[3.6] Rsapub additional tests #9493
Conversation
yanesca
added
needs-review
yanesca
force-pushed
the
rsapub_additional_tests
branch
from
05ed559 to
e5ebc85
Compare
|
Closing as accidentally pushed these commits to the prerequisite too and are being reviewed and will be merged there. |
|
Reopening as these commits won't make it for the release after all. All the remaining review comments should be addressed here as well: See also #9281 (review) |
|
Added to the 3.6.1 epic as per #9281 (comment) |
yanesca
added
size-s
library/bignum_core.c
Outdated
| @@ -781,7 +781,8 @@ static inline void exp_mod_calc_first_bit_optionally_safe(const mbedtls_mpi_uint | |||
| *E_bit_index = E_bits % biL; | |||
|
|
|||
| #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) | |||
| mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC; | |||
| if(mbedtls_unsafe_codepath_hook != NULL) | |||
There was a problem hiding this comment.
surely this isn't going to pass code style (missing space after if)?
Not adding _unsafe version to the tests targeting behaviour related to RR as it is independent from the secret involved in the safe/unsafe distinction. Signed-off-by: Janos Follath <janos.follath@arm.com>
Only add the test hooks where it is meaningful. That is, not adding where the operation is essentially the same or the target is not the function that is being tested. Signed-off-by: Janos Follath <janos.follath@arm.com>
A + B + 1 is not a good way to get a number that's neither A nor B. This can be a problem for example if values later are changed to A = 0 and B = -1. Signed-off-by: Janos Follath <janos.follath@arm.com>
Unfortunately compilers aren't good at analyzing whether variables are analyzed on all code paths, and it is better to initialize to the safe-path values. Signed-off-by: Janos Follath <janos.follath@arm.com>
Without this, it's not at all obvious that turning on MBEDTLS_TEST_HOOKS doesn't change the functional behavior of the code. Signed-off-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The rest of the file uses mbedtls_mpi_uint_t unconditionally, so its definition should also be #include'd unconditionally. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
mpg
force-pushed
the
rsapub_additional_tests
branch
from
38f781e to
4bc15d8
Compare
|
Pushing an update that:
I'd recommend holding your review until the CI is green. |
mpg
removed
the
needs-review
| */ | ||
| #define ASSERT_BIGNUM_CODEPATH(path, ret, E) \ | ||
| do { \ | ||
| if((ret)!=0 || (E).n == 0) \ |
There was a problem hiding this comment.
Shouldn't we have a space after if? And shouldn't we also have braces { } on the if and else?
There was a problem hiding this comment.
Aw, silly me, I ran scripts/code_style.py only on one file (where you pointed out a style issue) rather than all modified files.
(I'm not used to having to run it manually, because it's part of my pre-commit hook.)
| * | ||
| * When a function returns with an error, it can do so before reaching any interesting codepath. The | ||
| * same can happen if a parameter to the function is zero. In these cases we need to allow | ||
| * uninitialised value for the codepath tracking variable. |
There was a problem hiding this comment.
(minor) "we need to allow uninitialised value" sounds clunky - how about "we need to allow the codepath tracking variable to still have it's initial ("not set") value" (when I read "uninitialised" I interpreted it as "indeterminate", e.g. the value of n after int n;)
For some reason I didn't think about other files in the previous commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
|
CI came back green except for code style issues. I'm pushing an update fixing them (hopefully for real this time). Once CI fully green I'll go over existing feedback on this PR and on the original. |
library/bignum_core.h
Outdated
| @@ -107,9 +105,16 @@ | |||
| * // safe path | |||
| * } | |||
| * not the other way round, in order to prevent misuse. (This is, if a value | |||
There was a problem hiding this comment.
(pre-existing) Should it be "That is" rather than "This is"?
| * - MBEDTLS_MPI_IS_SECRET: Only safe paths were teken since the last reset | ||
| * - MBEDTLS_MPI_IS_PUBLIC: At least one unsafe path has been taken since the last reset | ||
| * | ||
| * Using a simple global variable to track execution path. Making it work with multithreading |
There was a problem hiding this comment.
(minor) Rather than "Using" should it be "Use" (if you prefer imperative) or "Uses"?
| * - MBEDTLS_MPI_IS_PUBLIC: At least one unsafe path has been taken since the last reset | ||
| * | ||
| * Using a simple global variable to track execution path. Making it work with multithreading | ||
| * doesn't worth the effort as multithreaded tests add little to no value here. |
There was a problem hiding this comment.
(minor) "doesn't seem" or "isn't"?
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
tom-cosgrove-arm
added
needs-review
There was a problem hiding this comment.
I have reviewed Janos's commits and he reviewed mine so that makes a complete review.
mpg
added
approved
Description
Depends on: #9281mergedAdd some more tests for the performance regression fix.
PR checklist
Please remove the segment/s on either side of the | symbol as appropriate, and add any relevant link/s to the end of the line.
If the provided content is part of the present PR remove the # symbol.