Add test wrapper functions for cipher buffer protection
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index 0918dcc..777f48b 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -145,7 +145,8 @@
#pylint: disable=too-many-return-statements
if function_name.startswith('psa_aead'):
return True
- if function_name == 'psa_cipher_encrypt':
+ if function_name in {'psa_cipher_encrypt', 'psa_cipher_decrypt',
+ 'psa_cipher_update', 'psa_cipher_finish'}:
return True
if function_name in ('psa_key_derivation_output_bytes',
'psa_key_derivation_input_bytes'):
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index 4824e38..5a7be9b 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c
@@ -309,7 +309,15 @@
size_t arg5_output_size,
size_t *arg6_output_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_cipher_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
@@ -362,7 +370,13 @@
size_t arg2_output_size,
size_t *arg3_output_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_output, arg2_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_cipher_finish)(arg0_operation, arg1_output, arg2_output_size, arg3_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_output, arg2_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
@@ -396,7 +410,15 @@
size_t arg4_output_size,
size_t *arg5_output_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_cipher_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}