TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c9774411d4b90d32b6f0821aca4d53dec461f8c4^! / . / tests / suites / test_suite_psa_crypto.function
commitc9774411d4b90d32b6f0821aca4d53dec461f8c4[log] [tgz]
authorPaul Elliott <paul.elliott@arm.com>Mon Feb 06 15:14:07 2023 +0000
committerPaul Elliott <paul.elliott@arm.com>Wed Feb 15 23:34:29 2023 +0000
tree746d79f46e099e3df14afd7565415d8b02e381b1
parentf9c91a7fb5766cdb5b85a6dc3292c155e8309c26 [diff] [blame]
Ensure that operation is put into error state if error occurs

If an error occurs, calling any function on the same operation should return
PSA_ERROR_BAD_STATE, and we were not honouring that for all errors. Add extra
failure tests to try and ratify this.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f050abf..bee9232 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function

@@ -6659,6 +6659,13 @@
 
     TEST_EQUAL(actual_status, expected_start_status);
 
+    if (expected_start_status != PSA_SUCCESS) {
+        actual_status = psa_sign_hash_start(&operation, key, alg,
+                                            input_data->x, input_data->len);
+
+        TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
+    }
+
     num_ops_prior = psa_sign_hash_get_num_ops(&operation);
     TEST_ASSERT(num_ops_prior == 0);
 
@@ -6679,12 +6686,14 @@
         }
     } while (actual_status == PSA_OPERATION_INCOMPLETE);
 
-    /* If the psa_sign_hash_start() failed, psa_sign_hash_complete()
-     * should also fail with bad state. */
-    if (expected_start_status != PSA_SUCCESS) {
+    TEST_EQUAL(actual_status, expected_complete_status);
+
+    if (expected_complete_status != PSA_SUCCESS) {
+        actual_status = psa_sign_hash_complete(&operation, signature,
+                                               signature_size,
+                                               &signature_length);
+
         TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
-    } else if (actual_status != PSA_OPERATION_INCOMPLETE) {
-        TEST_EQUAL(actual_status, expected_complete_status);
     }
 
     PSA_ASSERT(psa_sign_hash_abort(&operation));
@@ -7121,6 +7130,15 @@
 
     TEST_EQUAL(actual_status, expected_start_status);
 
+    if (expected_start_status != PSA_SUCCESS) {
+        actual_status = psa_verify_hash_start(&operation, key, alg,
+                                              hash_data->x, hash_data->len,
+                                              signature_data->x,
+                                              signature_data->len);
+
+        TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
+    }
+
     num_ops_prior = psa_verify_hash_get_num_ops(&operation);
     TEST_ASSERT(num_ops_prior == 0);
 
@@ -7139,12 +7157,12 @@
         }
     } while (actual_status == PSA_OPERATION_INCOMPLETE);
 
-    /* If the psa_verify_hash_start() failed,
-     * psa_verify_hash_complete() should also fail with bad state.*/
-    if (expected_start_status != PSA_SUCCESS) {
+    TEST_EQUAL(actual_status, expected_complete_status);
+
+    if (expected_complete_status != PSA_SUCCESS) {
+        actual_status = psa_verify_hash_complete(&operation);
+
         TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
-    } else if (actual_status != PSA_OPERATION_INCOMPLETE) {
-        TEST_EQUAL(actual_status, expected_complete_status);
     }
 
     TEST_LE_U(min_completes, num_completes);
@@ -7350,6 +7368,12 @@
                                       &signature_length),
                PSA_ERROR_BUFFER_TOO_SMALL);
 
+    /* And test that this invalidates the operation. */
+    TEST_EQUAL(psa_sign_hash_complete(&sign_operation, signature,
+                                      0,
+                                      &signature_length),
+               PSA_ERROR_BAD_STATE);
+
     PSA_ASSERT(psa_sign_hash_abort(&sign_operation));
 
     /* Trash the hash buffer in between start and complete, to ensure