PK: ensure we test with keys on the stack or heap

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

library/pk.c

@@ -35,26 +35,7 @@
 #include <limits.h>
 #include <stdint.h>
 
-/*
- * We're trying to statisfy two kinds of users:
- * - those who don't want to use the heap;
- * - those who can't afford large stack buffers.
- *
- * The current compromise is that if ECC is the only key type supported in PK,
- * then we export keys on the stack, and otherwise we use the heap.
- */
-#if !defined(MBEDTLS_RSA_C)
-#define PK_EXPORT_KEYS_ON_THE_STACK
-#endif
-
-#if defined(PK_EXPORT_KEYS_ON_THE_STACK)
-/* We know for ECC, pubkey are longer than privkeys, but double check */
-#define PK_EXPORT_KEY_STACK_BUFFER_SIZE  MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#if MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH > PK_EXPORT_KEY_STACK_BUFFER_SIZE
-#undef PK_EXPORT_KEY_STACK_BUFFER_SIZE
-#define PK_EXPORT_KEY_STACK_BUFFER_SIZE  MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
-#endif
-#else
+#if !defined(PK_EXPORT_KEYS_ON_THE_STACK)
 #include "mbedtls/platform.h" // for calloc/free
 #endif
 

library/pk_internal.h

@@ -44,6 +44,27 @@
 #define PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----BEGIN ENCRYPTED PRIVATE KEY-----"
 #define PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8   "-----END ENCRYPTED PRIVATE KEY-----"
 
+/*
+ * We're trying to statisfy two kinds of users:
+ * - those who don't want to use the heap;
+ * - those who can't afford large stack buffers.
+ *
+ * The current compromise is that if ECC is the only key type supported in PK,
+ * then we export keys on the stack, and otherwise we use the heap.
+ */
+#if !defined(MBEDTLS_RSA_C)
+#define PK_EXPORT_KEYS_ON_THE_STACK
+#endif
+
+#if defined(PK_EXPORT_KEYS_ON_THE_STACK)
+/* We know for ECC, pubkey are longer than privkeys, but double check */
+#define PK_EXPORT_KEY_STACK_BUFFER_SIZE  MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#if MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH > PK_EXPORT_KEY_STACK_BUFFER_SIZE
+#undef PK_EXPORT_KEY_STACK_BUFFER_SIZE
+#define PK_EXPORT_KEY_STACK_BUFFER_SIZE  MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
+#endif
+#endif
+
 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
 /**
  * Public function mbedtls_pk_ec() can be used to get direct access to the

tests/suites/test_suite_config.crypto_combinations.data

@@ -12,3 +12,11 @@ pass:
 Config: ECC: Montgomery curves only
 depends_on:!MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED:MBEDTLS_ECP_MONTGOMERY_ENABLED
 pass:
+
+Config: PK export keys on the stack (ECC is the only PK key type)
+depends_on:PK_EXPORT_KEYS_ON_THE_STACK
+pass:
+
+Config: PK export keys on the heap (ECC is not the only PK key type)
+depends_on:!PK_EXPORT_KEYS_ON_THE_STACK
+pass:

tests/suites/test_suite_config.function

@@ -1,5 +1,5 @@
 /* BEGIN_HEADER */
-
+#include "pk_internal.h"
 /* END_HEADER */
 
 /* BEGIN_CASE */