mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-16 08:42:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #7188 from paul-elliott-arm/interruptible_sign_hash_complete_after_start_fail

Browse Source 
Interruptible {sign|verify} hash - Call complete() after start() failure.
This commit is contained in:
Dave Rodgman 2023-03-01 17:18:08 +00:00 committed by GitHub
commit f4385faa6f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
tests/suites/test_suite_psa_crypto.function
View File

@ -6662,6 +6662,12 @@ exit:
* 3. Test that the number of ops done prior to start and after abort is zero * 3. Test that the number of ops done prior to start and after abort is zero
* and that each successful stage completes some ops (this is not mandated by * and that each successful stage completes some ops (this is not mandated by
* the PSA specification, but is currently the case). * the PSA specification, but is currently the case).
*
* 4. Check that calling complete() when start() fails and complete()
* after completion results in a BAD_STATE error.
*
* 5. Check that calling start() again after start fails results in a BAD_STATE
* error.
*/ */
void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data, void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data,
int alg_arg, data_t *input_data, int alg_arg, data_t *input_data,
@ -6718,6 +6724,15 @@ void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data,
TEST_EQUAL(actual_status, expected_start_status); TEST_EQUAL(actual_status, expected_start_status);
if (expected_start_status != PSA_SUCCESS) { if (expected_start_status != PSA_SUCCESS) {
/* Emulate poor application code, and call complete anyway, even though
* start failed. */
actual_status = psa_sign_hash_complete(&operation, signature,
signature_size,
&signature_length);
TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
/* Test that calling start again after failure also causes BAD_STATE. */
actual_status = psa_sign_hash_start(&operation, key, alg, actual_status = psa_sign_hash_start(&operation, key, alg,
input_data->x, input_data->len); input_data->x, input_data->len);
@ -7234,6 +7249,12 @@ exit:
* 3. Test that the number of ops done prior to start and after abort is zero * 3. Test that the number of ops done prior to start and after abort is zero
* and that each successful stage completes some ops (this is not mandated by * and that each successful stage completes some ops (this is not mandated by
* the PSA specification, but is currently the case). * the PSA specification, but is currently the case).
*
* 4. Check that calling complete() when start() fails and complete()
* after completion results in a BAD_STATE error.
*
* 5. Check that calling start() again after start fails results in a BAD_STATE
* error.
*/ */
void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data, void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data,
int alg_arg, data_t *hash_data, int alg_arg, data_t *hash_data,
@ -7286,6 +7307,13 @@ void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data,
TEST_EQUAL(actual_status, expected_start_status); TEST_EQUAL(actual_status, expected_start_status);
if (expected_start_status != PSA_SUCCESS) { if (expected_start_status != PSA_SUCCESS) {
/* Emulate poor application code, and call complete anyway, even though
* start failed. */
actual_status = psa_verify_hash_complete(&operation);
TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
/* Test that calling start again after failure also causes BAD_STATE. */
actual_status = psa_verify_hash_start(&operation, key, alg, actual_status = psa_verify_hash_start(&operation, key, alg,
hash_data->x, hash_data->len, hash_data->x, hash_data->len,
signature_data->x, signature_data->x,