From 2582ba3a529073a3fa5fa93a234bf59cbb307d13 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Thu, 31 Mar 2022 06:30:54 -0400
Subject: [PATCH] Change the number of expected free key slots

Development TLS code now uses PSA to generate an
ECDH private key. Although this would not be required
in 2.28 branch, it is backported for compatibility.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 tests/suites/test_suite_ssl.function | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 44be82449..90dc1776f 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -4562,6 +4562,7 @@ void raw_key_agreement_fail( )
     enum { BUFFSIZE = 17000 };
     mbedtls_endpoint client, server;
     mbedtls_psa_stats_t stats;
+    size_t free_slots_before = -1;
 
 #if defined(MBEDTLS_TIMING_C)
     mbedtls_timing_delay_context timer_client, timer_server;
@@ -4611,6 +4612,11 @@ void raw_key_agreement_fail( )
                                                   MBEDTLS_SSL_CLIENT_KEY_EXCHANGE )
                  ==  0 );
 
+    mbedtls_psa_get_stats( &stats );
+    /* Save the number of slots in use up to this point.
+     * With PSA, one can be used for the ECDH private key. */
+    free_slots_before = stats.empty_slots;
+    
     /* Force a simulated bitflip in the server key. to make the
      * raw key agreement in ssl_write_client_key_exchange fail. */
     (client.ssl).handshake->ecdh_psa_peerkey[5] ^= 0x02;
@@ -4623,11 +4629,15 @@ void raw_key_agreement_fail( )
     mbedtls_psa_get_stats( &stats );
 
     /* Make sure that the key slot is destroyed properly in case of failure. */
-    TEST_ASSERT( stats.empty_slots == MBEDTLS_PSA_KEY_SLOT_COUNT );
+    TEST_ASSERT( free_slots_before == stats.empty_slots );
 
 exit:
     mbedtls_endpoint_free( &client, &client_context );
     mbedtls_endpoint_free( &server, &server_context );
+    
+    mbedtls_psa_get_stats( &stats );
+    TEST_ASSERT( stats.empty_slots == MBEDTLS_PSA_KEY_SLOT_COUNT );
+    
     USE_PSA_DONE( );
 }
 /* END_CASE */