From 324f7de1ddf7478bff540b896b993613435d4098 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Thu, 18 Jan 2024 13:18:58 +0000
Subject: [PATCH 01/10] Implement safe buffer copying in MAC API

Use buffer local copy macros to implement safe
copy mechanism in MAC API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 library/psa_crypto.c | 57 ++++++++++++++++++++++++++++++++++----------
 1 file changed, 45 insertions(+), 12 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cff9ccaf2b..2a52daaeda 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2606,35 +2606,45 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
 }
 
 psa_status_t psa_mac_update(psa_mac_operation_t *operation,
-                            const uint8_t *input,
+                            const uint8_t *input_external,
                             size_t input_length)
 {
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    LOCAL_INPUT_DECLARE(input_external, input);
+
     if (operation->id == 0) {
-        return PSA_ERROR_BAD_STATE;
+        status = PSA_ERROR_BAD_STATE;
+        return status;
     }
 
     /* Don't require hash implementations to behave correctly on a
      * zero-length input, which may have an invalid pointer. */
     if (input_length == 0) {
-        return PSA_SUCCESS;
+        status = PSA_SUCCESS;
+        return status;
     }
 
-    psa_status_t status = psa_driver_wrapper_mac_update(operation,
-                                                        input, input_length);
+    LOCAL_INPUT_ALLOC(input_external, input_length, input);
+    status = psa_driver_wrapper_mac_update(operation, input, input_length);
+
     if (status != PSA_SUCCESS) {
         psa_mac_abort(operation);
     }
 
+exit:
+    LOCAL_INPUT_FREE(input_external, input);
+
     return status;
 }
 
 psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
-                                 uint8_t *mac,
+                                 uint8_t *mac_external,
                                  size_t mac_size,
                                  size_t *mac_length)
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
+    LOCAL_OUTPUT_DECLARE(mac_external, mac);
 
     if (operation->id == 0) {
         status = PSA_ERROR_BAD_STATE;
@@ -2658,6 +2668,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
         goto exit;
     }
 
+    LOCAL_OUTPUT_ALLOC(mac_external, mac_size, mac);
     status = psa_driver_wrapper_mac_sign_finish(operation,
                                                 mac, operation->mac_size,
                                                 mac_length);
@@ -2680,16 +2691,18 @@ exit:
     }
 
     abort_status = psa_mac_abort(operation);
+    LOCAL_OUTPUT_FREE(mac_external, mac);
 
     return status == PSA_SUCCESS ? abort_status : status;
 }
 
 psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
-                                   const uint8_t *mac,
+                                   const uint8_t *mac_external,
                                    size_t mac_length)
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
+    LOCAL_INPUT_DECLARE(mac_external, mac);
 
     if (operation->id == 0) {
         status = PSA_ERROR_BAD_STATE;
@@ -2706,11 +2719,13 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
         goto exit;
     }
 
+    LOCAL_INPUT_ALLOC(mac_external, mac_length, mac);
     status = psa_driver_wrapper_mac_verify_finish(operation,
                                                   mac, mac_length);
 
 exit:
     abort_status = psa_mac_abort(operation);
+    LOCAL_INPUT_FREE(mac_external, mac);
 
     return status == PSA_SUCCESS ? abort_status : status;
 }
@@ -2783,28 +2798,42 @@ exit:
 
 psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key,
                              psa_algorithm_t alg,
-                             const uint8_t *input,
+                             const uint8_t *input_external,
                              size_t input_length,
-                             uint8_t *mac,
+                             uint8_t *mac_external,
                              size_t mac_size,
                              size_t *mac_length)
 {
-    return psa_mac_compute_internal(key, alg,
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    LOCAL_INPUT_DECLARE(input_external, input);
+    LOCAL_OUTPUT_DECLARE(mac_external, mac);
+
+    LOCAL_INPUT_ALLOC(input_external, input_length, input);
+    LOCAL_OUTPUT_ALLOC(mac_external, mac_size, mac);
+    status = psa_mac_compute_internal(key, alg,
                                     input, input_length,
                                     mac, mac_size, mac_length, 1);
+exit:
+    LOCAL_INPUT_FREE(input_external, input);
+    LOCAL_OUTPUT_FREE(mac_external, mac);
+
+    return status;
 }
 
 psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key,
                             psa_algorithm_t alg,
-                            const uint8_t *input,
+                            const uint8_t *input_external,
                             size_t input_length,
-                            const uint8_t *mac,
+                            const uint8_t *mac_external,
                             size_t mac_length)
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     uint8_t actual_mac[PSA_MAC_MAX_SIZE];
     size_t actual_mac_length;
+    LOCAL_INPUT_DECLARE(input_external, input);
+    LOCAL_INPUT_DECLARE(mac_external, mac);
 
+    LOCAL_INPUT_ALLOC(input_external, input_length, input);
     status = psa_mac_compute_internal(key, alg,
                                       input, input_length,
                                       actual_mac, sizeof(actual_mac),
@@ -2817,6 +2846,8 @@ psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key,
         status = PSA_ERROR_INVALID_SIGNATURE;
         goto exit;
     }
+
+    LOCAL_INPUT_ALLOC(mac_external, mac_length, mac);
     if (mbedtls_psa_safer_memcmp(mac, actual_mac, actual_mac_length) != 0) {
         status = PSA_ERROR_INVALID_SIGNATURE;
         goto exit;
@@ -2824,6 +2855,8 @@ psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key,
 
 exit:
     mbedtls_platform_zeroize(actual_mac, sizeof(actual_mac));
+    LOCAL_INPUT_FREE(input_external, input);
+    LOCAL_INPUT_FREE(mac_external, mac);
 
     return status;
 }

From 6b915036021f324869b645b73df83b29c5f0a681 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 30 Jan 2024 12:07:38 +0000
Subject: [PATCH 02/10] Generate test wrappers for MAC functions

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 tests/scripts/generate_psa_wrappers.py |  6 +++++
 tests/src/psa_test_wrappers.c          | 34 ++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index d7970c0e37..193132562c 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -162,6 +162,12 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
                              'psa_sign_hash',
                              'psa_verify_hash'):
             return True
+        if function_name in ('psa_mac_update',
+                             'psa_mac_sign_finish',
+                             'psa_mac_verify_finish',
+                             'psa_mac_compute',
+                             'psa_mac_verify'):
+            return True
         return False
 
     def _write_function_call(self, out: typing_util.Writable,
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index c074e8d7cc..d229e28f7e 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c
@@ -520,7 +520,15 @@ psa_status_t mbedtls_test_wrap_psa_mac_compute(
     size_t arg5_mac_size,
     size_t *arg6_mac_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_POISON(arg4_mac, arg5_mac_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_mac_compute)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg4_mac, arg5_mac_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 
@@ -531,7 +539,13 @@ psa_status_t mbedtls_test_wrap_psa_mac_sign_finish(
     size_t arg2_mac_size,
     size_t *arg3_mac_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg1_mac, arg2_mac_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_mac_sign_finish)(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg1_mac, arg2_mac_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 
@@ -551,7 +565,13 @@ psa_status_t mbedtls_test_wrap_psa_mac_update(
     const uint8_t *arg1_input,
     size_t arg2_input_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_mac_update)(arg0_operation, arg1_input, arg2_input_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 
@@ -564,7 +584,15 @@ psa_status_t mbedtls_test_wrap_psa_mac_verify(
     const uint8_t *arg4_mac,
     size_t arg5_mac_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_POISON(arg4_mac, arg5_mac_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_mac_verify)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg4_mac, arg5_mac_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 
@@ -574,7 +602,13 @@ psa_status_t mbedtls_test_wrap_psa_mac_verify_finish(
     const uint8_t *arg1_mac,
     size_t arg2_mac_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg1_mac, arg2_mac_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_mac_verify_finish)(arg0_operation, arg1_mac, arg2_mac_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg1_mac, arg2_mac_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 

From 2bb3a1fa253dae68550e178ca0a08752583ab0cd Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 30 Jan 2024 12:12:56 +0000
Subject: [PATCH 03/10] Conditionally include exit label

...on functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 library/psa_crypto.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2a52daaeda..183b4a1c8d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2631,7 +2631,9 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
         psa_mac_abort(operation);
     }
 
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
 exit:
+#endif
     LOCAL_INPUT_FREE(input_external, input);
 
     return status;
@@ -2813,7 +2815,10 @@ psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key,
     status = psa_mac_compute_internal(key, alg,
                                     input, input_length,
                                     mac, mac_size, mac_length, 1);
+
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
 exit:
+#endif
     LOCAL_INPUT_FREE(input_external, input);
     LOCAL_OUTPUT_FREE(mac_external, mac);
 

From f298f657c4f8e5b3031d127c92a713467943984b Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 30 Jan 2024 12:15:36 +0000
Subject: [PATCH 04/10] Fix code style

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 library/psa_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 183b4a1c8d..b478341f41 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2813,8 +2813,8 @@ psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key,
     LOCAL_INPUT_ALLOC(input_external, input_length, input);
     LOCAL_OUTPUT_ALLOC(mac_external, mac_size, mac);
     status = psa_mac_compute_internal(key, alg,
-                                    input, input_length,
-                                    mac, mac_size, mac_length, 1);
+                                      input, input_length,
+                                      mac, mac_size, mac_length, 1);
 
 #if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
 exit:

From 301491d70c7f9916cf930f8021bd12811a9129c0 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Thu, 1 Feb 2024 14:32:59 +0000
Subject: [PATCH 05/10] Modify allocation in sign_finish

Allocate immediately after declaration.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b478341f41..b6989127d4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2647,6 +2647,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
     LOCAL_OUTPUT_DECLARE(mac_external, mac);
+    LOCAL_OUTPUT_ALLOC(mac_external, mac_size, mac);
 
     if (operation->id == 0) {
         status = PSA_ERROR_BAD_STATE;
@@ -2670,7 +2671,6 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
         goto exit;
     }
 
-    LOCAL_OUTPUT_ALLOC(mac_external, mac_size, mac);
     status = psa_driver_wrapper_mac_sign_finish(operation,
                                                 mac, operation->mac_size,
                                                 mac_length);

From 480347d682bb31bd75e1fbf6ab00c7a5707fdfa1 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Thu, 1 Feb 2024 19:00:26 +0000
Subject: [PATCH 06/10] Add mac not NULL check before calling memset

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b6989127d4..90909243ca 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2687,7 +2687,7 @@ exit:
         operation->mac_size = 0;
     }
 
-    if (mac_size > operation->mac_size) {
+    if ((mac != NULL) && (mac_size > operation->mac_size)) {
         memset(&mac[operation->mac_size], '!',
                mac_size - operation->mac_size);
     }

From 1a6137bbac3163e680f775a77495bc35db90ea13 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Fri, 19 Jan 2024 10:26:26 +0000
Subject: [PATCH 07/10] Implement safe buffer copying in asymm. encryption

Use local copy buffer macros to implement safe
copy mechanism in asymmetric encryption API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 library/psa_crypto.c | 33 ++++++++++++++++++++++++++-------
 1 file changed, 26 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cff9ccaf2b..00f99332da 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3262,17 +3262,20 @@ static void psa_rsa_oaep_set_padding_mode(psa_algorithm_t alg,
 
 psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
                                     psa_algorithm_t alg,
-                                    const uint8_t *input,
+                                    const uint8_t *input_external,
                                     size_t input_length,
-                                    const uint8_t *salt,
+                                    const uint8_t *salt_external,
                                     size_t salt_length,
-                                    uint8_t *output,
+                                    uint8_t *output_external,
                                     size_t output_size,
                                     size_t *output_length)
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_key_slot_t *slot;
+    LOCAL_INPUT_DECLARE(input_external, input);
+    LOCAL_INPUT_DECLARE(salt_external, salt);
+    LOCAL_OUTPUT_DECLARE(output_external, output);
 
     (void) input;
     (void) input_length;
@@ -3315,6 +3318,9 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
         }
 #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
         * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
+        LOCAL_INPUT_ALLOC(input_external, input_length, input);
+        LOCAL_INPUT_ALLOC(salt_external, salt_length, salt);
+        LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
         if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) {
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
             status = mbedtls_to_psa_error(
@@ -3365,22 +3371,29 @@ rsa_exit:
 exit:
     unlock_status = psa_unlock_key_slot(slot);
 
+    LOCAL_INPUT_FREE(input_external, input);
+    LOCAL_INPUT_FREE(salt_external, salt);
+    LOCAL_OUTPUT_FREE(output_external, output);
+
     return (status == PSA_SUCCESS) ? unlock_status : status;
 }
 
 psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
                                     psa_algorithm_t alg,
-                                    const uint8_t *input,
+                                    const uint8_t *input_external,
                                     size_t input_length,
-                                    const uint8_t *salt,
+                                    const uint8_t *salt_external,
                                     size_t salt_length,
-                                    uint8_t *output,
+                                    uint8_t *output_external,
                                     size_t output_size,
                                     size_t *output_length)
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_key_slot_t *slot;
+    LOCAL_INPUT_DECLARE(input_external, input);
+    LOCAL_INPUT_DECLARE(salt_external, salt);
+    LOCAL_OUTPUT_DECLARE(output_external, output);
 
     (void) input;
     (void) input_length;
@@ -3422,7 +3435,9 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
         }
 #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
         * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
-
+        LOCAL_INPUT_ALLOC(input_external, input_length, input);
+        LOCAL_INPUT_ALLOC(salt_external, salt_length, salt);
+        LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
         if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) {
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
             status = mbedtls_to_psa_error(
@@ -3472,6 +3487,10 @@ rsa_exit:
 exit:
     unlock_status = psa_unlock_key_slot(slot);
 
+    LOCAL_INPUT_FREE(input_external, input);
+    LOCAL_INPUT_FREE(salt_external, salt);
+    LOCAL_OUTPUT_FREE(output_external, output);
+
     return (status == PSA_SUCCESS) ? unlock_status : status;
 }
 

From d8adccf45dbc72b9f1fdc616064b455c4af7d4ad Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 30 Jan 2024 14:41:05 +0000
Subject: [PATCH 08/10] Generate test wrappers

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 tests/scripts/generate_psa_wrappers.py |  3 +++
 tests/src/psa_test_wrappers.c          | 10 ++++++++++
 2 files changed, 13 insertions(+)

diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index d7970c0e37..74aec31f09 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -162,6 +162,9 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
                              'psa_sign_hash',
                              'psa_verify_hash'):
             return True
+        if function_name in ('psa_asymmetric_encrypt',
+                             'pas_asymmetric_decrypt'):
+            return True
         return False
 
     def _write_function_call(self, out: typing_util.Writable,
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index c074e8d7cc..fdfd6d138d 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c
@@ -116,7 +116,17 @@ psa_status_t mbedtls_test_wrap_psa_asymmetric_encrypt(
     size_t arg7_output_size,
     size_t *arg8_output_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length);
+    MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_asymmetric_encrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length);
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 

From 2b614f9dad78a081fb1b467ac7abc5ee0b4f6dfd Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Wed, 31 Jan 2024 16:57:30 +0000
Subject: [PATCH 09/10] Generate all test wrappers

One was missed due to typo

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 tests/scripts/generate_psa_wrappers.py |  2 +-
 tests/src/psa_test_wrappers.c          | 10 ++++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index 74aec31f09..74b8555931 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -163,7 +163,7 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
                              'psa_verify_hash'):
             return True
         if function_name in ('psa_asymmetric_encrypt',
-                             'pas_asymmetric_decrypt'):
+                             'psa_asymmetric_decrypt'):
             return True
         return False
 
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index fdfd6d138d..f944a2d544 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c
@@ -100,7 +100,17 @@ psa_status_t mbedtls_test_wrap_psa_asymmetric_decrypt(
     size_t arg7_output_size,
     size_t *arg8_output_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length);
+    MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_asymmetric_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length);
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 

From be060f1e85b3b710c9d1019e9ee0a8c180d37d51 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Mon, 26 Feb 2024 13:55:42 +0000
Subject: [PATCH 10/10] Suppress pylint

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 tests/scripts/generate_psa_wrappers.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index d088288832..e3842bfb06 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -150,6 +150,7 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
                                     _buffer_name: Optional[str]) -> bool:
         """Whether the specified buffer argument to a PSA function should be copied.
         """
+        #pylint: disable=too-many-return-statements
         if function_name.startswith('psa_aead'):
             return True
         if function_name == 'psa_cipher_encrypt':