Implement and test mbedtls_ecp_write_key

mbedtls_ecp_write_key is a mirror function to mbedtls_ecp_read_key, which writes a private key back into a byte buffer in the correct format. This is a helpful convenience function, since the byte order is defined differently between Montgomery and Weierstrass curves. Since this difference is accounted for in mbedtls_ecp_read_key, it made sense to add mbedtls_ecp_write_key for the purpose of abstracting this away such that psa_export_key doesn't need to take byte order into account. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2025-07-30 22:43:08 +03:00 · 2020-06-09 19:55:26 +02:00
parent 0af1560919
commit de8593f2fe
4 changed files with 133 additions and 17 deletions
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@ -1069,12 +1069,14 @@ exit:
 /* END_CASE */

 /* BEGIN_CASE */
-void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected )
+void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected, int canonical )
 {
    int ret = 0;
    mbedtls_ecp_keypair key;
+    mbedtls_ecp_keypair key2;

    mbedtls_ecp_keypair_init( &key );
+    mbedtls_ecp_keypair_init( &key2 );

    ret = mbedtls_ecp_read_key( grp_id, &key, in_key->x, in_key->len );
    TEST_ASSERT( ret == expected );
@ -1083,10 +1085,52 @@ void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected )
    {
        ret = mbedtls_ecp_check_privkey( &key.grp, &key.d );
        TEST_ASSERT( ret == 0 );
+
+        if( canonical )
+        {
+            unsigned char buf[MBEDTLS_ECP_MAX_BYTES];
+            size_t olen;
+
+            ret = mbedtls_ecp_write_key( grp_id, &key, &olen, buf, in_key->len );
+            TEST_ASSERT( ret == 0 );
+
+            TEST_ASSERT( olen == in_key->len );
+
+            mbedtls_fprintf( stdout, "written key: ");
+            for( size_t i = 0; i < in_key->len; i++ ) {
+                mbedtls_fprintf( stdout, "%02x", buf[i]);
+            }
+            mbedtls_fprintf( stdout, "\n");
+            ASSERT_COMPARE( in_key->x, in_key->len,
+                            buf, olen );
+        }
+        else
+        {
+            unsigned char export1[MBEDTLS_ECP_MAX_BYTES];
+            size_t olen1;
+
+            unsigned char export2[MBEDTLS_ECP_MAX_BYTES];
+            size_t olen2;
+
+            ret = mbedtls_ecp_write_key( grp_id, &key, &olen1, export1, in_key->len );
+            TEST_ASSERT( ret == 0 );
+
+            ret = mbedtls_ecp_read_key( grp_id, &key2, export1, in_key->len );
+            TEST_ASSERT( ret == expected );
+
+            ret = mbedtls_ecp_write_key( grp_id, &key2, &olen2, export2, in_key->len );
+            TEST_ASSERT( ret == 0 );
+
+            TEST_ASSERT( olen2 == olen1 );
+
+            ASSERT_COMPARE( export1, olen1,
+                            export2, olen2 );
+        }
    }

 exit:
    mbedtls_ecp_keypair_free( &key );
+    mbedtls_ecp_keypair_free( &key2 );
 }
 /* END_CASE */