Hello,
I was adding sanity checks to the psa_crypto_driver_wrappers to validate bits/type and policy->alg of the given psa_key_attributes_t attributes for the psa_generate_key, psa_import_key, and psa_copy_key calls.
To check it the given combination is within the psa specification.
In the PSA crypto spec it says:
The key permitted-algorithm policy is required for keys that will be used for a cryptographic operation, see
Permitted
algorithms. [
https://armmbed.github.io/mbed-crypto/html/api/keys/management.html?highlight=psa_generate_key#c.psa_generate_key]
Which is most likely the case for all key types except of PSA_KEY_TYPE_RAW_DATA
But after adding the sanity checks the TF-M crypto tests(test_c*_testing_* and TFM_S/NS_CRYPTO_TEST_10*) failed.
I took a look at these tests, it turned out that they don't set the algorithm flag for the key attributes.
My question now is, is the algorithm flag skipped on purpose or just missed during the test case creation as It should be set according to the psa crypto spec?