TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b8f97a1f3f79908240604d097c9e2e4e4b0f6887^! / . / tests
commitb8f97a1f3f79908240604d097c9e2e4e4b0f6887[log] [tgz]
authorGabor Mezei <gabor.mezei@arm.com>Wed Jan 24 16:58:40 2024 +0100
committerGabor Mezei <gabor.mezei@arm.com>Wed Feb 28 15:17:17 2024 +0000
tree8f9355c4e6238846895a536374040e76255dfe17
parent212eb088848e6bfc9bb1b8c8750cadf1c79c7b20 [diff]
Add test wrapper functions for cipher buffer protection

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index 0918dcc..777f48b 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py

@@ -145,7 +145,8 @@
         #pylint: disable=too-many-return-statements
         if function_name.startswith('psa_aead'):
             return True
-        if function_name == 'psa_cipher_encrypt':
+        if function_name in {'psa_cipher_encrypt', 'psa_cipher_decrypt',
+                             'psa_cipher_update', 'psa_cipher_finish'}:
             return True
         if function_name in ('psa_key_derivation_output_bytes',
                              'psa_key_derivation_input_bytes'):

diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index 4824e38..5a7be9b 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c

@@ -309,7 +309,15 @@
     size_t arg5_output_size,
     size_t *arg6_output_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_cipher_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 
@@ -362,7 +370,13 @@
     size_t arg2_output_size,
     size_t *arg3_output_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg1_output, arg2_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_cipher_finish)(arg0_operation, arg1_output, arg2_output_size, arg3_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg1_output, arg2_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 
@@ -396,7 +410,15 @@
     size_t arg4_output_size,
     size_t *arg5_output_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+    MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_cipher_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }