A key agreement algorithm can contain a key derivation

PSA_ALG_KEY_AGREEMENT(..., kdf) is a valid key derivation algorithm when kdf is one. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-04-29 20:54:40 +02:00 · 2021-04-29 20:54:40 +02:00 · a401386f82
commit a401386f82
parent d79e3b92fa
2 changed files with 23 additions and 3 deletions
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@ -375,7 +375,7 @@ class OpFail:
            category: crypto_knowledge.AlgorithmCategory,
    ) -> Iterator[test_case.TestCase]:
        """Generate failure test cases for keyless operations with the specified algorithm."""
-        if category == alg.category:
+        if alg.can_do(category):
            # Compatible operation, unsupported algorithm
            for dep in automatic_dependencies(alg.base_expression):
                yield self.make_test_case(alg, category,
@ -394,7 +394,7 @@ class OpFail:
        for kt in self.key_types:
            key_is_compatible = kt.can_do(alg)
            # To do: public key for a private key operation
-            if key_is_compatible and category == alg.category:
+            if key_is_compatible and alg.can_do(category):
                # Compatible key and operation, unsupported algorithm
                for dep in automatic_dependencies(alg.base_expression):
                    yield self.make_test_case(alg, category,
@ -405,7 +405,7 @@ class OpFail:
                yield self.make_test_case(alg, category,
                                          self.Reason.INVALID,
                                          kt=kt)
-            elif category == alg.category:
+            elif alg.can_do(category):
                # Incompatible key, compatible operation, supported algorithm
                yield self.make_test_case(alg, category,
                                          self.Reason.INCOMPATIBLE,