test_suite_pk: fix guards
Now that key generation has been replaced with parsing predefined
keys, guards for MBEDTLS_PK_PARSE_C need to be added in test
code.
This commits also removes remaining usage of GENPRIME.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 1bc12c2..fc54185 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -184,8 +184,6 @@
#define MBEDTLS_MD_ALG_FOR_TEST MBEDTLS_MD_SHA512
#endif
-#if defined(MBEDTLS_PK_PARSE_C)
-
#include <../src/test_keys.h>
struct key_lut_element {
int curve_or_keybits;
@@ -229,6 +227,7 @@
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
+#if defined(MBEDTLS_PK_PARSE_C)
/** Fill the provided PK context with a proper key.
*
* This is a fake implementation of key generation because instead of generating
@@ -239,13 +238,13 @@
*
* \param pk The PK object to fill. It must have been initialized
* (mbedtls_pk_init()), but not setup (mbedtls_pk_setup()).
- * \param pk_info mbedtls_pk_info_t to use in the generated PK context.
+ * \param pk_type mbedtls_pk_type_t to use in the PK context.
* \param curve_or_keybits - For RSA keys, the key size in bits.
* - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
*
* \return 0 on success or a negative value otherwise.
*/
-static int pk_genkey(mbedtls_pk_context *pk, const mbedtls_pk_info_t *pk_info, int curve_or_keybits)
+static int pk_genkey(mbedtls_pk_context *pk, mbedtls_pk_type_t pk_type, int curve_or_keybits)
{
const unsigned char *key_data = NULL;
size_t key_data_len = 0;
@@ -255,12 +254,13 @@
TEST_EQUAL(mbedtls_pk_parse_key(pk, key_data, key_data_len, NULL, 0,
mbedtls_test_rnd_std_rand, NULL), 0);
/* Override pk_info. */
- pk->pk_info = pk_info;
+ pk->pk_info = mbedtls_pk_info_from_type(pk_type);
ret = 0;
exit:
return ret;
}
+#endif /* MBEDTLS_PK_PARSE_C */
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
/** Create a PSA key of the desired type and properties.
@@ -303,6 +303,7 @@
key_data_start = (unsigned char *) key_data;
key_data_len = key_data_size;
} else {
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
mbedtls_ecp_group_id grp_id;
grp_id = mbedtls_ecc_group_from_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type), bits);
TEST_EQUAL(get_predefined_key_data(grp_id, &key_data, &key_data_size), 0);
@@ -315,9 +316,16 @@
TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_SEQUENCE |
MBEDTLS_ASN1_CONSTRUCTED), 0);
TEST_EQUAL(mbedtls_asn1_get_int(&p, end, &version), 0);
+ if ((grp_id == MBEDTLS_ECP_DP_CURVE25519) || (grp_id == MBEDTLS_ECP_DP_CURVE448)) {
+ TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_SEQUENCE |
+ MBEDTLS_ASN1_CONSTRUCTED), 0);
+ p += len;
+ TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING), 0);
+ }
TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING), 0);
key_data_start = p;
key_data_len = len;
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
}
/* Import the key into PSA. */
@@ -336,9 +344,9 @@
return status;
}
#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
-#endif /* MBEDTLS_PK_PARSE_C */
#if defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_PK_PARSE_C)
static psa_key_usage_t pk_get_psa_attributes_implied_usage(
psa_key_usage_t expected_usage)
{
@@ -362,6 +370,7 @@
expected_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY;
return expected_usage;
}
+#endif /* MBEDTLS_PK_PARSE_C */
#define RSA_WRITE_PUBKEY_MAX_SIZE \
PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS)
@@ -473,7 +482,7 @@
FROM_PAIR = 1
} from_pair_t;
-#if defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PK_PARSE_C)
static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair,
mbedtls_pk_context *pk, psa_key_type_t *psa_type)
{
@@ -487,20 +496,13 @@
{
TEST_EQUAL(mbedtls_pk_setup(pk, mbedtls_pk_info_from_type(pk_type)), 0);
*psa_type = PSA_KEY_TYPE_RSA_KEY_PAIR;
- mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk);
if (want_pair) {
-#if defined(MBEDTLS_GENPRIME)
- TEST_EQUAL(mbedtls_rsa_gen_key(
- rsa,
- mbedtls_test_rnd_std_rand, NULL,
- MBEDTLS_RSA_GEN_KEY_MIN_BITS, 65537), 0);
-#else
- TEST_FAIL("I don't know how to create an RSA key pair in this configuration.");
-#endif
+ TEST_EQUAL(pk_genkey(pk, pk_type, MBEDTLS_RSA_GEN_KEY_MIN_BITS), 0);
} else {
unsigned char N[PSA_BITS_TO_BYTES(MBEDTLS_RSA_GEN_KEY_MIN_BITS)] = { 0xff };
N[sizeof(N) - 1] = 0x03;
const unsigned char E[1] = { 0x03 };
+ mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk);
TEST_EQUAL(mbedtls_rsa_import_raw(rsa,
N, sizeof(N),
NULL, 0, NULL, 0, NULL, 0,
@@ -519,7 +521,7 @@
mbedtls_ecp_group_id grp_id = MBEDTLS_TEST_ECP_DP_ONE_CURVE;
size_t bits;
*psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(mbedtls_ecc_group_to_psa(grp_id, &bits));
- TEST_EQUAL(pk_genkey(pk, mbedtls_pk_info_from_type(pk_type), grp_id), 0);
+ TEST_EQUAL(pk_genkey(pk, pk_type, grp_id), 0);
if (!want_pair) {
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
psa_key_attributes_t pub_attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -555,7 +557,7 @@
exit:
return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
}
-#endif
+#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_PK_PARSE_C */
