mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-29 11:41:15 +03:00
Implement and test mbedtls_ecp_write_key
mbedtls_ecp_write_key is a mirror function to mbedtls_ecp_read_key, which writes a private key back into a byte buffer in the correct format. This is a helpful convenience function, since the byte order is defined differently between Montgomery and Weierstrass curves. Since this difference is accounted for in mbedtls_ecp_read_key, it made sense to add mbedtls_ecp_write_key for the purpose of abstracting this away such that psa_export_key doesn't need to take byte order into account. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman
@ -278,65 +278,69 @@ mbedtls_ecp_gen_key:MBEDTLS_ECP_DP_SECP192R1
|
||||
|
||||
ECP read key #1 (short weierstrass, too small)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0
|
||||
|
||||
ECP read key #2 (short weierstrass, smallest)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"01":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"01":0:1
|
||||
|
||||
ECP read key #3 (short weierstrass, biggest)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0:1
|
||||
|
||||
ECP read key #4 (short weierstrass, too big)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY:0
|
||||
|
||||
ECP read key #5 (Curve25519, most significant bit set)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"000000000000000000000000000000000000000000000000000000000000000C":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"000000000000000000000000000000000000000000000000000000000000000C":0:0
|
||||
|
||||
ECP read key #6 (Curve25519, second most significant bit unset)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3":0:0
|
||||
|
||||
ECP read key #7 (Curve25519, msb OK)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0000000000000000000000000000000000000000000000000000000000000004":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0000000000000000000000000000000000000000000000000000000000000004":0:1
|
||||
|
||||
ECP read key #8 (Curve25519, bit 0 set)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"1000000000000000000000000000000000000000000000000000000000000000":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"1000000000000000000000000000000000000000000000000000000000000000":0:0
|
||||
|
||||
ECP read key #9 (Curve25519, bit 1 set)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"2000000000000000000000000000000000000000000000000000000000000004":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"2000000000000000000000000000000000000000000000000000000000000004":0:0
|
||||
|
||||
ECP read key #10 (Curve25519, bit 2 set)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000004":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000004":0:0
|
||||
|
||||
ECP read key #11 (Curve25519, OK)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":0
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":0:1
|
||||
|
||||
ECP read key #12 (Curve25519, too long)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000000C":MBEDTLS_ERR_ECP_INVALID_KEY
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000000C":MBEDTLS_ERR_ECP_INVALID_KEY:0
|
||||
|
||||
ECP read key #13 (Curve25519, not long enough)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3":MBEDTLS_ERR_ECP_INVALID_KEY
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3":MBEDTLS_ERR_ECP_INVALID_KEY:0
|
||||
|
||||
ECP read key #14 (Curve448, not supported)
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
|
||||
|
||||
ECP read key #15 (Curve25519, not supported)
|
||||
depends_on:!MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
|
||||
|
||||
ECP read key #15 (invalid curve)
|
||||
mbedtls_ecp_read_key:INT_MAX:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
|
||||
mbedtls_ecp_read_key:INT_MAX:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
|
||||
|
||||
ECP read key #16 (Curve25519 RFC, OK)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":0:1
|
||||
|
||||
ECP mod p192 small (more than 192 bits, less limbs than 2 * 192 bits)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
|
||||
@ -1069,12 +1069,14 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected )
|
||||
void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected, int canonical )
|
||||
{
|
||||
int ret = 0;
|
||||
mbedtls_ecp_keypair key;
|
||||
mbedtls_ecp_keypair key2;
|
||||
|
||||
mbedtls_ecp_keypair_init( &key );
|
||||
mbedtls_ecp_keypair_init( &key2 );
|
||||
|
||||
ret = mbedtls_ecp_read_key( grp_id, &key, in_key->x, in_key->len );
|
||||
TEST_ASSERT( ret == expected );
|
||||
@ -1083,10 +1085,52 @@ void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected )
|
||||
{
|
||||
ret = mbedtls_ecp_check_privkey( &key.grp, &key.d );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
|
||||
if( canonical )
|
||||
{
|
||||
unsigned char buf[MBEDTLS_ECP_MAX_BYTES];
|
||||
size_t olen;
|
||||
|
||||
ret = mbedtls_ecp_write_key( grp_id, &key, &olen, buf, in_key->len );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
|
||||
TEST_ASSERT( olen == in_key->len );
|
||||
|
||||
mbedtls_fprintf( stdout, "written key: ");
|
||||
for( size_t i = 0; i < in_key->len; i++ ) {
|
||||
mbedtls_fprintf( stdout, "%02x", buf[i]);
|
||||
}
|
||||
mbedtls_fprintf( stdout, "\n");
|
||||
ASSERT_COMPARE( in_key->x, in_key->len,
|
||||
buf, olen );
|
||||
}
|
||||
else
|
||||
{
|
||||
unsigned char export1[MBEDTLS_ECP_MAX_BYTES];
|
||||
size_t olen1;
|
||||
|
||||
unsigned char export2[MBEDTLS_ECP_MAX_BYTES];
|
||||
size_t olen2;
|
||||
|
||||
ret = mbedtls_ecp_write_key( grp_id, &key, &olen1, export1, in_key->len );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
|
||||
ret = mbedtls_ecp_read_key( grp_id, &key2, export1, in_key->len );
|
||||
TEST_ASSERT( ret == expected );
|
||||
|
||||
ret = mbedtls_ecp_write_key( grp_id, &key2, &olen2, export2, in_key->len );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
|
||||
TEST_ASSERT( olen2 == olen1 );
|
||||
|
||||
ASSERT_COMPARE( export1, olen1,
|
||||
export2, olen2 );
|
||||
}
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_ecp_keypair_free( &key );
|
||||
mbedtls_ecp_keypair_free( &key2 );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
||||
Reference in New Issue
Block a user