Use a plausible input size with asymmetric verification

Otherwise the error status can be PSA_ERROR_INVALID_SIGNATURE instead of the expected PSA_ERROR_NOT_SUPPORTED in some configurations. For example, the RSA verification code currently checks the signature size first whenever PSA_KEY_TYPE_RSA_PUBLIC_KEY is enabled, and only gets into algorithm-specific code if this passes, so it returns INVALID_SIGNATURE even if the specific algorithm is not supported. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-03-15 19:51:53 +01:00 · 2022-03-15 19:51:53 +01:00 · b24ed5261e
commit b24ed5261e
parent e6300959df
1 changed files with 11 additions and 1 deletions
--- a/tests/suites/test_suite_psa_crypto_op_fail.function
+++ b/tests/suites/test_suite_psa_crypto_op_fail.function
@ -240,10 +240,20 @@ void sign_fail( int key_type_arg, data_t *key_data,
                                output, sizeof( output ), &length ) );
    if( ! private_only )
    {
+        /* Determine a plausible signature size to avoid an INVALID_SIGNATURE
+         * error based on this. */
+        PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) );
+        size_t key_bits = psa_get_key_bits( &attributes );
+        size_t output_length = sizeof( output );
+        if( PSA_KEY_TYPE_IS_RSA( key_type ) )
+            output_length = PSA_BITS_TO_BYTES( key_bits );
+        else if( PSA_KEY_TYPE_IS_ECC( key_type ) )
+            output_length = 2 * PSA_BITS_TO_BYTES( key_bits );
+        TEST_ASSERT( output_length <= sizeof( output ) );
        TEST_STATUS( expected_status,
                     psa_verify_hash( key_id, alg,
                                      input, sizeof( input ),
-                                      output, sizeof( output ) ) );
+                                      output, output_length ) );
    }

 exit: