lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Generate poisoning wrappers for AEAD

Browse Source 
Modify wrapper generation script to generate poisoning calls and
regenerate wrappers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit is contained in:
David Horstmann
2024-01-22 14:36:01 +00:00
parent 6baf6e9a06
commit 436b2ef633
2 changed files with 26 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tests/scripts/generate_psa_wrappers.py
View File

@ -150,7 +150,8 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
_buffer_name: Optional[str]) -> bool: _buffer_name: Optional[str]) -> bool:
"""Whether the specified buffer argument to a PSA function should be copied. """Whether the specified buffer argument to a PSA function should be copied.
""" """
# Proof-of-concept: just instrument one function for now if function_name.startswith('psa_aead'):
return True
if function_name == 'psa_cipher_encrypt': if function_name == 'psa_cipher_encrypt':
return True return True
return False return False

24
tests/src/psa_test_wrappers.c
View File

@ -66,7 +66,19 @@ psa_status_t mbedtls_test_wrap_psa_aead_decrypt(
size_t arg9_plaintext_size, size_t arg9_plaintext_size,
size_t *arg10_plaintext_length) size_t *arg10_plaintext_length)
{ {
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length);
MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length);
MBEDTLS_TEST_MEMORY_POISON(arg6_ciphertext, arg7_ciphertext_length);
MBEDTLS_TEST_MEMORY_POISON(arg8_plaintext, arg9_plaintext_size);
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_aead_decrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length); psa_status_t status = (psa_aead_decrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length);
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length);
MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length);
MBEDTLS_TEST_MEMORY_UNPOISON(arg6_ciphertext, arg7_ciphertext_length);
MBEDTLS_TEST_MEMORY_UNPOISON(arg8_plaintext, arg9_plaintext_size);
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status; return status;
} }
@ -84,7 +96,19 @@ psa_status_t mbedtls_test_wrap_psa_aead_encrypt(
size_t arg9_ciphertext_size, size_t arg9_ciphertext_size,
size_t *arg10_ciphertext_length) size_t *arg10_ciphertext_length)
{ {
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length);
MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length);
MBEDTLS_TEST_MEMORY_POISON(arg6_plaintext, arg7_plaintext_length);
MBEDTLS_TEST_MEMORY_POISON(arg8_ciphertext, arg9_ciphertext_size);
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_aead_encrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length); psa_status_t status = (psa_aead_encrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length);
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length);
MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length);
MBEDTLS_TEST_MEMORY_UNPOISON(arg6_plaintext, arg7_plaintext_length);
MBEDTLS_TEST_MEMORY_UNPOISON(arg8_ciphertext, arg9_ciphertext_size);
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status; return status;
} }