From 3ea2687053748e701f4d28a644c4c6ea28f3b251 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 13 Feb 2019 11:30:22 +0000 Subject: [PATCH] psa: Initialize crypto in tests that need to Don't unconditionally enable PSA Crypto for all tests. Only enable it in tests that require it. This allows crypto tests to check that psa_crypto_init() fails when it is supposed to fail, since we want to perform some action in a test, and then call psa_crypto_init() and check the result without it having been called previously. --- tests/suites/main_test.function | 14 -------------- tests/suites/test_suite_cipher.function | 3 +++ tests/suites/test_suite_pk.function | 2 ++ tests/suites/test_suite_x509parse.function | 16 ++++++++++++++++ 4 files changed, 21 insertions(+), 14 deletions(-) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index efe128eb34..1574556d5b 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -255,20 +255,6 @@ int main( int argc, const char *argv[] ) return( -1 ); } -#if defined(MBEDTLS_USE_PSA_CRYPTO) - { - psa_status_t status; - status = psa_crypto_init(); - if( status != PSA_SUCCESS ) - { - mbedtls_fprintf( stderr, - "FATAL: Failed to initialize PSA Crypto - error %d\n", - status ); - return( -1 ); - } - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - ret = execute_tests( argc, argv ); platform_teardown(); return( ret ); diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index f973399ea8..a7d3a6ee34 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -962,6 +962,8 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, #else if( use_psa == 1 ) { + TEST_ASSERT( psa_crypto_init() == 0 ); + /* PSA requires that the tag immediately follows the ciphertext. */ tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len ); TEST_ASSERT( tmp_cipher != NULL ); @@ -1104,6 +1106,7 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key, #else if( use_psa == 1 ) { + TEST_ASSERT( psa_crypto_init() == 0 ); TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx, mbedtls_cipher_info_from_type( cipher_id ), 0 ) ); } diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 05427c0c05..d85d9ed3d7 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -124,6 +124,8 @@ void pk_psa_utils( ) size_t len; mbedtls_pk_debug_item dbg; + TEST_ASSERT( psa_crypto_init() == 0 ); + mbedtls_pk_init( &pk ); mbedtls_pk_init( &pk2 ); diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 552c494b0e..8914bd0d10 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -334,6 +334,10 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file, char * cn_name = NULL; const mbedtls_x509_crt_profile *profile; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT( psa_crypto_init() == 0 ); +#endif + mbedtls_x509_crt_init( &crt ); mbedtls_x509_crt_init( &ca ); mbedtls_x509_crl_init( &crl ); @@ -387,6 +391,10 @@ void x509_verify_callback( char *crt_file, char *ca_file, char *name, uint32_t flags = 0; verify_print_context vrfy_ctx; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT( psa_crypto_init() == 0 ); +#endif + mbedtls_x509_crt_init( &crt ); mbedtls_x509_crt_init( &ca ); verify_print_init( &vrfy_ctx ); @@ -605,6 +613,10 @@ void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int, uint32_t flags; mbedtls_x509_crt trusted, chain; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT( psa_crypto_init() == 0 ); +#endif + /* * We expect chain_dir to contain certificates 00.crt, 01.crt, etc. * with NN.crt signed by NN-1.crt @@ -646,6 +658,10 @@ void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, mbedtls_x509_crt trusted, chain; const mbedtls_x509_crt_profile *profile = NULL; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT( psa_crypto_init() == 0 ); +#endif + mbedtls_x509_crt_init( &chain ); mbedtls_x509_crt_init( &trusted );