mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-10 13:14:30 +00:00
Fix spurious test case failure with accelerated AES
When the PSA RNG uses AES through a PSA driver, it consumes one volatile key identifier. When MBEDTLS_PSA_KEY_SLOT_DYNAMIC is enabled, that identifier happens to coincide with the key ID value that the test case assumes not to exist. Use a different value that avoids this coincidence. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
8a13d8297b
commit
f39b2e0190
@ -122,7 +122,18 @@ open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_DOES_NOT_EXIST
|
||||
|
||||
Open failure: invalid identifier (implementation range)
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
open_fail:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_DOES_NOT_EXIST
|
||||
# We need to avoid existing volatile key IDs. Normally there aren't any
|
||||
# existing volatile keys because the test case doesn't create any, but
|
||||
# in some configurations, the implementation or a driver creates a
|
||||
# volatile key during initialization for its own use. At the time of
|
||||
# writing, this happens in builds where AES uses a PSA driver and the
|
||||
# PSA RNG uses AES-CTR_DRBG through the PSA AES.
|
||||
# Pick a key id that's in the middle of the volatile key ID range.
|
||||
# That works out both when MBEDTLS_PSA_KEY_SLOT_DYNAMIC is enabled and
|
||||
# volatile key IDs are assigned starting with the lowest value, and when
|
||||
# MBEDTLS_PSA_KEY_SLOT_DYNAMIC is disabled and volatile key IDs are assigned
|
||||
# starting with the highest values.
|
||||
open_fail:(PSA_KEY_ID_VOLATILE_MIN + PSA_KEY_ID_VOLATILE_MAX) / 2:PSA_ERROR_DOES_NOT_EXIST
|
||||
|
||||
Open failure: non-existent identifier
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
|
Loading…
x
Reference in New Issue
Block a user