From 2d75cd72da963075abe8c0ef3d4a895362ec2b9b Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 9 Jul 2021 14:43:26 +0200 Subject: [PATCH] test: psa driver wrapper: Add non regression test for psa_cipher_generate_iv() Add non regression test for invalid usage of the output buffer in psa_cipher_generate_iv(). The output buffer should not be used to pass the IV to the driver as a local attacker could be able to control the used IV. Signed-off-by: Ronald Cron --- .../test_suite_psa_crypto_driver_wrappers.function | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 6d78ad51a0..39de0ca219 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -923,10 +923,23 @@ void cipher_entry_points( int alg_arg, int key_type_arg, mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + /* Set the output buffer in a given state. */ + for( size_t i = 0; i < 16; i++ ) + output[i] = 0xa5; + status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length ); /* When generating the IV fails, it should call abort too */ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + /* + * Check that the output buffer is still in the same state. + * This will fail if the output buffer is used by the core to pass the IV + * it generated to the driver (and is not restored). + */ + for( size_t i = 0; i < 16; i++ ) + { + TEST_EQUAL( output[i], 0xa5 ); + } /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation,