From d59caf4e515b5ba52f42146f60d2ddf8020e3aea Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Mon, 18 Mar 2024 16:20:14 +0100
Subject: [PATCH 1/4] test_suite_pk: extend pk_psa_wrap_sign_ext()

Try to perform verify_ext() using the opaque context when the
key type is MBEDTLS_PK_RSASSA_PSS. This currently leads to a
crash while running the test suite and this will be fixed by
the next commit.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tests/suites/test_suite_pk.function | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 089202bb4..ce590de52 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -2060,6 +2060,18 @@ void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg
                                    sig, sizeof(sig), &sig_len,
                                    mbedtls_test_rnd_std_rand, NULL), 0);
 
+    /* Trying to perform a verify_ext() using the opaque context is not supported
+     * so here we verify that this does not crash. */
+    if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) {
+        mbedtls_pk_rsassa_pss_options pss_opts = {
+            .mgf1_hash_id = md_alg,
+            .expected_salt_len = MBEDTLS_RSA_SALT_LEN_ANY,
+        };
+        TEST_EQUAL(mbedtls_pk_verify_ext(key_pk_type, &pss_opts, &pk, md_alg,
+                                         hash, hash_len, sig, sig_len),
+                   MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE);
+    }
+
     mbedtls_pk_free(&pk);
     TEST_EQUAL(PSA_SUCCESS, psa_destroy_key(key_id));
 

From 07500fd874fd8688d008e28d349a948a5dd00835 Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Mon, 18 Mar 2024 16:22:33 +0100
Subject: [PATCH 2/4] pk: check PK context type in mbedtls_pk_verify_ext()
 before trying RSA PSS

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 library/pk.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/library/pk.c b/library/pk.c
index ec3741b13..097777f2c 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -1126,6 +1126,12 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
         return mbedtls_pk_verify(ctx, md_alg, hash, hash_len, sig, sig_len);
     }
 
+    /* Ensure the PK context is of the right type otherwise mbedtls_pk_rsa()
+     * below would return a NULL pointer. */
+    if (mbedtls_pk_get_type(ctx) != MBEDTLS_PK_RSA) {
+        return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+    }
+
 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     const mbedtls_pk_rsassa_pss_options *pss_opts;

From 8ad5be0e5d8b15626f6cbe43ecbb3b7af79b96fa Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Mon, 18 Mar 2024 17:22:52 +0100
Subject: [PATCH 3/4] add changelog

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 ChangeLog.d/fix-null-dereference-verify-ext.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 ChangeLog.d/fix-null-dereference-verify-ext.txt

diff --git a/ChangeLog.d/fix-null-dereference-verify-ext.txt b/ChangeLog.d/fix-null-dereference-verify-ext.txt
new file mode 100644
index 000000000..465417872
--- /dev/null
+++ b/ChangeLog.d/fix-null-dereference-verify-ext.txt
@@ -0,0 +1,3 @@
+Bugfix
+   * Fix NULL pointer dereference in mbedtls_pk_verify_ext() when called using
+     an opaque RSA context and specifying MBEDTLS_PK_RSASSA_PSS as key type.

From da47518554b5e56e3c5d08fdad304fb282baaba4 Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Tue, 19 Mar 2024 09:54:46 +0100
Subject: [PATCH 4/4] test_suite_pk: always test verify_ext with opaque keys in
 pk_psa_wrap_sign_ext()

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tests/suites/test_suite_pk.function | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index ce590de52..808abcff3 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -2060,8 +2060,7 @@ void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg
                                    sig, sizeof(sig), &sig_len,
                                    mbedtls_test_rnd_std_rand, NULL), 0);
 
-    /* Trying to perform a verify_ext() using the opaque context is not supported
-     * so here we verify that this does not crash. */
+    /* verify_ext() is not supported when using an opaque context. */
     if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) {
         mbedtls_pk_rsassa_pss_options pss_opts = {
             .mgf1_hash_id = md_alg,
@@ -2070,6 +2069,10 @@ void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg
         TEST_EQUAL(mbedtls_pk_verify_ext(key_pk_type, &pss_opts, &pk, md_alg,
                                          hash, hash_len, sig, sig_len),
                    MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE);
+    } else {
+        TEST_EQUAL(mbedtls_pk_verify_ext(key_pk_type, NULL, &pk, md_alg,
+                                         hash, hash_len, sig, sig_len),
+                   MBEDTLS_ERR_PK_TYPE_MISMATCH);
     }
 
     mbedtls_pk_free(&pk);