[framework] tests: pk: add a common function to create a PSA key out of predefined keys #257
Conversation
valeriosetti
added
needs-ci
github-project-automation
bot
moved this to In Development
in Roadmap pull requests (new board)
valeriosetti
force-pushed
the
issue598-framework
branch
4 times, most recently
from
0408ec1 to
8532c59
Compare
Signed-off-by: Valerio Setti <[email protected]>
valeriosetti
force-pushed
the
issue598-framework
branch
4 times, most recently
from
29b9600 to
267f3d2
Compare
…ader - declare all arrays and structures as static - add guards to the header file This allows multiple inclusions of the generated header file. Signed-off-by: Valerio Setti <[email protected]>
valeriosetti
force-pushed
the
issue598-framework
branch
from
267f3d2 to
b984d1c
Compare
valeriosetti
added
needs-review
gilles-peskine-arm
left a comment
gilles-peskine-arm
left a comment
There was a problem hiding this comment.
A few remarks and suggestions
| #ifndef TEST_TEST_KEYS_H | ||
| #define TEST_TEST_KEYS_H | ||
| #if !defined(MBEDTLS_VERSION_MAJOR) || MBEDTLS_VERSION_MAJOR >= 4 |
There was a problem hiding this comment.
That works, but mbedtls/private/ecp.h never existed in Mbed TLS, so it's a strange way to put it. How about
| #if !defined(MBEDTLS_VERSION_MAJOR) || MBEDTLS_VERSION_MAJOR >= 4 | |
| #if TF_PSA_CRYPTO_VERSION_MAJOR >= 1 |
Same in pk_helpers.c.
| #if defined(__GNUC__) || defined(__clang__) | ||
| #define UNUSED __attribute__((unused)) | ||
| #else | ||
| #define UNUSED | ||
| #endif |
There was a problem hiding this comment.
We already have MBEDTLS_MAYBE_UNUSED
| #define UNUSED | ||
| #endif | ||
| static struct predefined_key_element predefined_keys[] UNUSED = {{ |
There was a problem hiding this comment.
We normally put MBEDTLS_MAYBE_UNUSED at the very beginning of the definition, before static and the type. It doesn't matter with GCC-like compilers, but it might matter with other compilers.
| TEST_PK_COPY_PUBLIC_FROM_PSA, | ||
| } pk_context_populate_method_t; | ||
|
|
||
| int pk_helpers_get_predefined_key_data(int is_ec, int group_id_or_keybits, |
There was a problem hiding this comment.
Please document any function in a public header of the subproject. (It's a good idea to document all declarations in headers, really.) framework/tests/include is public for the framework.
| TEST_PK_COPY_PUBLIC_FROM_PSA, | ||
| } pk_context_populate_method_t; | ||
|
|
||
| int pk_helpers_get_predefined_key_data(int is_ec, int group_id_or_keybits, |
There was a problem hiding this comment.
All linkable functions should have one of the prefixes mbedtls_, psa_ or tf_psa_crypto_.
| @@ -0,0 +1,38 @@ | |||
| /* | |||
| * Helper functions for PK | |||
There was a problem hiding this comment.
Please document that this is only for TF-PSA-Crypto 1.0 and above.
| if (group_id_or_keybits == predefined_keys[i].group_id) { | ||
| predefined_key = &predefined_keys[i]; | ||
| } | ||
| } else if (group_id_or_keybits == predefined_keys[i].keybits) { |
There was a problem hiding this comment.
Missing: check that it's an ECC key, and not an RSA key that happens to have the right size (or in the future ML-DSA, etc.).
On a related note, the check for the EC case above assumes that predefined_keys[i].group_id for a non-EC key cannot be equal to group_id_or_keybits for an EC key, which is currently true, but is fragile.
| return 0; | ||
| } | ||
|
|
||
| TEST_FAIL("Unsupported key"); |
There was a problem hiding this comment.
If this failure point is reached, the only feedback you get from the test output is:
- that this point was reached;
- the message “Unsupported key”;
- the test step, if set with
mbedtls_test_set_step(); - which test case is currently executing.
In particular, there's no indication of the key type and size that was sought.
Unfortunately, the argument to TEST_FAIL must be a string literal, because the memory containing the string has to still be alive when the test function returns. But there's a way to smuggle some extra information in two additional lines with a length limit. The functions to do that directly aren't exposed and aren't thread-safe. But you can at least easily smuggle an extra integer (or even two) with TEST_EQUAL. So you can write something like
if (ec) {
int ec_group_found = 0;
TEST_EQUAL(group_id_or_key_bits, found);
} else {
int rsa_bits_found = 0;
TEST_EQUAL(group_id_or_key_bits, rsa_bits_found);
}
| if (PSA_KEY_TYPE_IS_RSA(key_type)) { | ||
| ret = pk_helpers_get_predefined_key_data(0, key_bits, &priv_key, &priv_key_len, | ||
| &pub_key, &pub_key_len); | ||
| TEST_EQUAL(ret, 0); |
There was a problem hiding this comment.
If pk_helpers_get_predefined_key_data returns nonzero, it already marks the test case as failed. So if (ret != 0) goto exit would have the same effect.
| TEST_FAIL("Unknown method"); | ||
| } | ||
|
|
||
| exit:; /* Needed to make compiler happy */ |
There was a problem hiding this comment.
If pk_helpers_populate_context fails, you probably want to let the caller know so that it can goto exit.
gilles-peskine-arm
added
needs-work
and removed
needs-review
3 participants
Description
Prerequisite for Mbed-TLS/TF-PSA-Crypto#600
PR checklist