bignum_codepath_check.h (4043B)
1 /** Support for path tracking in optionally safe bignum functions 2 * 3 * The functions are called when an optionally safe path is taken and logs it with a single 4 * variable. This variable is at any time in one of three states: 5 * - MBEDTLS_MPI_IS_TEST: No optionally safe path has been taken since the last reset 6 * - MBEDTLS_MPI_IS_SECRET: Only safe paths were teken since the last reset 7 * - MBEDTLS_MPI_IS_PUBLIC: At least one unsafe path has been taken since the last reset 8 * 9 * Use a simple global variable to track execution path. Making it work with multithreading 10 * isn't worth the effort as multithreaded tests add little to no value here. 11 */ 12 /* 13 * Copyright The Mbed TLS Contributors 14 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 15 */ 16 17 #ifndef BIGNUM_CODEPATH_CHECK_H 18 #define BIGNUM_CODEPATH_CHECK_H 19 20 #include "bignum_core.h" 21 22 #if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) 23 24 extern int mbedtls_codepath_check; 25 26 /** 27 * \brief Setup the codepath test hooks used by optionally safe bignum functions to signal 28 * the path taken. 29 */ 30 void mbedtls_codepath_test_hooks_setup(void); 31 32 /** 33 * \brief Teardown the codepath test hooks used by optionally safe bignum functions to 34 * signal the path taken. 35 */ 36 void mbedtls_codepath_test_hooks_teardown(void); 37 38 /** 39 * \brief Reset the state of the codepath to the initial state. 40 */ 41 static inline void mbedtls_codepath_reset(void) 42 { 43 mbedtls_codepath_check = MBEDTLS_MPI_IS_TEST; 44 } 45 46 /** Check the codepath taken and fail if it doesn't match. 47 * 48 * When a function returns with an error, it can do so before reaching any interesting codepath. The 49 * same can happen if a parameter to the function is zero. In these cases we need to allow 50 * the codepath tracking variable to still have its initial "not set" value. 51 * 52 * This macro expands to an instruction, not an expression. 53 * It may jump to the \c exit label. 54 * 55 * \param path The expected codepath. 56 * This expression may be evaluated multiple times. 57 * \param ret The expected return value. 58 * \param E The MPI parameter that can cause shortcuts. 59 */ 60 #define ASSERT_BIGNUM_CODEPATH(path, ret, E) \ 61 do { \ 62 if ((ret) != 0 || (E).n == 0) { \ 63 TEST_ASSERT(mbedtls_codepath_check == (path) || \ 64 mbedtls_codepath_check == MBEDTLS_MPI_IS_TEST); \ 65 } else { \ 66 TEST_EQUAL(mbedtls_codepath_check, (path)); \ 67 } \ 68 } while (0) 69 70 /** Check the codepath taken and fail if it doesn't match. 71 * 72 * When a function returns with an error, it can do so before reaching any interesting codepath. In 73 * this case we need to allow the codepath tracking variable to still have its 74 * initial "not set" value. 75 * 76 * This macro expands to an instruction, not an expression. 77 * It may jump to the \c exit label. 78 * 79 * \param path The expected codepath. 80 * This expression may be evaluated multiple times. 81 * \param ret The expected return value. 82 */ 83 #define ASSERT_RSA_CODEPATH(path, ret) \ 84 do { \ 85 if ((ret) != 0) { \ 86 TEST_ASSERT(mbedtls_codepath_check == (path) || \ 87 mbedtls_codepath_check == MBEDTLS_MPI_IS_TEST); \ 88 } else { \ 89 TEST_EQUAL(mbedtls_codepath_check, (path)); \ 90 } \ 91 } while (0) 92 #endif /* MBEDTLS_TEST_HOOKS && !MBEDTLS_THREADING_C */ 93 94 #endif /* BIGNUM_CODEPATH_CHECK_H */