {
        cmocka_unit_test_setup_teardown(torture_pki_ecdsa_write_privkey,
                                        setup_ecdsa_key_521,
                                        teardown),
-        cmocka_unit_test(torture_pki_sign_data_ecdsa),
 #endif /* HAVE_LIBCRYPTO */
+#if defined(HAVE_LIBCRYPTO) || defined(HAVE_LIBMBEDCRYPTO)
+        cmocka_unit_test(torture_pki_sign_data_ecdsa),
+#endif
        cmocka_unit_test_setup_teardown(torture_pki_ecdsa_name256,
                                        setup_ecdsa_key_256,
                                        teardown),
--- a/tests/unittests/torture_pki_rsa.c
+++ b/tests/unittests/torture_pki_rsa.c
@ -563,7 +563,7 @@ static void torture_pki_rsa_sha2(void **state)
    ssh_free(session);
 }

-#ifdef HAVE_LIBCRYPTO
+#if defined(HAVE_LIBCRYPTO) || defined(HAVE_LIBMBEDCRYPTO)
 static int test_sign_verify_data(ssh_key key,
                                 enum ssh_digest_e hash_type,
                                 const unsigned char *input,
@ -623,7 +623,8 @@ static void torture_pki_sign_data_rsa(void **state)
    /* Cleanup */
    SSH_KEY_FREE(key);
 }
-
+#endif
+#ifdef HAVE_LIBCRYPTO
 static void torture_pki_rsa_write_privkey(void **state)
 {
    ssh_key origkey = NULL;
@ -837,12 +838,14 @@ int torture_run_tests(void) {
                                        setup_rsa_key,
                                        teardown),
        cmocka_unit_test(torture_pki_rsa_generate_key),
-#ifdef HAVE_LIBCRYPTO
+#if defined(HAVE_LIBCRYPTO)
        cmocka_unit_test_setup_teardown(torture_pki_rsa_write_privkey,
                                        setup_rsa_key,
                                        teardown),
-        cmocka_unit_test(torture_pki_sign_data_rsa),
 #endif /* HAVE_LIBCRYPTO */
+#if defined(HAVE_LIBCRYPTO) || defined(HAVE_LIBMBEDCRYPTO)
+        cmocka_unit_test(torture_pki_sign_data_rsa),
+#endif
        cmocka_unit_test_setup_teardown(torture_pki_rsa_sha2,
                                        setup_rsa_key,
                                        teardown),