TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f9c91a7fb5766cdb5b85a6dc3292c155e8309c26^! / . / tests / suites
commitf9c91a7fb5766cdb5b85a6dc3292c155e8309c26[log] [tgz]
authorPaul Elliott <paul.elliott@arm.com>Sun Feb 05 18:06:38 2023 +0000
committerPaul Elliott <paul.elliott@arm.com>Wed Feb 15 23:34:29 2023 +0000
tree49898140034cd0cabbeeda36b6be2b26fb51270d
parent0e9d6bd3f8041e86a77d3b592bc730e18ca37f93 [diff]
Store the hash, rather than the pointer

For sign and verify, the pointer passed in to the hash is not guaranteed to
remain valid inbetween calls, thus we need to store the hash in the
operation. Added a test to ensure this is the case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 7b9daae..f050abf 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function

@@ -7174,6 +7174,7 @@
     size_t signature_size;
     size_t signature_length = 0xdeadbeef;
     psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *input_buffer = NULL;
     psa_sign_hash_interruptible_operation_t sign_operation =
         psa_sign_hash_interruptible_operation_init();
     psa_verify_hash_interruptible_operation_t verify_operation =
@@ -7351,6 +7352,45 @@
 
     PSA_ASSERT(psa_sign_hash_abort(&sign_operation));
 
+    /* Trash the hash buffer in between start and complete, to ensure
+     * no reliance on external buffers. */
+    psa_interruptible_set_max_ops(PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED);
+
+    input_buffer = mbedtls_calloc(1, input_data->len);
+    TEST_ASSERT(input_buffer != NULL);
+
+    memcpy(input_buffer, input_data->x, input_data->len);
+
+    PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg,
+                                   input_buffer, input_data->len));
+
+    memset(input_buffer, '!', input_data->len);
+    mbedtls_free(input_buffer);
+    input_buffer = NULL;
+
+    PSA_ASSERT(psa_sign_hash_complete(&sign_operation, signature,
+                                      signature_size,
+                                      &signature_length));
+
+    PSA_ASSERT(psa_sign_hash_abort(&sign_operation));
+
+    input_buffer = mbedtls_calloc(1, input_data->len);
+    TEST_ASSERT(input_buffer != NULL);
+
+    memcpy(input_buffer, input_data->x, input_data->len);
+
+    PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg,
+                                     input_buffer, input_data->len,
+                                     signature, signature_length));
+
+    memset(input_buffer, '!', input_data->len);
+    mbedtls_free(input_buffer);
+    input_buffer = NULL;
+
+    PSA_ASSERT(psa_verify_hash_complete(&verify_operation));
+
+    PSA_ASSERT(psa_verify_hash_abort(&verify_operation));
+
 exit:
     /*
      * Key attributes may have been returned by psa_get_key_attributes()