cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-30 00:46:22 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8987 from valeriosetti/issue8903

Browse Source 
Test gap: mbedtls_pk_check_pair with MBEDTLS_PK_OPAQUE
This commit is contained in:
Bence Szépkúti 2024-04-04 13:44:24 +00:00 committed by GitHub
commit e4d9013518
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
tests/suites/test_suite_pk.function
View File

@ -1021,6 +1021,7 @@ void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret)
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t opaque_key_id = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t opaque_key_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t opaque_key_attr = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t opaque_key_attr = PSA_KEY_ATTRIBUTES_INIT;
int is_ec_key = 0;
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_pk_init(&pub); mbedtls_pk_init(&pub);
@ -1057,16 +1058,22 @@ void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret)
} }
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
if (mbedtls_pk_get_type(&prv) == MBEDTLS_PK_ECKEY) { is_ec_key = (mbedtls_pk_get_type(&prv) == MBEDTLS_PK_ECKEY);
/* Turn the prv PK context into an opaque one.*/ /* Turn the prv PK context into an opaque one.*/
TEST_EQUAL(mbedtls_pk_get_psa_attributes(&prv, PSA_KEY_USAGE_SIGN_HASH, TEST_EQUAL(mbedtls_pk_get_psa_attributes(&prv, PSA_KEY_USAGE_SIGN_HASH,
&opaque_key_attr), 0); &opaque_key_attr), 0);
TEST_EQUAL(mbedtls_pk_import_into_psa(&prv, &opaque_key_attr, &opaque_key_id), 0); TEST_EQUAL(mbedtls_pk_import_into_psa(&prv, &opaque_key_attr, &opaque_key_id), 0);
mbedtls_pk_free(&prv); mbedtls_pk_free(&prv);
mbedtls_pk_init(&prv); mbedtls_pk_init(&prv);
TEST_EQUAL(mbedtls_pk_setup_opaque(&prv, opaque_key_id), 0); TEST_EQUAL(mbedtls_pk_setup_opaque(&prv, opaque_key_id), 0);
/* Test check_pair() between the opaque key we just created and the public PK counterpart.
* Note: opaque EC keys support check_pair(), whereas RSA ones do not. */
if (is_ec_key) {
TEST_EQUAL(mbedtls_pk_check_pair(&pub, &prv, mbedtls_test_rnd_std_rand, TEST_EQUAL(mbedtls_pk_check_pair(&pub, &prv, mbedtls_test_rnd_std_rand,
NULL), ret); NULL), ret);
} else {
TEST_EQUAL(mbedtls_pk_check_pair(&pub, &prv, mbedtls_test_rnd_std_rand,
NULL), MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE);
} }
#endif #endif