commit 96cfd7a77aeda10750da88682b6d8cd9c6dbe058
author Janos Follath <janos.follath@arm.com> Thu Aug 22 18:30:06 2024 +0100
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Sep 02 10:30:47 2024 +0200
tree a4385066122130a524dad9da35f6eb0dd3ff7a81
parent 2f8ad595db07954f384bbe1a78e649073c02b117

Move bignum code path testing out of the library

Without this, it's not at all obvious that turning on MBEDTLS_TEST_HOOKS
doesn't change the functional behavior of the code.

Signed-off-by: Janos Follath <janos.follath@arm.com>

library/bignum_core.c

diff --git a/library/bignum_core.c b/library/bignum_core.c
index ca2af9c..c8b1474 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -747,7 +747,8 @@
 }
 
 #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
-int mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_TEST;
+void (*mbedtls_safe_codepath_hook)(void) = NULL;
+void (*mbedtls_unsafe_codepath_hook)(void) = NULL;
 #endif
 
 /*
@@ -780,7 +781,8 @@
         *E_bit_index = E_bits % biL;
 
 #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
-        mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC;
+        if(mbedtls_unsafe_codepath_hook != NULL)
+            mbedtls_unsafe_codepath_hook();
 #endif
     } else {
         /*
@@ -790,10 +792,8 @@
         *E_limb_index = E_limbs;
         *E_bit_index = 0;
 #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
-        // Only mark the codepath safe if there wasn't an unsafe codepath before
-        if (mbedtls_mpi_optionally_safe_codepath != MBEDTLS_MPI_IS_PUBLIC) {
-            mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_SECRET;
-        }
+        if(mbedtls_safe_codepath_hook != NULL)
+            mbedtls_safe_codepath_hook();
 #endif
     }
 }
@@ -812,7 +812,8 @@
     if (window_public == MBEDTLS_MPI_IS_PUBLIC) {
         memcpy(Wselect, Wtable + window * AN_limbs, AN_limbs * ciL);
 #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
-        mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC;
+        if(mbedtls_unsafe_codepath_hook != NULL)
+            mbedtls_unsafe_codepath_hook();
 #endif
     } else {
         /* Select Wtable[window] without leaking window through
@@ -820,10 +821,8 @@
         mbedtls_mpi_core_ct_uint_table_lookup(Wselect, Wtable,
                                               AN_limbs, welem, window);
 #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C)
-        // Only mark the codepath safe if there wasn't an unsafe codepath before
-        if (mbedtls_mpi_optionally_safe_codepath != MBEDTLS_MPI_IS_PUBLIC) {
-            mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_SECRET;
-        }
+        if(mbedtls_safe_codepath_hook != NULL)
+            mbedtls_safe_codepath_hook();
 #endif
     }
 }