commit f9f7fdfe49cc4f7e1ded553c02c71290bd3b9712
author Steven Cooreman <steven.cooreman@silabs.com> Wed Mar 03 19:04:05 2021 +0100
committer Steven Cooreman <steven.cooreman@silabs.com> Wed Mar 03 19:58:02 2021 +0100
tree f4a03c79b73c76abaf1f9afb0f527b3ca8021735
parent 4ff9a29686810c3cce3399ecde98264f7ebd7cca

Rework MAC algorithm / key type validation

Reworked the validation of MAC algorithm with the used key type by
introducing psa_mac_key_can_do, which guarantees that PSA_MAC_LENGTH can
be called successfully after validation of the algorithm and key type.

This means psa_get_mac_output_length is no longer required.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

tests/suites/test_suite_psa_crypto.data

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 84267ad..3824fa0 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1086,7 +1086,8 @@
 mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_SUCCESS
 
 PSA MAC setup: bad algorithm (HMAC without specified hash)
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_INVALID_ARGUMENT
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
 
 PSA MAC setup: bad algorithm (unsupported HMAC hash algorithm)
 depends_on:!PSA_WANT_ALG_MD2

tests/suites/test_suite_psa_crypto_metadata.function

diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 5839611..4bf5635 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -160,9 +160,7 @@
     TEST_EQUAL( length, PSA_MAC_LENGTH( key_type, key_bits, alg ) );
 
 #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C)
-    size_t output_length = 0;
-    PSA_ASSERT( psa_get_mac_output_length( alg, key_type, &output_length ) );
-    TEST_EQUAL( length, output_length );
+    PSA_ASSERT( psa_mac_key_can_do( alg, key_type ) );
 #endif
 
 exit: ;