From 8163028fbdd59898cefaa4201c1e06972d91f9dc Mon Sep 17 00:00:00 2001
From: Ryan Everett <ryan.everett@arm.com>
Date: Tue, 12 Mar 2024 16:21:12 +0000
Subject: [PATCH] Add key_destroyable parameter to raw key agreement smoke
 tests

All current usages have this parameter set to 0 (meaning the behaviour
of these tests hasn't changed). We also now return the actual error code, not GENERIC_ERROR

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
---
 tests/include/test/psa_exercise_key.h       |  5 ++-
 tests/src/psa_exercise_key.c                | 38 +++++++++++++++------
 tests/suites/test_suite_psa_crypto.function |  2 +-
 3 files changed, 32 insertions(+), 13 deletions(-)

diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h
index 713b093103..23349166a7 100644
--- a/tests/include/test/psa_exercise_key.h
+++ b/tests/include/test/psa_exercise_key.h
@@ -146,12 +146,15 @@ int mbedtls_test_psa_setup_key_derivation_wrap(
  *
  * \param alg               A key agreement algorithm compatible with \p key.
  * \param key               A key that allows key agreement with \p alg.
+ * \param key_destroyable   If set to 1, a failure due to the key not existing
+ *                          or the key being destroyed mid-operation will only
+ *                          be reported if the error code is unexpected.
  *
  * \return                  \c 1 on success, \c 0 on failure.
  */
 psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
     psa_algorithm_t alg,
-    mbedtls_svc_key_id_t key);
+    mbedtls_svc_key_id_t key, int key_destroyable);
 
 /** Perform a key agreement using the given key pair against its public key
  * using psa_key_derivation_raw_key().
diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c
index 7260f1a4d0..b62a34b5d7 100644
--- a/tests/src/psa_exercise_key.c
+++ b/tests/src/psa_exercise_key.c
@@ -668,7 +668,8 @@ exit:
  * private key against its own public key. */
 psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
     psa_algorithm_t alg,
-    mbedtls_svc_key_id_t key)
+    mbedtls_svc_key_id_t key,
+    int key_destroyable)
 {
     psa_key_type_t private_key_type;
     psa_key_type_t public_key_type;
@@ -677,25 +678,38 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
     size_t public_key_length;
     uint8_t output[1024];
     size_t output_length;
-    /* Return GENERIC_ERROR if something other than the final call to
-     * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
-     * but it's good enough: callers will report it as a failed test anyway. */
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
     psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
 
-    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    psa_status_t status = psa_get_key_attributes(key, &attributes);
+    if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+        /* The key has been destroyed. */
+        psa_reset_key_attributes(&attributes);
+        return PSA_SUCCESS;
+    }
+    PSA_ASSERT(status);
+
     private_key_type = psa_get_key_type(&attributes);
     key_bits = psa_get_key_bits(&attributes);
     public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type);
     public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits);
     TEST_CALLOC(public_key, public_key_length);
-    PSA_ASSERT(psa_export_public_key(key,
-                                     public_key, public_key_length,
-                                     &public_key_length));
+    status = psa_export_public_key(key,
+                                   public_key, public_key_length,
+                                   &public_key_length);
+    if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+        /* The key has been destroyed. */
+        status = PSA_SUCCESS;
+        goto exit;
+    }
 
     status = psa_raw_key_agreement(alg, key,
                                    public_key, public_key_length,
                                    output, sizeof(output), &output_length);
+    if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+        /* The key has been destroyed. */
+        status = PSA_SUCCESS;
+        goto exit;
+    }
     if (status == PSA_SUCCESS) {
         TEST_ASSERT(output_length <=
                     PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(private_key_type,
@@ -717,14 +731,16 @@ exit:
 
 static int exercise_raw_key_agreement_key(mbedtls_svc_key_id_t key,
                                           psa_key_usage_t usage,
-                                          psa_algorithm_t alg)
+                                          psa_algorithm_t alg,
+                                          int key_destroyable)
 {
     int ok = 0;
 
     if (usage & PSA_KEY_USAGE_DERIVE) {
         /* We need two keys to exercise key agreement. Exercise the
          * private key against its own public key. */
-        PSA_ASSERT(mbedtls_test_psa_raw_key_agreement_with_self(alg, key));
+        PSA_ASSERT(mbedtls_test_psa_raw_key_agreement_with_self(alg, key,
+                                                                key_destroyable));
     }
     ok = 1;
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 7ef8618ef0..9390958378 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2572,7 +2572,7 @@ void raw_agreement_key_policy(int policy_usage,
     PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
                               &key));
 
-    status = mbedtls_test_psa_raw_key_agreement_with_self(exercise_alg, key);
+    status = mbedtls_test_psa_raw_key_agreement_with_self(exercise_alg, key, 0);
 
     TEST_EQUAL(status, expected_status);