From 587e7808127221e4242016b2a925fbacdcc48174 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 27 Feb 2023 09:53:08 +0000 Subject: [PATCH 1/2] Test calling complete() after {sign|verify}_hash_start fails Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.function | 28 +++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ab39fba55..cbe0b1963 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -6662,6 +6662,12 @@ exit: * 3. Test that the number of ops done prior to start and after abort is zero * and that each successful stage completes some ops (this is not mandated by * the PSA specification, but is currently the case). + * + * 4. Check that calling complete() when start() fails and complete() + * after completion results in a BAD_STATE error. + * + * 5. Check that calling start() again after start fails results in a BAD_STATE + * error. */ void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, @@ -6718,6 +6724,15 @@ void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data, TEST_EQUAL(actual_status, expected_start_status); if (expected_start_status != PSA_SUCCESS) { + /* Emulate poor implementation, and call complete anyway, even though + * start failed. */ + actual_status = psa_sign_hash_complete(&operation, signature, + signature_size, + &signature_length); + + TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE); + + /* Test that calling start again after failure also causes BAD_STATE. */ actual_status = psa_sign_hash_start(&operation, key, alg, input_data->x, input_data->len); @@ -7183,6 +7198,12 @@ exit: * 3. Test that the number of ops done prior to start and after abort is zero * and that each successful stage completes some ops (this is not mandated by * the PSA specification, but is currently the case). + * + * 4. Check that calling complete() when start() fails and complete() + * after completion results in a BAD_STATE error. + * + * 5. Check that calling start() again after start fails results in a BAD_STATE + * error. */ void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data, int alg_arg, data_t *hash_data, @@ -7235,6 +7256,13 @@ void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data, TEST_EQUAL(actual_status, expected_start_status); if (expected_start_status != PSA_SUCCESS) { + /* Emulate poor implementation, and call complete anyway, even though + * start failed. */ + actual_status = psa_verify_hash_complete(&operation); + + TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE); + + /* Test that calling start again after failure also causes BAD_STATE. */ actual_status = psa_verify_hash_start(&operation, key, alg, hash_data->x, hash_data->len, signature_data->x, From de7c31e08281692143f0fdb27a01570320ebb3eb Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 1 Mar 2023 14:37:48 +0000 Subject: [PATCH 2/2] Improve comment wording Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cbe0b1963..4113c97a7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -6724,7 +6724,7 @@ void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data, TEST_EQUAL(actual_status, expected_start_status); if (expected_start_status != PSA_SUCCESS) { - /* Emulate poor implementation, and call complete anyway, even though + /* Emulate poor application code, and call complete anyway, even though * start failed. */ actual_status = psa_sign_hash_complete(&operation, signature, signature_size, @@ -7256,7 +7256,7 @@ void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data, TEST_EQUAL(actual_status, expected_start_status); if (expected_start_status != PSA_SUCCESS) { - /* Emulate poor implementation, and call complete anyway, even though + /* Emulate poor application code, and call complete anyway, even though * start failed. */ actual_status = psa_verify_hash_complete(&operation);