tests: psa: Add checks involving unknown key owner ids

Add checks involving unknown key owner identifiers
in tests related to SE and persistent keys.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

tests/suites/test_suite_psa_crypto_se_driver_hal.function

@@ -1503,6 +1503,12 @@ void register_key_smoke_test( int lifetime_arg,
         goto exit;
     PSA_ASSERT( psa_close_key( handle ) );
 
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    mbedtls_svc_key_id_t invalid_id =
+        mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
+    TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
+#endif
+
     /* Restart and try again. */
     PSA_DONE( );
     PSA_ASSERT( psa_register_se_driver( location, &driver ) );

tests/suites/test_suite_psa_crypto_slot_management.data

@@ -132,6 +132,10 @@ Copy persistent to persistent
 depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10000:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
 
+Copy persistent to persistent, same id but different owner
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10001:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
+
 Copy persistent to persistent with enrollment algorithm
 depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
 copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x100000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0x100000:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING

tests/suites/test_suite_psa_crypto_slot_management.function

@@ -191,6 +191,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
     uint8_t *reexported = NULL;
     size_t reexported_length = -1;
 
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    mbedtls_svc_key_id_t wrong_owner_id =
+        mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
+    psa_key_handle_t invalid_handle = 0;
+#endif
+
     TEST_USES_KEY_ID( id );
 
     PSA_ASSERT( psa_crypto_init( ) );
@@ -205,6 +211,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
     PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
                                 &handle ) );
     TEST_ASSERT( handle != 0 );
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
+                PSA_ERROR_DOES_NOT_EXIST );
+#endif
+
     PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
     TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
     TEST_ASSERT( mbedtls_svc_key_id_equal(
@@ -216,6 +228,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
 
     /* Close the key and reopen it. */
     PSA_ASSERT( psa_close_key( handle ) );
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
+                PSA_ERROR_DOES_NOT_EXIST );
+#endif
+
     PSA_ASSERT( psa_open_key( id, &handle ) );
     PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
     TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );