mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-27 23:37:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add support for RSA wrap in pk_psa_sign() test

Browse Source 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong 2022-03-15 14:48:52 +01:00
parent 5b87ebb601
commit 67fc036976
2 changed files with 48 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
tests/suites/test_suite_pk.data
View File

@ -310,42 +310,46 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
PSA wrapped sign: SECP256R1
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256
PSA wrapped sign: SECP384R1
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384
PSA wrapped sign: SECP521R1
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521
PSA wrapped sign: SECP192K1
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192K1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192
## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336
# PSA wrapped sign: SECP224K1
# depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
# depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP224K1_ENABLED
# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224
PSA wrapped sign: SECP256K1
depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256
PSA wrapped sign: BP256R1
depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256
PSA wrapped sign: BP384R1
depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384
PSA wrapped sign: BP512R1
depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
PSA wrapped sign: RSA PKCS1 v1.5
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME
pk_psa_sign:512:PSA_KEY_TYPE_RSA_KEY_PAIR:512
PK Sign ext:RSA2048,PK_RSA,MD_SHA256
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256

46
tests/suites/test_suite_pk.function
View File

@ -1043,14 +1043,13 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO */
void pk_psa_sign( int parameter_arg,
int psa_type_arg, int expected_bits_arg )
{
mbedtls_ecp_group_id grpid = parameter_arg;
mbedtls_pk_context pk;
unsigned char hash[32];
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
unsigned char pkey_legacy[200];
unsigned char pkey_psa[200];
unsigned char *pkey_legacy_start, *pkey_psa_start;
@ -1063,7 +1062,7 @@ void pk_psa_sign( int parameter_arg,
/*
* This tests making signatures with a wrapped PSA key:
* - generate a fresh ECP legacy PK context
* - generate a fresh ECP/RSA legacy PK context
* - wrap it in a PK context and make a signature this way
* - extract the public key
* - parse it to a PK context and verify the signature this way
@ -1071,13 +1070,38 @@ void pk_psa_sign( int parameter_arg,
PSA_ASSERT( psa_crypto_init( ) );
/* Create legacy EC public/private key in PK context. */
mbedtls_pk_init( &pk );
TEST_ASSERT( mbedtls_pk_setup( &pk,
mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_gen_key( grpid,
(mbedtls_ecp_keypair*) pk.pk_ctx,
mbedtls_test_rnd_std_rand, NULL ) == 0 );
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
if( PSA_KEY_TYPE_IS_RSA( psa_type_arg ) )
{
/* Create legacy RSA public/private key in PK context. */
mbedtls_pk_init( &pk );
TEST_ASSERT( mbedtls_pk_setup( &pk,
mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
TEST_ASSERT( mbedtls_rsa_gen_key( mbedtls_pk_rsa( pk ),
mbedtls_test_rnd_std_rand, NULL,
parameter_arg, 3 ) == 0 );
}
else
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
#if defined(MBEDTLS_ECDSA_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( psa_type_arg ) )
{
mbedtls_ecp_group_id grpid = parameter_arg;
/* Create legacy EC public/private key in PK context. */
mbedtls_pk_init( &pk );
TEST_ASSERT( mbedtls_pk_setup( &pk,
mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_gen_key( grpid,
(mbedtls_ecp_keypair*) pk.pk_ctx,
mbedtls_test_rnd_std_rand, NULL ) == 0 );
}
else
#endif /* MBEDTLS_ECDSA_C */
{
(void) parameter_arg;
TEST_ASSUME( ! "Opaque PK key not supported in this configuration" );
}
/* Export underlying public key for re-importing in a legacy context. */
ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy,