From 6bb0894c473b3571628ed9d6416f4854ad80416c Mon Sep 17 00:00:00 2001
From: Oren Cohen <oren.cohen@arm.com>
Date: Wed, 13 Feb 2019 14:20:55 +0200
Subject: [PATCH 1/2] Refactor psa entropy inject test

Replace TEST_ASSERT with more specific assertions
---
 TESTS/psa/entropy_inject/main.cpp | 50 +++++++++++++++++++++----------
 1 file changed, 35 insertions(+), 15 deletions(-)

diff --git a/TESTS/psa/entropy_inject/main.cpp b/TESTS/psa/entropy_inject/main.cpp
index 314b3e5d92e..b6f155d9abb 100644
--- a/TESTS/psa/entropy_inject/main.cpp
+++ b/TESTS/psa/entropy_inject/main.cpp
@@ -27,7 +27,7 @@
 #include "psa/lifecycle.h"
 #include "entropy.h"
 #include "entropy_poll.h"
-#include "crypto.h"
+#include "psa/crypto.h"
 
 /* MAX value support macro */
 #if !defined(MAX)
@@ -51,13 +51,21 @@ void validate_entropy_seed_injection(int seed_length_a,
     psa_status_t status;
     uint8_t output[32] = { 0 };
     uint8_t zeros[32] = { 0 };
+    int memcmp_res = 0;
     status = mbedtls_psa_inject_entropy(seed, seed_length_a);
-    TEST_ASSERT(status == expected_status_a);
+    TEST_ASSERT_EQUAL_INT(expected_status_a, status);
+
     status = mbedtls_psa_inject_entropy(seed, seed_length_b);
-    TEST_ASSERT(status == expected_status_b);
-    TEST_ASSERT(psa_crypto_init() == PSA_SUCCESS);
-    TEST_ASSERT(psa_generate_random(output, sizeof(output)) == PSA_SUCCESS);
-    TEST_ASSERT(memcmp(output, zeros, sizeof(output)) != 0);
+    TEST_ASSERT_EQUAL_INT(expected_status_b, status);
+
+    status = psa_crypto_init();
+    TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
+
+    status = psa_generate_random(output, sizeof(output));
+    TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
+
+    memcmp_res = memcmp(output, zeros, sizeof(output));
+    TEST_ASSERT_NOT_EQUAL(0, memcmp_res);
 }
 
 void run_entropy_inject_with_crypto_init()
@@ -65,17 +73,21 @@ void run_entropy_inject_with_crypto_init()
     psa_its_status_t its_status;
     psa_status_t status;
     status = psa_crypto_init();
-    TEST_ASSERT(status == PSA_ERROR_INSUFFICIENT_ENTROPY);
+    TEST_ASSERT_EQUAL_INT(PSA_ERROR_INSUFFICIENT_ENTROPY, status);
+
     status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
-    TEST_ASSERT(status == PSA_SUCCESS);
+    TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
+
     status = psa_crypto_init();
-    TEST_ASSERT(status == PSA_SUCCESS);
+    TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
+
     status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
-    TEST_ASSERT(status == PSA_ERROR_NOT_PERMITTED);
+    TEST_ASSERT_EQUAL_INT(PSA_ERROR_NOT_PERMITTED, status);
+
     mbedtls_psa_crypto_free();
     /* The seed is written by nv_seed callback functions therefore the injection will fail */
     status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
-    TEST_ASSERT(status == PSA_ERROR_NOT_PERMITTED);
+    TEST_ASSERT_EQUAL_INT(PSA_ERROR_NOT_PERMITTED, status);
 }
 
 
@@ -100,25 +112,33 @@ utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
 static void injection_small_good()
 {
     TEST_SKIP_UNLESS(!skip_tests);
-    validate_entropy_seed_injection(MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_ERROR_NOT_PERMITTED);
+    validate_entropy_seed_injection(
+        MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS,
+        MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_ERROR_NOT_PERMITTED);
 }
 
 static void injection_big_good()
 {
     TEST_SKIP_UNLESS(!skip_tests);
-    validate_entropy_seed_injection(MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_SUCCESS, MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_ERROR_NOT_PERMITTED);
+    validate_entropy_seed_injection(
+        MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_SUCCESS,
+        MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_ERROR_NOT_PERMITTED);
 }
 
 static void injection_too_small()
 {
     TEST_SKIP_UNLESS(!skip_tests);
-    validate_entropy_seed_injection((MBEDTLS_ENTROPY_MIN_PLATFORM - 1), PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS);
+    validate_entropy_seed_injection(
+        (MBEDTLS_ENTROPY_MIN_PLATFORM - 1), PSA_ERROR_INVALID_ARGUMENT,
+        MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS);
 }
 
 static void injection_too_big()
 {
     TEST_SKIP_UNLESS(!skip_tests);
-    validate_entropy_seed_injection((MBEDTLS_ENTROPY_MAX_SEED_SIZE + 1), PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_SUCCESS);
+    validate_entropy_seed_injection(
+        (MBEDTLS_ENTROPY_MAX_SEED_SIZE + 1), PSA_ERROR_INVALID_ARGUMENT,
+        MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_SUCCESS);
 }
 
 static void injection_and_init_deinit()

From eb48d3cbeb251229f39b1bc01cc944bd18d6b4f3 Mon Sep 17 00:00:00 2001
From: Oren Cohen <oren.cohen@arm.com>
Date: Wed, 13 Feb 2019 14:21:17 +0200
Subject: [PATCH 2/2] Clear ITS environment in psa entropy tests

mbed_psa_reboot_and_request_new_security_state() API replaced its_reset() which is now a secure API only

This change is necessary for a clean environment for the test
---
 TESTS/psa/entropy_inject/main.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/TESTS/psa/entropy_inject/main.cpp b/TESTS/psa/entropy_inject/main.cpp
index b6f155d9abb..080d6e49133 100644
--- a/TESTS/psa/entropy_inject/main.cpp
+++ b/TESTS/psa/entropy_inject/main.cpp
@@ -102,6 +102,9 @@ utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
         seed[i] = i;
     }
 
+    psa_status_t status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
+
     if (mbedtls_psa_inject_entropy(seed, MBEDTLS_ENTROPY_MAX_SEED_SIZE) == PSA_ERROR_NOT_SUPPORTED) {
         skip_tests = true;
     }