Change the number of expected free key slots

Development TLS code now uses PSA to generate an ECDH private key. Although this would not be required in 2.28 branch, it is backported for compatibility. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2024-11-22 22:35:43 +01:00 · 2022-03-31 06:30:54 -04:00 · 2022-03-31 06:30:54 -04:00 · 2582ba3a52
commit 2582ba3a52
parent 577939a268
1 changed files with 11 additions and 1 deletions
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@ -4562,6 +4562,7 @@ void raw_key_agreement_fail( )
    enum { BUFFSIZE = 17000 };
    mbedtls_endpoint client, server;
    mbedtls_psa_stats_t stats;
+    size_t free_slots_before = -1;

 #if defined(MBEDTLS_TIMING_C)
    mbedtls_timing_delay_context timer_client, timer_server;
@ -4611,6 +4612,11 @@ void raw_key_agreement_fail( )
                                                  MBEDTLS_SSL_CLIENT_KEY_EXCHANGE )
                 ==  0 );

+    mbedtls_psa_get_stats( &stats );
+    /* Save the number of slots in use up to this point.
+     * With PSA, one can be used for the ECDH private key. */
+    free_slots_before = stats.empty_slots;
+    
    /* Force a simulated bitflip in the server key. to make the
     * raw key agreement in ssl_write_client_key_exchange fail. */
    (client.ssl).handshake->ecdh_psa_peerkey[5] ^= 0x02;
@ -4623,11 +4629,15 @@ void raw_key_agreement_fail( )
    mbedtls_psa_get_stats( &stats );

    /* Make sure that the key slot is destroyed properly in case of failure. */
-    TEST_ASSERT( stats.empty_slots == MBEDTLS_PSA_KEY_SLOT_COUNT );
+    TEST_ASSERT( free_slots_before == stats.empty_slots );

 exit:
    mbedtls_endpoint_free( &client, &client_context );
    mbedtls_endpoint_free( &server, &server_context );
+    
+    mbedtls_psa_get_stats( &stats );
+    TEST_ASSERT( stats.empty_slots == MBEDTLS_PSA_KEY_SLOT_COUNT );
+    
    USE_PSA_DONE( );
 }
 /* END_CASE */