blob: 7393d81dc34e0e7779576dc423ad4ffe6cd7778b [file] [log] [blame]
Gilles Peskine952f4092019-05-23 20:25:48 +02001/*
Gilles Peskine3cff7682019-06-20 12:54:43 +02002 * Helper functions for tests that use the PSA Crypto API.
Gilles Peskine952f4092019-05-23 20:25:48 +02003 */
Bence Szépkúti86974652020-06-15 11:59:37 +02004/*
Bence Szépkúti1e148272020-08-07 13:07:28 +02005 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +00006 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Gilles Peskine952f4092019-05-23 20:25:48 +02007 */
8
Gilles Peskine1838e822019-06-20 12:40:56 +02009#ifndef PSA_CRYPTO_HELPERS_H
10#define PSA_CRYPTO_HELPERS_H
11
Ronald Cron28a45ed2021-02-09 20:35:42 +010012#include "test/helpers.h"
Gilles Peskine9de97e22021-02-02 21:00:11 +010013
Valerio Setti84733902024-06-27 08:05:09 +020014#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
Ronald Cron02c78b72020-05-27 09:22:32 +020015#include "test/psa_helpers.h"
Gilles Peskine3cff7682019-06-20 12:54:43 +020016#include <psa/crypto.h>
Manuel Pégourié-Gonnard9f132b72023-03-14 10:26:46 +010017#endif
Gilles Peskine952f4092019-05-23 20:25:48 +020018
Manuel Pégourié-Gonnard9f132b72023-03-14 10:26:46 +010019#if defined(MBEDTLS_PSA_CRYPTO_C)
20/** Initialize the PSA Crypto subsystem. */
21#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
22
23/** Shut down the PSA Crypto subsystem and destroy persistent keys.
24 * Expect a clean shutdown, with no slots in use.
25 *
26 * If some key slots are still in use, record the test case as failed,
27 * but continue executing. This macro is suitable (and primarily intended)
28 * for use in the cleanup section of test functions.
29 *
30 * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
31 * creating them.
32 */
33#define PSA_DONE() \
34 do \
35 { \
36 mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \
37 mbedtls_test_psa_purge_key_storage(); \
38 mbedtls_psa_crypto_free(); \
39 } \
40 while (0)
Valerio Setti84733902024-06-27 08:05:09 +020041#elif defined(MBEDTLS_PSA_CRYPTO_CLIENT) /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */
42#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
43#define PSA_DONE() mbedtls_psa_crypto_free();
44#else /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */
Manuel Pégourié-Gonnard9f132b72023-03-14 10:26:46 +010045#define PSA_INIT() ((void) 0)
46#define PSA_DONE() ((void) 0)
47#endif /* MBEDTLS_PSA_CRYPTO_C */
48
Valerio Setti84733902024-06-27 08:05:09 +020049#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
Manuel Pégourié-Gonnard9f132b72023-03-14 10:26:46 +010050
Gilles Peskine313ffb82021-02-14 12:51:14 +010051#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
Gilles Peskinee09ef872021-02-14 13:10:38 +010052
53/* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */
Gilles Peskine449bd832023-01-11 14:50:10 +010054int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id);
Gilles Peskinee09ef872021-02-14 13:10:38 +010055
56/** Destroy persistent keys recorded with #TEST_USES_KEY_ID.
57 */
Gilles Peskine449bd832023-01-11 14:50:10 +010058void mbedtls_test_psa_purge_key_storage(void);
Gilles Peskinee09ef872021-02-14 13:10:38 +010059
Gilles Peskineaae718c2021-02-14 13:46:39 +010060/** Purge the in-memory cache of persistent keys recorded with
61 * #TEST_USES_KEY_ID.
Gilles Peskine65048ad2021-02-14 14:08:22 +010062 *
63 * Call this function before calling PSA_DONE() if it's ok for
64 * persistent keys to still exist at this point.
Gilles Peskineaae718c2021-02-14 13:46:39 +010065 */
Gilles Peskine449bd832023-01-11 14:50:10 +010066void mbedtls_test_psa_purge_key_cache(void);
Gilles Peskineaae718c2021-02-14 13:46:39 +010067
Gilles Peskinee09ef872021-02-14 13:10:38 +010068/** \def TEST_USES_KEY_ID
69 *
70 * Call this macro in a test function before potentially creating a
71 * persistent key. Test functions that use this mechanism must call
72 * mbedtls_test_psa_purge_key_storage() in their cleanup code.
73 *
74 * This macro records a persistent key identifier as potentially used in the
75 * current test case. Recorded key identifiers will be cleaned up at the end
76 * of the test case, even on failure.
77 *
78 * This macro has no effect on volatile keys. Therefore, it is safe to call
79 * this macro in a test function that creates either volatile or persistent
80 * keys depending on the test data.
81 *
82 * This macro currently has no effect on special identifiers
83 * used to store implementation-specific files.
84 *
85 * Calling this macro multiple times on the same key identifier in the same
86 * test case has no effect.
87 *
88 * This macro can fail the test case if there isn't enough memory to
89 * record the key id.
90 *
91 * \param key_id The PSA key identifier to record.
92 */
Gilles Peskine449bd832023-01-11 14:50:10 +010093#define TEST_USES_KEY_ID(key_id) \
94 TEST_ASSERT(mbedtls_test_uses_key_id(key_id))
Gilles Peskinee09ef872021-02-14 13:10:38 +010095
Gilles Peskine313ffb82021-02-14 12:51:14 +010096#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
Gilles Peskinee09ef872021-02-14 13:10:38 +010097
Gilles Peskine449bd832023-01-11 14:50:10 +010098#define TEST_USES_KEY_ID(key_id) ((void) (key_id))
99#define mbedtls_test_psa_purge_key_storage() ((void) 0)
100#define mbedtls_test_psa_purge_key_cache() ((void) 0)
Gilles Peskinee09ef872021-02-14 13:10:38 +0100101
Gilles Peskine313ffb82021-02-14 12:51:14 +0100102#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
103
Gilles Peskine1e005652020-11-24 17:41:07 +0100104/** Check for things that have not been cleaned up properly in the
105 * PSA subsystem.
106 *
107 * \return NULL if nothing has leaked.
108 * \return A string literal explaining what has not been cleaned up
109 * if applicable.
110 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100111const char *mbedtls_test_helper_is_psa_leaking(void);
Gilles Peskinedd413d32019-05-28 15:06:43 +0200112
Gilles Peskine3cff7682019-06-20 12:54:43 +0200113/** Check that no PSA Crypto key slots are in use.
Gilles Peskinec85c2012021-01-06 20:47:16 +0100114 *
115 * If any slots are in use, mark the current test as failed and jump to
116 * the exit label. This is equivalent to
117 * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )`
118 * but with a more informative message.
Gilles Peskinedd413d32019-05-28 15:06:43 +0200119 */
Yanray Wange64b4052022-10-28 18:12:01 +0800120#define ASSERT_PSA_PRISTINE() \
Gilles Peskinec85c2012021-01-06 20:47:16 +0100121 do \
122 { \
Yanray Wange64b4052022-10-28 18:12:01 +0800123 if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__)) \
124 goto exit; \
Gilles Peskinec85c2012021-01-06 20:47:16 +0100125 } \
Gilles Peskine449bd832023-01-11 14:50:10 +0100126 while (0)
Gilles Peskinea6d252a2019-05-23 20:34:30 +0200127
Gilles Peskine65048ad2021-02-14 14:08:22 +0100128/** Shut down the PSA Crypto subsystem, allowing persistent keys to survive.
129 * Expect a clean shutdown, with no slots in use.
130 *
131 * If some key slots are still in use, record the test case as failed and
132 * jump to the `exit` label.
133 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100134#define PSA_SESSION_DONE() \
Valerio Setti74483672023-11-24 08:36:12 +0100135 do \
136 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100137 mbedtls_test_psa_purge_key_cache(); \
138 ASSERT_PSA_PRISTINE(); \
139 mbedtls_psa_crypto_free(); \
Valerio Setti74483672023-11-24 08:36:12 +0100140 } \
Gilles Peskine449bd832023-01-11 14:50:10 +0100141 while (0)
Gilles Peskinea6d252a2019-05-23 20:34:30 +0200142
Gilles Peskine51681552019-05-20 19:35:37 +0200143
144
145#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
Gilles Peskine449bd832023-01-11 14:50:10 +0100146psa_status_t mbedtls_test_record_status(psa_status_t status,
147 const char *func,
148 const char *file, int line,
149 const char *expr);
Gilles Peskine51681552019-05-20 19:35:37 +0200150
151/** Return value logging wrapper macro.
152 *
153 * Evaluate \p expr. Write a line recording its value to the log file
154 * #STATUS_LOG_FILE_NAME and return the value. The line is a colon-separated
155 * list of fields:
156 * ```
157 * value of expr:string:__FILE__:__LINE__:expr
158 * ```
159 *
160 * The test code does not call this macro explicitly because that would
161 * be very invasive. Instead, we instrument the source code by defining
162 * a bunch of wrapper macros like
163 * ```
164 * #define psa_crypto_init() RECORD_STATUS("psa_crypto_init", psa_crypto_init())
165 * ```
166 * These macro definitions must be present in `instrument_record_status.h`
167 * when building the test suites.
168 *
169 * \param string A string, normally a function name.
170 * \param expr An expression to evaluate, normally a call of the function
171 * whose name is in \p string. This expression must return
172 * a value of type #psa_status_t.
173 * \return The value of \p expr.
174 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100175#define RECORD_STATUS(string, expr) \
176 mbedtls_test_record_status((expr), string, __FILE__, __LINE__, #expr)
Gilles Peskine51681552019-05-20 19:35:37 +0200177
178#include "instrument_record_status.h"
179
180#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
181
gabor-mezei-arm4ff73032021-05-13 12:05:01 +0200182/** Return extended key usage policies.
183 *
184 * Do a key policy permission extension on key usage policies always involves
185 * permissions of other usage policies
Tom Cosgrove1797b052022-12-04 17:19:59 +0000186 * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSAGE).
gabor-mezei-arm4ff73032021-05-13 12:05:01 +0200187 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100188psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags);
gabor-mezei-arm4ff73032021-05-13 12:05:01 +0200189
Yanray Wange64b4052022-10-28 18:12:01 +0800190/** Check that no PSA Crypto key slots are in use.
191 *
192 * If any slots are in use, mark the current test as failed.
193 *
194 * \return 0 if the key store is empty, 1 otherwise.
195 */
196int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename);
197
Gilles Peskinea08def92023-04-28 21:01:49 +0200198
199
200#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
201/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform
202 * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
203 * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions
204 * is to read and write from the entropy seed file, which is located
205 * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID.
206 * (These could have been provided as library functions, but for historical
207 * reasons, they weren't, and so each integrator has to provide a copy
208 * of these functions.)
209 *
210 * Provide implementations of these functions for testing. */
211int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len);
212int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len);
Gilles Peskinec2d16b22023-04-28 23:39:45 +0200213
214
215/** Make sure that the injected entropy is present.
216 *
217 * When MBEDTLS_PSA_INJECT_ENTROPY is enabled, psa_crypto_init()
218 * will fail if the PSA entropy seed is not present.
219 * This function must be called at least once in a test suite or other
220 * program before any call to psa_crypto_init().
221 * It does not need to be called in each test case.
222 *
223 * The test framework calls this function before running any test case.
224 *
225 * The few tests that might remove the entropy file must call this function
226 * in their cleanup.
227 */
228int mbedtls_test_inject_entropy_restore(void);
Gilles Peskinea08def92023-04-28 21:01:49 +0200229#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
230
Kusumit Ghoderaoac7a04a2023-08-18 13:47:47 +0530231/** Parse binary string and convert it to a long integer
232 */
Kusumit Ghoderao7c61ffc2023-09-05 19:29:47 +0530233uint64_t mbedtls_test_parse_binary_string(data_t *bin_string);
Gilles Peskinea08def92023-04-28 21:01:49 +0200234
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100235/** Skip a test case if the given key is a 192 bits AES key and the AES
236 * implementation is at least partially provided by an accelerator or
Ronald Cron28a45ed2021-02-09 20:35:42 +0100237 * alternative implementation.
238 *
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100239 * Call this macro in a test case when a cryptographic operation that may
240 * involve an AES operation returns a #PSA_ERROR_NOT_SUPPORTED error code.
241 * The macro call will skip and not fail the test case in case the operation
242 * involves a 192 bits AES key and the AES implementation is at least
243 * partially provided by an accelerator or alternative implementation.
244 *
245 * Hardware AES implementations not supporting 192 bits keys commonly exist.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100246 * Consequently, PSA test cases aim at not failing when an AES operation with
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100247 * a 192 bits key performed by an alternative AES implementation returns
248 * with the #PSA_ERROR_NOT_SUPPORTED error code. The purpose of this macro
249 * is to facilitate this and make the test case code more readable.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100250 *
251 * \param key_type Key type
252 * \param key_bits Key length in number of bits.
