commit e1f2d7d1ac985df3c5330fe33479e77fff58cca6
author Gilles Peskine <Gilles.Peskine@arm.com> Tue Aug 21 14:54:54 2018 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Oct 17 13:54:47 2018 +0200
tree 613e640a4b46b093d3b87b9de41e2a6100a47ed0
parent 3111981d94a41f74a561f65def0e40a278842e8d

Document and check the consistency of truncated MAC encodings

Add comments noting that the maximum length of a MAC must fit in
PSA_ALG_MAC_TRUNCATION_MASK. Add a unit test that verifies that the
maximum MAC size fits.

tests/suites/test_suite_psa_crypto.data

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d8a5924..e8b119e 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1,3 +1,6 @@
+PSA compile-time sanity checks
+static_checks:
+
 PSA init/deinit
 init_deinit:
 

tests/suites/test_suite_psa_crypto.function

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5503c94..63d837f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -794,6 +794,19 @@
  */
 
 /* BEGIN_CASE */
+void static_checks( )
+{
+    size_t max_truncated_mac_size =
+        PSA_ALG_MAC_TRUNCATION_MASK >> PSA_MAC_TRUNCATION_OFFSET;
+
+    /* Check that the length for a truncated MAC always fits in the algorithm
+     * encoding. The shifted mask is the maximum truncated value. The
+     * untruncated algorithm may be one byte larger. */
+    TEST_ASSERT( PSA_MAC_MAX_SIZE <= 1 + max_truncated_mac_size );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
 void init_deinit( )
 {
     psa_status_t status;