hw_api_test: add hash signature verification

Change-Id: I56fcd9f41cdaad50728f0fb9226b06e4235f0fb3
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>

diff --git a/tests/hw_api_test.cpp b/tests/hw_api_test.cpp
index 19e929f..a2f564b 100644 (file)
--- a/tests/hw_api_test.cpp
+++ b/tests/hw_api_test.cpp
@@ -67,14 +67,14 @@ int main()
     unsigned char * certChain = nullptr;
     size_t certChainLen = 0;
 
+       mbedtls_x509_crt chain;
+       mbedtls_x509_crt_init(&chain);
+
     if(DCM_HWGetOwnCertificateChain(keyContext, &certChain, &certChainLen)) {
        std::cerr << "Can't request certificate chain" << std::endl;
     } else {
        std::cout << "Certificate received" << std::endl;
 
-       mbedtls_x509_crt chain;
-       mbedtls_x509_crt_init(&chain);
-
        int error = mbedtls_x509_crt_parse(&chain, certChain, certChainLen);
 
        if(error != 0) {
@@ -109,12 +109,12 @@ int main()
                std::cerr << "Can't sign data with key" << std::endl;
            mbedtls_pk_free(&pkey);
            DCM_HWFreeKeyContext(keyContext);
+       mbedtls_x509_crt_free(&chain);
            mbedtls_ctr_drbg_free( &ctr_drbg );
            mbedtls_entropy_free( &entropy );
            return -1;
        }
 
-
        std::cout << "Signature = ";
 
        for(size_t i = 0 ; i < result_sig_len ; ++i) {
@@ -123,6 +123,24 @@ int main()
 
        std::cout << std::endl;
 
+       // Verify signature
+
+       std::cout << "Verifying signature ..." << std::endl;
+
+       if(mbedtls_pk_verify(&chain.pk,
+                       MBEDTLS_MD_SHA256,
+                       to_sign,
+                       sizeof(to_sign),
+                       result_sig,
+                       result_sig_len) != 0)
+       {
+               std::cout << "Signature verification failure" << std::endl;
+       } else {
+               std::cout << "Signature verification succeeded" << std::endl;
+       }
+
+       mbedtls_x509_crt_free(&chain);
+
     std::cout << "Freeing PK context" << std::endl;
        mbedtls_pk_free(&pkey);