Add Weierstrass curve/bits consistancy check + negative test vectors

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2025-08-08 17:42:09 +03:00 · 2021-11-26 10:54:52 +01:00
parent 02cf12ff92
commit 50fcc535e5
2 changed files with 133 additions and 3 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4949,6 +4949,50 @@ cleanup:
 }
 #endif

+static psa_status_t psa_generate_derived_ecc_key_weierstrass_check_config(
+    psa_ecc_family_t curve,
+    size_t bits)
+{
+    switch (curve)
+    {
+        case ( PSA_ECC_FAMILY_SECP_K1 ):
+            if (bits != 192 && bits != 225 && bits != 256)
+                return ( PSA_ERROR_INVALID_ARGUMENT );
+        break;
+        case ( PSA_ECC_FAMILY_SECP_R1 ):
+            if (bits != 192 && bits != 224 && bits != 256 && bits != 384 && bits != 521)
+                return ( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+        case ( PSA_ECC_FAMILY_SECP_R2 ):
+            if (bits != 160)
+                return ( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+        case ( PSA_ECC_FAMILY_SECT_K1 ):
+            if (bits != 163 && bits != 233 && bits != 239 && bits != 283 && bits != 409 && bits != 571)
+                return ( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+        case ( PSA_ECC_FAMILY_SECT_R1 ):
+            if (bits != 163 && bits != 233 && bits != 283 && bits != 409 && bits != 571)
+                return ( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+        case ( PSA_ECC_FAMILY_SECT_R2  ):
+            if (bits != 163)
+                return ( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+        case ( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ):
+            if (bits != 160 && bits != 192 && bits != 224 && bits != 256 && bits != 320 && bits != 384 && bits != 512)
+                return ( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+/*
+        case ( PSA_ECC_FAMILY_FRP ):
+            if (bits != 256)
+                return ( PSA_ERROR_INVALID_ARGUMENT ) ;
+            break;
+*/
+    }
+    return PSA_SUCCESS;
+}
+
 static psa_status_t psa_generate_derived_key_internal(
    psa_key_slot_t *slot,
    size_t bits,
@@ -4969,6 +5013,11 @@ static psa_status_t psa_generate_derived_key_internal(
        {
            /* Weierstrass elliptic curve */
            unsigned key_err = 0;
+            status = psa_generate_derived_ecc_key_weierstrass_check_config(
+                PSA_KEY_TYPE_ECC_GET_FAMILY( slot->attr.type ),
+                bits );
+            if ( status != PSA_SUCCESS )
+                return status;
 gen_ecc_key:
            status = psa_generate_derived_ecc_key_weierstrass_helper(slot, bits, operation, &data, &key_err);
            if( status != PSA_SUCCESS )
@@ -4976,7 +5025,8 @@ gen_ecc_key:
            /* Key has been created, but it doesn't meet criteria. */
            if (key_err)
                goto gen_ecc_key;
-        } else
+        }
+        else
        {
            /* Montgomery elliptic curve */
            size_t output_length;