This commit moves static functions that are necessary for
mbedtls_oid_get_numeric_string and mbedtls_oid_from_numeric_string from
oid.c to x509.c
Signed-off-by: Sam Berry <sam.berry@arm.com>
This commit moves the function declarations for
mbedtls_oid_get_numeric_string and mbedtls_oid_from_numeric_string from
oid.h to x509.h.
Signed-off-by: Sam Berry <sam.berry@arm.com>
The rest of the file uses mbedtls_mpi_uint_t unconditionally, so its
definition should also be #include'd unconditionally.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Without this, it's not at all obvious that turning on MBEDTLS_TEST_HOOKS
doesn't change the functional behavior of the code.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Unfortunately compilers aren't good at analyzing whether variables are
analyzed on all code paths, and it is better to initialize to the
safe-path values.
Signed-off-by: Janos Follath <janos.follath@arm.com>
A + B + 1 is not a good way to get a number that's neither A nor B.
This can be a problem for example if values later are changed to
A = 0 and B = -1.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The new test hooks allow to check whether there was an unsafe call of an
optionally safe function in the codepath. For the sake of simplicity the
MBEDTLS_MPI_IS_* macros are reused for signalling safe/unsafe codepaths
here too.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The allocated size can be significantly larger than the actual size. In
the unsafe case we can use the actual size and gain some performance.
Signed-off-by: Janos Follath <janos.follath@arm.com>
It is easier to read if the parameter controlling constant timeness with
respect to a parameter is next to that parameter.
Signed-off-by: Janos Follath <janos.follath@arm.com>
In Thumb instructions, constant can be:
- any constant that can be produced by shifting an 8-bit value left by any
number of bits within a 32-bit word
- any constant of the form 0x00XY00XY
- any constant of the form 0xXY00XY00
- any constant of the form 0xXYXYXYXY.
Signed-off-by: Janos Follath <janos.follath@arm.com>
These macros are not part of any public or internal API, ideally they
would be defined in the source files. The reason to put them in
bignum_core.h to avoid duplication as macros for this purpose are
needed in both bignum.c and bignum_core.c.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The complexity of having functions whose security properties depend on a
runtime argument can be dangerous. Limit risk by isolating such code in
small functions with limited scope.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The complexity of having functions whose security properties depend on a
runtime argument can be dangerous. Limit misuse by making any such
functions local.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Attempt to partially solve the performance regression in 3.6.0 without
adding too much code size.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
