From 2bd4ddc8e0c0a908aea046ff8f79547805e840cd Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 24 Jan 2024 14:15:02 +0100
Subject: [PATCH] Implement pick-a-curve when ECP_LIGHT is disabled

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 tests/suites/test_suite_pk.function | 39 ++++++++++++++++++++++++++++-
 1 file changed, 38 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index e522ea747b..2a8a5f78c1 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -160,6 +160,43 @@ size_t mbedtls_rsa_key_len_func(void *ctx)
 }
 #endif /* MBEDTLS_RSA_C */
 
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+static mbedtls_ecp_group_id ecc_pick_grp_id(void)
+{
+#if defined(MBEDTLS_ECP_LIGHT)
+    return mbedtls_ecp_grp_id_list()[0];
+#elif defined(PSA_WANT_ECC_SECP_R1_192)
+    return MBEDTLS_ECP_DP_SECP192R1;
+#elif defined(PSA_WANT_ECC_SECP_R1_224)
+    return MBEDTLS_ECP_DP_SECP224R1;
+#elif defined(PSA_WANT_ECC_SECP_R1_256)
+    return MBEDTLS_ECP_DP_SECP256R1;
+#elif defined(PSA_WANT_ECC_SECP_R1_384)
+    return MBEDTLS_ECP_DP_SECP384R1;
+#elif defined(PSA_WANT_ECC_SECP_R1_521)
+    return MBEDTLS_ECP_DP_SECP521R1;
+#elif defined(PSA_WANT_ECC_SECP_K1_192)
+    return MBEDTLS_ECP_DP_SECP192K1;
+#elif defined(PSA_WANT_ECC_SECP_K1_224)
+    return MBEDTLS_ECP_DP_SECP224K1;
+#elif defined(PSA_WANT_ECC_SECP_K1_256)
+    return MBEDTLS_ECP_DP_SECP256K1;
+#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
+    return MBEDTLS_ECP_DP_BP256R1;
+#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
+    return MBEDTLS_ECP_DP_BP384R1;
+#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
+    return MBEDTLS_ECP_DP_BP512R1;
+#elif defined(PSA_WANT_ECC_MONTGOMERY_255)
+    return MBEDTLS_ECP_DP_CURVE25519;
+#elif defined(PSA_WANT_ECC_MONTGOMERY_448)
+    return MBEDTLS_ECP_DP_CURVE448;
+#else
+    return 0;
+#endif
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PK_HAVE_ECC_KEYS) */
+
 #if defined(MBEDTLS_PSA_CRYPTO_C)
 static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair,
                              mbedtls_pk_context *pk, psa_key_type_t *psa_type)
@@ -201,7 +238,7 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair,
         case MBEDTLS_PK_ECKEY_DH:
         case MBEDTLS_PK_ECDSA:
         {
-            mbedtls_ecp_group_id grp_id = mbedtls_ecp_grp_id_list()[0];
+            mbedtls_ecp_group_id grp_id = ecc_pick_grp_id();
             size_t bits;
             *psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(mbedtls_ecc_group_to_psa(grp_id, &bits));
             TEST_EQUAL(pk_genkey(pk, grp_id), 0);