pk: add checks for the returned ECC family

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

library/pk.c

@@ -224,6 +224,9 @@ int mbedtls_pk_update_public_key_from_keypair(mbedtls_pk_context *pk,
 
     pk->ec_family = mbedtls_ecc_group_to_psa(ecp_keypair->grp.id,
                                              &pk->ec_bits);
+    if (pk->ec_family == 0) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
 
     return 0;
 }

library/pk_wrap.c

@@ -1150,6 +1150,10 @@ static int eckey_check_pair_psa(mbedtls_pk_context *pub, mbedtls_pk_context *prv
 #endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
     const size_t curve_bytes = PSA_BITS_TO_BYTES(curve_bits);
 
+    if (curve == 0) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
     psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve));
     psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT);
 

tests/suites/test_suite_pk.function

@@ -38,6 +38,10 @@ static int pk_genkey_ec(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id)
     size_t key_len;
     int ret;
 
+    if (curve == 0) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
     psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve));
     psa_set_key_bits(&key_attr, curve_bits);
     psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT);