mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 05:05:35 +00:00
Destroy recorded persistent keys in PSA_DONE()
This ensures that test cases won't leave persistent files behind even on failure, provided they use TEST_USES_KEY_ID(). Test cases that don't use this macro are unaffected. Tests that use PSA_DONE() midway and expect persistent keys to survive must use PSA_SESSION_DONE() instead. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
aae718caca
commit
65048ad648
|
@ -45,6 +45,9 @@ void mbedtls_test_psa_purge_key_storage( void );
|
|||
|
||||
/** Purge the in-memory cache of persistent keys recorded with
|
||||
* #TEST_USES_KEY_ID.
|
||||
*
|
||||
* Call this function before calling PSA_DONE() if it's ok for
|
||||
* persistent keys to still exist at this point.
|
||||
*/
|
||||
void mbedtls_test_psa_purge_key_cache( void );
|
||||
|
||||
|
@ -79,6 +82,8 @@ void mbedtls_test_psa_purge_key_cache( void );
|
|||
#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
|
||||
|
||||
#define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) )
|
||||
#define mbedtls_test_psa_purge_key_storage( ) ( (void) 0 )
|
||||
#define mbedtls_test_psa_purge_key_cache( ) ( (void) 0 )
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
|
||||
|
||||
|
@ -108,13 +113,36 @@ const char *mbedtls_test_helper_is_psa_leaking( void );
|
|||
} \
|
||||
while( 0 )
|
||||
|
||||
/** Shut down the PSA Crypto subsystem. Expect a clean shutdown, with no slots
|
||||
* in use.
|
||||
/** Shut down the PSA Crypto subsystem and destroy persistent keys.
|
||||
* Expect a clean shutdown, with no slots in use.
|
||||
*
|
||||
* If some key slots are still in use, record the test case as failed,
|
||||
* but continue executing. This macro is suitable (and primarily intended)
|
||||
* for use in the cleanup section of test functions.
|
||||
*
|
||||
* \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
|
||||
* creating them.
|
||||
*/
|
||||
#define PSA_DONE( ) \
|
||||
do \
|
||||
{ \
|
||||
test_fail_if_psa_leaking( __LINE__, __FILE__ ); \
|
||||
mbedtls_test_psa_purge_key_storage( ); \
|
||||
mbedtls_psa_crypto_free( ); \
|
||||
} \
|
||||
while( 0 )
|
||||
|
||||
/** Shut down the PSA Crypto subsystem, allowing persistent keys to survive.
|
||||
* Expect a clean shutdown, with no slots in use.
|
||||
*
|
||||
* If some key slots are still in use, record the test case as failed and
|
||||
* jump to the `exit` label.
|
||||
*/
|
||||
#define PSA_SESSION_DONE( ) \
|
||||
do \
|
||||
{ \
|
||||
mbedtls_test_psa_purge_key_cache( ); \
|
||||
ASSERT_PSA_PRISTINE( ); \
|
||||
mbedtls_psa_crypto_free( ); \
|
||||
} \
|
||||
while( 0 )
|
||||
|
|
|
@ -769,10 +769,10 @@ exit:
|
|||
|
||||
static void psa_purge_storage( void )
|
||||
{
|
||||
/* The generic code in mbedtls_test_psa_purge_key_storage()
|
||||
* (which is called by PSA_DONE()) doesn't take care of things that are
|
||||
* specific to dynamic secure elements. */
|
||||
psa_key_location_t location;
|
||||
|
||||
mbedtls_test_psa_purge_key_storage( );
|
||||
|
||||
/* Purge the transaction file. */
|
||||
psa_crypto_stop_transaction( );
|
||||
/* Purge driver persistent data. */
|
||||
|
@ -1496,7 +1496,7 @@ void register_key_smoke_test( int lifetime_arg,
|
|||
PSA_ASSERT( psa_purge_key( id ) );
|
||||
|
||||
/* Restart and try again. */
|
||||
PSA_DONE( );
|
||||
PSA_SESSION_DONE( );
|
||||
PSA_ASSERT( psa_register_se_driver( location, &driver ) );
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
if( ! check_key_attributes( id, &attributes ) )
|
||||
|
|
|
@ -86,8 +86,7 @@ static int invalidate_psa( invalidate_method_t invalidate_method )
|
|||
case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
|
||||
case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
|
||||
/* All keys must have been closed. */
|
||||
mbedtls_test_psa_purge_key_cache( );
|
||||
PSA_DONE( );
|
||||
PSA_SESSION_DONE( );
|
||||
break;
|
||||
case INVALIDATE_BY_SHUTDOWN:
|
||||
/* Some keys may remain behind, and we're testing that this
|
||||
|
@ -339,7 +338,6 @@ exit:
|
|||
psa_reset_key_attributes( &read_attributes );
|
||||
|
||||
PSA_DONE( );
|
||||
mbedtls_test_psa_purge_key_storage( );
|
||||
mbedtls_free( reexported );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
@ -413,7 +411,6 @@ exit:
|
|||
psa_reset_key_attributes( &attributes );
|
||||
|
||||
PSA_DONE( );
|
||||
mbedtls_test_psa_purge_key_storage( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
@ -472,9 +469,6 @@ void create_fail( int lifetime_arg, int id_arg,
|
|||
|
||||
exit:
|
||||
PSA_DONE( );
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
|
||||
mbedtls_test_psa_purge_key_storage( );
|
||||
#endif
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
@ -610,9 +604,6 @@ exit:
|
|||
|
||||
PSA_DONE( );
|
||||
mbedtls_free( export_buffer );
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
|
||||
mbedtls_test_psa_purge_key_storage( );
|
||||
#endif
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
@ -728,9 +719,6 @@ exit:
|
|||
|
||||
PSA_DONE( );
|
||||
mbedtls_free( export_buffer );
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
|
||||
mbedtls_test_psa_purge_key_storage( );
|
||||
#endif
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
|
Loading…
Reference in a new issue