Introduce MBEDTLS_MPI_IS_TEST
A + B + 1 is not a good way to get a number that's neither A nor B.
This can be a problem for example if values later are changed to
A = 0 and B = -1.
Signed-off-by: Janos Follath <janos.follath@arm.com>
diff --git a/library/bignum_core.c b/library/bignum_core.c
index 4231554..76b1da7 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -747,8 +747,7 @@
}
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
-// Set to a default that is neither MBEDTLS_MPI_IS_PUBLIC nor MBEDTLS_MPI_IS_SECRET
-int mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC + MBEDTLS_MPI_IS_SECRET + 1;
+int mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_TEST;
#endif
/*
diff --git a/library/bignum_core.h b/library/bignum_core.h
index cf6485a..e64128f 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -110,6 +110,10 @@
* other than the two below is passed, default to the safe path.) */
#define MBEDTLS_MPI_IS_PUBLIC 0x2a2a2a2a
#define MBEDTLS_MPI_IS_SECRET 0
+#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
+// Default value for testing that is neither MBEDTLS_MPI_IS_PUBLIC nor MBEDTLS_MPI_IS_SECRET
+#define MBEDTLS_MPI_IS_TEST 1
+#endif
/** Count leading zero bits in a given integer.
*
@@ -825,8 +829,7 @@
static inline void mbedtls_mpi_optionally_safe_codepath_reset(void)
{
- // Set to a default that is neither MBEDTLS_MPI_IS_PUBLIC nor MBEDTLS_MPI_IS_SECRET
- mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC + MBEDTLS_MPI_IS_SECRET + 1;
+ mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_TEST;
}
#endif