Normally we need all the combinations, unique combinations make sense
only if the operation is commutative.
No changes to generated tests.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Remove old dataset that was overriding the defaults in bignum_core. This
will change the datasets for core_sub and core_add to the default
inherited from bignum_common.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add data for small values, 192 bit and 1024 bit values, primes,
non-primes odd, even, and some typical corner cases.
All subclasses override this for the time being so there are no changes
to the test cases.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The goal of this commit is to add some constants that can be used to
define datasets and add test data in a more readable and reusable
manner.
All platforms using ECC need to support calculations with at least 192
bits, therefore constants for this length are added. We are not using a
curve prime as those will be tested elsewhere and it is better not to
play favourites.
All platforms using RSA or FFDH need to support calculations with at
least 1024 bits, therefore numbers of this size are added too.
A safe prime is added for both sizes as it makes all elements generators
(except 0 and 1 of course), which in turn makes some tests more
effective.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Only fixed width input_style uses the default value of the bits_in_limb
parameter, so set it to 32 in order to have less leading zeroes.
Signed-off-by: Janos Follath <janos.follath@arm.com>
There are no intended changes to generated tests. (The ordering of tests
in the mod_raw module has changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
The special case list type depends on the arity and the subclass. Remove
type restriction to make defining special case lists more flexible and natural.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Sometimes we don't want all possible combinations of the input data and
sometimes not all combinations make sense. We are adding a convenient
way to decide on a case by case basis. Now child classes only need to
implement the is_valid method and the invalid cases will be filtered out
automatically.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Having int_ variants as an attribute has the advantage of the input
being validated when the object is instantiated. In theory otherwise if
a particular int_ attribute is not accessed, then the invalid argument
is passed to the tests as it is. (This would in all likelihood detected
by the actual test cases, still, it is more robust like this.)
There are no semantic changes to the generated test cases. (The order
of appearance of 64 and 32 bit mpi_core_add_and_add_if test cases has
changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
Before arg_ attributes were the arguments as they were defined in the
python script. Turning these into properties and having them take the
form respect the style set in input_style makes the class easier to use
and more consistent.
This change makes the hex_ properties redundant and therefore they are
removed.
There are no semantic changes to the generated test cases. (The order
of appearance of 64 and 32 bit mpi_core_add_and_add_if test cases has
changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
The ArchSplit functionality was duplicated and moved to OperationCommon
from the other copy. The remnants of the functionality is moved to the
only subclass using this.
There is no semantic change to the generated tests. The order has
changed however: core_add tests have been moved before core_mla tests
and the order of the 64 and 32 bit versions have been swapped.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The functionality of ModOperationCommonArchSplit is needed in several
subclasses, therefore moving it to a superclass.
There is another, redundant ArchSplit class, which will be removed in a
later commit.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The class BignumModRawOperationArchSplit has functionality that are
needed in other modules, therefore moving it to bignum_common.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The class BignumModRawOperation implements functionality that are needed
in other modules, therefore we move it to common.
No intended changes to test cases. The order of add_and_add_if and sub tests
have been switched.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We need arch split tests in different modules, moving it to the common
module makes it reusable.
No intended changes in the generated tests. (The position of the
core_add_if tests changed, but they are still all there.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
The class BaseTarget served two purposes:
- track test cases and target files for generation
- provide an abstract base class for individual test groups
Splitting these allows decoupling these two and to have further common
superclasses across targets.
No intended change in generated test cases.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Define the ALLOW_PSK_RESUMPTION and ALLOW_PSK_EPHEMERAL_RESUMPTION
to the key exchange mode EXCHANGE_MODE_PSK and
EXCHANGE_MODE_PSK_EPHEMERAL to facilate later check.
Since they are 1( 1u<<0 ) and 4( 1u<<2 ), so define
ALLOW_EARLY_DATA to 8( 1u<<3 ).
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
Although negative zero is officially unsupported, we've had bugs related to
it in the past. So do test functions with a negative zero input.
There will likely be cases where we don't want to accept negative zero as if
it was valid, because it's too hard to handle. We'll add exceptions on a
case by case basis.
For the functions that are currently tested by the generated tests, the new
test cases pass.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The bignum module does not officially support "negative zero" (an
mbedtls_mpi object with s=-1 and all limbs zero). However, we have a
history of bugs where a function that should produce an official
zero (with s=1), produces a negative zero in some circumstances. So it's
good to check that the bignum functions are robust when passed a negative
zero as input. And for that, we need a way to construct a negative zero
from test case arguments.
There are checks that functions don't produce negative zeros as output in
the test suite. Skip those checks if there's a negative zero input: we
don't want functions to _create_ negative zeros, but we don't mind if
they _propagate_ negative zeros.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi(), and by extention
mbedtls_mpi_add_int() and mbedtls_mpi_sub_int(), when the resulting value
was zero, the sign bit of the result was incorrectly set to -1 when the
left-hand operand was negative. This is not a valid mbedtls_mpi
representation. Fix this: always set the sign to +1 when the result is 0.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This exposes a bug in mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi() which
will be fixed in a subsequent commit.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi() have the same logic, just
with one bit to flip in the sign calculation. Move the shared logic to a new
auxiliary function. This slightly reduces the code size (if the compiler
doesn't inline) and reduces the maintenance burden.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
