psa_util: improve convert_raw_to_der_single_int()

Allow the function to support DER buffers than what it is nominally required by the provided coordinates. In other words let's ignore padding zeros in the raw number. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2026-05-11 22:42:23 +02:00 · 2024-02-05 12:06:46 +01:00
parent 315e4afc0a
commit 954ef4bbd5
4 changed files with 33 additions and 16 deletions
--- a/tests/suites/test_suite_psa_crypto_util.data
+++ b/tests/suites/test_suite_psa_crypto_util.data
@@ -115,3 +115,7 @@ ecdsa_raw_to_der_incremental:512:"9111111111111111111111111111111111111111111111
 ECDSA Raw -> DER, 521bit, Incremental DER buffer sizes
 depends_on:PSA_WANT_ECC_SECP_R1_521
 ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222"
+
+ECDSA Raw -> DER, 256bit, DER buffer of minimal length (1 byte per integer)
+depends_on:PSA_WANT_ECC_SECP_K1_256
+ecdsa_raw_to_der_incremental:256:"00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000002":"3006020101020102"
--- a/tests/suites/test_suite_psa_crypto_util.function
+++ b/tests/suites/test_suite_psa_crypto_util.function
@@ -32,6 +32,7 @@ void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_resul
    size_t ret_len;
    size_t i;

+    /* Test with an output buffer smaller than required (expexted to fail). */
    for (i = 1; i < tmp_buf_len; i++) {
        TEST_CALLOC(tmp_buf, i);
        TEST_ASSERT(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len,
@@ -39,10 +40,16 @@ void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_resul
        mbedtls_free(tmp_buf);
        tmp_buf = NULL;
    }
+    /* Test with an output buffer larger/equal than required (expexted to
+     * succeed). */
+    for (i = tmp_buf_len; i < (2 * tmp_buf_len); i++) {
+        TEST_CALLOC(tmp_buf, i);
+        TEST_ASSERT(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len,
+                                             tmp_buf, i, &ret_len) == 0);
+        mbedtls_free(tmp_buf);
+        tmp_buf = NULL;
+    }

-    TEST_CALLOC(tmp_buf, i);
-    TEST_EQUAL(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len,
-                                        tmp_buf, i, &ret_len), 0);
 exit:
    mbedtls_free(tmp_buf);
 }