From 65bf12ce6b0239974db31ba6c67d20f902fa564b Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Tue, 6 Feb 2024 15:27:49 +0000
Subject: [PATCH 1/4] Add buffer copying to psa_generate_random()

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/psa_crypto.c | 94 +++++++++++++++++++++++++++-----------------
 1 file changed, 57 insertions(+), 37 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f9fab4808..19daee957 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3528,6 +3528,52 @@ exit:
     return (status == PSA_SUCCESS) ? unlock_status : status;
 }
 
+static psa_status_t psa_generate_random_internal(uint8_t *output,
+                                                 size_t output_size)
+{
+    GUARD_MODULE_INITIALIZED;
+
+    psa_status_t status;
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+
+    size_t output_length = 0;
+    status = mbedtls_psa_external_get_random(&global_data.rng,
+                                             output, output_size,
+                                             &output_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    /* Breaking up a request into smaller chunks is currently not supported
+     * for the external RNG interface. */
+    if (output_length != output_size) {
+        status = PSA_ERROR_INSUFFICIENT_ENTROPY;
+        goto exit;
+    }
+    status = PSA_SUCCESS;
+
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+    while (output_size > 0) {
+        size_t request_size =
+            (output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ?
+             MBEDTLS_PSA_RANDOM_MAX_REQUEST :
+             output_size);
+        int ret = mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
+                                         output, request_size);
+        if (ret != 0) {
+            status = mbedtls_to_psa_error(ret);
+            goto exit;
+        }
+        output_size -= request_size;
+        output += request_size;
+    }
+    status = PSA_SUCCESS;
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+exit:
+    return status;
+}
 
 
 /****************************************************************/
@@ -3650,7 +3696,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
         goto exit;
     }
 
-    status = psa_generate_random(local_iv, default_iv_length);
+    status = psa_generate_random_internal(local_iv, default_iv_length);
     if (status != PSA_SUCCESS) {
         goto exit;
     }
@@ -3839,7 +3885,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key,
             goto exit;
         }
 
-        status = psa_generate_random(local_iv, default_iv_length);
+        status = psa_generate_random_internal(local_iv, default_iv_length);
         if (status != PSA_SUCCESS) {
             goto exit;
         }
@@ -5367,7 +5413,7 @@ exit:
          * some constant data such as zeros, which would result in the data
          * being protected with a reproducible, easily knowable key.
          */
-        psa_generate_random(output, output_size);
+        psa_generate_random_internal(output, output_size);
         *output_length = output_size;
     }
 
@@ -5377,7 +5423,6 @@ exit:
 }
 
 
-
 /****************************************************************/
 /* Random generation */
 /****************************************************************/
@@ -5446,44 +5491,19 @@ static psa_status_t mbedtls_psa_random_seed(mbedtls_psa_random_context_t *rng)
 #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
 }
 
-psa_status_t psa_generate_random(uint8_t *output,
+psa_status_t psa_generate_random(uint8_t *output_external,
                                  size_t output_size)
 {
-    GUARD_MODULE_INITIALIZED;
+    psa_status_t status;
 
-#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    LOCAL_OUTPUT_DECLARE(output_external, output);
+    LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
 
-    size_t output_length = 0;
-    psa_status_t status = mbedtls_psa_external_get_random(&global_data.rng,
-                                                          output, output_size,
-                                                          &output_length);
-    if (status != PSA_SUCCESS) {
-        return status;
-    }
-    /* Breaking up a request into smaller chunks is currently not supported
-     * for the external RNG interface. */
-    if (output_length != output_size) {
-        return PSA_ERROR_INSUFFICIENT_ENTROPY;
-    }
-    return PSA_SUCCESS;
+    status = psa_generate_random_internal(output, output_size);
 
-#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
-
-    while (output_size > 0) {
-        size_t request_size =
-            (output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ?
-             MBEDTLS_PSA_RANDOM_MAX_REQUEST :
-             output_size);
-        int ret = mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
-                                         output, request_size);
-        if (ret != 0) {
-            return mbedtls_to_psa_error(ret);
-        }
-        output_size -= request_size;
-        output += request_size;
-    }
-    return PSA_SUCCESS;
-#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+exit:
+    LOCAL_OUTPUT_FREE(output_external, output);
+    return status;
 }
 
 /* Wrapper function allowing the classic API to use the PSA RNG.

From 4e8215057c4dfb2ea38dce1b3214f40ea6566665 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Tue, 6 Feb 2024 15:44:08 +0000
Subject: [PATCH 2/4] Generate test wrappers for psa_generate_random()

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 tests/scripts/generate_psa_wrappers.py | 2 ++
 tests/src/psa_test_wrappers.c          | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index 4f567bcfe..0aaa7104e 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -171,6 +171,8 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
                              'psa_hash_verify',
                              'psa_hash_compute',
                              'psa_hash_compare'):
+
+        if function_name == 'psa_generate_random':
             return True
         return False
 
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index 032df8d28..1efa1bb6a 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c
@@ -326,7 +326,13 @@ psa_status_t mbedtls_test_wrap_psa_generate_random(
     uint8_t *arg0_output,
     size_t arg1_output_size)
 {
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_POISON(arg0_output, arg1_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     psa_status_t status = (psa_generate_random)(arg0_output, arg1_output_size);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+    MBEDTLS_TEST_MEMORY_UNPOISON(arg0_output, arg1_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
     return status;
 }
 

From 10e44f3fd172d0381709ad274a7d56ac9e2a0c3a Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Wed, 28 Feb 2024 14:17:10 +0000
Subject: [PATCH 3/4] Add missing guards around exit label

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 19daee957..5c1a98db6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5501,7 +5501,9 @@ psa_status_t psa_generate_random(uint8_t *output_external,
 
     status = psa_generate_random_internal(output, output_size);
 
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
 exit:
+#endif
     LOCAL_OUTPUT_FREE(output_external, output);
     return status;
 }

From 80de1475a1eb935822a9377ef8f73583ac6aee26 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Wed, 28 Feb 2024 15:16:44 +0000
Subject: [PATCH 4/4] Fix incorrect conflict resolution

A return statement was missing in the wrapper generation script.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 tests/scripts/generate_psa_wrappers.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index 0aaa7104e..db7a55951 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -171,7 +171,7 @@ class PSAWrapperGenerator(c_wrapper_generator.Base):
                              'psa_hash_verify',
                              'psa_hash_compute',
                              'psa_hash_compare'):
-
+            return True
         if function_name == 'psa_generate_random':
             return True
         return False