psa: Initialize crypto in tests that need to
Don't unconditionally enable PSA Crypto for all tests. Only enable it in
tests that require it. This allows crypto tests to check that
psa_crypto_init() fails when it is supposed to fail, since we want to
perform some action in a test, and then call psa_crypto_init() and check
the result without it having been called previously.
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index efe128e..1574556 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -255,20 +255,6 @@
return( -1 );
}
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- {
- psa_status_t status;
- status = psa_crypto_init();
- if( status != PSA_SUCCESS )
- {
- mbedtls_fprintf( stderr,
- "FATAL: Failed to initialize PSA Crypto - error %d\n",
- status );
- return( -1 );
- }
- }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
ret = execute_tests( argc, argv );
platform_teardown();
return( ret );
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index f973399..a7d3a6e 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -962,6 +962,8 @@
#else
if( use_psa == 1 )
{
+ TEST_ASSERT( psa_crypto_init() == 0 );
+
/* PSA requires that the tag immediately follows the ciphertext. */
tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len );
TEST_ASSERT( tmp_cipher != NULL );
@@ -1104,6 +1106,7 @@
#else
if( use_psa == 1 )
{
+ TEST_ASSERT( psa_crypto_init() == 0 );
TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
mbedtls_cipher_info_from_type( cipher_id ), 0 ) );
}
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 05427c0..d85d9ed 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -124,6 +124,8 @@
size_t len;
mbedtls_pk_debug_item dbg;
+ TEST_ASSERT( psa_crypto_init() == 0 );
+
mbedtls_pk_init( &pk );
mbedtls_pk_init( &pk2 );
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 552c494..8914bd0 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -334,6 +334,10 @@
char * cn_name = NULL;
const mbedtls_x509_crt_profile *profile;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
mbedtls_x509_crt_init( &crt );
mbedtls_x509_crt_init( &ca );
mbedtls_x509_crl_init( &crl );
@@ -387,6 +391,10 @@
uint32_t flags = 0;
verify_print_context vrfy_ctx;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
mbedtls_x509_crt_init( &crt );
mbedtls_x509_crt_init( &ca );
verify_print_init( &vrfy_ctx );
@@ -605,6 +613,10 @@
uint32_t flags;
mbedtls_x509_crt trusted, chain;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
/*
* We expect chain_dir to contain certificates 00.crt, 01.crt, etc.
* with NN.crt signed by NN-1.crt
@@ -646,6 +658,10 @@
mbedtls_x509_crt trusted, chain;
const mbedtls_x509_crt_profile *profile = NULL;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
mbedtls_x509_crt_init( &chain );
mbedtls_x509_crt_init( &trusted );