From 36188219fc5dd9c547cd4633f94fad6c29381561 Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Wed, 17 Apr 2024 16:12:12 +0200
Subject: [PATCH] generate_test_keys: split group_id and key bitsize in the
 generated structure

- group_id is only used for EC keys;
- key bitsize only for RSA.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tests/scripts/generate_test_keys.py | 18 ++++++++++--------
 tests/src/test_keys.h               | 28 ++++++++++++++--------------
 tests/suites/test_suite_pk.function | 27 ++++++++++++++++++---------
 3 files changed, 42 insertions(+), 31 deletions(-)

diff --git a/tests/scripts/generate_test_keys.py b/tests/scripts/generate_test_keys.py
index 1236baa49f..0a67a784cb 100755
--- a/tests/scripts/generate_test_keys.py
+++ b/tests/scripts/generate_test_keys.py
@@ -80,10 +80,12 @@ def get_ec_curve_name(priv_key: str, bits: int) -> str:
         return ""
     return prefix + str(bits) + suffix
 
-def get_look_up_table_entry(key_type: str, curve_or_keybits: str,
+def get_look_up_table_entry(key_type: str, group_id_or_keybits: str,
                             priv_array_name: str, pub_array_name: str) -> Iterator[str]:
-    yield "    {{ {}, ".format("1" if key_type == "ec" else "0")
-    yield "{},\n".format(curve_or_keybits)
+    if key_type == "ec":
+        yield "    {{ {}, 0,\n".format(group_id_or_keybits)
+    else:
+        yield "    {{ 0, {},\n".format(group_id_or_keybits)
     yield "      {0}, sizeof({0}),\n".format(priv_array_name)
     yield "      {0}, sizeof({0}) }},".format(pub_array_name)
 
@@ -135,16 +137,16 @@ def main() -> None:
             output_file.write(''.join(["\n", c_array_priv, "\n", c_array_pub, "\n"]))
             # Update the lookup table
             if key_type == "ec":
-                curve_or_keybits = "MBEDTLS_ECP_DP_" + curve.upper()
+                group_id_or_keybits = "MBEDTLS_ECP_DP_" + curve.upper()
             else:
-                curve_or_keybits = str(bits)
-            look_up_table.append(''.join(get_look_up_table_entry(key_type, curve_or_keybits,
+                group_id_or_keybits = str(bits)
+            look_up_table.append(''.join(get_look_up_table_entry(key_type, group_id_or_keybits,
                                                                  array_name_priv, array_name_pub)))
     # Write the lookup table: the struct containing pointers to all the arrays we created above.
     output_file.write("""
 struct predefined_key_element {
-    int is_ec;  // 1 for EC keys; 0 for RSA
-    int curve_or_keybits;
+    int group_id;  // EC group ID; 0 for RSA keys
+    int keybits;  // bits size of RSA key; 0 for EC keys
     const unsigned char *priv_key;
     size_t priv_key_len;
     const unsigned char *pub_key;
diff --git a/tests/src/test_keys.h b/tests/src/test_keys.h
index 7e8f773b66..ec54fe480c 100644
--- a/tests/src/test_keys.h
+++ b/tests/src/test_keys.h
@@ -730,8 +730,8 @@ const unsigned char test_rsa_4096_pub[] = {
 };
 
 struct predefined_key_element {
-    int is_ec;  // 1 for EC keys; 0 for RSA
-    int curve_or_keybits;
+    int group_id;  // EC group ID; 0 for RSA keys
+    int keybits;  // bits size of RSA key; 0 for EC keys
     const unsigned char *priv_key;
     size_t priv_key_len;
     const unsigned char *pub_key;
@@ -739,40 +739,40 @@ struct predefined_key_element {
 };
 
