psa: Initialize crypto in tests that need to

Don't unconditionally enable PSA Crypto for all tests. Only enable it in tests that require it. This allows crypto tests to check that psa_crypto_init() fails when it is supposed to fail, since we want to perform some action in a test, and then call psa_crypto_init() and check the result without it having been called previously.
2019-02-13 11:30:22 +00:00 · 2019-02-13 11:30:22 +00:00 · 3ea2687053
commit 3ea2687053
parent 08b807a161
4 changed files with 21 additions and 14 deletions
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@ -255,20 +255,6 @@ int main( int argc, const char *argv[] )
        return( -1 );
    }

-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    {
-        psa_status_t status;
-        status = psa_crypto_init();
-        if( status != PSA_SUCCESS )
-        {
-            mbedtls_fprintf( stderr,
-                          "FATAL: Failed to initialize PSA Crypto - error %d\n",
-                          status );
-            return( -1 );
-        }
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
    ret = execute_tests( argc, argv );
    platform_teardown();
    return( ret );
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@ -962,6 +962,8 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
 #else
    if( use_psa == 1 )
    {
+        TEST_ASSERT( psa_crypto_init() == 0 );
+
        /* PSA requires that the tag immediately follows the ciphertext. */
        tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len );
        TEST_ASSERT( tmp_cipher != NULL );
@ -1104,6 +1106,7 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key,
 #else
    if( use_psa == 1 )
    {
+        TEST_ASSERT( psa_crypto_init() == 0 );
        TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
                              mbedtls_cipher_info_from_type( cipher_id ), 0 ) );
    }
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@ -124,6 +124,8 @@ void pk_psa_utils(  )
    size_t len;
    mbedtls_pk_debug_item dbg;

+    TEST_ASSERT( psa_crypto_init() == 0 );
+
    mbedtls_pk_init( &pk );
    mbedtls_pk_init( &pk2 );

--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@ -334,6 +334,10 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
    char *      cn_name = NULL;
    const mbedtls_x509_crt_profile *profile;

+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
    mbedtls_x509_crt_init( &crt );
    mbedtls_x509_crt_init( &ca );
    mbedtls_x509_crl_init( &crl );
@ -387,6 +391,10 @@ void x509_verify_callback( char *crt_file, char *ca_file, char *name,
    uint32_t flags = 0;
    verify_print_context vrfy_ctx;

+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
    mbedtls_x509_crt_init( &crt );
    mbedtls_x509_crt_init( &ca );
    verify_print_init( &vrfy_ctx );
@ -605,6 +613,10 @@ void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int,
    uint32_t flags;
    mbedtls_x509_crt trusted, chain;

+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
    /*
     * We expect chain_dir to contain certificates 00.crt, 01.crt, etc.
     * with NN.crt signed by NN-1.crt
@ -646,6 +658,10 @@ void mbedtls_x509_crt_verify_chain(  char *chain_paths, char *trusted_ca,
    mbedtls_x509_crt trusted, chain;
    const mbedtls_x509_crt_profile *profile = NULL;

+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
    mbedtls_x509_crt_init( &chain );
    mbedtls_x509_crt_init( &trusted );