Clarify why we set num_ops to 1 in iop key generation
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c
index c6036e7..7fccc72 100644
--- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c
+++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c
@@ -645,6 +645,10 @@
return mbedtls_to_psa_error(status);
}
+ /* Our implementation of key generation only generates the private key
+ which doesn't invlolve any ECC arithmetic operations so number of ops
+ is less than 1 but we round up to 1 to differentiate between num ops of
+ 0 which means no work has been done this facilitates testing. */
operation->num_ops = 1;
status = mbedtls_mpi_write_binary(&operation->ecp.d, key_output, key_output_size);
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function
index 81526f7..4d00142 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function
@@ -10174,6 +10174,12 @@
if (status == PSA_SUCCESS || status == PSA_OPERATION_INCOMPLETE) {
num_ops = psa_generate_key_iop_get_num_ops(&operation);
+ /* Our implementation of key generation only generates the private key
+ which doesn't invlolve any ECC arithmetic operations so number of ops
+ is less than 1 but we round up to 1 to differentiate between num ops of
+ 0 which means no work has been done this facilitates testing.
+ It is acceptable however for other implementations to set the number of
+ ops to zero. */
TEST_LE_U(num_ops_prior + 1, num_ops);
num_ops_prior = num_ops;