Fix broken test with MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
When testing the lifecycle of a transient key, it doesn't make much sense to try psa_open_key: that expects a persistent key and the lookup takes a different path. The error from psa_open_key is also different depending on whether MBEDTLS_PSA_CRYPTO_STORAGE_C is enabled. To check that the key ownership is taken into account, try to access the same key id with a different owner without expecting that this is a persistent key. Just call psa_get_key_attributes, which works fine for a transient key. This fixes a test failure when MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is enabled and MBEDTLS_PSA_CRYPTO_STORAGE_C is disabled. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
0c98f9f842
commit
5f573f8301
2 changed files with 2 additions and 6 deletions
|
@ -38,9 +38,6 @@
|
|||
/* pkparse.c fails to link without this. */
|
||||
#define MBEDTLS_OID_C
|
||||
|
||||
/* Since MBEDTLS_PSA_CRYPTO_STORAGE_C is disabled, we need to disable this to
|
||||
pass test_suite_psa_crypto_slot_management. */
|
||||
#undef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
|
||||
/* Use built-in platform entropy functions. */
|
||||
#undef MBEDTLS_NO_PLATFORM_ENTROPY
|
||||
/* Disable buffer-based memory allocator */
|
||||
|
|
|
@ -142,7 +142,6 @@ void transient_slot_lifecycle(int owner_id_arg,
|
|||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||
{
|
||||
psa_key_handle_t handle;
|
||||
mbedtls_svc_key_id_t key_with_invalid_owner =
|
||||
mbedtls_svc_key_id_make(owner_id + 1,
|
||||
MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key));
|
||||
|
@ -150,8 +149,8 @@ void transient_slot_lifecycle(int owner_id_arg,
|
|||
TEST_ASSERT(mbedtls_key_owner_id_equal(
|
||||
owner_id,
|
||||
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key)));
|
||||
TEST_EQUAL(psa_open_key(key_with_invalid_owner, &handle),
|
||||
PSA_ERROR_DOES_NOT_EXIST);
|
||||
TEST_EQUAL(psa_get_key_attributes(key_with_invalid_owner, &attributes),
|
||||
PSA_ERROR_INVALID_HANDLE);
|
||||
}
|
||||
#endif
|
||||
|
||||
|
|
Loading…
Reference in a new issue