mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-25 00:02:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Prepare codepath tests for early termination

Browse Source 
Signed-off-by: Janos Follath <janos.follath@arm.com>
This commit is contained in:
Janos Follath 2024-08-22 20:00:23 +01:00 committed by Manuel Pégourié-Gonnard
parent 44eca95ace
commit 21445c580f
3 changed files with 52 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
tests/include/test/bignum_codepath_check.h
View File

@ -43,6 +43,49 @@ static inline void mbedtls_codepath_reset(void)
mbedtls_codepath_check = MBEDTLS_MPI_IS_TEST; mbedtls_codepath_check = MBEDTLS_MPI_IS_TEST;
} }
/** Check the codepath taken and fail if it doesn't match.
*
* When a function returns with an error, it can do so before reaching any interesting codepath. The
* same can happen if a parameter to the function is zero. In these cases we need to allow
* uninitialised value for the codepath tracking variable.
*
* This macro expands to an instruction, not an expression.
* It may jump to the \c exit label.
*
* \param path The expected codepath.
* This expression may be evaluated multiple times.
* \param ret The expected return value.
* \param E The MPI parameter that can cause shortcuts.
*/
#define ASSERT_BIGNUM_CODEPATH(path, ret, E) \
do { \
if((ret)!=0 || (E).n == 0) \
TEST_ASSERT(mbedtls_codepath_check == (path) || \
mbedtls_codepath_check == MBEDTLS_MPI_IS_TEST); \
else \
TEST_EQUAL(mbedtls_codepath_check, (path)); \
} while (0)
/** Check the codepath taken and fail if it doesn't match.
*
* When a function returns with an error, it can do so before reaching any interesting codepath. In
* this case we need to allow uninitialised value for the codepath tracking variable.
*
* This macro expands to an instruction, not an expression.
* It may jump to the \c exit label.
*
* \param path The expected codepath.
* This expression may be evaluated multiple times.
* \param ret The expected return value.
*/
#define ASSERT_RSA_CODEPATH(path, ret) \
do { \
if((ret)!=0) \
TEST_ASSERT(mbedtls_codepath_check == (path) || \
mbedtls_codepath_check == MBEDTLS_MPI_IS_TEST); \
else \
TEST_EQUAL(mbedtls_codepath_check, (path)); \
} while (0)
#endif /* MBEDTLS_TEST_HOOKS && !MBEDTLS_THREADING_C */ #endif /* MBEDTLS_TEST_HOOKS && !MBEDTLS_THREADING_C */
#endif /* BIGNUM_CODEPATH_CHECK_H */ #endif /* BIGNUM_CODEPATH_CHECK_H */

14
tf-psa-crypto/tests/suites/test_suite_bignum.function
View File

@ -995,7 +995,7 @@ void mpi_exp_mod_min_RR(char *input_A, char *input_E,
#endif #endif
res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_SECRET); ASSERT_BIGNUM_CODEPATH(MBEDTLS_MPI_IS_SECRET, res, E);
#endif #endif
/* We know that exp_mod internally needs RR to be as large as N. /* We know that exp_mod internally needs RR to be as large as N.
* Validate that it is the case now, otherwise there was probably * Validate that it is the case now, otherwise there was probably
@ -1034,7 +1034,7 @@ void mpi_exp_mod(char *input_A, char *input_E,
#endif #endif
res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, NULL); res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, NULL);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_SECRET); ASSERT_BIGNUM_CODEPATH(MBEDTLS_MPI_IS_SECRET, res, E);
#endif #endif
TEST_ASSERT(res == exp_result); TEST_ASSERT(res == exp_result);
if (res == 0) { if (res == 0) {
@ -1047,7 +1047,7 @@ void mpi_exp_mod(char *input_A, char *input_E,
#endif #endif
res = mbedtls_mpi_exp_mod_unsafe(&Z, &A, &E, &N, NULL); res = mbedtls_mpi_exp_mod_unsafe(&Z, &A, &E, &N, NULL);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_PUBLIC); ASSERT_BIGNUM_CODEPATH(MBEDTLS_MPI_IS_PUBLIC, res, E);
#endif #endif
TEST_ASSERT(res == exp_result); TEST_ASSERT(res == exp_result);
if (res == 0) { if (res == 0) {
@ -1061,7 +1061,7 @@ void mpi_exp_mod(char *input_A, char *input_E,
#endif #endif
res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_SECRET); ASSERT_BIGNUM_CODEPATH(MBEDTLS_MPI_IS_SECRET, res, E);
#endif #endif
TEST_ASSERT(res == exp_result); TEST_ASSERT(res == exp_result);
if (res == 0) { if (res == 0) {
@ -1075,7 +1075,7 @@ void mpi_exp_mod(char *input_A, char *input_E,
#endif #endif
res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_SECRET); ASSERT_BIGNUM_CODEPATH(MBEDTLS_MPI_IS_SECRET, res, E);
#endif #endif
TEST_ASSERT(res == exp_result); TEST_ASSERT(res == exp_result);
if (res == 0) { if (res == 0) {
@ -1121,7 +1121,7 @@ void mpi_exp_mod_size(int A_bytes, int E_bytes, int N_bytes,
#endif #endif
TEST_ASSERT(mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR) == exp_result); TEST_ASSERT(mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR) == exp_result);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_SECRET); ASSERT_BIGNUM_CODEPATH(MBEDTLS_MPI_IS_SECRET, exp_result, E);
#endif #endif
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
@ -1129,7 +1129,7 @@ void mpi_exp_mod_size(int A_bytes, int E_bytes, int N_bytes,
#endif #endif
TEST_ASSERT(mbedtls_mpi_exp_mod_unsafe(&Z, &A, &E, &N, &RR) == exp_result); TEST_ASSERT(mbedtls_mpi_exp_mod_unsafe(&Z, &A, &E, &N, &RR) == exp_result);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_PUBLIC); ASSERT_BIGNUM_CODEPATH(MBEDTLS_MPI_IS_PUBLIC, exp_result, E);
#endif #endif
exit: exit:

4
tf-psa-crypto/tests/suites/test_suite_rsa.function
View File

@ -496,7 +496,7 @@ void mbedtls_rsa_public(data_t *message_str, int mod,
#endif #endif
TEST_ASSERT(mbedtls_rsa_public(&ctx, message_str->x, output) == result); TEST_ASSERT(mbedtls_rsa_public(&ctx, message_str->x, output) == result);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_PUBLIC); ASSERT_RSA_CODEPATH(MBEDTLS_MPI_IS_PUBLIC, result);
#endif #endif
if (result == 0) { if (result == 0) {
@ -569,7 +569,7 @@ void mbedtls_rsa_private(data_t *message_str, int mod,
&rnd_info, message_str->x, &rnd_info, message_str->x,
output) == result); output) == result);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_SECRET); ASSERT_RSA_CODEPATH(MBEDTLS_MPI_IS_SECRET, result);
#endif #endif
if (result == 0) { if (result == 0) {