Make library init and deinit more robust to errors

Allow mbedtls_psa_crypto_free to be called twice, or without a prior
call to psa_crypto_init. Keep track of the initialization state more
precisely in psa_crypto_init so that mbedtls_psa_crypto_free knows
what to do.

tests/suites/test_suite_psa_crypto_init.data

@@ -1,6 +1,12 @@
 PSA init/deinit
 init_deinit:2
 
+PSA deinit without init
+deinit_without_init:0
+
+PSA deinit twice
+deinit_without_init:1
+
 No random without init
 validate_module_init_generate_random:0
 

tests/suites/test_suite_psa_crypto_init.function

@@ -29,6 +29,19 @@ void init_deinit( int count )
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void deinit_without_init( int count )
+{
+    int i;
+    for( i = 0; i < count; i++ )
+    {
+        TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+        mbedtls_psa_crypto_free( );
+    }
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void validate_module_init_generate_random( int count )
 {