pk_wrap: add support for ECDSA verify for opaque keys

This commit also add tests to verify the functionality Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-03-28 08:37:25 +00:00 · 2023-06-21 16:58:40 +02:00 · 2023-06-21 16:58:40 +02:00 · e77307738d
commit e77307738d
parent ed7d6af670
2 changed files with 41 additions and 7 deletions
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@ -781,6 +781,36 @@ cleanup:
    return ret;
 }

+static int ecdsa_verify_wrap_opaque(mbedtls_pk_context *pk,
+                                    mbedtls_md_type_t md_alg,
+                                    const unsigned char *hash, size_t hash_len,
+                                    const unsigned char *sig, size_t sig_len)
+{
+    (void) md_alg;
+    unsigned char key[MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN];
+    size_t key_len;
+    psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
+    psa_ecc_family_t curve;
+    size_t curve_bits;
+    psa_status_t status;
+
+    status = psa_get_key_attributes(pk->priv_id, &key_attr);
+    if (status != PSA_SUCCESS) {
+        return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
+    }
+    curve = PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(&key_attr));
+    curve_bits = psa_get_key_bits(&key_attr);
+    psa_reset_key_attributes(&key_attr);
+
+    status = psa_export_public_key(pk->priv_id, key, sizeof(key), &key_len);
+    if (status != PSA_SUCCESS) {
+        return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
+    }
+
+    return ecdsa_verify_psa(key, key_len, curve, curve_bits,
+                            hash, hash_len, sig, sig_len);
+}
+
 #if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
 static int ecdsa_verify_wrap(mbedtls_pk_context *pk,
                             mbedtls_md_type_t md_alg,
@ -1757,7 +1787,7 @@ const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info = {
    "Opaque",
    pk_opaque_get_bitlen,
    pk_opaque_ecdsa_can_do,
-    NULL, /* verify - will be done later */
+    ecdsa_verify_wrap_opaque,
    ecdsa_sign_wrap_opaque,
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
    NULL, /* restartable verify - not relevant */
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@ -223,8 +223,6 @@ void pk_psa_utils(int key_is_rsa)
    mbedtls_pk_init(&pk2);
    USE_PSA_INIT();

-    TEST_ASSERT(psa_crypto_init() == PSA_SUCCESS);
-
    TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, MBEDTLS_SVC_KEY_ID_INIT) ==
                MBEDTLS_ERR_PK_BAD_INPUT_DATA);

@ -261,10 +259,11 @@ void pk_psa_utils(int key_is_rsa)
    }

    /* unsupported operations: verify, decrypt, encrypt */
-    TEST_ASSERT(mbedtls_pk_verify(&pk, md_alg,
-                                  b1, sizeof(b1), b2, sizeof(b2))
-                == MBEDTLS_ERR_PK_TYPE_MISMATCH);
-    if (key_is_rsa == 0) {
+    if (key_is_rsa == 1) {
+        TEST_ASSERT(mbedtls_pk_verify(&pk, md_alg,
+                                      b1, sizeof(b1), b2, sizeof(b2))
+                    == MBEDTLS_ERR_PK_TYPE_MISMATCH);
+    } else {
        TEST_ASSERT(mbedtls_pk_decrypt(&pk, b1, sizeof(b1),
                                       b2, &len, sizeof(b2),
                                       NULL, NULL)
@ -1367,6 +1366,11 @@ void pk_psa_sign(int parameter_arg,
    TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256,
                                hash, sizeof(hash), sig, sizeof(sig), &sig_len,
                                NULL, NULL) == 0);
+    /* Only opaque EC keys support verification. */
+    if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) {
+        TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256,
+                                      hash, sizeof(hash), sig, sig_len) == 0);
+    }

    /* Export underlying public key for re-importing in a psa context. */
 #if defined(MBEDTLS_PK_WRITE_C)