Google Git
Sign in
pigweed/third_party/github/Mbed-TLS/mbedtls-framework/5b69fade3171a8ab9d01977efadcc1a732c6e9c1^!/.
commit
5b69fade3171a8ab9d01977efadcc1a732c6e9c1
[log]
author
Janos Follath <janos.follath@arm.com>
Mon Aug 12 19:32:45 2024 +0100
committer
Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Thu Sep 05 10:39:04 2024 +0200
tree
80f99d55136fecf89110459ea9d422a2b0daf8e4
parent
4726cb8f00dc94b6c87a1ac2c064a92b707cb204 [diff]
Move MBEDTLS_MPI_IS_* macros to bignum_core.h

These macros are not part of any public or internal API, ideally they
would be defined in the source files. The reason to put them in
bignum_core.h to avoid duplication as macros for this purpose are
needed in both bignum.c and bignum_core.c.

Signed-off-by: Janos Follath <janos.follath@arm.com>

diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h
index 26c61f5..a945be3 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h

@@ -44,27 +44,6 @@
         goto cleanup;        \
     } while (0)
 
-/* Constants to identify whether a value is public or secret. If a parameter is marked as secret by
- * this constant, the function must be constant time with respect to the parameter.
- *
- * This is only needed for functions with the _optionally_safe postfix. All other functions have
- * fixed behavior that can't be changed at runtime and are constant time with respect to their
- * parameters as prescribed by their documentation or by conventions in their module's documentation.
- *
- * Parameters should be named X_public where X is the name of the
- * corresponding input parameter.
- *
- * Implementation should always check using
- *  if (X_public == MBEDTLS_MPI_IS_PUBLIC) {
- *      // unsafe path
- *  } else {
- *      // safe path
- *  }
- * not the other way round, in order to prevent misuse. (This is, if a value
- * other than the two below is passed, default to the safe path.) */
-#define MBEDTLS_MPI_IS_PUBLIC  0x2a2a
-#define MBEDTLS_MPI_IS_SECRET  0
-
 /*
  * Maximum size MPIs are allowed to grow to in number of limbs.
  */

diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_core.h b/tf-psa-crypto/drivers/builtin/src/bignum_core.h
index 01f0f39..1fc323f 100644
--- a/tf-psa-crypto/drivers/builtin/src/bignum_core.h
+++ b/tf-psa-crypto/drivers/builtin/src/bignum_core.h

@@ -90,6 +90,27 @@
 #define GET_BYTE(X, i)                                \
     (((X)[(i) / ciL] >> (((i) % ciL) * 8)) & 0xff)
 
+/* Constants to identify whether a value is public or secret. If a parameter is marked as secret by
+ * this constant, the function must be constant time with respect to the parameter.
+ *
+ * This is only needed for functions with the _optionally_safe postfix. All other functions have
+ * fixed behavior that can't be changed at runtime and are constant time with respect to their
+ * parameters as prescribed by their documentation or by conventions in their module's documentation.
+ *
+ * Parameters should be named X_public where X is the name of the
+ * corresponding input parameter.
+ *
+ * Implementation should always check using
+ *  if (X_public == MBEDTLS_MPI_IS_PUBLIC) {
+ *      // unsafe path
+ *  } else {
+ *      // safe path
+ *  }
+ * not the other way round, in order to prevent misuse. (This is, if a value
+ * other than the two below is passed, default to the safe path.) */
+#define MBEDTLS_MPI_IS_PUBLIC  0x2a2a
+#define MBEDTLS_MPI_IS_SECRET  0
+
 /** Count leading zero bits in a given integer.
  *
  * \warning     The result is undefined if \p a == 0