pk_wrap: test if a valid md_alg is passed to ecdsa_verify_wrap
Adjust tests to pass a valid algorithm
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 469dc25..4fc1a85 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -677,12 +677,16 @@
unsigned char buf[buf_len];
unsigned char *p = (unsigned char*) sig;
mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
- psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) );
+ psa_algorithm_t psa_sig_md = translate_md_to_psa( md_alg );
psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id );
if( curve == 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+ if( psa_sig_md == 0 )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ psa_sig_md = PSA_ALG_ECDSA( psa_sig_md );
memset( &signature, 0, sizeof( mbedtls_asn1_buf ) );
key.pk_info = &pk_info;
key.pk_ctx = ctx;
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 4813f71..c7c7075 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -246,7 +246,8 @@
TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
key->x, key->len ) == 0 );
- TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE,
+ // MBEDTLS_MD_SHA1 is a dummy - it is ignored, but has to be other than MBEDTLS_MD_NONE.
+ TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA1,
hash->x, hash->len, sig->x, sig->len ) == ret );
exit: