test_suite_pk: fix guards in pk_psa_sign()

If the public key is exported with mbedtls_pk_write_pubkey_der()
it should be re-imported with mbedtls_pk_parse_public_key().
Alternative options (when PK_WRITE is not defined), i.e.
mbedtls_ecp_point_write_binary() and mbedtls_rsa_write_pubkey(),
export the key in a different format which cannot be parsed by
pk_parse module so mbedtls_ecp_point_read_binary() and
mbedtls_rsa_parse_pubkey() should be used respectively in this
case.

Signed-off-by: Valerio Setti <[email protected]>

Author: valeriosetti

tests/suites/test_suite_pk.function

@@ -1875,7 +1875,7 @@ void pk_psa_sign(int psa_type, int bits, int rsa_padding)
 #endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */
 
     /* Export public key from the non-opaque PK context we just created. */
-#if defined(MBEDTLS_PK_WRITE_C)
+#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C)
     ret = mbedtls_pk_write_pubkey_der(&pk, legacy_pub_key, sizeof(legacy_pub_key));
     TEST_ASSERT(ret >= 0);
     legacy_pub_key_len = (size_t) ret;
@@ -1884,7 +1884,7 @@ void pk_psa_sign(int psa_type, int bits, int rsa_padding)
     memmove(legacy_pub_key,
             legacy_pub_key + sizeof(legacy_pub_key) - legacy_pub_key_len,
             legacy_pub_key_len);
-#else /* MBEDTLS_PK_WRITE_C */
+#else /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C */
 #if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
     if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
         TEST_EQUAL(mbedtls_ecp_point_write_binary(&(mbedtls_pk_ec_ro(pk)->grp),
@@ -1905,7 +1905,7 @@ void pk_psa_sign(int psa_type, int bits, int rsa_padding)
         memmove(legacy_pub_key, end, legacy_pub_key_len);
     }
 #endif /* MBEDTLS_RSA_C */
-#endif /* MBEDTLS_PK_WRITE_C */
+#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C */
 
     /* Turn the PK context into an opaque one. */
     TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, PSA_KEY_USAGE_SIGN_HASH, &attributes), 0);
@@ -1932,18 +1932,18 @@ void pk_psa_sign(int psa_type, int bits, int rsa_padding)
     }
 
     /* Export public key from the opaque PK context. */
-#if defined(MBEDTLS_PK_WRITE_C)
+#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C)
     ret = mbedtls_pk_write_pubkey_der(&pk, opaque_pub_key, sizeof(opaque_pub_key));
     TEST_ASSERT(ret >= 0);
     opaque_pub_key_len = (size_t) ret;
     /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
     memmove(opaque_pub_key,
             opaque_pub_key + sizeof(opaque_pub_key) - opaque_pub_key_len,
             opaque_pub_key_len);
-#else /* MBEDTLS_PK_WRITE_C */
+#else /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C */
     TEST_EQUAL(psa_export_public_key(key_id, opaque_pub_key, sizeof(opaque_pub_key),
                                      &opaque_pub_key_len), PSA_SUCCESS);
-#endif /* MBEDTLS_PK_WRITE_C */
+#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C */
 
     /* Check that the public keys of opaque and non-opaque PK contexts match. */
     TEST_EQUAL(opaque_pub_key_len, legacy_pub_key_len);
@@ -1955,9 +1955,9 @@ void pk_psa_sign(int psa_type, int bits, int rsa_padding)
 
     /* Create a new non-opaque PK context to verify the signature. */
     mbedtls_pk_init(&pk);
-#if defined(MBEDTLS_PK_PARSE_C)
+#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C)
     TEST_EQUAL(mbedtls_pk_parse_public_key(&pk, legacy_pub_key, legacy_pub_key_len), 0);
-#else /* MBEDTLS_PK_PARSE_C */
+#else /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C */
 #if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
     if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
         TEST_EQUAL(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0);
@@ -1974,7 +1974,7 @@ void pk_psa_sign(int psa_type, int bits, int rsa_padding)
                                             legacy_pub_key_len), 0);
     }
 #endif /* MBEDTLS_RSA_C */
-#endif /* MBEDTLS_PK_PARSE_C */
+#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C */
 
 #if defined(MBEDTLS_RSA_C)
     if (PSA_KEY_TYPE_IS_RSA(psa_type)) {