From b74ac66c8b4eaadcbac9b2853dfdf9a62c4123c6 Mon Sep 17 00:00:00 2001
From: Gabor Mezei <gabor.mezei@arm.com>
Date: Thu, 1 Feb 2024 10:39:56 +0100
Subject: [PATCH] Update test wrapper functions for ciper buffer protection

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
---
 tests/scripts/generate_psa_wrappers.py |  3 ++-
 tests/src/psa_test_wrappers.c          | 12 ++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index 777f48ba13..372e3bfb87 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -146,7 +146,8 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
         if function_name.startswith('psa_aead'):
             return True
         if function_name in {'psa_cipher_encrypt', 'psa_cipher_decrypt',
-                             'psa_cipher_update', 'psa_cipher_finish'}:
+                             'psa_cipher_update', 'psa_cipher_finish',
+                             'psa_cipher_generate_iv', 'psa_cipher_set_iv'}:
             return True
         if function_name in ('psa_key_derivation_output_bytes',
                              'psa_key_derivation_input_bytes'):
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index 5a7be9be87..f41bcc079c 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c
@@ -387,7 +387,13 @@ psa_status_t mbedtls_test_wrap_psa_cipher_generate_iv(
     size_t arg2_iv_size,
     size_t *arg3_iv_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg1_iv, arg2_iv_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_cipher_generate_iv)(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg1_iv, arg2_iv_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 
@@ -397,7 +403,13 @@ psa_status_t mbedtls_test_wrap_psa_cipher_set_iv(
     const uint8_t *arg1_iv,
     size_t arg2_iv_length)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg1_iv, arg2_iv_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_cipher_set_iv)(arg0_operation, arg1_iv, arg2_iv_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg1_iv, arg2_iv_length);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }