generate_test_keys: split group_id and key bitsize in the generated structure

- group_id is only used for EC keys;
- key bitsize only for RSA.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2024-04-17 16:12:12 +02:00
parent 40eaf120af
commit 36188219fc
3 changed files with 42 additions and 31 deletions

View File

@ -80,10 +80,12 @@ def get_ec_curve_name(priv_key: str, bits: int) -> str:
return ""
return prefix + str(bits) + suffix
def get_look_up_table_entry(key_type: str, curve_or_keybits: str,
def get_look_up_table_entry(key_type: str, group_id_or_keybits: str,
priv_array_name: str, pub_array_name: str) -> Iterator[str]:
yield " {{ {}, ".format("1" if key_type == "ec" else "0")
yield "{},\n".format(curve_or_keybits)
if key_type == "ec":
yield " {{ {}, 0,\n".format(group_id_or_keybits)
else:
yield " {{ 0, {},\n".format(group_id_or_keybits)
yield " {0}, sizeof({0}),\n".format(priv_array_name)
yield " {0}, sizeof({0}) }},".format(pub_array_name)
@ -135,16 +137,16 @@ def main() -> None:
output_file.write(''.join(["\n", c_array_priv, "\n", c_array_pub, "\n"]))
# Update the lookup table
if key_type == "ec":
curve_or_keybits = "MBEDTLS_ECP_DP_" + curve.upper()
group_id_or_keybits = "MBEDTLS_ECP_DP_" + curve.upper()
else:
curve_or_keybits = str(bits)
look_up_table.append(''.join(get_look_up_table_entry(key_type, curve_or_keybits,
group_id_or_keybits = str(bits)
look_up_table.append(''.join(get_look_up_table_entry(key_type, group_id_or_keybits,
array_name_priv, array_name_pub)))
# Write the lookup table: the struct containing pointers to all the arrays we created above.
output_file.write("""
struct predefined_key_element {
int is_ec; // 1 for EC keys; 0 for RSA
int curve_or_keybits;
int group_id; // EC group ID; 0 for RSA keys
int keybits; // bits size of RSA key; 0 for EC keys
const unsigned char *priv_key;
size_t priv_key_len;
const unsigned char *pub_key;

