Make {USE_,}PSA_{INIT,DONE} available in all test suites

Make USE_PSA_INIT() and USE_PSA_DONE() available in all test suites in all cases, doing nothing if MBEDTLS_USE_PSA_CRYPTO is disabled. Use those in preference to having explicit defined(MBEDTLS_USE_PSA_CRYPTO) checks (but there may still be places left where using the new macros would be better). Also provide PSA_INIT() by symmetry with PSA_DONE(), functional whenver MBEDTLS_PSA_CRYPTO_C is enabled, but currently unused. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-11-03 20:22:59 -05:00 · 2021-02-02 21:00:11 +01:00 · 2021-02-02 21:00:11 +01:00 · 9de97e21fe
commit 9de97e21fe
parent d6ee36ed04
6 changed files with 49 additions and 45 deletions
--- a/tests/include/test/psa_crypto_helpers.h
+++ b/tests/include/test/psa_crypto_helpers.h
@ -22,11 +22,20 @@
 #define PSA_CRYPTO_HELPERS_H

 #include "test/helpers.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
 #include "test/psa_helpers.h"

 #include <psa/crypto.h>
 #include <psa_crypto_slot_management.h>

+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif
+
+#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
+
 /** Check for things that have not been cleaned up properly in the
 * PSA subsystem.
 *
@ -185,4 +194,29 @@ psa_status_t mbedtls_test_record_status( psa_status_t status,
    }                                                                      \
    while( 0 )

+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+/** \def USE_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO
+ * is enabled and do nothing otherwise. If the initialization fails, mark
+ * the test case as failed and jump to the \p exit label.
+ */
+/** \def USE_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #USE_PSA_INIT.
+ * This is like #PSA_DONE, except that it does nothing if
+ * #MBEDTLS_USE_PSA_CRYPTO is disabled.
+ */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USE_PSA_INIT( ) PSA_INIT( )
+#define USE_PSA_DONE( ) PSA_DONE( )
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+/* Define empty macros so that we can use them in the preamble and teardown
+ * of every test function that uses PSA conditionally based on
+ * MBEDTLS_USE_PSA_CRYPTO. */
+#define USE_PSA_INIT( ) ( (void) 0 )
+#define USE_PSA_DONE( ) ( (void) 0 )
+#endif /* !MBEDTLS_USE_PSA_CRYPTO */
+
 #endif /* PSA_CRYPTO_HELPERS_H */
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@ -5,9 +5,7 @@
 #include <test/macros.h>
 #include <test/helpers.h>
 #include <test/random.h>
-#if defined(MBEDTLS_PSA_CRYPTO_C)
 #include <test/psa_crypto_helpers.h>
-#endif

 #include <stdlib.h>

--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@ -15,18 +15,6 @@
 * unconditionally (https://github.com/ARMmbed/mbedtls/issues/2023). */
 #include "psa/crypto.h"

-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/psa_util.h"
-#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
-#else
-/* Define empty macros so that we can use them in the preamble and teardown
- * of every test function that uses PSA conditionally based on
- * MBEDTLS_USE_PSA_CRYPTO. */
-#define PSA_INIT( ) ( (void) 0 )
-#undef PSA_DONE
-#define PSA_DONE( ) ( (void) 0 )
-#endif
-
 #define RSA_KEY_SIZE 512
 #define RSA_KEY_LEN   64

@ -208,7 +196,7 @@ exit:

    mbedtls_pk_free( &pk ); /* redundant except upon error */
    mbedtls_pk_free( &pk2 );
-    PSA_DONE( );
+    USE_PSA_DONE( );
 }
 /* END_CASE */

@ -770,7 +758,7 @@ void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,
    mbedtls_ecp_keypair *eckey;

    mbedtls_pk_init( &pk );
-    PSA_INIT( );
+    USE_PSA_INIT( );

    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );

@ -787,7 +775,7 @@ void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,

 exit:
    mbedtls_pk_free( &pk );
-    PSA_DONE( );
+    USE_PSA_DONE( );
 }
 /* END_CASE */

@ -911,7 +899,7 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret )
 #endif

    mbedtls_pk_init( &pk );
-    PSA_INIT( );
+    USE_PSA_INIT( );

    memset( hash, 0x2a, sizeof hash );
    memset( sig, 0, sizeof sig );
@ -973,7 +961,7 @@ exit:
    mbedtls_pk_restart_free( rs_ctx );
 #endif
    mbedtls_pk_free( &pk );
-    PSA_DONE( );
+    USE_PSA_DONE( );
 }
 /* END_CASE */

@ -1302,6 +1290,6 @@ exit:
    psa_reset_key_attributes( &attributes );

    mbedtls_pk_free( &pk );
-    PSA_DONE( );
+    USE_PSA_DONE( );
 }
 /* END_CASE */
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@ -3836,9 +3836,7 @@ void ssl_tls_prf( int type, data_t * secret, data_t * random,
    if( output == NULL )
        goto exit;

-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
+    USE_PSA_INIT( );

    TEST_ASSERT( mbedtls_ssl_tls_prf( type, secret->x, secret->len,
                                      label, random->x, random->len,
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@ -610,14 +610,12 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
    char *      cn_name = NULL;
    const mbedtls_x509_crt_profile *profile;

-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
    mbedtls_x509_crt_init( &crt );
    mbedtls_x509_crt_init( &ca );
    mbedtls_x509_crl_init( &crl );

+    USE_PSA_INIT( );
+
    if( strcmp( cn_name_str, "NULL" ) != 0 )
        cn_name = cn_name_str;

@ -712,14 +710,12 @@ void x509_verify_callback( char *crt_file, char *ca_file, char *name,
    uint32_t flags = 0;
    verify_print_context vrfy_ctx;

-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
    mbedtls_x509_crt_init( &crt );
    mbedtls_x509_crt_init( &ca );
    verify_print_init( &vrfy_ctx );

+    USE_PSA_INIT( );
+
    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
    TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );

@ -1024,10 +1020,6 @@ void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int,
    uint32_t flags;
    mbedtls_x509_crt trusted, chain;

-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
    /*
     * We expect chain_dir to contain certificates 00.crt, 01.crt, etc.
     * with NN.crt signed by NN-1.crt
@ -1036,6 +1028,8 @@ void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int,
    mbedtls_x509_crt_init( &trusted );
    mbedtls_x509_crt_init( &chain );

+    USE_PSA_INIT( );
+
    /* Load trusted root */
    TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, ca_file ) == 0 );

@ -1069,13 +1063,11 @@ void mbedtls_x509_crt_verify_chain(  char *chain_paths, char *trusted_ca,
    mbedtls_x509_crt trusted, chain;
    const mbedtls_x509_crt_profile *profile = NULL;

-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
    mbedtls_x509_crt_init( &chain );
    mbedtls_x509_crt_init( &trusted );

+    USE_PSA_INIT( );
+
    while( ( act = mystrsep( &chain_paths, " " ) ) != NULL )
        TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 );
    TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 );
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@ -6,12 +6,6 @@
 #include "mbedtls/oid.h"
 #include "mbedtls/rsa.h"

-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
 #if defined(MBEDTLS_RSA_C)
 int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
                       const unsigned char *input, unsigned char *output,