blob: ea6e8c52dc7d4f5fc20199a803b188478267b3d6 [file] [log] [blame]
Gilles Peskine952f4092019-05-23 20:25:48 +02001/*
Gilles Peskine3cff7682019-06-20 12:54:43 +02002 * Helper functions for tests that use the PSA Crypto API.
Gilles Peskine952f4092019-05-23 20:25:48 +02003 */
Bence Szépkúti86974652020-06-15 11:59:37 +02004/*
Bence Szépkúti1e148272020-08-07 13:07:28 +02005 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +00006 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Gilles Peskine952f4092019-05-23 20:25:48 +02007 */
8
Gilles Peskine1838e822019-06-20 12:40:56 +02009#ifndef PSA_CRYPTO_HELPERS_H
10#define PSA_CRYPTO_HELPERS_H
11
Ronald Cron28a45ed2021-02-09 20:35:42 +010012#include "test/helpers.h"
Gilles Peskine9de97e22021-02-02 21:00:11 +010013
Valerio Setti84733902024-06-27 08:05:09 +020014#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
Ronald Cron02c78b72020-05-27 09:22:32 +020015#include "test/psa_helpers.h"
Gilles Peskine3cff7682019-06-20 12:54:43 +020016#include <psa/crypto.h>
Manuel Pégourié-Gonnard9f132b72023-03-14 10:26:46 +010017#endif
Gilles Peskine952f4092019-05-23 20:25:48 +020018
Manuel Pégourié-Gonnard9f132b72023-03-14 10:26:46 +010019#if defined(MBEDTLS_PSA_CRYPTO_C)
20/** Initialize the PSA Crypto subsystem. */
21#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
22
23/** Shut down the PSA Crypto subsystem and destroy persistent keys.
24 * Expect a clean shutdown, with no slots in use.
25 *
26 * If some key slots are still in use, record the test case as failed,
27 * but continue executing. This macro is suitable (and primarily intended)
28 * for use in the cleanup section of test functions.
29 *
30 * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
31 * creating them.
32 */
33#define PSA_DONE() \
34 do \
35 { \
36 mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \
37 mbedtls_test_psa_purge_key_storage(); \
38 mbedtls_psa_crypto_free(); \
39 } \
40 while (0)
Valerio Setti84733902024-06-27 08:05:09 +020041#elif defined(MBEDTLS_PSA_CRYPTO_CLIENT) /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */
42#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
43#define PSA_DONE() mbedtls_psa_crypto_free();
44#else /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */
Manuel Pégourié-Gonnard9f132b72023-03-14 10:26:46 +010045#define PSA_INIT() ((void) 0)
46#define PSA_DONE() ((void) 0)
47#endif /* MBEDTLS_PSA_CRYPTO_C */
48
Valerio Setti84733902024-06-27 08:05:09 +020049#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
Manuel Pégourié-Gonnard9f132b72023-03-14 10:26:46 +010050
Gilles Peskine313ffb82021-02-14 12:51:14 +010051#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
Gilles Peskinee09ef872021-02-14 13:10:38 +010052
53/* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */
Gilles Peskine449bd832023-01-11 14:50:10 +010054int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id);
Gilles Peskinee09ef872021-02-14 13:10:38 +010055
56/** Destroy persistent keys recorded with #TEST_USES_KEY_ID.
57 */
Gilles Peskine449bd832023-01-11 14:50:10 +010058void mbedtls_test_psa_purge_key_storage(void);
Gilles Peskinee09ef872021-02-14 13:10:38 +010059
Gilles Peskineaae718c2021-02-14 13:46:39 +010060/** Purge the in-memory cache of persistent keys recorded with
61 * #TEST_USES_KEY_ID.
Gilles Peskine65048ad2021-02-14 14:08:22 +010062 *
63 * Call this function before calling PSA_DONE() if it's ok for
64 * persistent keys to still exist at this point.
Gilles Peskineaae718c2021-02-14 13:46:39 +010065 */
Gilles Peskine449bd832023-01-11 14:50:10 +010066void mbedtls_test_psa_purge_key_cache(void);
Gilles Peskineaae718c2021-02-14 13:46:39 +010067
Gilles Peskinee09ef872021-02-14 13:10:38 +010068/** \def TEST_USES_KEY_ID
69 *
70 * Call this macro in a test function before potentially creating a
71 * persistent key. Test functions that use this mechanism must call
72 * mbedtls_test_psa_purge_key_storage() in their cleanup code.
73 *
74 * This macro records a persistent key identifier as potentially used in the
75 * current test case. Recorded key identifiers will be cleaned up at the end
76 * of the test case, even on failure.
77 *
78 * This macro has no effect on volatile keys. Therefore, it is safe to call
79 * this macro in a test function that creates either volatile or persistent
80 * keys depending on the test data.
81 *
82 * This macro currently has no effect on special identifiers
83 * used to store implementation-specific files.
84 *
85 * Calling this macro multiple times on the same key identifier in the same
86 * test case has no effect.
87 *
88 * This macro can fail the test case if there isn't enough memory to
89 * record the key id.
90 *
91 * \param key_id The PSA key identifier to record.
92 */
Gilles Peskine449bd832023-01-11 14:50:10 +010093#define TEST_USES_KEY_ID(key_id) \
94 TEST_ASSERT(mbedtls_test_uses_key_id(key_id))
Gilles Peskinee09ef872021-02-14 13:10:38 +010095
Gilles Peskine313ffb82021-02-14 12:51:14 +010096#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
Gilles Peskinee09ef872021-02-14 13:10:38 +010097
Gilles Peskine449bd832023-01-11 14:50:10 +010098#define TEST_USES_KEY_ID(key_id) ((void) (key_id))
99#define mbedtls_test_psa_purge_key_storage() ((void) 0)
100#define mbedtls_test_psa_purge_key_cache() ((void) 0)
Gilles Peskinee09ef872021-02-14 13:10:38 +0100101
Gilles Peskine313ffb82021-02-14 12:51:14 +0100102#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
103
Gilles Peskine1e005652020-11-24 17:41:07 +0100104/** Check for things that have not been cleaned up properly in the
105 * PSA subsystem.
106 *
107 * \return NULL if nothing has leaked.
108 * \return A string literal explaining what has not been cleaned up
109 * if applicable.
110 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100111const char *mbedtls_test_helper_is_psa_leaking(void);
Gilles Peskinedd413d32019-05-28 15:06:43 +0200112
Gilles Peskine3cff7682019-06-20 12:54:43 +0200113/** Check that no PSA Crypto key slots are in use.
Gilles Peskinec85c2012021-01-06 20:47:16 +0100114 *
115 * If any slots are in use, mark the current test as failed and jump to
116 * the exit label. This is equivalent to
117 * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )`
118 * but with a more informative message.
Gilles Peskinedd413d32019-05-28 15:06:43 +0200119 */
Yanray Wange64b4052022-10-28 18:12:01 +0800120#define ASSERT_PSA_PRISTINE() \
Gilles Peskinec85c2012021-01-06 20:47:16 +0100121 do \
122 { \
Yanray Wange64b4052022-10-28 18:12:01 +0800123 if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__)) \
124 goto exit; \
Gilles Peskinec85c2012021-01-06 20:47:16 +0100125 } \
Gilles Peskine449bd832023-01-11 14:50:10 +0100126 while (0)
Gilles Peskinea6d252a2019-05-23 20:34:30 +0200127
Gilles Peskine65048ad2021-02-14 14:08:22 +0100128/** Shut down the PSA Crypto subsystem, allowing persistent keys to survive.
129 * Expect a clean shutdown, with no slots in use.
130 *
131 * If some key slots are still in use, record the test case as failed and
132 * jump to the `exit` label.
133 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100134#define PSA_SESSION_DONE() \
Valerio Setti74483672023-11-24 08:36:12 +0100135 do \
136 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100137 mbedtls_test_psa_purge_key_cache(); \
138 ASSERT_PSA_PRISTINE(); \
139 mbedtls_psa_crypto_free(); \
Valerio Setti74483672023-11-24 08:36:12 +0100140 } \
Gilles Peskine449bd832023-01-11 14:50:10 +0100141 while (0)
Gilles Peskinea6d252a2019-05-23 20:34:30 +0200142
Gilles Peskine51681552019-05-20 19:35:37 +0200143
144
145#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
Gilles Peskine449bd832023-01-11 14:50:10 +0100146psa_status_t mbedtls_test_record_status(psa_status_t status,
147 const char *func,
148 const char *file, int line,
149 const char *expr);
Gilles Peskine51681552019-05-20 19:35:37 +0200150
151/** Return value logging wrapper macro.
152 *
153 * Evaluate \p expr. Write a line recording its value to the log file
154 * #STATUS_LOG_FILE_NAME and return the value. The line is a colon-separated
155 * list of fields:
156 * ```
157 * value of expr:string:__FILE__:__LINE__:expr
158 * ```
159 *
160 * The test code does not call this macro explicitly because that would
161 * be very invasive. Instead, we instrument the source code by defining
162 * a bunch of wrapper macros like
163 * ```
164 * #define psa_crypto_init() RECORD_STATUS("psa_crypto_init", psa_crypto_init())
165 * ```
166 * These macro definitions must be present in `instrument_record_status.h`
167 * when building the test suites.
168 *
169 * \param string A string, normally a function name.
170 * \param expr An expression to evaluate, normally a call of the function
171 * whose name is in \p string. This expression must return
172 * a value of type #psa_status_t.
173 * \return The value of \p expr.
174 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100175#define RECORD_STATUS(string, expr) \
176 mbedtls_test_record_status((expr), string, __FILE__, __LINE__, #expr)
Gilles Peskine51681552019-05-20 19:35:37 +0200177
178#include "instrument_record_status.h"
179
180#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
181
gabor-mezei-arm4ff73032021-05-13 12:05:01 +0200182/** Return extended key usage policies.
183 *
184 * Do a key policy permission extension on key usage policies always involves
185 * permissions of other usage policies
Tom Cosgrove1797b052022-12-04 17:19:59 +0000186 * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSAGE).
gabor-mezei-arm4ff73032021-05-13 12:05:01 +0200187 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100188psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags);
gabor-mezei-arm4ff73032021-05-13 12:05:01 +0200189
Yanray Wange64b4052022-10-28 18:12:01 +0800190/** Check that no PSA Crypto key slots are in use.
191 *
192 * If any slots are in use, mark the current test as failed.
193 *
194 * \return 0 if the key store is empty, 1 otherwise.
195 */
196int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename);
197
Gilles Peskinea08def92023-04-28 21:01:49 +0200198
199
200#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
201/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform
202 * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
203 * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions
204 * is to read and write from the entropy seed file, which is located
205 * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID.
206 * (These could have been provided as library functions, but for historical
207 * reasons, they weren't, and so each integrator has to provide a copy
208 * of these functions.)
209 *
210 * Provide implementations of these functions for testing. */
211int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len);
212int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len);
Gilles Peskinec2d16b22023-04-28 23:39:45 +0200213
214
215/** Make sure that the injected entropy is present.
216 *
217 * When MBEDTLS_PSA_INJECT_ENTROPY is enabled, psa_crypto_init()
218 * will fail if the PSA entropy seed is not present.
219 * This function must be called at least once in a test suite or other
220 * program before any call to psa_crypto_init().
221 * It does not need to be called in each test case.
222 *
223 * The test framework calls this function before running any test case.
224 *
225 * The few tests that might remove the entropy file must call this function
226 * in their cleanup.
227 */
228int mbedtls_test_inject_entropy_restore(void);
Gilles Peskinea08def92023-04-28 21:01:49 +0200229#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
230
Kusumit Ghoderaoac7a04a2023-08-18 13:47:47 +0530231/** Parse binary string and convert it to a long integer
232 */
Kusumit Ghoderao7c61ffc2023-09-05 19:29:47 +0530233uint64_t mbedtls_test_parse_binary_string(data_t *bin_string);
Gilles Peskinea08def92023-04-28 21:01:49 +0200234
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100235/** Skip a test case if the given key is a 192 bits AES key and the AES
236 * implementation is at least partially provided by an accelerator or
Ronald Cron28a45ed2021-02-09 20:35:42 +0100237 * alternative implementation.
238 *
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100239 * Call this macro in a test case when a cryptographic operation that may
240 * involve an AES operation returns a #PSA_ERROR_NOT_SUPPORTED error code.
241 * The macro call will skip and not fail the test case in case the operation
242 * involves a 192 bits AES key and the AES implementation is at least
243 * partially provided by an accelerator or alternative implementation.
244 *
245 * Hardware AES implementations not supporting 192 bits keys commonly exist.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100246 * Consequently, PSA test cases aim at not failing when an AES operation with
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100247 * a 192 bits key performed by an alternative AES implementation returns
248 * with the #PSA_ERROR_NOT_SUPPORTED error code. The purpose of this macro
249 * is to facilitate this and make the test case code more readable.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100250 *
251 * \param key_type Key type
252 * \param key_bits Key length in number of bits.
