Avoid parse/unparse public ECC keys in PK with USE_PSA

[valeriosetti]

Description

This PR tries to avoid the usage of ECP/MPI functions for parsing/writing public keys in PK module by keeping its content in raw format inside the mbedtls_pk_context structure. Besides this raw format also fits well with what PSA expexts for import.

Resolves #7073

Depends on #7387 for a possible code improvement explained here

Note

According to the description of #7074 this seems to be an initial attempt which will include in the future also private keys. As a consequence I expect it will undergo a deep review process, so I keep it drafted until I got some initial feedback from @mpg and the CI passing all the tests.

Gatekeeper checklist

• changelog not provided - will be added in driver-only ECC: ECPf wrap-up #7452
• backport not required
• tests provided (maybe more are required for the new functions I added?)

[mprse]

This is just partial review. I will be off till the end of the week so I'm posting my current review state.

Few general comments:

• I think we do not need to use MBEDTLS_PRIVATE in library code as MBEDTLS_ALLOW_PRIVATE_ACCESS is enabled for library.
• for result checks we usually use (ret != 0) not (ret < 0) I think we should stick to this form.
• Not sure if we should check null pointers. For sure we are not doing this for PSA. Needs to be clarified.

[valeriosetti]

Rebased to solve conflicts with development. I work on the required changes on following commits

[mprse]

Thanks for addressing last comments.
Added few more comments.

General comments from previous review still stand:

• There are still places where if (ret < 0) checks are used.
• Accessing private fields in library can be done without MBEDTLS_PRIVATE (should be confirmed by @mpg)
• NULL checks (should be confirmed by @mpg)

[valeriosetti]

General comments from previous review still stand:

@mprse Sorry, I forgot to fix those. A part from the "NULL point check", now the other 2 points should be addressed now

[mprse]

Seems that Travis is unhappy. test_suite_debug test failed in full config.

[mpg]

• Add missing USE_PSA_INIT()/DONE() in tests - actually while at it we could do this in a systematic way: according to our own documentation all PK, X.509 and SSL tests should have it (unless they already have MD_OR_USE_PSA_INIT()/DONE() of course, or a plain PSA_INIT()/PSA_DONE() for 1.3 tests). (Note: there's one in mbedtls_test_ssl_perform_handshake(), so test functions that are merely a wrapper around that don't need it.)

Actually could you create a separate PR for that? This is something we'll want to backport.

Note: #7443 is doing the equivalent with programs, so after #7443 and the PR I'm requesting above, this class of problems should be fixed for good.

[mpg]

I think the general design is good. I didn't review all the details, since as discussed before, we're going to use new PRs in order to finalize this.

[mpg]

I don't think a function that accepts a const pointer to cast it to non-const internally. Either all the other functions called can be made to take a const argument as well, and then we should do it, or the function should take a non-const argument.

(This can be acceptable for a prototype, but will need fixing when finalizing things.)

Note: I happened to comment here because I was reading things out of order, but that holds for all other functions.

[valeriosetti]

I also noticed that there is a little mix between const and non-const parameters in pk_wrap functions. I would tend to go for the non-const solution since this might take some castings away and simplify code readings.
However I will investigate further before taking any direction when I'll have to work on this part

[mpg]

Yes, I think we should definitely start with everything non-const, get the CI to pass (perhaps even merge), and only then try adding const everywhere and see if that works or if we need to be more clever - or perhaps abandon the whole const idea.

[mpg]

Note: this is superseded by #7443

[mpg]

Like mbedtls_pk_update_public_key_from_keypair() above, we should list types that are supported instead.

[mpg]

Minor/optimisation: Do we really need to make a copy here?

[valeriosetti]

Right, this is totally useless (also the mbedtls_pk_get_public_key function itself since it used only here). I think I got slightly confused during the development of this PR by "who" is accessing internal data of the pk_context structure. I mean, if it's from "inside" the library, then there is no need for an extra function to get that kind of data: we can simply read the raw buffer directly.

[mpg]

Clearly if it's from within PK itself, we can and should read the raw buffer directly. If it's from higher-level modules (X.509, TLS), then accessing struct members directly is technically possible, but we should think whether it's the right thing to do or if an internal API would be better - loose coupling and all that.

Probably depends on the situation, but in the past we've erred too much on the side of high-level modules relying on internal details of very low-level modules such as ECP or Bignum, so please do not blindly follow what existing code is doing when it comes to that kind of question :)

[valeriosetti]

This PR is reshaped in #7554 so I'm closing this one