commit 5386f6ba071a36e105b52cd5c6dc3efbc07633c0
author Gilles Peskine <Gilles.Peskine@arm.com> Thu Aug 01 12:47:40 2019 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Thu Aug 01 13:11:47 2019 +0200
tree 0f985fac6d5582833acb6f3057fe5f1a51ccddb3
parent 8b66389d0deb2553f9f1f2d12be785c9695cec26

Fix PSA init/deinit in mbedtls_xxx tests when using PSA

In tests of mbedtls_cipher_xxx and mbedtls_pk_xxx with
MBEDTLS_USE_PSA_CRYPTO enabled, initialize and deinitialize the PSA
subsystem in every function. Before, the tests were only passing
because the first function to be called happened to call
psa_crypto_init() but not mbedtls_psa_crypto_free(). In some
configurations (not tested on CI), psa_crypto_init() was not called so
the tests using PSA failed.

Call PSA_DONE() at the end of each test function. This ensures that no
resources are leaked in the form of PSA crypto slot contents.
Incidentally, this also fixes a build error due to
test_helper_psa_done() being unused in test_suite_pk: the fact that it
wasn't used betrayed the missing calls to PSA_DONE().

tests/suites/test_suite_cipher.function

diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 1ea1408..f6367f1 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -4,6 +4,11 @@
 #if defined(MBEDTLS_GCM_C)
 #include "mbedtls/gcm.h"
 #endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa_crypto_helpers.h"
+#endif
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -982,7 +987,7 @@
 #else
     if( use_psa == 1 )
     {
-        TEST_ASSERT( psa_crypto_init() == 0 );
+        PSA_ASSERT( psa_crypto_init( ) );
 
         /* PSA requires that the tag immediately follows the ciphertext. */
         tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len );
@@ -1066,14 +1071,15 @@
 
 exit:
 
+    mbedtls_cipher_free( &ctx );
+
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( use_psa == 1 )
     {
         mbedtls_free( tmp_cipher );
+        PSA_DONE( );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    mbedtls_cipher_free( &ctx );
 }
 /* END_CASE */
 
@@ -1143,7 +1149,7 @@
 #else
     if( use_psa == 1 )
     {
-        TEST_ASSERT( psa_crypto_init() == 0 );
+        PSA_ASSERT( psa_crypto_init( ) );
         TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
                               mbedtls_cipher_info_from_type( cipher_id ), 0 ) );
     }
@@ -1172,6 +1178,9 @@
 
 exit:
     mbedtls_cipher_free( &ctx );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    PSA_DONE( );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 }
 /* END_CASE */