TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 5386f6ba071a36e105b52cd5c6dc3efbc07633c0^! / . / tests / suites / test_suite_pk.function
commit5386f6ba071a36e105b52cd5c6dc3efbc07633c0[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Thu Aug 01 12:47:40 2019 +0200
committerGilles Peskine <Gilles.Peskine@arm.com>Thu Aug 01 13:11:47 2019 +0200
tree0f985fac6d5582833acb6f3057fe5f1a51ccddb3
parent8b66389d0deb2553f9f1f2d12be785c9695cec26 [diff] [blame]
Fix PSA init/deinit in mbedtls_xxx tests when using PSA

In tests of mbedtls_cipher_xxx and mbedtls_pk_xxx with
MBEDTLS_USE_PSA_CRYPTO enabled, initialize and deinitialize the PSA
subsystem in every function. Before, the tests were only passing
because the first function to be called happened to call
psa_crypto_init() but not mbedtls_psa_crypto_free(). In some
configurations (not tested on CI), psa_crypto_init() was not called so
the tests using PSA failed.

Call PSA_DONE() at the end of each test function. This ensures that no
resources are leaked in the form of PSA crypto slot contents.
Incidentally, this also fixes a build error due to
test_helper_psa_done() being unused in test_suite_pk: the fact that it
wasn't used betrayed the missing calls to PSA_DONE().

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 3d38535..fbb6907 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function

@@ -13,6 +13,13 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #include "mbedtls/psa_util.h"
 #include "psa_crypto_helpers.h"
+#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
+#else
+/* Define empty macros so that we can use them in the preamble and teardown
+ * of every test function that uses PSA conditionally based on
+ * MBEDTLS_USE_PSA_CRYPTO. */
+#define PSA_INIT( ) ( (void) 0 )
+#define PSA_DONE( ) ( (void) 0 )
 #endif
 
 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
@@ -117,7 +124,7 @@
     size_t len;
     mbedtls_pk_debug_item dbg;
 
-    TEST_ASSERT( psa_crypto_init() == 0 );
+    PSA_ASSERT( psa_crypto_init( ) );
 
     mbedtls_pk_init( &pk );
     mbedtls_pk_init( &pk2 );
@@ -173,6 +180,7 @@
 exit:
     mbedtls_pk_free( &pk ); /* redundant except upon error */
     mbedtls_pk_free( &pk2 );
+    PSA_DONE( );
 }
 /* END_CASE */
 
@@ -763,7 +771,7 @@
     mbedtls_ecp_keypair *eckey;
 
     mbedtls_pk_init( &pk );
-
+    PSA_INIT( );
 
     TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
 
@@ -780,6 +788,7 @@
 
 exit:
     mbedtls_pk_free( &pk );
+    PSA_DONE( );
 }
 /* END_CASE */
 
@@ -904,6 +913,7 @@
 #endif
 
     mbedtls_pk_init( &pk );
+    PSA_INIT( );
 
     memset( hash, 0x2a, sizeof hash );
     memset( sig, 0, sizeof sig );
@@ -955,6 +965,7 @@
     mbedtls_pk_restart_free( rs_ctx );
 #endif
     mbedtls_pk_free( &pk );
+    PSA_DONE( );
 }
 /* END_CASE */
 
@@ -1210,6 +1221,8 @@
      * - parse it to a PK context and verify the signature this way
      */
 
+    PSA_ASSERT( psa_crypto_init( ) );
+
     /* Create legacy EC public/private key in PK context. */
     mbedtls_pk_init( &pk );
     TEST_ASSERT( mbedtls_pk_setup( &pk,
@@ -1259,5 +1272,6 @@
 
 exit:
     mbedtls_pk_free( &pk );
+    PSA_DONE( );
 }
 /* END_CASE */