TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7b3024e7913d58e6341f42e717e5dd29d6bd5584^! / .
commit7b3024e7913d58e6341f42e717e5dd29d6bd5584[log] [tgz]
authorWaleed Elmelegy <waleed.elmelegy@arm.com>Thu May 30 16:41:47 2024 +0000
committerWaleed Elmelegy <waleed.elmelegy@arm.com>Tue Jun 25 09:51:37 2024 +0000
tree55fc8376d3ec7b7322c15162fccd206b782c8fb9
parent90b035e823275901d11ac1a9b4341257852dedac [diff]
Change mbedtls_mpi_core_exp_mod to constant time

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

diff --git a/library/bignum_core.h b/library/bignum_core.h
index 818ca7a..51ecca5 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h

@@ -621,6 +621,9 @@
  * \p X may be aliased to \p A, but not to \p RR or \p E, even if \p E_limbs ==
  * \p AN_limbs.
  *
+ * This function operates in constant time with respect
+ * to the values of \p A, \p N and \p E.
+ *
  * \param[out] X     The destination MPI, as a little endian array of length
  *                   \p AN_limbs.
  * \param[in] A      The base MPI, as a little endian array of length \p AN_limbs.

diff --git a/tests/suites/test_suite_bignum_core.function b/tests/suites/test_suite_bignum_core.function
index be94757..cd80803 100644
--- a/tests/suites/test_suite_bignum_core.function
+++ b/tests/suites/test_suite_bignum_core.function

@@ -1302,14 +1302,31 @@
               working_limbs);
 
     TEST_CALLOC(T, working_limbs);
-
+#if !defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
+    TEST_CF_SECRET(A, A_limbs * sizeof(mbedtls_mpi_uint));
+    TEST_CF_SECRET(N, N_limbs * sizeof(mbedtls_mpi_uint));
+    TEST_CF_SECRET(E, E_limbs * sizeof(mbedtls_mpi_uint));
+#endif
     mbedtls_mpi_core_exp_mod(Y, A, N, N_limbs, E, E_limbs, R2, T);
+#if !defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
+    TEST_CF_PUBLIC(Y, N_limbs * sizeof(mbedtls_mpi_uint));
+    TEST_CF_PUBLIC(A, A_limbs * sizeof(mbedtls_mpi_uint));
+    TEST_CF_PUBLIC(N, N_limbs * sizeof(mbedtls_mpi_uint));
+    TEST_CF_PUBLIC(E, E_limbs * sizeof(mbedtls_mpi_uint));
+#endif
 
     TEST_EQUAL(0, memcmp(X, Y, N_limbs * sizeof(mbedtls_mpi_uint)));
 
+#if !defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
+    TEST_CF_SECRET(A, A_limbs * sizeof(mbedtls_mpi_uint));
+    TEST_CF_SECRET(N, N_limbs * sizeof(mbedtls_mpi_uint));
+    TEST_CF_SECRET(E, E_limbs * sizeof(mbedtls_mpi_uint));
+#endif
     /* Check when output aliased to input */
-
     mbedtls_mpi_core_exp_mod(A, A, N, N_limbs, E, E_limbs, R2, T);
+#if !defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
+    TEST_CF_PUBLIC(A, A_limbs * sizeof(mbedtls_mpi_uint));
+#endif
 
     TEST_EQUAL(0, memcmp(X, A, N_limbs * sizeof(mbedtls_mpi_uint)));