From 86c6123950bac32d9bc51dff250cf96f3c401f21 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 21 Apr 2021 22:07:33 +0200
Subject: [PATCH] Check that attempting to destroy a read-only key fails

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 tests/suites/test_suite_psa_crypto_storage_format.function | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function
index 003c70be0..b90ef6efc 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.function
+++ b/tests/suites/test_suite_psa_crypto_storage_format.function
@@ -120,10 +120,8 @@ static int test_read_key( const psa_key_attributes_t *expected_attributes,
     if( flags & TEST_FLAG_READ_ONLY )
     {
         /* Read-only keys cannot be removed through the API.
-         * The key will be removed through ITS in the cleanup code below.
-         * Purge the key from memory so that the test framework doesn't
-         * think the test is leaking it. */
-        PSA_ASSERT( psa_purge_key( key_id ) );
+         * The key will be removed through ITS in the cleanup code below. */
+        TEST_EQUAL( PSA_ERROR_NOT_PERMITTED, psa_destroy_key( key_id ) );
     }
     else
     {