test: psa driver wrapper: Add non regression test for psa_cipher_encrypt()

Add non regression test for invalid usage of
the output buffer in psa_cipher_encrypt().
The output buffer should not be used to pass
the IV to the driver as a local attacker could
be able to control the used IV.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-07-09 18:20:46 +02:00
parent 3563210c10
commit 732a6e250d

View file

@ -885,11 +885,24 @@ void cipher_entry_points( int alg_arg, int key_type_arg,
mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.hits = 0;
mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
/* Set the output buffer in a given state. */
for( size_t i = 0; i < output_buffer_size; i++ )
output[i] = 0xa5;
status = psa_cipher_encrypt( status = psa_cipher_encrypt(
key, alg, input->x, input->len, key, alg, input->x, input->len,
output, output_buffer_size, &function_output_length ); output, output_buffer_size, &function_output_length );
TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, PSA_ERROR_GENERIC_ERROR ); TEST_EQUAL( status, PSA_ERROR_GENERIC_ERROR );
/*
* Check that the output buffer is still in the same state.
* This will fail if the output buffer is used by the core to pass the IV
* it generated to the driver (and is not restored).
*/
for( size_t i = 0; i < output_buffer_size; i++ )
{
TEST_EQUAL( output[i], 0xa5 );
}
mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.hits = 0;
/* Test setup call, encrypt */ /* Test setup call, encrypt */