mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-26 01:45:28 +00:00
test: psa driver wrapper: Add non regression test for psa_cipher_encrypt()
Add non regression test for invalid usage of the output buffer in psa_cipher_encrypt(). The output buffer should not be used to pass the IV to the driver as a local attacker could be able to control the used IV. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
parent
3563210c10
commit
732a6e250d
|
@ -885,11 +885,24 @@ void cipher_entry_points( int alg_arg, int key_type_arg,
|
|||
mbedtls_test_driver_cipher_hooks.hits = 0;
|
||||
|
||||
mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
|
||||
/* Set the output buffer in a given state. */
|
||||
for( size_t i = 0; i < output_buffer_size; i++ )
|
||||
output[i] = 0xa5;
|
||||
|
||||
status = psa_cipher_encrypt(
|
||||
key, alg, input->x, input->len,
|
||||
output, output_buffer_size, &function_output_length );
|
||||
TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
|
||||
TEST_EQUAL( status, PSA_ERROR_GENERIC_ERROR );
|
||||
/*
|
||||
* Check that the output buffer is still in the same state.
|
||||
* This will fail if the output buffer is used by the core to pass the IV
|
||||
* it generated to the driver (and is not restored).
|
||||
*/
|
||||
for( size_t i = 0; i < output_buffer_size; i++ )
|
||||
{
|
||||
TEST_EQUAL( output[i], 0xa5 );
|
||||
}
|
||||
mbedtls_test_driver_cipher_hooks.hits = 0;
|
||||
|
||||
/* Test setup call, encrypt */
|
||||
|
|
Loading…
Reference in a new issue