Encrypt more than 2 blocks of data, causing both update() calls to
output data as well as the call to finish().
This exposes a test bug where the pointer to a buffer is not updated
as it is filled with data.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Resize buffer used to hold the nonce to twice the maximum nonce size.
Some test cases were requesting more than the maximum nonce size
without actually having backing space. This caused a buffer overflow
when PSA buffer-copying code was added.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The psa_test_wrappers.h inclusion was breaking the examples in programs/
on functions with poisoning added
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This option causes nested calls to PSA functions, so is not compatible
with memory poisoning as it currently stands.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Only mbedtls_test_opaque_unwrap_key() is actually needed by other
test drivers to deal with opaque keys. mbedtls_test_opaque_wrap_key()
can be kept private to test_driver_key_management.c.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Make sure that extra UNPOISON calls do not cause the poisoning counter
to underflow and wrap around.
Memory that is unpoisoned multiple times should remain unpoisoned.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Some platforms may support ASan but be C99-only (no C11 support).
These platforms will support ASan metatests but not memory poisoning,
which requires C11 features.
To allow for this, create a separate platform requirement, "poison",
in metatest.c to distinguish generic ASan metatests from ones that
require suppport for memory poisoning.
In practice our platforms support both, so run "poison" tests in
the same all.sh components where we run "asan" ones.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This allows unusually-nested memory poisoning to work correctly, since
it keeps track of whether any buffers are still poisoned, rather than
just disabling poisoning at the first call to the UNPOISON() macro.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Set the C_STANDARD property on the mbedtls_test target to 11.
This requests C11 for the tests only.
If C11 is not supported the build will not fail, since
C_STANDARD_REQUIRED is not set, and memory poisoning will be disabled
by a preprocessor check on __STDC_VERSION__.
Additionally, reintroduce previous C99 enforcement on the rest of the
library.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
`psa_collect_statuses.py` runs `make RECORD_PSA_STATUS_COVERAGE_LOG=1`,
which builds with `RECORD_PSA_STATUS_COVERAGE_LOG`. In this mode, the build
includes wrappers for PSA functions, which conflict with the newly
introduced wrappers that are enabled whenever `MBEDTLS_TEST_HOOKS` is
enabled. In the future, the collect-statuses mechanism should use the new
generic wrapper mechanism. For the time being, keep the old wrappers and
avoid the new wrappers when doing the collect-statuses build.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For now, only instrument the one function for which buffer copying has been
implemented, namely `psa_cipher_encrypt`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Code in unit tests (`tests/suites/*.function`) and in test support
code (`tests/src/**.c`) will now go through the wrapper functions when they
call a PSA API function and `MBEDTLS_TEST_HOOKS` is enabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