253 */
254#if defined(MBEDTLS_AES_ALT) || \
255 defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
256 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
257#define MBEDTLS_TEST_HAVE_ALT_AES 1
258#else
259#define MBEDTLS_TEST_HAVE_ALT_AES 0
260#endif
261
Gilles Peskine449bd832023-01-11 14:50:10 +0100262#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_bits) \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100263 do \
264 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100265 if ((MBEDTLS_TEST_HAVE_ALT_AES) && \
266 ((key_type) == PSA_KEY_TYPE_AES) && \
267 (key_bits == 192)) \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100268 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100269 mbedtls_test_skip("AES-192 not supported", __LINE__, __FILE__); \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100270 goto exit; \
271 } \
272 } \
Gilles Peskine449bd832023-01-11 14:50:10 +0100273 while (0)
Ronald Cron28a45ed2021-02-09 20:35:42 +0100274
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100275/** Skip a test case if a GCM operation with a nonce length different from
276 * 12 bytes fails and was performed by an accelerator or alternative
277 * implementation.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100278 *
279 * Call this macro in a test case when an AEAD cryptography operation that
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100280 * may involve the GCM mode returns with a #PSA_ERROR_NOT_SUPPORTED error
281 * code. The macro call will skip and not fail the test case in case the
282 * operation involves the GCM mode, a nonce with a length different from
283 * 12 bytes and the GCM mode implementation is an alternative one.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100284 *
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100285 * Hardware GCM implementations not supporting nonce lengths different from
286 * 12 bytes commonly exist, as supporting a non-12-byte nonce requires
287 * additional computations involving the GHASH function.
288 * Consequently, PSA test cases aim at not failing when an AEAD operation in
289 * GCM mode with a nonce length different from 12 bytes is performed by an
290 * alternative GCM implementation and returns with a #PSA_ERROR_NOT_SUPPORTED
291 * error code. The purpose of this macro is to facilitate this check and make
292 * the test case code more readable.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100293 *
Steven Cooreman1e9c0422021-02-10 17:02:05 +0100294 * \param alg The AEAD algorithm.
295 * \param nonce_length The nonce length in number of bytes.
Ronald Cron28a45ed2021-02-09 20:35:42 +0100296 */
Ronald Cron28a45ed2021-02-09 20:35:42 +0100297#if defined(MBEDTLS_GCM_ALT) || \
298 defined(MBEDTLS_PSA_ACCEL_ALG_GCM)
299#define MBEDTLS_TEST_HAVE_ALT_GCM 1
300#else
301#define MBEDTLS_TEST_HAVE_ALT_GCM 0
302#endif
303
Gilles Peskine449bd832023-01-11 14:50:10 +0100304#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, \
305 nonce_length) \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100306 do \
307 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100308 if ((MBEDTLS_TEST_HAVE_ALT_GCM) && \
309 (PSA_ALG_AEAD_WITH_SHORTENED_TAG((alg), 0) == \
310 PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)) && \
311 ((nonce_length) != 12)) \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100312 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100313 mbedtls_test_skip("GCM with non-12-byte IV is not supported", __LINE__, __FILE__); \
Ronald Cron28a45ed2021-02-09 20:35:42 +0100314 goto exit; \
315 } \
316 } \
Gilles Peskine449bd832023-01-11 14:50:10 +0100317 while (0)
Ronald Cron28a45ed2021-02-09 20:35:42 +0100318
Valerio Setti84733902024-06-27 08:05:09 +0200319#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
Gilles Peskine9de97e22021-02-02 21:00:11 +0100320
321/** \def USE_PSA_INIT
322 *
323 * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO
Ronald Cron3cec8e82022-03-27 14:34:09 +0200324 * or #MBEDTLS_SSL_PROTO_TLS1_3 (In contrast to TLS 1.2 implementation, the
325 * TLS 1.3 one uses PSA independently of the definition of
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100326 * #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise.
327 *
328 * If the initialization fails, mark the test case as failed and jump to the
329 * \p exit label.
Gilles Peskine9de97e22021-02-02 21:00:11 +0100330 */
331/** \def USE_PSA_DONE
332 *
333 * Call this macro at the end of a test case if you called #USE_PSA_INIT.
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100334 *
335 * This is like #PSA_DONE except it does nothing under the same conditions as
336 * #USE_PSA_INIT.
Gilles Peskine9de97e22021-02-02 21:00:11 +0100337 */
Ronald Cron3cec8e82022-03-27 14:34:09 +0200338#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
Gilles Peskine449bd832023-01-11 14:50:10 +0100339#define USE_PSA_INIT() PSA_INIT()
340#define USE_PSA_DONE() PSA_DONE()
Ronald Cron3cec8e82022-03-27 14:34:09 +0200341#else /* MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3 */
Gilles Peskine9de97e22021-02-02 21:00:11 +0100342/* Define empty macros so that we can use them in the preamble and teardown
343 * of every test function that uses PSA conditionally based on
344 * MBEDTLS_USE_PSA_CRYPTO. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100345#define USE_PSA_INIT() ((void) 0)
346#define USE_PSA_DONE() ((void) 0)
Ronald Cron3cec8e82022-03-27 14:34:09 +0200347#endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */
Gilles Peskine9de97e22021-02-02 21:00:11 +0100348
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100349/** \def MD_PSA_INIT
350 *
351 * Call this macro to initialize the PSA subsystem if MD uses a driver,
352 * and do nothing otherwise.
353 *
354 * If the initialization fails, mark the test case as failed and jump to the
355 * \p exit label.
356 */
357/** \def MD_PSA_DONE
358 *
359 * Call this macro at the end of a test case if you called #MD_PSA_INIT.
360 *
361 * This is like #PSA_DONE except it does nothing under the same conditions as
362 * #MD_PSA_INIT.
363 */
364#if defined(MBEDTLS_MD_SOME_PSA)
365#define MD_PSA_INIT() PSA_INIT()
366#define MD_PSA_DONE() PSA_DONE()
367#else /* MBEDTLS_MD_SOME_PSA */
368#define MD_PSA_INIT() ((void) 0)
369#define MD_PSA_DONE() ((void) 0)
370#endif /* MBEDTLS_MD_SOME_PSA */
371
Valerio Setti10e9aa22023-12-12 11:54:20 +0100372/** \def BLOCK_CIPHER_PSA_INIT
373 *
374 * Call this macro to initialize the PSA subsystem if BLOCK_CIPHER uses a driver,
375 * and do nothing otherwise.
376 *
377 * If the initialization fails, mark the test case as failed and jump to the
378 * \p exit label.
379 */
380/** \def BLOCK_CIPHER_PSA_DONE
381 *
382 * Call this macro at the end of a test case if you called #BLOCK_CIPHER_PSA_INIT.
383 *
384 * This is like #PSA_DONE except it does nothing under the same conditions as
385 * #BLOCK_CIPHER_PSA_INIT.
386 */
387#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
388#define BLOCK_CIPHER_PSA_INIT() PSA_INIT()
389#define BLOCK_CIPHER_PSA_DONE() PSA_DONE()
390#else /* MBEDTLS_MD_SOME_PSA */
391#define BLOCK_CIPHER_PSA_INIT() ((void) 0)
392#define BLOCK_CIPHER_PSA_DONE() ((void) 0)
393#endif /* MBEDTLS_MD_SOME_PSA */
394
395
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100396/** \def MD_OR_USE_PSA_INIT
397 *
398 * Call this macro to initialize the PSA subsystem if MD uses a driver,
Manuel Pégourié-Gonnard161dca62023-03-21 16:22:59 +0100399 * or if #MBEDTLS_USE_PSA_CRYPTO or #MBEDTLS_SSL_PROTO_TLS1_3 is enabled,
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100400 * and do nothing otherwise.
401 *
402 * If the initialization fails, mark the test case as failed and jump to the
403 * \p exit label.
404 */
405/** \def MD_OR_USE_PSA_DONE
406 *
407 * Call this macro at the end of a test case if you called #MD_OR_USE_PSA_INIT.
408 *
409 * This is like #PSA_DONE except it does nothing under the same conditions as
410 * #MD_OR_USE_PSA_INIT.
411 */
412#if defined(MBEDTLS_MD_SOME_PSA) || \
413 defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
414#define MD_OR_USE_PSA_INIT() PSA_INIT()
415#define MD_OR_USE_PSA_DONE() PSA_DONE()
416#else
417#define MD_OR_USE_PSA_INIT() ((void) 0)
418#define MD_OR_USE_PSA_DONE() ((void) 0)
419#endif
420
Valerio Settidc32ac22023-11-13 10:27:56 +0100421/** \def AES_PSA_INIT
422 *
423 * Call this macro to initialize the PSA subsystem if AES_C is not defined,
424 * so that CTR_DRBG uses PSA implementation to get AES-ECB.
425 *
426 * If the initialization fails, mark the test case as failed and jump to the
427 * \p exit label.
428 */
429/** \def AES_PSA_DONE
430 *
431 * Call this macro at the end of a test case if you called #AES_PSA_INIT.
432 *
433 * This is like #PSA_DONE except it does nothing under the same conditions as
434 * #AES_PSA_INIT.
435 */
436#if defined(MBEDTLS_AES_C)
437#define AES_PSA_INIT() ((void) 0)
438#define AES_PSA_DONE() ((void) 0)
439#else /* MBEDTLS_AES_C */
440#define AES_PSA_INIT() PSA_INIT()
441#define AES_PSA_DONE() PSA_DONE()
442#endif /* MBEDTLS_AES_C */
443
Gilles Peskine1838e822019-06-20 12:40:56 +0200444#endif /* PSA_CRYPTO_HELPERS_H */