 struct predefined_key_element predefined_keys[] = {
-    { 1, MBEDTLS_ECP_DP_SECP192K1,
+    { MBEDTLS_ECP_DP_SECP192K1, 0,
       test_ec_secp192k1_priv, sizeof(test_ec_secp192k1_priv),
       test_ec_secp192k1_pub, sizeof(test_ec_secp192k1_pub) },
-    { 1, MBEDTLS_ECP_DP_SECP256K1,
+    { MBEDTLS_ECP_DP_SECP256K1, 0,
       test_ec_secp256k1_priv, sizeof(test_ec_secp256k1_priv),
       test_ec_secp256k1_pub, sizeof(test_ec_secp256k1_pub) },
-    { 1, MBEDTLS_ECP_DP_SECP192R1,
+    { MBEDTLS_ECP_DP_SECP192R1, 0,
       test_ec_secp192r1_priv, sizeof(test_ec_secp192r1_priv),
       test_ec_secp192r1_pub, sizeof(test_ec_secp192r1_pub) },
-    { 1, MBEDTLS_ECP_DP_SECP224R1,
+    { MBEDTLS_ECP_DP_SECP224R1, 0,
       test_ec_secp224r1_priv, sizeof(test_ec_secp224r1_priv),
       test_ec_secp224r1_pub, sizeof(test_ec_secp224r1_pub) },
-    { 1, MBEDTLS_ECP_DP_SECP256R1,
+    { MBEDTLS_ECP_DP_SECP256R1, 0,
       test_ec_secp256r1_priv, sizeof(test_ec_secp256r1_priv),
       test_ec_secp256r1_pub, sizeof(test_ec_secp256r1_pub) },
-    { 1, MBEDTLS_ECP_DP_SECP384R1,
+    { MBEDTLS_ECP_DP_SECP384R1, 0,
       test_ec_secp384r1_priv, sizeof(test_ec_secp384r1_priv),
       test_ec_secp384r1_pub, sizeof(test_ec_secp384r1_pub) },
-    { 1, MBEDTLS_ECP_DP_SECP521R1,
+    { MBEDTLS_ECP_DP_SECP521R1, 0,
       test_ec_secp521r1_priv, sizeof(test_ec_secp521r1_priv),
       test_ec_secp521r1_pub, sizeof(test_ec_secp521r1_pub) },
-    { 1, MBEDTLS_ECP_DP_BP256R1,
+    { MBEDTLS_ECP_DP_BP256R1, 0,
       test_ec_bp256r1_priv, sizeof(test_ec_bp256r1_priv),
       test_ec_bp256r1_pub, sizeof(test_ec_bp256r1_pub) },
-    { 1, MBEDTLS_ECP_DP_BP384R1,
+    { MBEDTLS_ECP_DP_BP384R1, 0,
       test_ec_bp384r1_priv, sizeof(test_ec_bp384r1_priv),
       test_ec_bp384r1_pub, sizeof(test_ec_bp384r1_pub) },
-    { 1, MBEDTLS_ECP_DP_BP512R1,
+    { MBEDTLS_ECP_DP_BP512R1, 0,
       test_ec_bp512r1_priv, sizeof(test_ec_bp512r1_priv),
       test_ec_bp512r1_pub, sizeof(test_ec_bp512r1_pub) },
-    { 1, MBEDTLS_ECP_DP_CURVE25519,
+    { MBEDTLS_ECP_DP_CURVE25519, 0,
       test_ec_curve25519_priv, sizeof(test_ec_curve25519_priv),
       test_ec_curve25519_pub, sizeof(test_ec_curve25519_pub) },
-    { 1, MBEDTLS_ECP_DP_CURVE448,
+    { MBEDTLS_ECP_DP_CURVE448, 0,
       test_ec_curve448_priv, sizeof(test_ec_curve448_priv),
       test_ec_curve448_pub, sizeof(test_ec_curve448_pub) },
     { 0, 1024,
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index b77a9a88d8..ec7fac08e5 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -186,24 +186,33 @@
 #define RSA_KEY_SIZE   1024
 #define RSA_KEY_LEN   (RSA_KEY_SIZE/8)
 
-static int get_predefined_key_data(int is_ec, int curve_or_keybits,
+static int get_predefined_key_data(int is_ec, int group_id_or_keybits,
                                    const unsigned char **key, size_t *key_len,
                                    const unsigned char **pub_key, size_t *pub_key_len)
 {
     size_t i;
+    struct predefined_key_element *predefined_key = NULL;
+
     for (i = 0; i < ARRAY_LENGTH(predefined_keys); i++) {
-        if ((is_ec == predefined_keys[i].is_ec) &&
-            (curve_or_keybits == predefined_keys[i].curve_or_keybits)) {
-            *key = predefined_keys[i].priv_key;
-            *key_len = predefined_keys[i].priv_key_len;
-            if (pub_key != NULL) {
-                *pub_key = predefined_keys[i].pub_key;
-                *pub_key_len = predefined_keys[i].pub_key_len;
+        if (is_ec) {
+            if (group_id_or_keybits == predefined_keys[i].group_id) {
+                predefined_key = &predefined_keys[i];
             }
-            return 0;
+        } else if (group_id_or_keybits == predefined_keys[i].keybits) {
+            predefined_key = &predefined_keys[i];
         }
     }
 
+    if (predefined_key != NULL) {
+        *key = predefined_key->priv_key;
+        *key_len = predefined_key->priv_key_len;
+        if (pub_key != NULL) {
+            *pub_key = predefined_key->pub_key;
+            *pub_key_len = predefined_key->pub_key_len;
+        }
+        return 0;
+    }
+
     TEST_FAIL("Unsupported key");
     /* "exit" label is to make the compiler happy. */
 exit: