Remove ad hoc is_valid_for_signature method

Use the new generic is_public method. Impact on generated cases: there are new HMAC test cases for SIGN_HASH. It was a bug that these test cases were previously not generated. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-03-17 12:52:24 +01:00 · 2022-03-17 12:52:24 +01:00 · fa70ced195
commit fa70ced195
parent 09dc05b880
2 changed files with 6 additions and 19 deletions
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@ -206,7 +206,7 @@ class NotSupported:
                continue
                # For public key we expect that key generation fails with
                # INVALID_ARGUMENT. It is handled by KeyGenerate class.
-            if not kt.name.endswith('_PUBLIC_KEY'):
+            if not kt.is_public():
                yield test_case_for_key_type_not_supported(
                    'generate', kt.expression, bits,
                    finish_family_dependencies(generate_dependencies, bits),
@ -822,8 +822,10 @@ class StorageFormatV0(StorageFormat):
                for key_type in sorted(alg_with_keys[alg]):
                    # The key types must be filtered to fit the specific usage flag.
                    kt = crypto_knowledge.KeyType(key_type)
-                    if kt.is_valid_for_signature(usage):
-                        yield self.keys_for_implicit_usage(usage, alg, kt)
+                    if kt.is_public() and '_SIGN_' in usage:
+                        # Can't sign with a public key
+                        continue
+                    yield self.keys_for_implicit_usage(usage, alg, kt)

    def generate_all_keys(self) -> Iterator[StorageTestData]:
        yield from super().generate_all_keys()