Improve nonce length checks
Add the missing nonce length checks (this function is being used by
oneshot functions as well as multipart, and thus all cipher suites are
being used) and cover the case where a NULL buffer gets passed in.
Extended the set nonce test to cover this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b8023ee..58e4387 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3771,6 +3771,7 @@
void aead_multipart_set_nonce( int key_type_arg, data_t *key_data,
int alg_arg,
int nonce_len,
+ int allow_null_nonce_buffer,
data_t *additional_data,
data_t *input_data,
int expected_status_arg )
@@ -3829,11 +3830,22 @@
PSA_ASSERT( status );
- ASSERT_ALLOC( nonce_buffer, nonce_len );
-
- for( index = 0; index < nonce_len - 1; ++index)
+ if( nonce_len == 0 )
{
- nonce_buffer[index] = 'a' + index;
+ if( !allow_null_nonce_buffer )
+ {
+ /* Arbitrary size buffer, to test zero length valid buffer. */
+ ASSERT_ALLOC( nonce_buffer, 4 );
+ }
+ }
+ else
+ {
+ ASSERT_ALLOC( nonce_buffer, nonce_len );
+
+ for( index = 0; index < nonce_len - 1; ++index)
+ {
+ nonce_buffer[index] = 'a' + index;
+ }
}
status = psa_aead_set_nonce( &operation, nonce_buffer, nonce_len );