Move bignum code path testing out of the library
Without this, it's not at all obvious that turning on MBEDTLS_TEST_HOOKS
doesn't change the functional behavior of the code.
Signed-off-by: Janos Follath <janos.follath@arm.com>
diff --git a/library/bignum_core.c b/library/bignum_core.c
index ca2af9c..c8b1474 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -747,7 +747,8 @@
}
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
-int mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_TEST;
+void (*mbedtls_safe_codepath_hook)(void) = NULL;
+void (*mbedtls_unsafe_codepath_hook)(void) = NULL;
#endif
/*
@@ -780,7 +781,8 @@
*E_bit_index = E_bits % biL;
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
- mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC;
+ if(mbedtls_unsafe_codepath_hook != NULL)
+ mbedtls_unsafe_codepath_hook();
#endif
} else {
/*
@@ -790,10 +792,8 @@
*E_limb_index = E_limbs;
*E_bit_index = 0;
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
- // Only mark the codepath safe if there wasn't an unsafe codepath before
- if (mbedtls_mpi_optionally_safe_codepath != MBEDTLS_MPI_IS_PUBLIC) {
- mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_SECRET;
- }
+ if(mbedtls_safe_codepath_hook != NULL)
+ mbedtls_safe_codepath_hook();
#endif
}
}
@@ -812,7 +812,8 @@
if (window_public == MBEDTLS_MPI_IS_PUBLIC) {
memcpy(Wselect, Wtable + window * AN_limbs, AN_limbs * ciL);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
- mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC;
+ if(mbedtls_unsafe_codepath_hook != NULL)
+ mbedtls_unsafe_codepath_hook();
#endif
} else {
/* Select Wtable[window] without leaking window through
@@ -820,10 +821,8 @@
mbedtls_mpi_core_ct_uint_table_lookup(Wselect, Wtable,
AN_limbs, welem, window);
#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
- // Only mark the codepath safe if there wasn't an unsafe codepath before
- if (mbedtls_mpi_optionally_safe_codepath != MBEDTLS_MPI_IS_PUBLIC) {
- mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_SECRET;
- }
+ if(mbedtls_safe_codepath_hook != NULL)
+ mbedtls_safe_codepath_hook();
#endif
}
}
diff --git a/library/bignum_core.h b/library/bignum_core.h
index ba2978e..5a77ef8 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -824,16 +824,4 @@
mbedtls_mpi_uint mm,
mbedtls_mpi_uint *T);
-/*
- * Can't define thread local variables with our abstraction layer: do nothing if threading is on.
- */
-#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
-extern int mbedtls_mpi_optionally_safe_codepath;
-
-static inline void mbedtls_mpi_optionally_safe_codepath_reset(void)
-{
- mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_TEST;
-}
-#endif
-
#endif /* MBEDTLS_BIGNUM_CORE_H */
diff --git a/library/bignum_core_invasive.h b/library/bignum_core_invasive.h
new file mode 100644
index 0000000..167099d
--- /dev/null
+++ b/library/bignum_core_invasive.h
@@ -0,0 +1,23 @@
+/**
+ * \file bignum_core_invasive.h
+ *
+ * \brief Function declarations for invasive functions of bignum core.
+ */
+/**
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_BIGNUM_CORE_INVASIVE_H
+#define MBEDTLS_BIGNUM_CORE_INVASIVE_H
+
+#include "bignum_core.h"
+
+#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
+
+extern void (*mbedtls_safe_codepath_hook)(void);
+extern void (*mbedtls_unsafe_codepath_hook)(void);
+
+#endif /* MBEDTLS_TEST_HOOKS && !MBEDTLS_THREADING_C */
+
+#endif /* MBEDTLS_BIGNUM_CORE_INVASIVE_H */