test: pake: add test for opaque password key
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 3d9a6fd..01d4fe3 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -6237,12 +6237,23 @@
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
+ /* First try with an invalid usage */
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
psa_set_key_algorithm( &attributes, PSA_ALG_JPAKE );
psa_set_key_type( &attributes, PSA_KEY_TYPE_PASSWORD );
PSA_ASSERT( psa_import_key( &attributes, pwd_string,
pwd_len, &pwd_slot ) );
+
+ ECJPAKE_TEST_SET_PASSWORD( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ psa_destroy_key( pwd_slot );
+
+ /* Then set the correct usage */
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
+
+ PSA_ASSERT( psa_import_key( &attributes, pwd_string,
+ pwd_len, &pwd_slot ) );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */