pk_info: Make signature_size mandatory

All pk implementations must supply a signature_size method if they
support signing.
Move the function together with the other metadata functions.

include/mbedtls/pk_info.h

@@ -106,6 +106,14 @@ struct mbedtls_pk_info_t
      * usage restrictions into account. */
     int (*can_do)( const void * ctx, mbedtls_pk_type_t type );
 
+    /** Signature size
+     *
+     * mbedtls_pk_signature_size() returns this value.
+     *
+     * Opaque implementations may omit this method if they do not support
+     * signature. */
+    size_t (*signature_size_func)( const void *ctx );
+
     /** Verify signature
      *
      * mbedtls_pk_verify() calls this function.
@@ -210,14 +218,6 @@ struct mbedtls_pk_info_t
      * Opaque implementations may omit this method. */
     void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items );
 
-    /** Signature size
-     *
-     * mbedtls_pk_signature_size() returns this value.
-     *
-     * Opaque implementations may omit this method. In this case, the value
-     * returned by \c get_bitlen (rounded up to a whole number of bytes)
-     * is used instead. */
-    size_t (*signature_size_func)( const void *ctx );
 };
 
 #ifdef __cplusplus

library/pk.c

@@ -363,9 +363,9 @@ size_t mbedtls_pk_signature_size( const mbedtls_pk_context *ctx )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
     if( ctx->pk_info->signature_size_func == NULL )
-        return( ( ctx->pk_info->get_bitlen( ctx->pk_ctx ) + 7 ) / 8 );
-    else
-        return( ctx->pk_info->signature_size_func( ctx->pk_ctx ) );
+        return( 0 );
+
+    return( ctx->pk_info->signature_size_func( ctx->pk_ctx ) );
 }
 
 /*

library/pk_wrap.c

@@ -119,6 +119,12 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
                 md_alg, (unsigned int) hash_len, hash, sig ) );
 }
 
+static size_t rsa_signature_size( const void *ctx_arg )
+{
+    const mbedtls_rsa_context *ctx = ctx_arg;
+    return( ctx->len );
+}
+
 static int rsa_decrypt_wrap( void *ctx,
                     const unsigned char *input, size_t ilen,
                     unsigned char *output, size_t *olen, size_t osize,
@@ -187,6 +193,7 @@ const mbedtls_pk_info_t mbedtls_rsa_info = {
     "RSA",
     rsa_get_bitlen,
     rsa_can_do,
+    rsa_signature_size,
     rsa_verify_wrap,
     rsa_sign_wrap,
     rsa_decrypt_wrap,
@@ -195,7 +202,6 @@ const mbedtls_pk_info_t mbedtls_rsa_info = {
     rsa_alloc_wrap,
     rsa_free_wrap,
     rsa_debug,
-    NULL,
 };
 #endif /* MBEDTLS_RSA_C */
 
@@ -305,11 +311,13 @@ const mbedtls_pk_info_t mbedtls_eckey_info = {
     eckey_get_bitlen,
     eckey_can_do,
 #if defined(MBEDTLS_ECDSA_C)
+    ecdsa_signature_size,
     eckey_verify_wrap,
     eckey_sign_wrap,
 #else
     NULL,
     NULL,
+    NULL,
 #endif
     NULL,
     NULL,
@@ -317,11 +325,6 @@ const mbedtls_pk_info_t mbedtls_eckey_info = {
     eckey_alloc_wrap,
     eckey_free_wrap,
     eckey_debug,
-#if defined(MBEDTLS_ECDSA_C)
-    ecdsa_signature_size,
-#else
-    NULL,
-#endif
 };
 
 /*
@@ -343,11 +346,11 @@ const mbedtls_pk_info_t mbedtls_eckeydh_info = {
     NULL,
     NULL,
     NULL,
+    NULL,
     eckey_check_pair,
     eckey_alloc_wrap,       /* Same underlying key structure */
     eckey_free_wrap,        /* Same underlying key structure */
     eckey_debug,            /* Same underlying key structure */
-    NULL,
 };
 #endif /* MBEDTLS_ECP_C */
 
