mirror of
				https://github.com/Mbed-TLS/mbedtls.git
				synced 2025-10-26 00:37:41 +03:00 
			
		
		
		
	Fix test issues with depends-hashes
Needed to make additional fixes so that when MBEDTLS_USE_PSA_CRYPTO is defined, the depends-hashes test will succeed. There are two versions of the ecdsa_verify_wrap() function, one with MBEDTLS_USE_PSA_CRYPTO and when when it is not enabled. The non PSA version is not using the md_alg parameter since it is not required. The PSA version was using that parameter to derive a different value it needed for PSA_ALG_ECDSA. The arguement of PSA_ALG_ECDSA is ignored for psa_sign_hash and psa_verify_hash. It is present because it is used and must be a valid hash, not zero, for psa_sign_hash (but not psa_verify_hash) with PSA_ALG_DETERMINISTIC_ECDSA, and it is needed for psa_sign_message and psa_verify_message which are not implemented yet. The local parameter now uses PSA_ALG_ECDSA_ANY for the verify function to avoid using the md_alg parameter and avoids returning incorrect error codes. Fixes #3587 Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
This commit is contained in:
		| @@ -553,11 +553,12 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, | |||||||
|     unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES]; |     unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES]; | ||||||
|     unsigned char *p; |     unsigned char *p; | ||||||
|     mbedtls_pk_info_t pk_info = mbedtls_eckey_info; |     mbedtls_pk_info_t pk_info = mbedtls_eckey_info; | ||||||
|     psa_algorithm_t psa_sig_md, psa_md; |     psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA_ANY; | ||||||
|     size_t curve_bits; |     size_t curve_bits; | ||||||
|     psa_ecc_family_t curve = |     psa_ecc_family_t curve = | ||||||
|         mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits ); |         mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits ); | ||||||
|     const size_t signature_part_size = ( ctx->grp.nbits + 7 ) / 8; |     const size_t signature_part_size = ( ctx->grp.nbits + 7 ) / 8; | ||||||
|  |     ((void) md_alg); | ||||||
|  |  | ||||||
|     if( curve == 0 ) |     if( curve == 0 ) | ||||||
|         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); |         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); | ||||||
| @@ -571,11 +572,6 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, | |||||||
|     if( key_len <= 0 ) |     if( key_len <= 0 ) | ||||||
|         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); |         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); | ||||||
|  |  | ||||||
|     psa_md = mbedtls_psa_translate_md( md_alg ); |  | ||||||
|     if( psa_md == 0 ) |  | ||||||
|         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); |  | ||||||
|     psa_sig_md = PSA_ALG_ECDSA( psa_md ); |  | ||||||
|  |  | ||||||
|     psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ) ); |     psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ) ); | ||||||
|     psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); |     psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); | ||||||
|     psa_set_key_algorithm( &attributes, psa_sig_md ); |     psa_set_key_algorithm( &attributes, psa_sig_md ); | ||||||
|   | |||||||
| @@ -1190,6 +1190,12 @@ component_test_depends_hashes () { | |||||||
|     record_status tests/scripts/depends-hashes.pl |     record_status tests/scripts/depends-hashes.pl | ||||||
| } | } | ||||||
|  |  | ||||||
|  | component_test_depends_hashes_psa () { | ||||||
|  |     msg "test/build: depends-hashes.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" | ||||||
|  |     scripts/config.py set MBEDTLS_USE_PSA_CRYPTO | ||||||
|  |     record_status tests/scripts/depends-hashes.pl | ||||||
|  | } | ||||||
|  |  | ||||||
| component_test_depends_pkalgs_psa () { | component_test_depends_pkalgs_psa () { | ||||||
|     msg "test/build: depends-pkalgs.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" |     msg "test/build: depends-pkalgs.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" | ||||||
|     scripts/config.py set MBEDTLS_USE_PSA_CRYPTO |     scripts/config.py set MBEDTLS_USE_PSA_CRYPTO | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user