From 139ec3b913af7073c219137b7aef0607064631af Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 16 Apr 2019 15:25:20 +0200
Subject: [PATCH 1/2] Don't call mbedtls_cipher_setkey twice

The documentation doesn't explicitly say whether it's allowed or not.
This currently works with the default software implementation, but
only by accident. It isn't guaranteed to work with new ciphers or with
alternative implementations of individual ciphers, and it doesn't work
with the PSA wrappers. So don't do it.
---
 tests/suites/test_suite_cipher.function | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 9a0637ee1..f35bbbf51 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -1011,6 +1011,20 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
     TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
 
     /* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */
+    TEST_ASSERT( mbedtls_cipher_reset( &ctx ) == 0 );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( use_psa == 1 )
+    {
+        TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
+                              mbedtls_cipher_info_from_type( cipher_id ),
+                              tag->len ) );
+    }
+    else
+#endif
+    {
+        TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
+                              mbedtls_cipher_info_from_type( cipher_id ) ) );
+    }
     TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
                                              MBEDTLS_ENCRYPT ) );
 

From 424840e033e574199e270326e7091271936bb7ec Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 16 Apr 2019 15:56:36 +0200
Subject: [PATCH 2/2] Call mbedtls_cipher_free() to reset a cipher context

mbedtls_cipher_reset() only restarts the operation, it doesn't
dissociate the key from the context.
---
 tests/suites/test_suite_cipher.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index f35bbbf51..ca39937c2 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -1011,7 +1011,7 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
     TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
 
     /* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */
-    TEST_ASSERT( mbedtls_cipher_reset( &ctx ) == 0 );
+    mbedtls_cipher_free( &ctx );
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( use_psa == 1 )
     {