@@ -404,6 +407,7 @@ const mbedtls_pk_info_t mbedtls_ecdsa_info = {
     "ECDSA",
     eckey_get_bitlen,     /* Compatible key structures */
     ecdsa_can_do,
+    ecdsa_signature_size,
     ecdsa_verify_wrap,
     ecdsa_sign_wrap,
     NULL,
@@ -412,7 +416,6 @@ const mbedtls_pk_info_t mbedtls_ecdsa_info = {
     ecdsa_alloc_wrap,
     ecdsa_free_wrap,
     eckey_debug,        /* Compatible key structures */
-    ecdsa_signature_size,
 };
 #endif /* MBEDTLS_ECDSA_C */
 
@@ -452,6 +455,13 @@ static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
                 md_alg, (unsigned int) hash_len, hash, sig ) );
 }
 
+static size_t rsa_alt_signature_size( const void *ctx )
+{
+    const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx;
+
+    return( rsa_alt->key_len_func( rsa_alt->key ) );
+}
+
 static int rsa_alt_decrypt_wrap( void *ctx,
                     const unsigned char *input, size_t ilen,
                     unsigned char *output, size_t *olen, size_t osize,
@@ -520,6 +530,7 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
     "RSA-alt",
     rsa_alt_get_bitlen,
     rsa_alt_can_do,
+    rsa_alt_signature_size,
     NULL,
     rsa_alt_sign_wrap,
     rsa_alt_decrypt_wrap,
@@ -532,7 +543,6 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
     rsa_alt_alloc_wrap,
     rsa_alt_free_wrap,
     NULL,
-    NULL,
 };
 
 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */

tests/suites/test_suite_pk.function

@@ -751,6 +751,7 @@ void pk_opaque_mock( )
         "mock",
         opaque_mock_get_bitlen,
         opaque_mock_can_do,
+        opaque_mock_signature_size_func,
         opaque_mock_verify_func,
         opaque_mock_sign_func,
         opaque_mock_decrypt_func,
@@ -759,7 +760,6 @@ void pk_opaque_mock( )
         opaque_mock_ctx_alloc_func,
         opaque_mock_ctx_free_func,
         opaque_mock_debug_func,
-        opaque_mock_signature_size_func,
     };
     mbedtls_pk_context ctx;
     unsigned char sig[OPAQUE_MOCK_SIGNATURE_SIZE] = OPAQUE_MOCK_GOOD_SIGNATURE;
@@ -868,8 +868,8 @@ void pk_opaque_minimal( )
         NULL,
         NULL,
         NULL,
-        opaque_mock_ctx_free_func,
         NULL,
+        opaque_mock_ctx_free_func,
         NULL,
     };
     mbedtls_pk_context ctx;
@@ -883,8 +883,7 @@ void pk_opaque_minimal( )
     TEST_ASSERT( mbedtls_pk_get_bitlen( &ctx ) == OPAQUE_MOCK_BITLEN );
     TEST_ASSERT( mbedtls_pk_can_do( &ctx, OPAQUE_MOCK_CAN_DO ) == 1 );
     TEST_ASSERT( mbedtls_pk_can_do( &ctx, OPAQUE_MOCK_CAN_DO ^ 1 ) == 0 );
-    TEST_ASSERT( mbedtls_pk_signature_size( &ctx ) ==
-                 ( OPAQUE_MOCK_BITLEN + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_pk_signature_size( &ctx ) == 0 );
 
     TEST_ASSERT( mbedtls_pk_verify( &ctx, OPAQUE_MOCK_MD_ALG,
                                     NULL, 0, NULL, 0 ) ==
@@ -939,8 +938,8 @@ void pk_opaque_fail_allocation( )
         NULL,
         NULL,
         NULL,
-        opaque_mock_ctx_alloc_fail,
         NULL,
+        opaque_mock_ctx_alloc_fail,
         NULL,
         NULL,
     };
@@ -970,6 +969,7 @@ void pk_opaque_wrapper( )
         "RSA-opaque-wrapper",
         mbedtls_rsa_info->get_bitlen,
         mbedtls_rsa_info->can_do,
+        mbedtls_rsa_info->signature_size_func,
         mbedtls_rsa_info->verify_func,
         mbedtls_rsa_info->sign_func,
         mbedtls_rsa_info->decrypt_func,
@@ -978,7 +978,6 @@ void pk_opaque_wrapper( )
         mbedtls_rsa_info->ctx_alloc_func,
         mbedtls_rsa_info->ctx_free_func,
         mbedtls_rsa_info->debug_func,
-        NULL, // signature_size_func: the fallback implementation is fine
     };
 
     /* Generate an RSA key to use in both contexts */