psa: Disallow repeated setup
Calling psa_*_setup() twice on a MAC, cipher, or hash context should
result in a PSA_ERROR_BAD_STATE error because the operation has already
been set up.
Fixes #10
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2499102..9ea6cc0 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2012,6 +2012,12 @@
PSA_ASSERT( psa_crypto_init( ) );
+ /* Call setup twice in a row. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( psa_hash_setup( &operation, alg ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
/* Call update without calling setup beforehand. */
TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
PSA_ERROR_BAD_STATE );
@@ -2336,6 +2342,14 @@
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_mac_abort( &operation ) );
+ /* Call setup twice in a row. */
+ PSA_ASSERT( psa_mac_sign_setup( &operation,
+ handle, alg ) );
+ TEST_EQUAL( psa_mac_sign_setup( &operation,
+ handle, alg ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
/* Call update after sign finish. */
PSA_ASSERT( psa_mac_sign_setup( &operation,
handle, alg ) );
@@ -2601,6 +2615,18 @@
key, sizeof(key) ) );
+ /* Call encrypt setup twice in a row. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ TEST_EQUAL( psa_cipher_encrypt_setup( &operation, handle, alg ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Call decrypt setup twice in a row. */
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) );
+ TEST_EQUAL( psa_cipher_decrypt_setup( &operation, handle, alg ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
/* Generate an IV without calling setup beforehand. */
TEST_EQUAL( psa_cipher_generate_iv( &operation,
buffer, sizeof( buffer ),