1a8e1175bSopenharmony_ci/* BEGIN_HEADER */ 2a8e1175bSopenharmony_ci#include "mbedtls/platform_util.h" 3a8e1175bSopenharmony_ci/* END_HEADER */ 4a8e1175bSopenharmony_ci 5a8e1175bSopenharmony_ci/* BEGIN_CASE */ 6a8e1175bSopenharmony_civoid mbedtls_platform_zeroize(int len, int null) 7a8e1175bSopenharmony_ci{ 8a8e1175bSopenharmony_ci char buf[130]; 9a8e1175bSopenharmony_ci char *p = NULL; 10a8e1175bSopenharmony_ci 11a8e1175bSopenharmony_ci TEST_ASSERT(len <= 128); 12a8e1175bSopenharmony_ci 13a8e1175bSopenharmony_ci /* Write sentinel values */ 14a8e1175bSopenharmony_ci buf[0] = 2; 15a8e1175bSopenharmony_ci buf[len + 1] = 2; 16a8e1175bSopenharmony_ci 17a8e1175bSopenharmony_ci /* Write non-zero content */ 18a8e1175bSopenharmony_ci if (!null) { 19a8e1175bSopenharmony_ci p = &buf[1]; 20a8e1175bSopenharmony_ci for (int i = 0; i < len; i++) { 21a8e1175bSopenharmony_ci p[i] = 1; 22a8e1175bSopenharmony_ci } 23a8e1175bSopenharmony_ci } 24a8e1175bSopenharmony_ci 25a8e1175bSopenharmony_ci /* Check content is non-zero */ 26a8e1175bSopenharmony_ci TEST_EQUAL(buf[0], 2); 27a8e1175bSopenharmony_ci for (int i = 0; i < len; i++) { 28a8e1175bSopenharmony_ci TEST_ASSERT(p[i] == 1); 29a8e1175bSopenharmony_ci } 30a8e1175bSopenharmony_ci TEST_EQUAL(buf[len + 1], 2); 31a8e1175bSopenharmony_ci 32a8e1175bSopenharmony_ci mbedtls_platform_zeroize(p, len); 33a8e1175bSopenharmony_ci 34a8e1175bSopenharmony_ci /* Check content is zero and sentinels un-changed */ 35a8e1175bSopenharmony_ci TEST_EQUAL(buf[0], 2); 36a8e1175bSopenharmony_ci for (int i = 0; i < len; i++) { 37a8e1175bSopenharmony_ci TEST_ASSERT(p[i] == 0); 38a8e1175bSopenharmony_ci } 39a8e1175bSopenharmony_ci TEST_EQUAL(buf[len + 1], 2); 40a8e1175bSopenharmony_ci} 41a8e1175bSopenharmony_ci/* END_CASE */ 42a8e1175bSopenharmony_ci 43a8e1175bSopenharmony_ci/* BEGIN_CASE */ 44a8e1175bSopenharmony_civoid mbedtls_platform_zeroize_uninitialised(int len, int p) 45a8e1175bSopenharmony_ci{ 46a8e1175bSopenharmony_ci /* 47a8e1175bSopenharmony_ci * As per #7301: on some platforms, including modern Linux, Clang with Msan 48a8e1175bSopenharmony_ci * does not recognize that explicit_bzero() writes well-defined content to 49a8e1175bSopenharmony_ci * its output buffer. For us, this causes CMAC operations to fail in Msan 50a8e1175bSopenharmony_ci * builds when mbedtls_platform_zeroize() is implemented over 51a8e1175bSopenharmony_ci * explicit_bzero(). 52a8e1175bSopenharmony_ci * 53a8e1175bSopenharmony_ci * This test ensures we have a simple/obvious MSan test rather than 54a8e1175bSopenharmony_ci * spurious errors in crypto code that are hard to track down. 55a8e1175bSopenharmony_ci */ 56a8e1175bSopenharmony_ci char buf[128]; 57a8e1175bSopenharmony_ci mbedtls_platform_zeroize(buf, len); 58a8e1175bSopenharmony_ci 59a8e1175bSopenharmony_ci TEST_EQUAL(buf[p], 0); 60a8e1175bSopenharmony_ci} 61a8e1175bSopenharmony_ci/* END_CASE */ 62