Add test for PK parsing of keys using compressed points #6937
Conversation
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
added
enhancement
needs-ci
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
added
needs-review
Because I'm not sure those curves are supported: Indeed if I try to add it then |
|
Ah good point :) Still, it might be better to be explicit about it and add a negative test case with a comment then. Otherwise it's hard to know if the missing case is intentional or an oversight when looking at it in the future. |
I thought about adding a comment, but you're right: a negative test is probably better here in order to enforce/verify the check |
The test is expected to fail, so we verify that this is really not suppported Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
force-pushed
the
issue6886
branch
from
4bbad5e
to
247d123
Compare
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
force-pushed
the
issue6886
branch
from
247d123
to
fa49a8e
Compare
|
CI is still going, but already unhappy |
valeriosetti
force-pushed
the
issue6886
branch
from
c4a7f05
to
ad0adf6
Compare
|
I created #7060 to track the parts that we decided to consider out of scope here. @gilles-peskine-arm perhaps that should be added to some tech debt list? Also, CI is now green so this is ready for re-review. |
|
Note to self & other gatekeepers: I suspect this might conflict (as in, not seen by git but only by the CI) with #6970 which was just merged, so we want to wait for the nightly re-run of pr-merge before merging this. Temporarily labeling "do not merge" "needs-ci" as a reminder. |
mpg
added
DO-NOT-MERGE
needs-ci
|
No conflict with #6970. Now that I see the results, I should have known: 6970 is about building without ECDSA, and we'll run into problem with compressed points only when building without ECP. Anyway, better safe than sorry. |
include/mbedtls/ecp.h
Outdated
| * Point formats, from RFC 4492's enum ECPointFormat | ||
| /** | ||
| * The uncompressed point format for Short Weierstrass curves | ||
| * (MBEDTLS_ECP_DP_SECP* and MBEDTLS_ECP_DP_BP*). //no-check-names |
There was a problem hiding this comment.
This includes “//no-check-names” in the documentation. That's not good.
Our normal convention is to write XXX or xxx for a wildcard, not *. And check_names.py has an exception for names containing these.
| * (MBEDTLS_ECP_DP_SECP* and MBEDTLS_ECP_DP_BP*). //no-check-names | |
| * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX). |
and likewise below.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
force-pushed
the
issue6886
branch
from
ad0adf6
to
78f79d3
Compare
| * \warning While this format is supported for all concerned curves for | ||
| * writing, when it comes to parsing, it is not supported for all | ||
| * curves. Specifically, parsing compressed points on | ||
| * MBEDTLS_ECP_DP_SECP224R1 and MBEDTLS_ECP_DP_SECP224K1 is not |
There was a problem hiding this comment.
Non-blocker:
| * MBEDTLS_ECP_DP_SECP224R1 and MBEDTLS_ECP_DP_SECP224K1 is not | |
| * #MBEDTLS_ECP_DP_SECP224R1 and #MBEDTLS_ECP_DP_SECP224K1 is not |
(Doxygen automatically makes links for foo(), but not for a macro name.)
gilles-peskine-arm
added
approved
Description
Following merging of PR #6282,
PK parsemodule should now be able to parse EC compressed points. This PR adds some test for that purpose.Resolves #6886
Gatekeeper checklist