Merge pull request #7703 from gabor-mezei-arm/7598_clone_the_eco_module

[Bignum] Clone the ECP module
2023-07-11 15:00:01 +01:00 · 2023-07-11 15:00:01 +01:00 · 88f34e3348
commit 88f34e3348
parent 4999f15d98 f05ca737da
8 changed files with 3776 additions and 0 deletions
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@ -37,6 +37,7 @@ set(src_crypto
    ecdsa.c
    ecjpake.c
    ecp.c
+    ecp_new.c
    ecp_curves.c
    entropy.c
    entropy_poll.c
--- a/library/Makefile
+++ b/library/Makefile
@ -102,6 +102,7 @@ OBJS_CRYPTO= \
 	     ecdsa.o \
 	     ecjpake.o \
 	     ecp.o \
+	     ecp_new.o \
 	     ecp_curves.o \
 	     entropy.o \
 	     entropy_poll.o \
--- a/library/ecp.c
+++ b/library/ecp.c
@ -43,6 +43,8 @@

 #include "common.h"

+#if !defined(MBEDTLS_ECP_WITH_MPI_UINT)
+
 /**
 * \brief Function level alternative implementation.
 *
@ -3636,6 +3638,18 @@ cleanup:

 #endif /* MBEDTLS_SELF_TEST */

+#if defined(MBEDTLS_TEST_HOOKS)
+
+MBEDTLS_STATIC_TESTABLE
+mbedtls_ecp_variant mbedtls_ecp_get_variant()
+{
+    return MBEDTLS_ECP_VARIANT_WITH_MPI_STRUCT;
+}
+
+#endif /* MBEDTLS_TEST_HOOKS */
+
 #endif /* !MBEDTLS_ECP_ALT */

 #endif /* MBEDTLS_ECP_LIGHT */
+
+#endif /* MBEDTLS_ECP_WITH_MPI_UINT */
--- a/library/ecp_invasive.h
+++ b/library/ecp_invasive.h
@ -40,8 +40,26 @@ typedef enum {
    MBEDTLS_ECP_MOD_SCALAR
 } mbedtls_ecp_modulus_type;

+/* Provide a commented-out definition so that `check_names.py` knows that
+ * it's not a typo.
+ */
+//#define MBEDTLS_ECP_WITH_MPI_UINT
+
+typedef enum {
+    MBEDTLS_ECP_VARIANT_NONE = 0,
+    MBEDTLS_ECP_VARIANT_WITH_MPI_STRUCT,
+    MBEDTLS_ECP_VARIANT_WITH_MPI_UINT
+} mbedtls_ecp_variant;
+
 #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_LIGHT)

+/** Queries the ecp variant.
+ *
+ * \return  The id of the ecp variant.
+ */
+MBEDTLS_STATIC_TESTABLE
+mbedtls_ecp_variant mbedtls_ecp_get_variant(void);
+
 #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
 /** Generate a private key on a Montgomery curve (Curve25519 or Curve448).
 *
--- a/library/ecp_new.c
+++ b/library/ecp_new.c
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@ -1026,6 +1026,27 @@ component_test_default_cmake_gcc_asan () {
    tests/context-info.sh
 }

+component_test_default_cmake_gcc_asan_new_bignum () {
+    msg "build: cmake, gcc, ASan" # ~ 1 min 50s
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make CFLAGS="-D MBEDTLS_ECP_WITH_MPI_UINT"
+
+    msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "test: selftest (ASan build)" # ~ 10s
+    programs/test/selftest
+
+    msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh (ASan build)" # ~ 6 min
+    tests/compat.sh
+
+    msg "test: context-info.sh (ASan build)" # ~ 15 sec
+    tests/context-info.sh
+}
+
 component_test_full_cmake_gcc_asan () {
    msg "build: full config, cmake, gcc, ASan"
    scripts/config.py full
@ -1061,6 +1082,56 @@ component_test_full_cmake_gcc_asan () {
        full-libmbedx509-modules
 }

+
+component_test_full_cmake_gcc_asan_new_bignum () {
+    msg "build: full config, cmake, gcc, ASan"
+    scripts/config.py full
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make CFLAGS="-D MBEDTLS_ECP_WITH_MPI_UINT"
+
+    msg "test: main suites (inc. selftests) (full config, ASan build)"
+    make test
+
+    msg "test: selftest (ASan build)" # ~ 10s
+    programs/test/selftest
+
+    msg "test: ssl-opt.sh (full config, ASan build)"
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh (full config, ASan build)"
+    tests/compat.sh
+
+    msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec
+    tests/context-info.sh
+
+    msg "test: check direct ECP dependencies in TLS and X.509"
+    docs/architecture/psa-migration/syms.sh full
+
+    # TODO: replace "mbedtls_ecp_curve" with "mbedtls_ecp" also for
+    # "full-tls-external" once Issue6839 is completed
+    not grep mbedtls_ecp_curve full-libmbedtls-external
+    not grep mbedtls_ecp full-libmbedx509-external
+
+    rm  full-libmbedtls-external \
+        full-libmbedtls-modules \
+        full-libmbedx509-external \
+        full-libmbedx509-modules
+}
+
+component_test_full_cmake_gcc_asan_new_bignum_test_hooks () {
+    msg "build: full config, cmake, gcc, ASan"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_TEST_HOOKS
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make CFLAGS="-DMBEDTLS_ECP_WITH_MPI_UINT"
+
+    msg "test: main suites (inc. selftests) (full config, ASan build)"
+    make test
+
+    msg "test: selftest (ASan build)" # ~ 10s
+    programs/test/selftest
+}
+
 component_test_psa_crypto_key_id_encodes_owner () {
    msg "build: full config + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan"
    scripts/config.py full
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@ -1953,3 +1953,6 @@ ecp_mod_random:MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR
 ecp_random #25 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE448)
 depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
 ecp_mod_random:MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_COORDINATE
+
+ecp variant check
+check_variant:
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@ -1630,3 +1630,16 @@ exit:
    mbedtls_free(rX_raw);
 }
 /* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+void check_variant()
+{
+    mbedtls_ecp_variant variant = mbedtls_ecp_get_variant();
+
+#if defined(MBEDTLS_ECP_VARIANT_WITH_MPI_UINT)
+    TEST_EQUAL(variant, MBEDTLS_ECP_VARIANT_WITH_MPI_UINT);
+#else
+    TEST_EQUAL(variant, MBEDTLS_ECP_VARIANT_WITH_MPI_STRUCT);
+#endif
+}
+/* END_CASE */