Update key agreement policy tests for the new derivation API
Separate test functions for raw key agreement and key agreement with
KDF.
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2659081..c26f065 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2008,6 +2008,43 @@
/* END_CASE */
/* BEGIN_CASE */
+void raw_agreement_key_policy( int policy_usage,
+ int policy_alg,
+ int key_type_arg,
+ data_t *key_data,
+ int exercise_alg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ status = raw_key_agreement_with_self( exercise_alg, handle );
+
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void copy_key_policy( int source_usage_arg, int source_alg_arg,
int type_arg, data_t *material,
int target_usage_arg, int target_alg_arg,