From 1751341b682a89bdc5761d7a15d6232c3dbcbd11 Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Wed, 26 Apr 2023 14:48:43 +0200
Subject: [PATCH] test: add test function for public key derivation starting
 from private one

Data test cases are also included in the commit.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tests/suites/test_suite_pkwrite.data     | 20 +++++++
 tests/suites/test_suite_pkwrite.function | 75 ++++++++++++++++++++++++
 2 files changed, 95 insertions(+)

diff --git a/tests/suites/test_suite_pkwrite.data b/tests/suites/test_suite_pkwrite.data
index a339cdbb0c..778352f64b 100644
--- a/tests/suites/test_suite_pkwrite.data
+++ b/tests/suites/test_suite_pkwrite.data
@@ -93,3 +93,23 @@ pk_write_key_check:"data_files/ec_bp512_prv.pem":TEST_PEM
 Private key write check EC Brainpool 512 bits (DER)
 depends_on:MBEDTLS_ECP_LIGHT:MBEDTLS_ECP_DP_BP512R1_ENABLED
 pk_write_key_check:"data_files/ec_bp512_prv.der":TEST_DER
+
+Derive public key RSA
+depends_on:MBEDTLS_RSA_C
+pk_write_check_public_key_derivation:"data_files/server1.key":"data_files/server1.pubkey.der"
+
+Derive public key RSA 4096
+depends_on:MBEDTLS_RSA_C
+pk_write_check_public_key_derivation:"data_files/rsa4096_prv.der":"data_files/rsa4096_pub.der"
+
+Derive public key EC 192 bits
+depends_on:MBEDTLS_ECP_LIGHT:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_write_check_public_key_derivation:"data_files/ec_prv.sec1.der":"data_files/ec_pub.der"
+
+Derive public key EC 521 bits
+depends_on:MBEDTLS_ECP_LIGHT:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_write_check_public_key_derivation:"data_files/ec_521_prv.der":"data_files/ec_521_pub.der"
+
+Derive public key EC Brainpool 512 bits
+depends_on:MBEDTLS_ECP_LIGHT:MBEDTLS_ECP_DP_BP512R1_ENABLED
+pk_write_check_public_key_derivation:"data_files/ec_bp512_prv.der":"data_files/ec_bp512_pub.der"
diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function
index 804e9a77eb..c5668a0b39 100644
--- a/tests/suites/test_suite_pkwrite.function
+++ b/tests/suites/test_suite_pkwrite.function
@@ -2,6 +2,7 @@
 #include "mbedtls/pk.h"
 #include "mbedtls/pem.h"
 #include "mbedtls/oid.h"
+#include "psa/crypto_sizes.h"
 
 typedef enum {
     TEST_PEM,
@@ -124,3 +125,77 @@ void pk_write_key_check(char *key_file, int is_der)
     goto exit; /* make the compiler happy */
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void pk_write_check_public_key_derivation(char *priv_key_file,
+                                          char *pub_key_file)
+{
+    mbedtls_pk_context priv_key, pub_key;
+    uint8_t derived_key_raw[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+    uint8_t *derived_key_start;
+    size_t derived_key_len = 0;
+    uint8_t pub_key_raw[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+    uint8_t *pub_key_start;
+    size_t pub_key_len = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_svc_key_id_t opaque_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_pk_init(&priv_key);
+    mbedtls_pk_init(&pub_key);
+    USE_PSA_INIT();
+
+    memset(derived_key_raw, 0, sizeof(derived_key_raw));
+    memset(pub_key_raw, 0, sizeof(pub_key_raw));
+
+    TEST_EQUAL(mbedtls_pk_parse_keyfile(&priv_key, priv_key_file, NULL,
+                                        mbedtls_test_rnd_std_rand, NULL), 0);
+    TEST_EQUAL(mbedtls_pk_parse_public_keyfile(&pub_key, pub_key_file), 0);
+
+    /* mbedtls_pk_write_pubkey() writes data backward in the provided buffer,
+     * i.e. derived_key_raw, so we place derived_key_start at the end of it
+     * and it will be updated accordingly on return.
+     * The same holds for pub_key_raw and pub_key_start below.*/
+    derived_key_start = derived_key_raw + sizeof(derived_key_raw);
+    TEST_LE_U(1, mbedtls_pk_write_pubkey(&derived_key_start,
+                                         derived_key_raw, &priv_key));
+    derived_key_len = sizeof(derived_key_raw) -
+                      (derived_key_start - derived_key_raw);
+
+
+    pub_key_start = pub_key_raw + sizeof(pub_key_raw);
+    TEST_LE_U(1, mbedtls_pk_write_pubkey(&pub_key_start,
+                                         pub_key_raw, &pub_key));
+    pub_key_len = sizeof(pub_key_raw) -
+                  (pub_key_start - pub_key_raw);
+
+    ASSERT_COMPARE(derived_key_start, derived_key_len,
+                   pub_key_start, pub_key_len);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_platform_zeroize(derived_key_raw, sizeof(derived_key_raw));
+    derived_key_len = 0;
+
+    TEST_EQUAL(mbedtls_pk_wrap_as_opaque(&priv_key, &opaque_key_id,
+                                         PSA_ALG_NONE, PSA_KEY_USAGE_EXPORT,
+                                         PSA_ALG_NONE), 0);
+
+    derived_key_start = derived_key_raw + sizeof(derived_key_raw);
+    TEST_LE_U(1, mbedtls_pk_write_pubkey(&derived_key_start,
+                                         derived_key_raw, &priv_key));
+    derived_key_len = sizeof(derived_key_raw) -
+                      (derived_key_start - derived_key_raw);
+
+    ASSERT_COMPARE(derived_key_start, derived_key_len,
+                   pub_key_start, pub_key_len);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+exit:
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_destroy_key(opaque_key_id);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_pk_free(&pub_key);
+    mbedtls_pk_free(&priv_key);
+    USE_PSA_DONE();
+}
+/* END_CASE */