commit d971b7834b746b6d2c8d08f513456027835b0b76
author Valerio Setti <valerio.setti@nordicsemi.no> Tue Mar 19 15:08:53 2024 +0100
committer Valerio Setti <valerio.setti@nordicsemi.no> Tue Mar 19 15:55:32 2024 +0100
tree 22b4b152ddc92b3b88377a16578176e730db2459
parent c262561424609a6b7807ebc927c57d28e39b9f6c

test_suite_pk: fix RSA issue in pk_psa_sign() when !PK_[PARSE|WRITE]_C are defined

This bug was not found until now because:
- !PK_[WRITE|PARSE]_C is only tested in component_full_no_pkparse_pkwrite()
- the test only case concerning RSA key had MBEDTLS_PK_WRITE_C as dependency
  so it was not executed in that component.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

tests/suites/test_suite_pk.function

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 8f5e7f6..0a0f158 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -1875,12 +1875,21 @@
             legacy_pub_key + sizeof(legacy_pub_key) - legacy_pub_key_len,
             legacy_pub_key_len);
 #else /* MBEDTLS_PK_WRITE_C */
-    ret = mbedtls_ecp_point_write_binary(&(mbedtls_pk_ec_ro(pk)->grp),
-                                         &(mbedtls_pk_ec_ro(pk)->Q),
-                                         MBEDTLS_ECP_PF_UNCOMPRESSED,
-                                         &legacy_pub_key_len, legacy_pub_key,
-                                         sizeof(legacy_pub_key));
-    TEST_EQUAL(ret, 0);
+    if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
+        TEST_EQUAL(mbedtls_ecp_point_write_binary(&(mbedtls_pk_ec_ro(pk)->grp),
+                                                  &(mbedtls_pk_ec_ro(pk)->Q),
+                                                  MBEDTLS_ECP_PF_UNCOMPRESSED,
+                                                  &legacy_pub_key_len, legacy_pub_key,
+                                                  sizeof(legacy_pub_key)), 0);
+    } else {
+        unsigned char *end = legacy_pub_key + sizeof(legacy_pub_key);
+        ret = mbedtls_rsa_write_pubkey(mbedtls_pk_rsa(pk), legacy_pub_key, &end);
+        legacy_pub_key_len = (size_t) ret;
+        TEST_ASSERT(legacy_pub_key_len > 0);
+        /* mbedtls_rsa_write_pubkey() writes data backward in the buffer so
+         * we shift that to the origin of the buffer instead. */
+        memmove(legacy_pub_key, end, legacy_pub_key_len);
+    }
 #endif /* MBEDTLS_PK_WRITE_C */
 
     /* Turn the PK context into an opaque one. */
@@ -1939,11 +1948,17 @@
 #if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_PK_PARSE_C)
     TEST_EQUAL(mbedtls_pk_parse_public_key(&pk, legacy_pub_key, legacy_pub_key_len), 0);
 #else
-    TEST_EQUAL(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0);
-    TEST_EQUAL(mbedtls_ecp_group_load(&(mbedtls_pk_ec_rw(pk)->grp), ecp_grp_id), 0);
-    TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec_ro(pk)->grp),
-                                             &(mbedtls_pk_ec_rw(pk)->Q),
-                                             legacy_pub_key, legacy_pub_key_len), 0);
+    if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
+        TEST_EQUAL(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0);
+        TEST_EQUAL(mbedtls_ecp_group_load(&(mbedtls_pk_ec_rw(pk)->grp), ecp_grp_id), 0);
+        TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec_ro(pk)->grp),
+                                                 &(mbedtls_pk_ec_rw(pk)->Q),
+                                                 legacy_pub_key, legacy_pub_key_len), 0);
+    } else {
+        TEST_EQUAL(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)), 0);
+        TEST_EQUAL(mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(pk), legacy_pub_key,
+                                            legacy_pub_key_len), 0);
+    }
 #endif
     TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256,
                                   hash, sizeof(hash), sig, sig_len) == 0);