yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 22:15:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

test: psa driver wrapper: Add non regression test for psa_cipher_encrypt()

Browse Source 
Add non regression test for invalid usage of
the output buffer in psa_cipher_encrypt().
The output buffer should not be used to pass
the IV to the driver as a local attacker could
be able to control the used IV.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-07-09 18:20:46 +02:00
parent 3563210c10
commit 732a6e250d
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
tests/suites/test_suite_psa_crypto_driver_wrappers.function
View File

@ -885,11 +885,24 @@ void cipher_entry_points( int alg_arg, int key_type_arg,
mbedtls_test_driver_cipher_hooks.hits = 0;
mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
/* Set the output buffer in a given state. */
for( size_t i = 0; i < output_buffer_size; i++ )
output[i] = 0xa5;
status = psa_cipher_encrypt(
key, alg, input->x, input->len,
output, output_buffer_size, &function_output_length );
TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, PSA_ERROR_GENERIC_ERROR );
/*
* Check that the output buffer is still in the same state.
* This will fail if the output buffer is used by the core to pass the IV
* it generated to the driver (and is not restored).
*/
for( size_t i = 0; i < output_buffer_size; i++ )
{
TEST_EQUAL( output[i], 0xa5 );
}
mbedtls_test_driver_cipher_hooks.hits = 0;
/* Test setup call, encrypt */