crypto init with multiple client guard & tests

Netanel Gonen · Netanel Gonen · commit e1e77b97c1f4 · 2018-11-25T18:00:05.000+02:00
diff --git a/TESTS/psa/crypto_init/main.cpp b/TESTS/psa/crypto_init/main.cpp
@@ -0,0 +1,104 @@
+/*
+* Copyright (c) 2018 ARM Limited. All rights reserved.
+*
+* SPDX-License-Identifier: Apache-2.0
+*
+* Licensed under the Apache License, Version 2.0 (the License); you may
+* not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an AS IS BASIS, WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+#include "greentea-client/test_env.h"
+#include "unity/unity.h"
+#include "utest/utest.h"
+#include "crypto.h"
+#include "entropy.h"
+#include "entropy_poll.h"
+
+#if (!defined(TARGET_PSA))
+#error [NOT_SUPPORTED] PSA entropy injection tests can run only on PSA-enabled targets.
+#endif // TARGET_PSA
+
+#define TEST_RANDOM_SIZE 64
+
+#if !defined(MAX)
+#define MAX(a,b) (((a)>(b))?(a):(b))
+#endif
+
+/* Calculating the minimum allowed entropy size in bytes */
+#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE \
+            MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
+
+using namespace utest::v1;
+
+utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
+{
+#ifndef NO_GREENTEA
+    GREENTEA_SETUP(60, "default_auto");
+#endif
+    return greentea_test_setup_handler(number_of_cases);
+}
+
+static void check_multi_crypto_init_deinit()
+{
+    uint8_t output[TEST_RANDOM_SIZE] = {0};
+    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = {0};
+    /* inject some a seed for test*/
+    for(int i; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i)
+        seed[i] = i;
+    /* don't really care if this succeed this is just to make crypto init pass*/
+    mbedtls_psa_inject_entropy( seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE );
+    psa_status_t status = psa_crypto_init();
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
+    status = psa_crypto_init();
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
+    status = psa_generate_random(output, sizeof(output));
+    TEST_ASSERT_NOT_EQUAL(PSA_ERROR_BAD_STATE, status);
+    mbedtls_psa_crypto_free();
+    status = psa_generate_random(output, sizeof(output));
+    TEST_ASSERT_NOT_EQUAL(PSA_ERROR_BAD_STATE, status);
+    mbedtls_psa_crypto_free();
+    status = psa_generate_random(output, sizeof(output));
+    TEST_ASSERT_EQUAL(PSA_ERROR_BAD_STATE, status);
+}
+
+static void check_crypto_init_deinit()
+{
+    psa_status_t status;
+    uint8_t output[TEST_RANDOM_SIZE] = {0};
+    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = {0};
+    /* inject some a seed for test*/
+    for(int i; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i)
+        seed[i] = i;
+    /* don't really care if this succeed this is just to make crypto init pass*/
+    mbedtls_psa_inject_entropy( seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE );
+    status = psa_generate_random(output, sizeof(output));
+    TEST_ASSERT_EQUAL(PSA_ERROR_BAD_STATE, status);
+    status = psa_crypto_init();
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
+    status = psa_generate_random(output, sizeof(output));
+    TEST_ASSERT_NOT_EQUAL(PSA_ERROR_BAD_STATE, status);
+    mbedtls_psa_crypto_free();
+    status = psa_generate_random(output, sizeof(output));
+    TEST_ASSERT_EQUAL(PSA_ERROR_BAD_STATE, status);
+}
+
+Case cases[] = {
+    Case("PSA crypto-init De-init", check_crypto_init_deinit),
+    Case("PSA crypto- multiple init De-init", check_multi_crypto_init_deinit),
+};
+
+Specification specification(greentea_test_setup, cases, greentea_test_teardown_handler);
+
+int main()
+{
+    return !Harness::run(specification);
+}
diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
@@ -16,6 +16,8 @@
 #define mbedtls_calloc calloc
 #define mbedtls_free   free
 #endif
+// ------------------------- Globals ---------------------------
+static psa_spm_init_refence_counter = 0;
 
 // ------------------------- Partition's Main Thread ---------------------------
 static void psa_crypto_init_operation( void )
@@ -36,6 +38,8 @@ static void psa_crypto_init_operation( void )
         case PSA_IPC_CALL:
         {
             status = psa_crypto_init();
+            if ( status == PSA_SUCCESS )
+                ++psa_spm_init_refence_counter;
             break;
         }
 
@@ -65,7 +69,12 @@ static void psa_crypto_free_operation( void )
 
         case PSA_IPC_CALL:
         {
-            mbedtls_psa_crypto_free();
+            /** perform crypto_free iff the number of init-s
+             * is equal to the number of free-s
+             */
+            --psa_spm_init_refence_counter;
+            if (!psa_spm_init_refence_counter)
+                mbedtls_psa_crypto_free();
             break;
         }
 
