mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-08-01 10:06:53 +03:00
Merge pull request #1132 from davidhorstmann-arm/copying-aead
Copy buffers in AEAD
This commit is contained in:
David Horstmann
GitHub
@ -4652,19 +4652,24 @@ static psa_status_t psa_aead_check_algorithm(psa_algorithm_t alg)
|
|||||||
|
|
||||||
psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
|
psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
|
||||||
psa_algorithm_t alg,
|
psa_algorithm_t alg,
|
||||||
const uint8_t *nonce,
|
const uint8_t *nonce_external,
|
||||||
size_t nonce_length,
|
size_t nonce_length,
|
||||||
const uint8_t *additional_data,
|
const uint8_t *additional_data_external,
|
||||||
size_t additional_data_length,
|
size_t additional_data_length,
|
||||||
const uint8_t *plaintext,
|
const uint8_t *plaintext_external,
|
||||||
size_t plaintext_length,
|
size_t plaintext_length,
|
||||||
uint8_t *ciphertext,
|
uint8_t *ciphertext_external,
|
||||||
size_t ciphertext_size,
|
size_t ciphertext_size,
|
||||||
size_t *ciphertext_length)
|
size_t *ciphertext_length)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
psa_key_slot_t *slot;
|
psa_key_slot_t *slot;
|
||||||
|
|
||||||
|
LOCAL_INPUT_DECLARE(nonce_external, nonce);
|
||||||
|
LOCAL_INPUT_DECLARE(additional_data_external, additional_data);
|
||||||
|
LOCAL_INPUT_DECLARE(plaintext_external, plaintext);
|
||||||
|
LOCAL_OUTPUT_DECLARE(ciphertext_external, ciphertext);
|
||||||
|
|
||||||
*ciphertext_length = 0;
|
*ciphertext_length = 0;
|
||||||
|
|
||||||
status = psa_aead_check_algorithm(alg);
|
status = psa_aead_check_algorithm(alg);
|
||||||
@ -4682,6 +4687,11 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
|
|||||||
.core = slot->attr
|
.core = slot->attr
|
||||||
};
|
};
|
||||||
|
|
||||||
|
LOCAL_INPUT_ALLOC(nonce_external, nonce_length, nonce);
|
||||||
|
LOCAL_INPUT_ALLOC(additional_data_external, additional_data_length, additional_data);
|
||||||
|
LOCAL_INPUT_ALLOC(plaintext_external, plaintext_length, plaintext);
|
||||||
|
LOCAL_OUTPUT_ALLOC(ciphertext_external, ciphertext_size, ciphertext);
|
||||||
|
|
||||||
status = psa_aead_check_nonce_length(alg, nonce_length);
|
status = psa_aead_check_nonce_length(alg, nonce_length);
|
||||||
if (status != PSA_SUCCESS) {
|
if (status != PSA_SUCCESS) {
|
||||||
goto exit;
|
goto exit;
|
||||||
@ -4700,6 +4710,11 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
|
|||||||
}
|
}
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
|
LOCAL_INPUT_FREE(nonce_external, nonce);
|
||||||
|
LOCAL_INPUT_FREE(additional_data_external, additional_data);
|
||||||
|
LOCAL_INPUT_FREE(plaintext_external, plaintext);
|
||||||
|
LOCAL_OUTPUT_FREE(ciphertext_external, ciphertext);
|
||||||
|
|
||||||
psa_unregister_read(slot);
|
psa_unregister_read(slot);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
@ -4707,19 +4722,24 @@ exit:
|
|||||||
|
|
||||||
psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
|
psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
|
||||||
psa_algorithm_t alg,
|
psa_algorithm_t alg,
|
||||||
const uint8_t *nonce,
|
const uint8_t *nonce_external,
|
||||||
size_t nonce_length,
|
size_t nonce_length,
|
||||||
const uint8_t *additional_data,
|
const uint8_t *additional_data_external,
|
||||||
size_t additional_data_length,
|
size_t additional_data_length,
|
||||||
const uint8_t *ciphertext,
|
const uint8_t *ciphertext_external,
|
||||||
size_t ciphertext_length,
|
size_t ciphertext_length,
|
||||||
uint8_t *plaintext,
|
uint8_t *plaintext_external,
|
||||||
size_t plaintext_size,
|
size_t plaintext_size,
|
||||||
size_t *plaintext_length)
|
size_t *plaintext_length)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
psa_key_slot_t *slot;
|
psa_key_slot_t *slot;
|
||||||
|
|
||||||
|
LOCAL_INPUT_DECLARE(nonce_external, nonce);
|
||||||
|
LOCAL_INPUT_DECLARE(additional_data_external, additional_data);
|
||||||
|
LOCAL_INPUT_DECLARE(ciphertext_external, ciphertext);
|
||||||
|
LOCAL_OUTPUT_DECLARE(plaintext_external, plaintext);
|
||||||
|
|
||||||
*plaintext_length = 0;
|
*plaintext_length = 0;
|
||||||
|
|
||||||
status = psa_aead_check_algorithm(alg);
|
status = psa_aead_check_algorithm(alg);
|
||||||
@ -4737,6 +4757,12 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
|
|||||||
.core = slot->attr
|
.core = slot->attr
|
||||||
};
|
};
|
||||||
|
|
||||||
|
LOCAL_INPUT_ALLOC(nonce_external, nonce_length, nonce);
|
||||||
|
LOCAL_INPUT_ALLOC(additional_data_external, additional_data_length,
|
||||||
|
additional_data);
|
||||||
|
LOCAL_INPUT_ALLOC(ciphertext_external, ciphertext_length, ciphertext);
|
||||||
|
LOCAL_OUTPUT_ALLOC(plaintext_external, plaintext_size, plaintext);
|
||||||
|
|
||||||
status = psa_aead_check_nonce_length(alg, nonce_length);
|
status = psa_aead_check_nonce_length(alg, nonce_length);
|
||||||
if (status != PSA_SUCCESS) {
|
if (status != PSA_SUCCESS) {
|
||||||
goto exit;
|
goto exit;
|
||||||
@ -4755,6 +4781,11 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
|
|||||||
}
|
}
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
|
LOCAL_INPUT_FREE(nonce_external, nonce);
|
||||||
|
LOCAL_INPUT_FREE(additional_data_external, additional_data);
|
||||||
|
LOCAL_INPUT_FREE(ciphertext_external, ciphertext);
|
||||||
|
LOCAL_OUTPUT_FREE(plaintext_external, plaintext);
|
||||||
|
|
||||||
psa_unregister_read(slot);
|
psa_unregister_read(slot);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
@ -4896,9 +4927,44 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
|
|||||||
return psa_aead_setup(operation, 0, key, alg);
|
return psa_aead_setup(operation, 0, key, alg);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static psa_status_t psa_aead_set_nonce_internal(psa_aead_operation_t *operation,
|
||||||
|
const uint8_t *nonce,
|
||||||
|
size_t nonce_length)
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
if (operation->id == 0) {
|
||||||
|
status = PSA_ERROR_BAD_STATE;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (operation->nonce_set) {
|
||||||
|
status = PSA_ERROR_BAD_STATE;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
status = psa_aead_check_nonce_length(operation->alg, nonce_length);
|
||||||
|
if (status != PSA_SUCCESS) {
|
||||||
|
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
status = psa_driver_wrapper_aead_set_nonce(operation, nonce,
|
||||||
|
nonce_length);
|
||||||
|
|
||||||
|
exit:
|
||||||
|
if (status == PSA_SUCCESS) {
|
||||||
|
operation->nonce_set = 1;
|
||||||
|
} else {
|
||||||
|
psa_aead_abort(operation);
|
||||||
|
}
|
||||||
|
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
/* Generate a random nonce / IV for multipart AEAD operation */
|
/* Generate a random nonce / IV for multipart AEAD operation */
|
||||||
psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
|
psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
|
||||||
uint8_t *nonce,
|
uint8_t *nonce_external,
|
||||||
size_t nonce_size,
|
size_t nonce_size,
|
||||||
size_t *nonce_length)
|
size_t *nonce_length)
|
||||||
{
|
{
|
||||||
@ -4906,6 +4972,9 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
|
|||||||
uint8_t local_nonce[PSA_AEAD_NONCE_MAX_SIZE];
|
uint8_t local_nonce[PSA_AEAD_NONCE_MAX_SIZE];
|
||||||
size_t required_nonce_size = 0;
|
size_t required_nonce_size = 0;
|
||||||
|
|
||||||
|
LOCAL_OUTPUT_DECLARE(nonce_external, nonce);
|
||||||
|
LOCAL_OUTPUT_ALLOC(nonce_external, nonce_size, nonce);
|
||||||
|
|
||||||
*nonce_length = 0;
|
*nonce_length = 0;
|
||||||
|
|
||||||
if (operation->id == 0) {
|
if (operation->id == 0) {
|
||||||
@ -4939,7 +5008,8 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
|
|||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
status = psa_aead_set_nonce(operation, local_nonce, required_nonce_size);
|
status = psa_aead_set_nonce_internal(operation, local_nonce,
|
||||||
|
required_nonce_size);
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
if (status == PSA_SUCCESS) {
|
if (status == PSA_SUCCESS) {
|
||||||
@ -4949,42 +5019,30 @@ exit:
|
|||||||
psa_aead_abort(operation);
|
psa_aead_abort(operation);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
LOCAL_OUTPUT_FREE(nonce_external, nonce);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Set the nonce for a multipart authenticated encryption or decryption
|
/* Set the nonce for a multipart authenticated encryption or decryption
|
||||||
operation.*/
|
operation.*/
|
||||||
psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
|
psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
|
||||||
const uint8_t *nonce,
|
const uint8_t *nonce_external,
|
||||||
size_t nonce_length)
|
size_t nonce_length)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status;
|
||||||
|
|
||||||
if (operation->id == 0) {
|
LOCAL_INPUT_DECLARE(nonce_external, nonce);
|
||||||
status = PSA_ERROR_BAD_STATE;
|
LOCAL_INPUT_ALLOC(nonce_external, nonce_length, nonce);
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (operation->nonce_set) {
|
status = psa_aead_set_nonce_internal(operation, nonce, nonce_length);
|
||||||
status = PSA_ERROR_BAD_STATE;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
status = psa_aead_check_nonce_length(operation->alg, nonce_length);
|
|
||||||
if (status != PSA_SUCCESS) {
|
|
||||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
status = psa_driver_wrapper_aead_set_nonce(operation, nonce,
|
|
||||||
nonce_length);
|
|
||||||
|
|
||||||
|
/* Exit label is only needed for buffer copying, prevent unused warnings. */
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
exit:
|
exit:
|
||||||
if (status == PSA_SUCCESS) {
|
#endif
|
||||||
operation->nonce_set = 1;
|
|
||||||
} else {
|
LOCAL_INPUT_FREE(nonce_external, nonce);
|
||||||
psa_aead_abort(operation);
|
|
||||||
}
|
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
@ -5056,11 +5114,14 @@ exit:
|
|||||||
|
|
||||||
/* Pass additional data to an active multipart AEAD operation. */
|
/* Pass additional data to an active multipart AEAD operation. */
|
||||||
psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
|
psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
|
||||||
const uint8_t *input,
|
const uint8_t *input_external,
|
||||||
size_t input_length)
|
size_t input_length)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
LOCAL_INPUT_DECLARE(input_external, input);
|
||||||
|
LOCAL_INPUT_ALLOC(input_external, input_length, input);
|
||||||
|
|
||||||
if (operation->id == 0) {
|
if (operation->id == 0) {
|
||||||
status = PSA_ERROR_BAD_STATE;
|
status = PSA_ERROR_BAD_STATE;
|
||||||
goto exit;
|
goto exit;
|
||||||
@ -5096,20 +5157,29 @@ exit:
|
|||||||
psa_aead_abort(operation);
|
psa_aead_abort(operation);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
LOCAL_INPUT_FREE(input_external, input);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Encrypt or decrypt a message fragment in an active multipart AEAD
|
/* Encrypt or decrypt a message fragment in an active multipart AEAD
|
||||||
operation.*/
|
operation.*/
|
||||||
psa_status_t psa_aead_update(psa_aead_operation_t *operation,
|
psa_status_t psa_aead_update(psa_aead_operation_t *operation,
|
||||||
const uint8_t *input,
|
const uint8_t *input_external,
|
||||||
size_t input_length,
|
size_t input_length,
|
||||||
uint8_t *output,
|
uint8_t *output_external,
|
||||||
size_t output_size,
|
size_t output_size,
|
||||||
size_t *output_length)
|
size_t *output_length)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
|
||||||
|
LOCAL_INPUT_DECLARE(input_external, input);
|
||||||
|
LOCAL_OUTPUT_DECLARE(output_external, output);
|
||||||
|
|
||||||
|
LOCAL_INPUT_ALLOC(input_external, input_length, input);
|
||||||
|
LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
|
||||||
|
|
||||||
*output_length = 0;
|
*output_length = 0;
|
||||||
|
|
||||||
if (operation->id == 0) {
|
if (operation->id == 0) {
|
||||||
@ -5156,6 +5226,9 @@ exit:
|
|||||||
psa_aead_abort(operation);
|
psa_aead_abort(operation);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
LOCAL_INPUT_FREE(input_external, input);
|
||||||
|
LOCAL_OUTPUT_FREE(output_external, output);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -5175,15 +5248,21 @@ static psa_status_t psa_aead_final_checks(const psa_aead_operation_t *operation)
|
|||||||
|
|
||||||
/* Finish encrypting a message in a multipart AEAD operation. */
|
/* Finish encrypting a message in a multipart AEAD operation. */
|
||||||
psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
|
psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
|
||||||
uint8_t *ciphertext,
|
uint8_t *ciphertext_external,
|
||||||
size_t ciphertext_size,
|
size_t ciphertext_size,
|
||||||
size_t *ciphertext_length,
|
size_t *ciphertext_length,
|
||||||
uint8_t *tag,
|
uint8_t *tag_external,
|
||||||
size_t tag_size,
|
size_t tag_size,
|
||||||
size_t *tag_length)
|
size_t *tag_length)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
LOCAL_OUTPUT_DECLARE(ciphertext_external, ciphertext);
|
||||||
|
LOCAL_OUTPUT_DECLARE(tag_external, tag);
|
||||||
|
|
||||||
|
LOCAL_OUTPUT_ALLOC(ciphertext_external, ciphertext_size, ciphertext);
|
||||||
|
LOCAL_OUTPUT_ALLOC(tag_external, tag_size, tag);
|
||||||
|
|
||||||
*ciphertext_length = 0;
|
*ciphertext_length = 0;
|
||||||
*tag_length = tag_size;
|
*tag_length = tag_size;
|
||||||
|
|
||||||
@ -5214,20 +5293,29 @@ exit:
|
|||||||
|
|
||||||
psa_aead_abort(operation);
|
psa_aead_abort(operation);
|
||||||
|
|
||||||
|
LOCAL_OUTPUT_FREE(ciphertext_external, ciphertext);
|
||||||
|
LOCAL_OUTPUT_FREE(tag_external, tag);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Finish authenticating and decrypting a message in a multipart AEAD
|
/* Finish authenticating and decrypting a message in a multipart AEAD
|
||||||
operation.*/
|
operation.*/
|
||||||
psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
|
psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
|
||||||
uint8_t *plaintext,
|
uint8_t *plaintext_external,
|
||||||
size_t plaintext_size,
|
size_t plaintext_size,
|
||||||
size_t *plaintext_length,
|
size_t *plaintext_length,
|
||||||
const uint8_t *tag,
|
const uint8_t *tag_external,
|
||||||
size_t tag_length)
|
size_t tag_length)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
LOCAL_OUTPUT_DECLARE(plaintext_external, plaintext);
|
||||||
|
LOCAL_INPUT_DECLARE(tag_external, tag);
|
||||||
|
|
||||||
|
LOCAL_OUTPUT_ALLOC(plaintext_external, plaintext_size, plaintext);
|
||||||
|
LOCAL_INPUT_ALLOC(tag_external, tag_length, tag);
|
||||||
|
|
||||||
*plaintext_length = 0;
|
*plaintext_length = 0;
|
||||||
|
|
||||||
status = psa_aead_final_checks(operation);
|
status = psa_aead_final_checks(operation);
|
||||||
@ -5248,6 +5336,9 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
|
|||||||
exit:
|
exit:
|
||||||
psa_aead_abort(operation);
|
psa_aead_abort(operation);
|
||||||
|
|
||||||
|
LOCAL_OUTPUT_FREE(plaintext_external, plaintext);
|
||||||
|
LOCAL_INPUT_FREE(tag_external, tag);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -142,7 +142,8 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
|
|||||||
_buffer_name: Optional[str]) -> bool:
|
_buffer_name: Optional[str]) -> bool:
|
||||||
"""Whether the specified buffer argument to a PSA function should be copied.
|
"""Whether the specified buffer argument to a PSA function should be copied.
|
||||||
"""
|
"""
|
||||||
# Proof-of-concept: just instrument one function for now
|
if function_name.startswith('psa_aead'):
|
||||||
|
return True
|
||||||
if function_name == 'psa_cipher_encrypt':
|
if function_name == 'psa_cipher_encrypt':
|
||||||
return True
|
return True
|
||||||
if function_name in ('psa_key_derivation_output_bytes',
|
if function_name in ('psa_key_derivation_output_bytes',
|
||||||
|
|||||||
@ -70,7 +70,19 @@ psa_status_t mbedtls_test_wrap_psa_aead_decrypt(
|
|||||||
size_t arg9_plaintext_size,
|
size_t arg9_plaintext_size,
|
||||||
size_t *arg10_plaintext_length)
|
size_t *arg10_plaintext_length)
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg6_ciphertext, arg7_ciphertext_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg8_plaintext, arg9_plaintext_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
psa_status_t status = (psa_aead_decrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length);
|
psa_status_t status = (psa_aead_decrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length);
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg6_ciphertext, arg7_ciphertext_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg8_plaintext, arg9_plaintext_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -98,7 +110,19 @@ psa_status_t mbedtls_test_wrap_psa_aead_encrypt(
|
|||||||
size_t arg9_ciphertext_size,
|
size_t arg9_ciphertext_size,
|
||||||
size_t *arg10_ciphertext_length)
|
size_t *arg10_ciphertext_length)
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg6_plaintext, arg7_plaintext_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg8_ciphertext, arg9_ciphertext_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
psa_status_t status = (psa_aead_encrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length);
|
psa_status_t status = (psa_aead_encrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length);
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg6_plaintext, arg7_plaintext_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg8_ciphertext, arg9_ciphertext_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -122,7 +146,15 @@ psa_status_t mbedtls_test_wrap_psa_aead_finish(
|
|||||||
size_t arg5_tag_size,
|
size_t arg5_tag_size,
|
||||||
size_t *arg6_tag_length)
|
size_t *arg6_tag_length)
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg1_ciphertext, arg2_ciphertext_size);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg4_tag, arg5_tag_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
psa_status_t status = (psa_aead_finish)(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length);
|
psa_status_t status = (psa_aead_finish)(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length);
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg1_ciphertext, arg2_ciphertext_size);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg4_tag, arg5_tag_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -133,7 +165,13 @@ psa_status_t mbedtls_test_wrap_psa_aead_generate_nonce(
|
|||||||
size_t arg2_nonce_size,
|
size_t arg2_nonce_size,
|
||||||
size_t *arg3_nonce_length)
|
size_t *arg3_nonce_length)
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg1_nonce, arg2_nonce_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
psa_status_t status = (psa_aead_generate_nonce)(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length);
|
psa_status_t status = (psa_aead_generate_nonce)(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length);
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg1_nonce, arg2_nonce_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -153,7 +191,13 @@ psa_status_t mbedtls_test_wrap_psa_aead_set_nonce(
|
|||||||
const uint8_t *arg1_nonce,
|
const uint8_t *arg1_nonce,
|
||||||
size_t arg2_nonce_length)
|
size_t arg2_nonce_length)
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg1_nonce, arg2_nonce_length);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
psa_status_t status = (psa_aead_set_nonce)(arg0_operation, arg1_nonce, arg2_nonce_length);
|
psa_status_t status = (psa_aead_set_nonce)(arg0_operation, arg1_nonce, arg2_nonce_length);
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg1_nonce, arg2_nonce_length);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -166,7 +210,15 @@ psa_status_t mbedtls_test_wrap_psa_aead_update(
|
|||||||
size_t arg4_output_size,
|
size_t arg4_output_size,
|
||||||
size_t *arg5_output_length)
|
size_t *arg5_output_length)
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
psa_status_t status = (psa_aead_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length);
|
psa_status_t status = (psa_aead_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length);
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -176,7 +228,13 @@ psa_status_t mbedtls_test_wrap_psa_aead_update_ad(
|
|||||||
const uint8_t *arg1_input,
|
const uint8_t *arg1_input,
|
||||||
size_t arg2_input_length)
|
size_t arg2_input_length)
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
psa_status_t status = (psa_aead_update_ad)(arg0_operation, arg1_input, arg2_input_length);
|
psa_status_t status = (psa_aead_update_ad)(arg0_operation, arg1_input, arg2_input_length);
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -189,7 +247,15 @@ psa_status_t mbedtls_test_wrap_psa_aead_verify(
|
|||||||
const uint8_t *arg4_tag,
|
const uint8_t *arg4_tag,
|
||||||
size_t arg5_tag_length)
|
size_t arg5_tag_length)
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg1_plaintext, arg2_plaintext_size);
|
||||||
|
MBEDTLS_TEST_MEMORY_POISON(arg4_tag, arg5_tag_length);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
psa_status_t status = (psa_aead_verify)(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length);
|
psa_status_t status = (psa_aead_verify)(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length);
|
||||||
|
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg1_plaintext, arg2_plaintext_size);
|
||||||
|
MBEDTLS_TEST_MEMORY_UNPOISON(arg4_tag, arg5_tag_length);
|
||||||
|
#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -5131,7 +5131,9 @@ void aead_multipart_generate_nonce(int key_type_arg, data_t *key_data,
|
|||||||
psa_key_type_t key_type = key_type_arg;
|
psa_key_type_t key_type = key_type_arg;
|
||||||
psa_algorithm_t alg = alg_arg;
|
psa_algorithm_t alg = alg_arg;
|
||||||
psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
|
psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
|
||||||
uint8_t nonce_buffer[PSA_AEAD_NONCE_MAX_SIZE];
|
/* Some tests try to get more than the maximum nonce length,
|
||||||
|
* so allocate double. */
|
||||||
|
uint8_t nonce_buffer[PSA_AEAD_NONCE_MAX_SIZE * 2];
|
||||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||||
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
|
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
|
||||||
psa_status_t expected_status = expected_status_arg;
|
psa_status_t expected_status = expected_status_arg;
|
||||||
|
|||||||
Reference in New Issue
Block a user