253 */
Thomas Daubney41376092024-06-04 16:37:42 +0100254#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100255 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
256#define MBEDTLS_TEST_HAVE_ALT_AES 1
257#else
258#define MBEDTLS_TEST_HAVE_ALT_AES 0
259#endif
260
Gilles Peskine449bd832023-01-11 14:50:10 +0100261#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_bits) \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100262 do \
263 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100264 if ((MBEDTLS_TEST_HAVE_ALT_AES) && \
265 ((key_type) == PSA_KEY_TYPE_AES) && \
266 (key_bits == 192)) \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100267 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100268 mbedtls_test_skip("AES-192 not supported", __LINE__, __FILE__); \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100269 goto exit; \
270 } \
271 } \
Gilles Peskine449bd832023-01-11 14:50:10 +0100272 while (0)
Ronald Cron28a45ed2021-02-09 20:35:42 +0100273
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100274/** Skip a test case if a GCM operation with a nonce length different from
275 * 12 bytes fails and was performed by an accelerator or alternative
276 * implementation.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100277 *
278 * Call this macro in a test case when an AEAD cryptography operation that
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100279 * may involve the GCM mode returns with a #PSA_ERROR_NOT_SUPPORTED error
280 * code. The macro call will skip and not fail the test case in case the
281 * operation involves the GCM mode, a nonce with a length different from
282 * 12 bytes and the GCM mode implementation is an alternative one.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100283 *
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100284 * Hardware GCM implementations not supporting nonce lengths different from
285 * 12 bytes commonly exist, as supporting a non-12-byte nonce requires
286 * additional computations involving the GHASH function.
287 * Consequently, PSA test cases aim at not failing when an AEAD operation in
288 * GCM mode with a nonce length different from 12 bytes is performed by an
289 * alternative GCM implementation and returns with a #PSA_ERROR_NOT_SUPPORTED
290 * error code. The purpose of this macro is to facilitate this check and make
291 * the test case code more readable.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100292 *
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100293 * \param alg The AEAD algorithm.
294 * \param nonce_length The nonce length in number of bytes.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100295 */
Ronald Cron28a45ed2021-02-09 20:35:42 +0100296
Thomas Daubney356309f2024-06-18 13:32:26 +0100297#if defined(MBEDTLS_PSA_ACCEL_ALG_GCM)
298#define MBEDTLS_TEST_HAVE_ACCEL_GCM 1
299#else
300#define MBEDTLS_TEST_HAVE_ACCEL_GCM 0
301#endif
302
Gilles Peskine449bd832023-01-11 14:50:10 +0100303#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, \
304 nonce_length) \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100305 do \
306 { \
Thomas Daubney356309f2024-06-18 13:32:26 +0100307 if ((MBEDTLS_TEST_HAVE_ACCEL_GCM) && \
Gilles Peskine449bd832023-01-11 14:50:10 +0100308 (PSA_ALG_AEAD_WITH_SHORTENED_TAG((alg), 0) == \
309 PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)) && \
310 ((nonce_length) != 12)) \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100311 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100312 mbedtls_test_skip("GCM with non-12-byte IV is not supported", __LINE__, __FILE__); \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100313 goto exit; \
314 } \
315 } \
Gilles Peskine449bd832023-01-11 14:50:10 +0100316 while (0)
Ronald Cron28a45ed2021-02-09 20:35:42 +0100317
Valerio Setti84733902024-06-27 08:05:09 +0200318#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
Gilles Peskine9de97e22021-02-02 21:00:11 +0100319
320/** \def USE_PSA_INIT
321 *
322 * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO
Ronald Cron3cec8e82022-03-27 14:34:09 +0200323 * or #MBEDTLS_SSL_PROTO_TLS1_3 (In contrast to TLS 1.2 implementation, the
324 * TLS 1.3 one uses PSA independently of the definition of
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100325 * #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise.
326 *
327 * If the initialization fails, mark the test case as failed and jump to the
328 * \p exit label.
Gilles Peskine9de97e22021-02-02 21:00:11 +0100329 */
330/** \def USE_PSA_DONE
331 *
332 * Call this macro at the end of a test case if you called #USE_PSA_INIT.
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100333 *
334 * This is like #PSA_DONE except it does nothing under the same conditions as
335 * #USE_PSA_INIT.
Gilles Peskine9de97e22021-02-02 21:00:11 +0100336 */
Ronald Cron3cec8e82022-03-27 14:34:09 +0200337#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
Gilles Peskine449bd832023-01-11 14:50:10 +0100338#define USE_PSA_INIT() PSA_INIT()
339#define USE_PSA_DONE() PSA_DONE()
Ronald Cron3cec8e82022-03-27 14:34:09 +0200340#else /* MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3 */
Gilles Peskine9de97e22021-02-02 21:00:11 +0100341/* Define empty macros so that we can use them in the preamble and teardown
342 * of every test function that uses PSA conditionally based on
343 * MBEDTLS_USE_PSA_CRYPTO. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100344#define USE_PSA_INIT() ((void) 0)
345#define USE_PSA_DONE() ((void) 0)
Ronald Cron3cec8e82022-03-27 14:34:09 +0200346#endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */
Gilles Peskine9de97e22021-02-02 21:00:11 +0100347
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100348/** \def MD_PSA_INIT
349 *
350 * Call this macro to initialize the PSA subsystem if MD uses a driver,
351 * and do nothing otherwise.
