all.sh: keep RSA_C enabled in component_full_no_pkparse_pkwrite()
This is possible because after #8740 RSA_C no longer depends on
PK to parse and write private/public keys.
This commit also solves related issues that arose after this change
in "pk.c" and "test_suite_pk". In particular now we can use
rsa's module functions for parsing and writing keys without need
to rely on pk_parse and pk_write functions.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/library/pk.c b/library/pk.c
index 2c0ef68..580fa0e 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -1021,7 +1021,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t psa_sig_alg = PSA_ALG_RSA_PSS_ANY_SALT(psa_md_alg);
p = buf + sizeof(buf);
- key_len = mbedtls_pk_write_pubkey(&p, buf, ctx);
+ key_len = mbedtls_rsa_write_pubkey(mbedtls_pk_rsa(*ctx), buf, &p);
if (key_len < 0) {
return key_len;
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index e101bb6..6f47a5e 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1559,11 +1559,6 @@
scripts/config.py unset MBEDTLS_PK_PARSE_C
scripts/config.py unset MBEDTLS_PK_WRITE_C
- # Disable features that re-enable PK_PARSE_C
- scripts/config.py unset MBEDTLS_RSA_C
- scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all PSA_WANT_ALG_RSA
- scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all PSA_WANT_KEY_TYPE_RSA
-
make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
# Ensure that PK_[PARSE|WRITE]_C were not re-enabled accidentally (additive config).
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 43f9e4f..2b37110 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -9,6 +9,7 @@
#include "mbedtls/ecp.h"
#include "mbedtls/error.h"
#include "mbedtls/rsa.h"
+#include "rsa_internal.h"
#include "pk_internal.h"
#include <limits.h>
@@ -1898,8 +1899,10 @@
mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_NONE);
}
- /* Export underlying public key for re-importing in a legacy context. */
- ret = mbedtls_pk_write_pubkey_der(&pk, pkey, sizeof(pkey));
+ /* Export underlying public key for re-importing in a legacy context.
+ * Note: mbedtls_rsa_write_key() writes backwards in the data buffer. */
+ pkey_start = pkey + sizeof(pkey);
+ ret = mbedtls_rsa_write_pubkey(mbedtls_pk_rsa(pk), pkey, &pkey_start);
TEST_ASSERT(ret >= 0);
pkey_len = (size_t) ret;
@@ -1924,7 +1927,9 @@
TEST_EQUAL(PSA_SUCCESS, psa_destroy_key(key_id));
mbedtls_pk_init(&pk);
- TEST_EQUAL(mbedtls_pk_parse_public_key(&pk, pkey_start, pkey_len), 0);
+ TEST_EQUAL(mbedtls_pk_setup(&pk,
+ mbedtls_pk_info_from_type(pk_type)), 0);
+ TEST_EQUAL(mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(pk), pkey_start, pkey_len), 0);
if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) {
rsassa_pss_options.mgf1_hash_id = md_alg;