Some preprocessor macro definitions must have a specific expansion so that
the same macro name can be defined in different products. The definition of
having the same expansion (per the C language specification) means the same
sequence of tokens, and also the same absence/presence of spacing between
tokens.
For PSA error code definitions, the specific expansion is mandated by the
PSA Status code specification and the PSA Crypto API specification. In
particular, there must not be a space between (psa_status_t) and the
numerical value (whereas K&R would put a space).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The following code:
#ifndef asm
#define asm __asm
#endif
causes Uncrustify to stop correcting the rest of the file. This may be
due to parsing the "asm" keyword in the definition.
Work around this by wrapping the idiom in an *INDENT-OFF* comment
wherever it appears.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Otherwise, in builds without PKSC1_V15, tests that are supposed to
accept the certificate will fail, because once the cert is OK they will
move on to checking the CRL and will choke on its non-PSS signature.
Tests that are supposed to reject the cert due to an invalid signature
from the CA will not check the CRL because they don't recognize the CA
as valid, so they have no reason to check the CA's CRL. This was hiding
the problem until the recent commit that added a test where the cert is
supposed to be accepted.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Only remove the MBEDTLS_HAVE_INTnn dependency, not any other dependency that
might be present.
No behavior change, this is just robustness.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Explain what's going on in BignumModRawConvertRep.test_case_for_values.
Simplify the logic and the interdependencies related to limb sizes:
* Montgomery is the special case, so base the decisions on it.
* As soon as we've encountered one limb size, no matter what it is,
give up.
No behavior change, other than changing the numbering of test cases (which
previously included more skipped test cases).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This patch introduces a hybrid approach to input_styles, and will remove the
dependency requirements from test cases with `ModulusRepresentation.OPT_RED`
As a result it is reducing testing input duplication.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch adjusts the test generating method to calculate all possible combinations for
(modulo, input, limb_sizes, representation).
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch adds the default representation attribute through a
setter() method in `BignumModRawConvertRep()`
It also adds standard common template properties:
symbol = ""
input_style = "arch_split"
arity = 1
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
We've decided not to check it, see
https://github.com/Mbed-TLS/mbedtls/issues/5277
Also add a test that we accept the certificate with USE_PSA.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Used to be private, hence the duplication, but that's been fixed in the
meantime, I guess we just missed this occurrence.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The Montgomery representation depends on the limb size. So the
representation conversion test cases need separate 64-bit and 32-bit cases
when the representation is Montgomery.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The code had an earlier version. Update to the new seed that
mpi_core_random_basic has moved to.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mbedtls_mpi_mod_raw_random() and mbedtls_mpi_mod_random() were producing
output in the Montgomery representation, instead of obeying the
representation chosen in the modulus structure. Fix this.
Duplicate the test cases for mod-random output to have separate test cases
for each representation.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Call mbedtls_mpi_mod_raw_canonical_to_modulus_rep instead of assuming that
anything that isn't MBEDTLS_MPI_MOD_REP_MONTGOMERY is canonical.
mbedtls_mpi_mod_write should get the same treatment, but I'm holding off
until https://github.com/Mbed-TLS/mbedtls/issues/6679 is done.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>