Opaque keys tests - remove private key access during verification
Removing private key from pkcs11 context for verification tests
diff --git a/tests/suites/test_suite_pkcs11_client.function b/tests/suites/test_suite_pkcs11_client.function
index 1a123bf..87d1a61 100644
--- a/tests/suites/test_suite_pkcs11_client.function
+++ b/tests/suites/test_suite_pkcs11_client.function
@@ -413,13 +413,12 @@
MBEDTLS_PK_FLAG_VERIFY,
hSession,
&hPublicKey,
- &hPrivateKey ) == 0 );
+ NULL ) == 0 );
TEST_ASSERT( hPublicKey != CK_INVALID_HANDLE );
- TEST_ASSERT( hPrivateKey != CK_INVALID_HANDLE );
TEST_ASSERT( mbedtls_pk_setup_pkcs11( &pkcs11_ctx,
hSession,
hPublicKey,
- hPrivateKey ) == 0 );
+ CK_INVALID_HANDLE ) == 0 );
/* Sign with the token and verify with cryptoki */
TEST_ASSERT( sizeof( sig_buffer ) >= mbedtls_pk_signature_size( &pkcs11_ctx ) );
@@ -483,13 +482,12 @@
MBEDTLS_PK_FLAG_VERIFY,
hSession,
&hPublicKey,
- &hPrivateKey ) == 0 );
+ NULL ) == 0 );
TEST_ASSERT( hPublicKey != CK_INVALID_HANDLE );
- TEST_ASSERT( hPrivateKey != CK_INVALID_HANDLE );
TEST_ASSERT( mbedtls_pk_setup_pkcs11( &pkcs11_ctx,
hSession,
hPublicKey,
- hPrivateKey ) == 0 );
+ CK_INVALID_HANDLE ) == 0 );
TEST_ASSERT( mbedtls_pk_verify( &pkcs11_ctx, MBEDTLS_MD_NONE,
hash, hash_len, sig, sig_len ) == ret );