Change the number of expected free key slots
Development TLS code now uses PSA to generate an
ECDH private key. Although this would not be required
in 2.28 branch, it is backported for compatibility.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 44be824..90dc177 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -4562,6 +4562,7 @@
enum { BUFFSIZE = 17000 };
mbedtls_endpoint client, server;
mbedtls_psa_stats_t stats;
+ size_t free_slots_before = -1;
#if defined(MBEDTLS_TIMING_C)
mbedtls_timing_delay_context timer_client, timer_server;
@@ -4611,6 +4612,11 @@
MBEDTLS_SSL_CLIENT_KEY_EXCHANGE )
== 0 );
+ mbedtls_psa_get_stats( &stats );
+ /* Save the number of slots in use up to this point.
+ * With PSA, one can be used for the ECDH private key. */
+ free_slots_before = stats.empty_slots;
+
/* Force a simulated bitflip in the server key. to make the
* raw key agreement in ssl_write_client_key_exchange fail. */
(client.ssl).handshake->ecdh_psa_peerkey[5] ^= 0x02;
@@ -4623,11 +4629,15 @@
mbedtls_psa_get_stats( &stats );
/* Make sure that the key slot is destroyed properly in case of failure. */
- TEST_ASSERT( stats.empty_slots == MBEDTLS_PSA_KEY_SLOT_COUNT );
+ TEST_ASSERT( free_slots_before == stats.empty_slots );
exit:
mbedtls_endpoint_free( &client, &client_context );
mbedtls_endpoint_free( &server, &server_context );
+
+ mbedtls_psa_get_stats( &stats );
+ TEST_ASSERT( stats.empty_slots == MBEDTLS_PSA_KEY_SLOT_COUNT );
+
USE_PSA_DONE( );
}
/* END_CASE */