mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-03 23:43:40 +00:00
test: verify that Montgomery keys can be fixed on parsing
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
parent
41b0818bcb
commit
aed87994da
@ -1198,7 +1198,7 @@ pk_parse_key:"30070201010400a000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
||||
Key ASN1 (OneAsymmetricKey X25519, doesn't match masking requirements, from RFC8410 Appendix A but made into version 0)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:PSA_WANT_ECC_MONTGOMERY_255
|
||||
pk_parse_key:"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff3f":0
|
||||
pk_parse_fix_x25519:"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff3f":"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f"
|
||||
|
||||
Key ASN1 (OneAsymmetricKey X25519, with invalid optional AlgorithIdentifier parameters)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:PSA_WANT_ECC_MONTGOMERY_255
|
||||
|
@ -3,6 +3,7 @@
|
||||
#include "mbedtls/pem.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
#include "pk_internal.h"
|
||||
/* END_HEADER */
|
||||
|
||||
@ -148,3 +149,39 @@ exit:
|
||||
USE_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */
|
||||
void pk_parse_fix_x25519(data_t *input_key, data_t *exp_output)
|
||||
{
|
||||
/* Montgomery keys have specific bits set to either 0 or 1 depending on
|
||||
* their position. This is enforced during parsing (please see the implementation
|
||||
* of mbedtls_ecp_read_key() for more details). The scope of this function
|
||||
* is to verify this enforcing by feeding the parse algorithm with a x25519
|
||||
* key which does not have those bits set properly. */
|
||||
mbedtls_pk_context pk;
|
||||
unsigned char *output_key = NULL;
|
||||
size_t output_key_len = 0;
|
||||
|
||||
mbedtls_pk_init(&pk);
|
||||
USE_PSA_INIT();
|
||||
|
||||
TEST_EQUAL(mbedtls_pk_parse_key(&pk, input_key->x, input_key->len, NULL, 0,
|
||||
mbedtls_test_rnd_std_rand, NULL), 0);
|
||||
|
||||
output_key_len = input_key->len;
|
||||
ASSERT_ALLOC(output_key, output_key_len);
|
||||
/* output_key_len is updated with the real amount of data written to
|
||||
* output_key buffer. */
|
||||
output_key_len = mbedtls_pk_write_key_der(&pk, output_key, output_key_len);
|
||||
TEST_ASSERT(output_key_len > 0);
|
||||
|
||||
ASSERT_COMPARE(exp_output->x, exp_output->len, output_key, output_key_len);
|
||||
|
||||
exit:
|
||||
if (output_key != NULL) {
|
||||
mbedtls_free(output_key);
|
||||
}
|
||||
mbedtls_pk_free(&pk);
|
||||
USE_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
Loading…
Reference in New Issue
Block a user