Add tests for mbedtls_ct_error_if

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/tests/suites/test_suite_constant_time.data b/tests/suites/test_suite_constant_time.data
index 82ee869..fcd1689 100644
--- a/tests/suites/test_suite_constant_time.data
+++ b/tests/suites/test_suite_constant_time.data
@@ -646,6 +646,31 @@
 mbedtls_ct_if 0xffffffffffffffff 0xffffffffffffffff 0xffffffffffffffff
 mbedtls_ct_if:"0xffffffffffffffff":"0xffffffffffffffff":"0xffffffffffffffff"
 
+# These values exercise the case where an argument to mbedtls_ct_error_if is INT_MIN
+mbedtls_ct_if 1 0x80000000 0xffffffff
+mbedtls_ct_if:"1":"0x80000000":"0xffffffff"
+
+mbedtls_ct_if 1 0xffffffff 0x80000000
+mbedtls_ct_if:"1":"0xffffffff":"0x80000000"
+
+mbedtls_ct_if 0 0x80000000 0xffffffff
+mbedtls_ct_if:"0":"0x80000000":"0xffffffff"
+
+mbedtls_ct_if 0 0xffffffff 0x80000000
+mbedtls_ct_if:"0":"0xffffffff":"0x80000000"
+
+mbedtls_ct_if 1 0x8000000000000000 0xffffffffffffffff
+mbedtls_ct_if:"1":"0x8000000000000000":"0xffffffffffffffff"
+
+mbedtls_ct_if 1 0xffffffffffffffff 0x8000000000000000
+mbedtls_ct_if:"1":"0xffffffffffffffff":"0x8000000000000000"
+
+mbedtls_ct_if 0 0x8000000000000000 0xffffffffffffffff
+mbedtls_ct_if:"0":"0x8000000000000000":"0xffffffffffffffff"
+
+mbedtls_ct_if 0 0xffffffffffffffff 0x8000000000000000
+mbedtls_ct_if:"0":"0xffffffffffffffff":"0x8000000000000000"
+
 mbedtls_ct_zeroize_if 0x0 0
 mbedtls_ct_zeroize_if:"0x0":0
 
diff --git a/tests/suites/test_suite_constant_time.function b/tests/suites/test_suite_constant_time.function
index 3d5fa7f..ffcd4d1 100644
--- a/tests/suites/test_suite_constant_time.function
+++ b/tests/suites/test_suite_constant_time.function
@@ -124,9 +124,22 @@
     mbedtls_ct_uint_t expected = c ? t : f;
     mbedtls_ct_uint_t expected0 = c ? t : 0;
 
+    /* Avoid UB by checking that -t will fit in an int, i.e.,
+     * t <= abs(INT_MIN), and similar for f.
+     * Define ABS_INT_MIN in a way that avoids UB, then use it to
+     * check t and f before making them negative.
+     */
+    #define ABS_INT_MIN (UINT_MAX - ((unsigned int)(INT_MIN)) + 1U)
+    int t_neg = t <= ABS_INT_MIN ? -t : INT_MIN;
+    int f_neg = f <= ABS_INT_MIN ? -f : INT_MIN;
+    int expected0_neg = c ? t_neg : 0;
+    int expected_neg = c ? t_neg : f_neg;
+
     TEST_CF_SECRET(&c, sizeof(c));
     TEST_CF_SECRET(&t, sizeof(t));
     TEST_CF_SECRET(&f, sizeof(f));
+    TEST_CF_SECRET(&t_neg, sizeof(t));
+    TEST_CF_SECRET(&f_neg, sizeof(f));
 
     TEST_EQUAL(mbedtls_ct_if(c, t, f), expected);
     TEST_EQUAL(mbedtls_ct_size_if(c, t, f), (size_t) expected);
@@ -144,9 +157,14 @@
     TEST_EQUAL(mbedtls_ct_mpi_uint_if_else_0(c, t), (mbedtls_mpi_uint) expected0);
 #endif
 
+    TEST_EQUAL(mbedtls_ct_error_if_else_0(c, t_neg), expected0_neg);
+    TEST_EQUAL(mbedtls_ct_error_if(c, t_neg, f_neg), expected_neg);
+
     TEST_CF_PUBLIC(&c, sizeof(c));
     TEST_CF_PUBLIC(&t, sizeof(t));
     TEST_CF_PUBLIC(&f, sizeof(f));
+    TEST_CF_PUBLIC(&t_neg, sizeof(t_neg));
+    TEST_CF_PUBLIC(&f_neg, sizeof(f_neg));
 }
 /* END_CASE */