-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix create_ak for ECC keys #464
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good 👍
Is there a test case for EcDaa
already? (so that both codepaths are tested).
I'm curious now why that EDIT: nevermind, noticed the scheme... why does it work with |
I think a better explanation in the test would be a good idea. Also, instead of manual panic: Just throwing some random work ideas your way 😅 |
@@ -42,6 +42,7 @@ fn test_create_ak_rsa_rsa() { | |||
} | |||
|
|||
#[test] | |||
#[should_panic] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand this panic. Should you not test that the correct error is generated instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess Ionut did so because I suggested it in a previous comment. Sorry 🙇♂️! Maybe indeed assert!(matches!(...
would be a better option 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I mean for me #[should_panic]
is used to test that the library panics under certain conditions. And we try very hard to not panic any where in the library so that should hopefully not happen.
Things that one can do to test is:
- If the error in it self is not that import but rather that an error is returned at all then you can:
let result = ak::foo();
assert!(result.is_err(), "Function fo should have returned an error.");
This is not done any where in our code currently because the returned errors are a part of the API.
- The specific error is important:
let result = ak::foo();
if let Err(actual_error) = result {
assert_eq!(
Error::WrapperError(WrapperErrorKind::InvalidParam),
actual_error,
"Foo did not produce the expected error."
);
} else {
panic!("Foo is expected to return an error");
}
This is done extensively when testing the TSS return code errors.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the pushback, should've thought this through 😅
I'll tweak it and push back up.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, only took about 3 months, hope it works!
What should we do to unblock this pr? |
I do not think it is blocked I just think @ionut-arm has been busy and not been able to work on this. I think |
@ionut-arm Tell me if you need any help with this. I can fix the tests for you if you like. |
Fixing the parameters for creating AKs in the Endorsement Hierarchy. The `count` value part of the `EccScheme` has been adjusted, and an empty `EccPoint` was added as unique identifier for the key. Signed-off-by: Ionut Mihalcea <ionut.mihalcea@arm.com>
A proper match of elliptic curve and asymmetric scheme is more thoroughly checked to avoid cases where the user can generate PublicEccParameters that are invalid. Signed-off-by: Ionut Mihalcea <ionut.mihalcea@arm.com>
ok, finally got to this... @Firstyear - apologies for the long wait, I reckon this is ready to go (pending approval, of course) |
This takes the following PRs and from the main branch and adapts them so that they can be merged into the 7.x.y branch: \parallaxsecond#464 (By Ionut Mihalcea <ionut.mihalcea@arm.com>) \parallaxsecond#414 (By Thore Sommer <mail@thson.de>) Co-authored-by: Jesper Brynolf <jesper.brynolf@gmail.com> Co-authored-by: Thore Sommer <mail@thson.de> Co-authored-by: Ionut Mihalcea <ionut.mihalcea@arm.com> Signed-off-by: Jesper Brynolf <jesper.brynolf@gmail.com>
This takes the following PRs and from the main branch and adapts them so that they can be merged into the 7.x.y branch: \parallaxsecond#464 (By Ionut Mihalcea <ionut.mihalcea@arm.com>) \parallaxsecond#414 (By Thore Sommer <mail@thson.de>) Co-authored-by: Jesper Brynolf <jesper.brynolf@gmail.com> Co-authored-by: Thore Sommer <mail@thson.de> Co-authored-by: Ionut Mihalcea <ionut.mihalcea@arm.com> Signed-off-by: Jesper Brynolf <jesper.brynolf@gmail.com>
This takes the following PRs and from the main branch and adapts them so that they can be merged into the 7.x.y branch: \parallaxsecond#464 (By Ionut Mihalcea <ionut.mihalcea@arm.com>) \parallaxsecond#414 (By Thore Sommer <mail@thson.de>) \parallaxsecond#552 (By Thore Sommer <mail@thson.de>) Co-authored-by: Jesper Brynolf <jesper.brynolf@gmail.com> Co-authored-by: Thore Sommer <mail@thson.de> Co-authored-by: Ionut Mihalcea <ionut.mihalcea@arm.com> Signed-off-by: Jesper Brynolf <jesper.brynolf@gmail.com>
Fixing the parameters for creating AKs in the Endorsement Hierarchy. The
count
value part of theEccScheme
has been adjusted, and an emptyEccPoint
was added as unique identifier for the key.