From b24ed5261ee22cf84fb6034928c18bc516e55fda Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Mar 2022 19:51:53 +0100 Subject: [PATCH] Use a plausible input size with asymmetric verification Otherwise the error status can be PSA_ERROR_INVALID_SIGNATURE instead of the expected PSA_ERROR_NOT_SUPPORTED in some configurations. For example, the RSA verification code currently checks the signature size first whenever PSA_KEY_TYPE_RSA_PUBLIC_KEY is enabled, and only gets into algorithm-specific code if this passes, so it returns INVALID_SIGNATURE even if the specific algorithm is not supported. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto_op_fail.function | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_op_fail.function b/tests/suites/test_suite_psa_crypto_op_fail.function index 4ab8b526d..8b50f1029 100644 --- a/tests/suites/test_suite_psa_crypto_op_fail.function +++ b/tests/suites/test_suite_psa_crypto_op_fail.function @@ -240,10 +240,20 @@ void sign_fail( int key_type_arg, data_t *key_data, output, sizeof( output ), &length ) ); if( ! private_only ) { + /* Determine a plausible signature size to avoid an INVALID_SIGNATURE + * error based on this. */ + PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); + size_t key_bits = psa_get_key_bits( &attributes ); + size_t output_length = sizeof( output ); + if( PSA_KEY_TYPE_IS_RSA( key_type ) ) + output_length = PSA_BITS_TO_BYTES( key_bits ); + else if( PSA_KEY_TYPE_IS_ECC( key_type ) ) + output_length = 2 * PSA_BITS_TO_BYTES( key_bits ); + TEST_ASSERT( output_length <= sizeof( output ) ); TEST_STATUS( expected_status, psa_verify_hash( key_id, alg, input, sizeof( input ), - output, sizeof( output ) ) ); + output, output_length ) ); } exit: