Don't destroy the key during a MAC verification operation

An early draft of the PSA crypto specification required multipart
operations to keep working after destroying the key. This is no longer
the case: instead, now, operations are guaranteed to fail. Mbed TLS
does not comply yet, and still allows the operation to keep going.
Stop testing Mbed TLS's non-compliant behavior.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2020-08-25 23:59:40 +02:00
parent 8b356b5652
commit 090e16cb8b

View File

@ -3114,7 +3114,6 @@ void mac_verify( int key_type_arg,
PSA_ASSERT( psa_mac_verify_setup( &operation, PSA_ASSERT( psa_mac_verify_setup( &operation,
handle, alg ) ); handle, alg ) );
PSA_ASSERT( psa_destroy_key( handle ) );
PSA_ASSERT( psa_mac_update( &operation, PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) ); input->x, input->len ) );
PSA_ASSERT( psa_mac_verify_finish( &operation, PSA_ASSERT( psa_mac_verify_finish( &operation,