From 2a3ffb4203b952a7de3512db311e45e6d4e332f3 Mon Sep 17 00:00:00 2001
From: Valerio Setti <vsetti@baylibre.com>
Date: Thu, 8 Dec 2022 16:27:46 +0100
Subject: [PATCH] test: pake: add test for opaque password key

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
---
 tests/suites/test_suite_ssl.function | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 3d9a6fd73..01d4fe357 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -6237,10 +6237,21 @@ void ssl_ecjpake_set_password( int use_opaque_arg )
     {
         psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
 
-        psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
+        /* First try with an invalid usage */
+        psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
         psa_set_key_algorithm( &attributes, PSA_ALG_JPAKE );
         psa_set_key_type( &attributes, PSA_KEY_TYPE_PASSWORD );
 
+        PSA_ASSERT( psa_import_key( &attributes, pwd_string,
+                    pwd_len, &pwd_slot ) );
+
+        ECJPAKE_TEST_SET_PASSWORD( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+        psa_destroy_key( pwd_slot );
+
+        /* Then set the correct usage */
+        psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
+
         PSA_ASSERT( psa_import_key( &attributes, pwd_string,
                     pwd_len, &pwd_slot ) );
     }