Ensure that operation is put into error state if error occurs

If an error occurs, calling any function on the same operation should return PSA_ERROR_BAD_STATE, and we were not honouring that for all errors. Add extra failure tests to try and ratify this. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2025-08-01 10:06:53 +03:00 · 2023-02-06 15:14:07 +00:00
parent f9c91a7fb5
commit c9774411d4
3 changed files with 79 additions and 24 deletions
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@ -6659,6 +6659,13 @@ void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data,

    TEST_EQUAL(actual_status, expected_start_status);

+    if (expected_start_status != PSA_SUCCESS) {
+        actual_status = psa_sign_hash_start(&operation, key, alg,
+                                            input_data->x, input_data->len);
+
+        TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
+    }
+
    num_ops_prior = psa_sign_hash_get_num_ops(&operation);
    TEST_ASSERT(num_ops_prior == 0);

@ -6679,12 +6686,14 @@ void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data,
        }
    } while (actual_status == PSA_OPERATION_INCOMPLETE);

-    /* If the psa_sign_hash_start() failed, psa_sign_hash_complete()
-     * should also fail with bad state. */
-    if (expected_start_status != PSA_SUCCESS) {
+    TEST_EQUAL(actual_status, expected_complete_status);
+
+    if (expected_complete_status != PSA_SUCCESS) {
+        actual_status = psa_sign_hash_complete(&operation, signature,
+                                               signature_size,
+                                               &signature_length);
+
        TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
-    } else if (actual_status != PSA_OPERATION_INCOMPLETE) {
-        TEST_EQUAL(actual_status, expected_complete_status);
    }

    PSA_ASSERT(psa_sign_hash_abort(&operation));
@ -7121,6 +7130,15 @@ void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data,

    TEST_EQUAL(actual_status, expected_start_status);

+    if (expected_start_status != PSA_SUCCESS) {
+        actual_status = psa_verify_hash_start(&operation, key, alg,
+                                              hash_data->x, hash_data->len,
+                                              signature_data->x,
+                                              signature_data->len);
+
+        TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
+    }
+
    num_ops_prior = psa_verify_hash_get_num_ops(&operation);
    TEST_ASSERT(num_ops_prior == 0);

@ -7139,12 +7157,12 @@ void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data,
        }
    } while (actual_status == PSA_OPERATION_INCOMPLETE);

-    /* If the psa_verify_hash_start() failed,
-     * psa_verify_hash_complete() should also fail with bad state.*/
-    if (expected_start_status != PSA_SUCCESS) {
+    TEST_EQUAL(actual_status, expected_complete_status);
+
+    if (expected_complete_status != PSA_SUCCESS) {
+        actual_status = psa_verify_hash_complete(&operation);
+
        TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE);
-    } else if (actual_status != PSA_OPERATION_INCOMPLETE) {
-        TEST_EQUAL(actual_status, expected_complete_status);
    }

    TEST_LE_U(min_completes, num_completes);
@ -7350,6 +7368,12 @@ void hash_interruptible_state_test(int key_type_arg, data_t *key_data,
                                      &signature_length),
               PSA_ERROR_BUFFER_TOO_SMALL);

+    /* And test that this invalidates the operation. */
+    TEST_EQUAL(psa_sign_hash_complete(&sign_operation, signature,
+                                      0,
+                                      &signature_length),
+               PSA_ERROR_BAD_STATE);
+
    PSA_ASSERT(psa_sign_hash_abort(&sign_operation));

    /* Trash the hash buffer in between start and complete, to ensure