352 *
353 * If the initialization fails, mark the test case as failed and jump to the
354 * \p exit label.
355 */
356/** \def MD_PSA_DONE
357 *
358 * Call this macro at the end of a test case if you called #MD_PSA_INIT.
359 *
360 * This is like #PSA_DONE except it does nothing under the same conditions as
361 * #MD_PSA_INIT.
362 */
363#if defined(MBEDTLS_MD_SOME_PSA)
364#define MD_PSA_INIT() PSA_INIT()
365#define MD_PSA_DONE() PSA_DONE()
366#else /* MBEDTLS_MD_SOME_PSA */
367#define MD_PSA_INIT() ((void) 0)
368#define MD_PSA_DONE() ((void) 0)
369#endif /* MBEDTLS_MD_SOME_PSA */
370
Valerio Setti10e9aa22023-12-12 11:54:20 +0100371/** \def BLOCK_CIPHER_PSA_INIT
372 *
373 * Call this macro to initialize the PSA subsystem if BLOCK_CIPHER uses a driver,
374 * and do nothing otherwise.
375 *
376 * If the initialization fails, mark the test case as failed and jump to the
377 * \p exit label.
378 */
379/** \def BLOCK_CIPHER_PSA_DONE
380 *
381 * Call this macro at the end of a test case if you called #BLOCK_CIPHER_PSA_INIT.
382 *
383 * This is like #PSA_DONE except it does nothing under the same conditions as
384 * #BLOCK_CIPHER_PSA_INIT.
385 */
386#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
387#define BLOCK_CIPHER_PSA_INIT() PSA_INIT()
388#define BLOCK_CIPHER_PSA_DONE() PSA_DONE()
389#else /* MBEDTLS_MD_SOME_PSA */
390#define BLOCK_CIPHER_PSA_INIT() ((void) 0)
391#define BLOCK_CIPHER_PSA_DONE() ((void) 0)
392#endif /* MBEDTLS_MD_SOME_PSA */
393
394
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100395/** \def MD_OR_USE_PSA_INIT
396 *
397 * Call this macro to initialize the PSA subsystem if MD uses a driver,
Manuel Pégourié-Gonnard161dca62023-03-21 16:22:59 +0100398 * or if #MBEDTLS_USE_PSA_CRYPTO or #MBEDTLS_SSL_PROTO_TLS1_3 is enabled,
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100399 * and do nothing otherwise.
400 *
401 * If the initialization fails, mark the test case as failed and jump to the
402 * \p exit label.
403 */
404/** \def MD_OR_USE_PSA_DONE
405 *
406 * Call this macro at the end of a test case if you called #MD_OR_USE_PSA_INIT.
407 *
408 * This is like #PSA_DONE except it does nothing under the same conditions as
409 * #MD_OR_USE_PSA_INIT.
410 */
411#if defined(MBEDTLS_MD_SOME_PSA) || \
412 defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
413#define MD_OR_USE_PSA_INIT() PSA_INIT()
414#define MD_OR_USE_PSA_DONE() PSA_DONE()
415#else
416#define MD_OR_USE_PSA_INIT() ((void) 0)
417#define MD_OR_USE_PSA_DONE() ((void) 0)
418#endif
419
Valerio Settidc32ac22023-11-13 10:27:56 +0100420/** \def AES_PSA_INIT
421 *
422 * Call this macro to initialize the PSA subsystem if AES_C is not defined,
423 * so that CTR_DRBG uses PSA implementation to get AES-ECB.
424 *
425 * If the initialization fails, mark the test case as failed and jump to the
426 * \p exit label.
427 */
428/** \def AES_PSA_DONE
429 *
430 * Call this macro at the end of a test case if you called #AES_PSA_INIT.
431 *
432 * This is like #PSA_DONE except it does nothing under the same conditions as
433 * #AES_PSA_INIT.
434 */
435#if defined(MBEDTLS_AES_C)
436#define AES_PSA_INIT() ((void) 0)
437#define AES_PSA_DONE() ((void) 0)
438#else /* MBEDTLS_AES_C */
439#define AES_PSA_INIT() PSA_INIT()
440#define AES_PSA_DONE() PSA_DONE()
441#endif /* MBEDTLS_AES_C */
442
Gilles Peskine1838e822019-06-20 12:40:56 +0200443#endif /* PSA_CRYPTO_HELPERS_H */