View File

@ -730,8 +730,8 @@ const unsigned char test_rsa_4096_pub[] = {
};
struct predefined_key_element {
int is_ec; // 1 for EC keys; 0 for RSA
int curve_or_keybits;
int group_id; // EC group ID; 0 for RSA keys
int keybits; // bits size of RSA key; 0 for EC keys
const unsigned char *priv_key;
size_t priv_key_len;
const unsigned char *pub_key;
@ -739,40 +739,40 @@ struct predefined_key_element {
};
struct predefined_key_element predefined_keys[] = {
{ 1, MBEDTLS_ECP_DP_SECP192K1,
{ MBEDTLS_ECP_DP_SECP192K1, 0,
test_ec_secp192k1_priv, sizeof(test_ec_secp192k1_priv),
test_ec_secp192k1_pub, sizeof(test_ec_secp192k1_pub) },
{ 1, MBEDTLS_ECP_DP_SECP256K1,
{ MBEDTLS_ECP_DP_SECP256K1, 0,
test_ec_secp256k1_priv, sizeof(test_ec_secp256k1_priv),
test_ec_secp256k1_pub, sizeof(test_ec_secp256k1_pub) },
{ 1, MBEDTLS_ECP_DP_SECP192R1,
{ MBEDTLS_ECP_DP_SECP192R1, 0,
test_ec_secp192r1_priv, sizeof(test_ec_secp192r1_priv),
test_ec_secp192r1_pub, sizeof(test_ec_secp192r1_pub) },
{ 1, MBEDTLS_ECP_DP_SECP224R1,
{ MBEDTLS_ECP_DP_SECP224R1, 0,
test_ec_secp224r1_priv, sizeof(test_ec_secp224r1_priv),
test_ec_secp224r1_pub, sizeof(test_ec_secp224r1_pub) },
{ 1, MBEDTLS_ECP_DP_SECP256R1,
{ MBEDTLS_ECP_DP_SECP256R1, 0,
test_ec_secp256r1_priv, sizeof(test_ec_secp256r1_priv),
test_ec_secp256r1_pub, sizeof(test_ec_secp256r1_pub) },
{ 1, MBEDTLS_ECP_DP_SECP384R1,
{ MBEDTLS_ECP_DP_SECP384R1, 0,
test_ec_secp384r1_priv, sizeof(test_ec_secp384r1_priv),
test_ec_secp384r1_pub, sizeof(test_ec_secp384r1_pub) },
{ 1, MBEDTLS_ECP_DP_SECP521R1,
{ MBEDTLS_ECP_DP_SECP521R1, 0,
test_ec_secp521r1_priv, sizeof(test_ec_secp521r1_priv),
test_ec_secp521r1_pub, sizeof(test_ec_secp521r1_pub) },
{ 1, MBEDTLS_ECP_DP_BP256R1,
{ MBEDTLS_ECP_DP_BP256R1, 0,
test_ec_bp256r1_priv, sizeof(test_ec_bp256r1_priv),
test_ec_bp256r1_pub, sizeof(test_ec_bp256r1_pub) },
{ 1, MBEDTLS_ECP_DP_BP384R1,
{ MBEDTLS_ECP_DP_BP384R1, 0,
test_ec_bp384r1_priv, sizeof(test_ec_bp384r1_priv),
test_ec_bp384r1_pub, sizeof(test_ec_bp384r1_pub) },
{ 1, MBEDTLS_ECP_DP_BP512R1,
{ MBEDTLS_ECP_DP_BP512R1, 0,
test_ec_bp512r1_priv, sizeof(test_ec_bp512r1_priv),
test_ec_bp512r1_pub, sizeof(test_ec_bp512r1_pub) },
{ 1, MBEDTLS_ECP_DP_CURVE25519,
{ MBEDTLS_ECP_DP_CURVE25519, 0,
test_ec_curve25519_priv, sizeof(test_ec_curve25519_priv),
test_ec_curve25519_pub, sizeof(test_ec_curve25519_pub) },
{ 1, MBEDTLS_ECP_DP_CURVE448,
{ MBEDTLS_ECP_DP_CURVE448, 0,
test_ec_curve448_priv, sizeof(test_ec_curve448_priv),
test_ec_curve448_pub, sizeof(test_ec_curve448_pub) },
{ 0, 1024,

View File

@ -186,24 +186,33 @@
#define RSA_KEY_SIZE 1024
#define RSA_KEY_LEN (RSA_KEY_SIZE/8)
static int get_predefined_key_data(int is_ec, int curve_or_keybits,
static int get_predefined_key_data(int is_ec, int group_id_or_keybits,
const unsigned char **key, size_t *key_len,
const unsigned char **pub_key, size_t *pub_key_len)
{
size_t i;
struct predefined_key_element *predefined_key = NULL;
for (i = 0; i < ARRAY_LENGTH(predefined_keys); i++) {
if ((is_ec == predefined_keys[i].is_ec) &&
(curve_or_keybits == predefined_keys[i].curve_or_keybits)) {
*key = predefined_keys[i].priv_key;
*key_len = predefined_keys[i].priv_key_len;
if (pub_key != NULL) {
*pub_key = predefined_keys[i].pub_key;
*pub_key_len = predefined_keys[i].pub_key_len;
if (is_ec) {
if (group_id_or_keybits == predefined_keys[i].group_id) {
predefined_key = &predefined_keys[i];
}
return 0;
} else if (group_id_or_keybits == predefined_keys[i].keybits) {
predefined_key = &predefined_keys[i];
}
}
if (predefined_key != NULL) {
*key = predefined_key->priv_key;
*key_len = predefined_key->priv_key_len;
if (pub_key != NULL) {
*pub_key = predefined_key->pub_key;
*pub_key_len = predefined_key->pub_key_len;
}
return 0;
}
TEST_FAIL("Unsupported key");
/* "exit" label is to make the compiler happy. */
exit: