Merge pull request #1187 from ronald-cron-arm/issue-1185
Add security change log for issue 1185
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 77c6955..6538175 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7581,12 +7581,13 @@
psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
mbedtls_svc_key_id_t private_key,
- const uint8_t *peer_key,
+ const uint8_t *peer_key_external,
size_t peer_key_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
+ LOCAL_INPUT_DECLARE(peer_key_external, peer_key);
if (!PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) {
return PSA_ERROR_INVALID_ARGUMENT;
@@ -7596,9 +7597,15 @@
if (status != PSA_SUCCESS) {
return status;
}
+
+ LOCAL_INPUT_ALLOC(peer_key_external, peer_key_length, peer_key)
status = psa_key_agreement_internal(operation, step,
slot,
peer_key, peer_key_length);
+
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+exit:
+#endif
if (status != PSA_SUCCESS) {
psa_key_derivation_abort(operation);
} else {
@@ -7610,15 +7617,15 @@
}
unlock_status = psa_unregister_read(slot);
-
+ LOCAL_INPUT_FREE(peer_key_external, peer_key);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
mbedtls_svc_key_id_t private_key,
- const uint8_t *peer_key,
+ const uint8_t *peer_key_external,
size_t peer_key_length,
- uint8_t *output,
+ uint8_t *output_external,
size_t output_size,
size_t *output_length)
{
@@ -7626,6 +7633,9 @@
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
size_t expected_length;
+ LOCAL_INPUT_DECLARE(peer_key_external, peer_key);
+ LOCAL_OUTPUT_DECLARE(output_external, output);
+ LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) {
status = PSA_ERROR_INVALID_ARGUMENT;
@@ -7652,13 +7662,16 @@
goto exit;
}
+ LOCAL_INPUT_ALLOC(peer_key_external, peer_key_length, peer_key);
status = psa_key_agreement_raw_internal(alg, slot,
peer_key, peer_key_length,
output, output_size,
output_length);
exit:
- if (status != PSA_SUCCESS) {
+ /* Check for successful allocation of output,
+ * with an unsuccessful status. */
+ if (output != NULL && status != PSA_SUCCESS) {
/* If an error happens and is not handled properly, the output
* may be used as a key to protect sensitive data. Arrange for such
* a key to be random, which is likely to result in decryption or
@@ -7670,8 +7683,15 @@
*output_length = output_size;
}
+ if (output == NULL) {
+ /* output allocation failed. */
+ *output_length = 0;
+ }
+
unlock_status = psa_unregister_read(slot);
+ LOCAL_INPUT_FREE(peer_key_external, peer_key);
+ LOCAL_OUTPUT_FREE(output_external, output);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@@ -8326,10 +8346,11 @@
psa_status_t psa_pake_set_user(
psa_pake_operation_t *operation,
- const uint8_t *user_id,
+ const uint8_t *user_id_external,
size_t user_id_len)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ LOCAL_INPUT_DECLARE(user_id_external, user_id);
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
status = PSA_ERROR_BAD_STATE;
@@ -8352,21 +8373,28 @@
goto exit;
}
+ LOCAL_INPUT_ALLOC(user_id_external, user_id_len, user_id);
+
memcpy(operation->data.inputs.user, user_id, user_id_len);
operation->data.inputs.user_len = user_id_len;
- return PSA_SUCCESS;
+ status = PSA_SUCCESS;
+
exit:
- psa_pake_abort(operation);
+ LOCAL_INPUT_FREE(user_id_external, user_id);
+ if (status != PSA_SUCCESS) {
+ psa_pake_abort(operation);
+ }
return status;
}
psa_status_t psa_pake_set_peer(
psa_pake_operation_t *operation,
- const uint8_t *peer_id,
+ const uint8_t *peer_id_external,
size_t peer_id_len)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ LOCAL_INPUT_DECLARE(peer_id_external, peer_id);
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
status = PSA_ERROR_BAD_STATE;
@@ -8389,12 +8417,18 @@
goto exit;
}
+ LOCAL_INPUT_ALLOC(peer_id_external, peer_id_len, peer_id);
+
memcpy(operation->data.inputs.peer, peer_id, peer_id_len);
operation->data.inputs.peer_len = peer_id_len;
- return PSA_SUCCESS;
+ status = PSA_SUCCESS;
+
exit:
- psa_pake_abort(operation);
+ LOCAL_INPUT_FREE(peer_id_external, peer_id);
+ if (status != PSA_SUCCESS) {
+ psa_pake_abort(operation);
+ }
return status;
}
@@ -8580,12 +8614,13 @@
psa_status_t psa_pake_output(
psa_pake_operation_t *operation,
psa_pake_step_t step,
- uint8_t *output,
+ uint8_t *output_external,
size_t output_size,
size_t *output_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_crypto_driver_pake_step_t driver_step = PSA_JPAKE_STEP_INVALID;
+ LOCAL_OUTPUT_DECLARE(output_external, output);
*output_length = 0;
if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
@@ -8622,6 +8657,8 @@
goto exit;
}
+ LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
+
status = psa_driver_wrapper_pake_output(operation, driver_step,
output, output_size, output_length);
@@ -8643,16 +8680,18 @@
goto exit;
}
- return PSA_SUCCESS;
exit:
- psa_pake_abort(operation);
+ LOCAL_OUTPUT_FREE(output_external, output);
+ if (status != PSA_SUCCESS) {
+ psa_pake_abort(operation);
+ }
return status;
}
psa_status_t psa_pake_input(
psa_pake_operation_t *operation,
psa_pake_step_t step,
- const uint8_t *input,
+ const uint8_t *input_external,
size_t input_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
@@ -8660,6 +8699,7 @@
const size_t max_input_length = (size_t) PSA_PAKE_INPUT_SIZE(operation->alg,
operation->primitive,
step);
+ LOCAL_INPUT_DECLARE(input_external, input);
if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
status = psa_pake_complete_inputs(operation);
@@ -8695,6 +8735,7 @@
goto exit;
}
+ LOCAL_INPUT_ALLOC(input_external, input_length, input);
status = psa_driver_wrapper_pake_input(operation, driver_step,
input, input_length);
@@ -8716,9 +8757,11 @@
goto exit;
}
- return PSA_SUCCESS;
exit:
- psa_pake_abort(operation);
+ LOCAL_INPUT_FREE(input_external, input);
+ if (status != PSA_SUCCESS) {
+ psa_pake_abort(operation);
+ }
return status;
}
diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index fbe7cf1..a2d8787 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -143,6 +143,8 @@
"""Whether the specified buffer argument to a PSA function should be copied.
"""
#pylint: disable=too-many-return-statements
+ if function_name.startswith('psa_pake'):
+ return True
if function_name.startswith('psa_aead'):
return True
if function_name in {'psa_cipher_encrypt', 'psa_cipher_decrypt',
@@ -167,6 +169,9 @@
'psa_hash_compute',
'psa_hash_compare'):
return True
+ if function_name in ('psa_key_derivation_key_agreement',
+ 'psa_raw_key_agreement'):
+ return True
if function_name == 'psa_generate_random':
return True
if function_name in ('psa_mac_update',
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index 86ab1c3..71ea09c 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c
@@ -810,7 +810,13 @@
const uint8_t *arg3_peer_key,
size_t arg4_peer_key_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg3_peer_key, arg4_peer_key_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_key_derivation_key_agreement)(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_peer_key, arg4_peer_key_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
@@ -1002,7 +1008,13 @@
const uint8_t *arg2_input,
size_t arg3_input_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_pake_input)(arg0_operation, arg1_step, arg2_input, arg3_input_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
@@ -1014,7 +1026,13 @@
size_t arg3_output_size,
size_t *arg4_output_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_output, arg3_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_pake_output)(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_output, arg3_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
@@ -1033,7 +1051,13 @@
const uint8_t *arg1_peer_id,
size_t arg2_peer_id_len)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_peer_id, arg2_peer_id_len);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_pake_set_peer)(arg0_operation, arg1_peer_id, arg2_peer_id_len);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_peer_id, arg2_peer_id_len);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
@@ -1052,7 +1076,13 @@
const uint8_t *arg1_user_id,
size_t arg2_user_id_len)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_user_id, arg2_user_id_len);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_pake_set_user)(arg0_operation, arg1_user_id, arg2_user_id_len);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_user_id, arg2_user_id_len);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
@@ -1083,7 +1113,15 @@
size_t arg5_output_size,
size_t *arg6_output_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_peer_key, arg3_peer_key_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_raw_key_agreement)(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_peer_key, arg3_peer_key_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f544b41..d80f323 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -742,37 +742,37 @@
/* Server first round Output */
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_g1_len));
+ buffer_length - buffer0_off, &s_g1_len));
TEST_EQUAL(s_g1_len, expected_size_key_share);
s_g1_off = buffer0_off;
buffer0_off += s_g1_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x1_pk_len));
+ buffer_length - buffer0_off, &s_x1_pk_len));
TEST_EQUAL(s_x1_pk_len, expected_size_zk_public);
s_x1_pk_off = buffer0_off;
buffer0_off += s_x1_pk_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x1_pr_len));
+ buffer_length - buffer0_off, &s_x1_pr_len));
TEST_LE_U(s_x1_pr_len, max_expected_size_zk_proof);
s_x1_pr_off = buffer0_off;
buffer0_off += s_x1_pr_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_g2_len));
+ buffer_length - buffer0_off, &s_g2_len));
TEST_EQUAL(s_g2_len, expected_size_key_share);
s_g2_off = buffer0_off;
buffer0_off += s_g2_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2_pk_len));
+ buffer_length - buffer0_off, &s_x2_pk_len));
TEST_EQUAL(s_x2_pk_len, expected_size_zk_public);
s_x2_pk_off = buffer0_off;
buffer0_off += s_x2_pk_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2_pr_len));
+ buffer_length - buffer0_off, &s_x2_pr_len));
TEST_LE_U(s_x2_pr_len, max_expected_size_zk_proof);
s_x2_pr_off = buffer0_off;
buffer0_off += s_x2_pr_len;
@@ -862,37 +862,37 @@
/* Client first round Output */
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_g1_len));
+ buffer_length - buffer1_off, &c_g1_len));
TEST_EQUAL(c_g1_len, expected_size_key_share);
c_g1_off = buffer1_off;
buffer1_off += c_g1_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x1_pk_len));
+ buffer_length - buffer1_off, &c_x1_pk_len));
TEST_EQUAL(c_x1_pk_len, expected_size_zk_public);
c_x1_pk_off = buffer1_off;
buffer1_off += c_x1_pk_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x1_pr_len));
+ buffer_length - buffer1_off, &c_x1_pr_len));
TEST_LE_U(c_x1_pr_len, max_expected_size_zk_proof);
c_x1_pr_off = buffer1_off;
buffer1_off += c_x1_pr_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_g2_len));
+ buffer_length - buffer1_off, &c_g2_len));
TEST_EQUAL(c_g2_len, expected_size_key_share);
c_g2_off = buffer1_off;
buffer1_off += c_g2_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2_pk_len));
+ buffer_length - buffer1_off, &c_x2_pk_len));
TEST_EQUAL(c_x2_pk_len, expected_size_zk_public);
c_x2_pk_off = buffer1_off;
buffer1_off += c_x2_pk_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2_pr_len));
+ buffer_length - buffer1_off, &c_x2_pr_len));
TEST_LE_U(c_x2_pr_len, max_expected_size_zk_proof);
c_x2_pr_off = buffer1_off;
buffer1_off += c_x2_pr_len;
@@ -1040,19 +1040,19 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_a_len));
+ buffer_length - buffer0_off, &s_a_len));
TEST_EQUAL(s_a_len, expected_size_key_share);
s_a_off = buffer0_off;
buffer0_off += s_a_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2s_pk_len));
+ buffer_length - buffer0_off, &s_x2s_pk_len));
TEST_EQUAL(s_x2s_pk_len, expected_size_zk_public);
s_x2s_pk_off = buffer0_off;
buffer0_off += s_x2s_pk_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2s_pr_len));
+ buffer_length - buffer0_off, &s_x2s_pr_len));
TEST_LE_U(s_x2s_pr_len, max_expected_size_zk_proof);
s_x2s_pr_off = buffer0_off;
buffer0_off += s_x2s_pr_len;
@@ -1105,19 +1105,19 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_a_len));
+ buffer_length - buffer1_off, &c_a_len));
TEST_EQUAL(c_a_len, expected_size_key_share);
c_a_off = buffer1_off;
buffer1_off += c_a_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2s_pk_len));
+ buffer_length - buffer1_off, &c_x2s_pk_len));
TEST_EQUAL(c_x2s_pk_len, expected_size_zk_public);
c_x2s_pk_off = buffer1_off;
buffer1_off += c_x2s_pk_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2s_pr_len));
+ buffer_length - buffer1_off, &c_x2s_pr_len));
TEST_LE_U(c_x2s_pr_len, max_expected_size_zk_proof);
c_x2s_pr_off = buffer1_off;
buffer1_off += c_x2s_pr_len;
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index 4c13b8d..a788827 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -57,7 +57,7 @@
/* Server first round Output */
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_g1_len));
+ buffer_length - buffer0_off, &s_g1_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(s_g1_len, expected_size_key_share);
@@ -65,7 +65,7 @@
buffer0_off += s_g1_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x1_pk_len));
+ buffer_length - buffer0_off, &s_x1_pk_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(s_x1_pk_len, expected_size_zk_public);
@@ -73,7 +73,7 @@
buffer0_off += s_x1_pk_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x1_pr_len));
+ buffer_length - buffer0_off, &s_x1_pr_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_LE_U(s_x1_pr_len, max_expected_size_zk_proof);
@@ -81,7 +81,7 @@
buffer0_off += s_x1_pr_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_g2_len));
+ buffer_length - buffer0_off, &s_g2_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(s_g2_len, expected_size_key_share);
@@ -89,7 +89,7 @@
buffer0_off += s_g2_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2_pk_len));
+ buffer_length - buffer0_off, &s_x2_pk_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(s_x2_pk_len, expected_size_zk_public);
@@ -97,7 +97,7 @@
buffer0_off += s_x2_pk_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2_pr_len));
+ buffer_length - buffer0_off, &s_x2_pr_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_LE_U(s_x2_pr_len, max_expected_size_zk_proof);
@@ -154,7 +154,7 @@
/* Client first round Output */
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_g1_len));
+ buffer_length - buffer1_off, &c_g1_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(c_g1_len, expected_size_key_share);
@@ -162,7 +162,7 @@
buffer1_off += c_g1_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x1_pk_len));
+ buffer_length - buffer1_off, &c_x1_pk_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(c_x1_pk_len, expected_size_zk_public);
@@ -170,7 +170,7 @@
buffer1_off += c_x1_pk_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x1_pr_len));
+ buffer_length - buffer1_off, &c_x1_pr_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_LE_U(c_x1_pr_len, max_expected_size_zk_proof);
@@ -178,7 +178,7 @@
buffer1_off += c_x1_pr_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_g2_len));
+ buffer_length - buffer1_off, &c_g2_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(c_g2_len, expected_size_key_share);
@@ -186,7 +186,7 @@
buffer1_off += c_g2_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2_pk_len));
+ buffer_length - buffer1_off, &c_x2_pk_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(c_x2_pk_len, expected_size_zk_public);
@@ -194,7 +194,7 @@
buffer1_off += c_x2_pk_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2_pr_len));
+ buffer_length - buffer1_off, &c_x2_pr_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_LE_U(c_x2_pr_len, max_expected_size_zk_proof);
@@ -290,7 +290,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_a_len));
+ buffer_length - buffer0_off, &s_a_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(s_a_len, expected_size_key_share);
@@ -298,7 +298,7 @@
buffer0_off += s_a_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2s_pk_len));
+ buffer_length - buffer0_off, &s_x2s_pk_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(s_x2s_pk_len, expected_size_zk_public);
@@ -306,7 +306,7 @@
buffer0_off += s_x2s_pk_len;
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2s_pr_len));
+ buffer_length - buffer0_off, &s_x2s_pr_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_LE_U(s_x2s_pr_len, max_expected_size_zk_proof);
@@ -341,7 +341,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_a_len));
+ buffer_length - buffer1_off, &c_a_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(c_a_len, expected_size_key_share);
@@ -349,7 +349,7 @@
buffer1_off += c_a_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2s_pk_len));
+ buffer_length - buffer1_off, &c_x2s_pk_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_EQUAL(c_x2s_pk_len, expected_size_zk_public);
@@ -357,7 +357,7 @@
buffer1_off += c_x2s_pk_len;
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2s_pr_len));
+ buffer_length - buffer1_off, &c_x2s_pr_len));
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
TEST_LE_U(c_x2s_pr_len, max_expected_size_zk_proof);
diff --git a/tests/suites/test_suite_psa_crypto_op_fail.function b/tests/suites/test_suite_psa_crypto_op_fail.function
index 20942bf..9878237 100644
--- a/tests/suites/test_suite_psa_crypto_op_fail.function
+++ b/tests/suites/test_suite_psa_crypto_op_fail.function
@@ -359,9 +359,9 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = { 0 };
- size_t public_key_length = SIZE_MAX;
+ size_t public_key_length = 0;
uint8_t output[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE] = { 0 };
- size_t length = SIZE_MAX;
+ size_t length = 0;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
PSA_INIT();
diff --git a/tests/suites/test_suite_psa_crypto_pake.function b/tests/suites/test_suite_psa_crypto_pake.function
index fed2c41..1cc69a7 100644
--- a/tests/suites/test_suite_psa_crypto_pake.function
+++ b/tests/suites/test_suite_psa_crypto_pake.function
@@ -147,7 +147,7 @@
/* Server first round Output */
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_g1_len));
+ buffer_length - buffer0_off, &s_g1_len));
TEST_EQUAL(s_g1_len, expected_size_key_share);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART1,
@@ -156,7 +156,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x1_pk_len));
+ buffer_length - buffer0_off, &s_x1_pk_len));
TEST_EQUAL(s_x1_pk_len, expected_size_zk_public);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_SERVER_ZK_PUBLIC_PART1,
@@ -165,7 +165,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x1_pr_len));
+ buffer_length - buffer0_off, &s_x1_pr_len));
TEST_LE_U(s_x1_pr_len, max_expected_size_zk_proof);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART1,
@@ -174,7 +174,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_g2_len));
+ buffer_length - buffer0_off, &s_g2_len));
TEST_EQUAL(s_g2_len, expected_size_key_share);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART2,
@@ -183,7 +183,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2_pk_len));
+ buffer_length - buffer0_off, &s_x2_pk_len));
TEST_EQUAL(s_x2_pk_len, expected_size_zk_public);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_SERVER_ZK_PUBLIC_PART2,
@@ -192,7 +192,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2_pr_len));
+ buffer_length - buffer0_off, &s_x2_pr_len));
TEST_LE_U(s_x2_pr_len, max_expected_size_zk_proof);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART2,
@@ -203,7 +203,7 @@
DO_ROUND_CONDITIONAL_CHECK_FAILURE(
ERR_INJECT_EXTRA_OUTPUT,
psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
- buffer0 + s_g2_off, 512 - s_g2_off, &extra_output_len));
+ buffer0 + s_g2_off, buffer_length - s_g2_off, &extra_output_len));
(void) extra_output_len;
/*
* When injecting errors in inputs, the implementation is
@@ -260,7 +260,7 @@
/* Client first round Output */
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_g1_len));
+ buffer_length - buffer1_off, &c_g1_len));
TEST_EQUAL(c_g1_len, expected_size_key_share);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_CLIENT_KEY_SHARE_PART1,
@@ -269,7 +269,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x1_pk_len));
+ buffer_length - buffer1_off, &c_x1_pk_len));
TEST_EQUAL(c_x1_pk_len, expected_size_zk_public);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_CLIENT_ZK_PUBLIC_PART1,
@@ -278,7 +278,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x1_pr_len));
+ buffer_length - buffer1_off, &c_x1_pr_len));
TEST_LE_U(c_x1_pr_len, max_expected_size_zk_proof);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_CLIENT_ZK_PROOF_PART1,
@@ -287,7 +287,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_g2_len));
+ buffer_length - buffer1_off, &c_g2_len));
TEST_EQUAL(c_g2_len, expected_size_key_share);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_CLIENT_KEY_SHARE_PART2,
@@ -296,7 +296,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2_pk_len));
+ buffer_length - buffer1_off, &c_x2_pk_len));
TEST_EQUAL(c_x2_pk_len, expected_size_zk_public);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_CLIENT_ZK_PUBLIC_PART2,
@@ -305,7 +305,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2_pr_len));
+ buffer_length - buffer1_off, &c_x2_pr_len));
TEST_LE_U(c_x2_pr_len, max_expected_size_zk_proof);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND1_CLIENT_ZK_PROOF_PART2,
@@ -391,7 +391,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_a_len));
+ buffer_length - buffer0_off, &s_a_len));
TEST_EQUAL(s_a_len, expected_size_key_share);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND2_SERVER_KEY_SHARE,
@@ -400,7 +400,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2s_pk_len));
+ buffer_length - buffer0_off, &s_x2s_pk_len));
TEST_EQUAL(s_x2s_pk_len, expected_size_zk_public);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND2_SERVER_ZK_PUBLIC,
@@ -409,7 +409,7 @@
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
buffer0 + buffer0_off,
- 512 - buffer0_off, &s_x2s_pr_len));
+ buffer_length - buffer0_off, &s_x2s_pr_len));
TEST_LE_U(s_x2s_pr_len, max_expected_size_zk_proof);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND2_SERVER_ZK_PROOF,
@@ -445,7 +445,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_a_len));
+ buffer_length - buffer1_off, &c_a_len));
TEST_EQUAL(c_a_len, expected_size_key_share);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND2_CLIENT_KEY_SHARE,
@@ -454,7 +454,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2s_pk_len));
+ buffer_length - buffer1_off, &c_x2s_pk_len));
TEST_EQUAL(c_x2s_pk_len, expected_size_zk_public);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND2_CLIENT_ZK_PUBLIC,
@@ -463,7 +463,7 @@
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
buffer1 + buffer1_off,
- 512 - buffer1_off, &c_x2s_pr_len));
+ buffer_length - buffer1_off, &c_x2s_pr_len));
TEST_LE_U(c_x2s_pr_len, max_expected_size_zk_proof);
DO_ROUND_CONDITIONAL_INJECT(
ERR_INJECT_ROUND2_CLIENT_ZK_PROOF,
@@ -475,7 +475,7 @@
DO_ROUND_CONDITIONAL_CHECK_FAILURE(
ERR_INJECT_EXTRA_OUTPUT_AT_END,
psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
- buffer1 + c_a_off, 512 - c_a_off,
+ buffer1 + c_a_off, buffer_length - c_a_off,
&extra_output_at_end_len));
(void) extra_output_at_end_len;
}