commit cf8841a0761a1b90bdd936aae55d03c237d6b847
author Neil Armstrong <narmstrong@baylibre.com> Thu Feb 24 11:17:45 2022 +0100
committer Neil Armstrong <narmstrong@baylibre.com> Fri Feb 25 15:16:49 2022 +0100
tree 6c0e4941d607861fe172748f07608a14a04cbdfc
parent 4f091290bd5faa110bdee1f2e3eb14e4df98254e

Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined

Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>

tests/suites/test_suite_ssl.function

diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 31f9b72..0ec8b95 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -1383,7 +1383,7 @@
         CHK( psa_import_key( &attributes,
                              md0, maclen,
                              &t_out->psa_mac_dec ) == PSA_SUCCESS );
-#endif
+#else
         CHK( mbedtls_md_setup( &t_out->md_ctx_enc, md_info, 1 ) == 0 );
         CHK( mbedtls_md_setup( &t_out->md_ctx_dec, md_info, 1 ) == 0 );
         CHK( mbedtls_md_setup( &t_in->md_ctx_enc,  md_info, 1 ) == 0 );
@@ -1397,6 +1397,7 @@
                                         md1, maclen ) == 0 );
         CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_dec,
                                         md0, maclen ) == 0 );
+#endif
     }
 #else
     ((void) hash_id);
@@ -3724,6 +3725,10 @@
     unsigned char padlen; /* excluding the padding_length byte */
     unsigned char add_data[13];
     unsigned char mac[MBEDTLS_MD_MAX_SIZE];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    size_t sign_mac_length = 0;
+#endif
     int exp_ret;
     int ret;
     const unsigned char pad_max_len = 255; /* Per the standard */
@@ -3807,11 +3812,24 @@
      */
 
     /* MAC with additional data */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    TEST_EQUAL( PSA_SUCCESS, psa_mac_sign_setup( &operation,
+                                                 t0.psa_mac_enc,
+                                                 t0.psa_mac_alg ) );
+    TEST_EQUAL( PSA_SUCCESS, psa_mac_update( &operation, add_data, 13 ) );
+    TEST_EQUAL( PSA_SUCCESS, psa_mac_update( &operation,
+                                             rec.buf + rec.data_offset,
+                                             rec.data_len ) );
+    TEST_EQUAL( PSA_SUCCESS, psa_mac_sign_finish( &operation,
+                                                  mac, MBEDTLS_MD_MAX_SIZE,
+                                                  &sign_mac_length ) );
+#else
     TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, add_data, 13 ) );
     TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc,
                                            rec.buf + rec.data_offset,
                                            rec.data_len ) );
     TEST_EQUAL( 0, mbedtls_md_hmac_finish( &t0.md_ctx_enc, mac ) );
+#endif
 
     memcpy( rec.buf + rec.data_offset + rec.data_len, mac, t0.maclen );
     rec.data_len += t0.maclen;