#if defined(MBEDTLS_PSA_CRYPTO_C)
/* Create a new PSA key which will contain only the public part of the private
@@ -757,7 +759,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
+/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PK_PARSE_C */
void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg,
int key_alg2, int curve_or_keybits, int alg_check, int usage_check,
int result)
@@ -780,7 +782,7 @@
TEST_EQUAL(mbedtls_pk_get_type(&pk), MBEDTLS_PK_OPAQUE);
} else {
- TEST_EQUAL(pk_genkey(&pk, mbedtls_pk_info_from_type(key_type), curve_or_keybits), 0);
+ TEST_EQUAL(pk_genkey(&pk, key_type, curve_or_keybits), 0);
TEST_EQUAL(mbedtls_pk_get_type(&pk), key_type);
}
@@ -974,7 +976,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C */
void pk_utils(int type, int curve_or_keybits, int bitlen, int len, char *name)
{
mbedtls_pk_context pk;
@@ -982,7 +984,7 @@
mbedtls_pk_init(&pk);
USE_PSA_INIT();
- TEST_ASSERT(pk_genkey(&pk, mbedtls_pk_info_from_type(type), curve_or_keybits) == 0);
+ TEST_ASSERT(pk_genkey(&pk, type, curve_or_keybits) == 0);
TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type);
TEST_ASSERT(mbedtls_pk_can_do(&pk, type));
@@ -1323,7 +1325,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:PK_CAN_SIGN_SOME */
+/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_CAN_SHA256:PK_CAN_SIGN_SOME */
void pk_sign_verify(int type, int curve_or_keybits, int rsa_padding, int rsa_md_alg,
int sign_ret, int verify_ret)
{
@@ -1350,7 +1352,7 @@
memset(hash, 0x2a, sizeof(hash));
memset(sig, 0, sizeof(sig));
- TEST_ASSERT(pk_genkey(&pk, mbedtls_pk_info_from_type(type), curve_or_keybits) == 0);
+ TEST_ASSERT(pk_genkey(&pk, type, curve_or_keybits) == 0);
#if defined(MBEDTLS_RSA_C)
if (type == MBEDTLS_PK_RSA) {
@@ -1715,7 +1717,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
+/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
void pk_rsa_alt()
{
/*
@@ -1743,7 +1745,7 @@
memset(test, 0, sizeof(test));
/* Initialize PK RSA context with random key */
- TEST_ASSERT(pk_genkey(&rsa, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA), RSA_KEY_SIZE) == 0);
+ TEST_ASSERT(pk_genkey(&rsa, MBEDTLS_PK_RSA, RSA_KEY_SIZE) == 0);
/* Extract key to the raw rsa context */
TEST_ASSERT(mbedtls_rsa_copy(&raw, mbedtls_pk_rsa(rsa)) == 0);
@@ -1811,7 +1813,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */
+/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */
void pk_psa_sign(int psa_type, int bits, int rsa_padding)
{
mbedtls_pk_context pk;
@@ -1842,18 +1844,18 @@
USE_PSA_INIT();
/* Create the legacy EC/RSA PK context. */
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
+#if defined(MBEDTLS_RSA_C)
if (PSA_KEY_TYPE_IS_RSA(psa_type)) {
- TEST_EQUAL(pk_genkey(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA), bits), 0);
+ TEST_EQUAL(pk_genkey(&pk, MBEDTLS_PK_RSA, bits), 0);
TEST_EQUAL(mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), rsa_padding, MBEDTLS_MD_NONE), 0);
}
-#else /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
+#else /* MBEDTLS_RSA_C && MBEDTLS_PK_PARSE_C */
(void) rsa_padding;
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
ecp_grp_id = mbedtls_ecc_group_from_psa(psa_type, bits);
- TEST_ASSERT(pk_genkey(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY), ecp_grp_id) == 0);
+ TEST_ASSERT(pk_genkey(&pk, MBEDTLS_PK_ECKEY, ecp_grp_id) == 0);
}
#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */
@@ -1975,7 +1977,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
+/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C */
void pk_sign_ext(int pk_type, int curve_or_keybits, int key_pk_type, int md_alg)
{
mbedtls_pk_context pk;
@@ -1991,7 +1993,7 @@
mbedtls_pk_init(&pk);
MD_OR_USE_PSA_INIT();
- TEST_EQUAL(pk_genkey(&pk, mbedtls_pk_info_from_type(pk_type), curve_or_keybits), 0);
+ TEST_EQUAL(pk_genkey(&pk, pk_type, curve_or_keybits), 0);
TEST_EQUAL(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len,
sig, sizeof(sig), &sig_len,
@@ -2118,7 +2120,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PK_PARSE_C */
void pk_get_psa_attributes(int pk_type, int from_pair,
int usage_arg,
int to_pair, int expected_alg)
@@ -2181,7 +2183,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_GENPRIME */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_PK_PARSE_C */
void pk_rsa_v21_get_psa_attributes(int md_type, int from_pair,
int usage_arg,
int to_pair, int expected_alg)
@@ -2229,7 +2231,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PK_PARSE_C */
void pk_get_psa_attributes_fail(int pk_type, int from_pair,
int usage_arg,
int expected_ret)
@@ -2255,7 +2257,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PK_PARSE_C:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PSA_CRYPTO_STORAGE_C */
void pk_import_into_psa_lifetime(int from_opaque,
int from_persistent, /* when from opaque */
int from_exportable, /* when from opaque */
@@ -2406,7 +2408,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PK_PARSE_C */
void pk_import_into_psa_fail(int pk_type, int from_pair,
int type_arg, int bits_arg,
int expected_ret)