Merge pull request #6386 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core

Introduce mbedtls_test_read_mpi_core
diff --git a/scripts/mbedtls_dev/test_case.py b/scripts/mbedtls_dev/test_case.py
index 6a46e42..d0afa59 100644
--- a/scripts/mbedtls_dev/test_case.py
+++ b/scripts/mbedtls_dev/test_case.py
@@ -92,9 +92,11 @@
     """
     if caller is None:
         caller = os.path.basename(sys.argv[0])
-    with open(filename, 'w') as out:
+    tempfile = filename + '.new'
+    with open(tempfile, 'w') as out:
         out.write('# Automatically generated by {}. Do not edit!\n'
                   .format(caller))
         for tc in test_cases:
             tc.write(out)
         out.write('\n# End of automatically generated file.\n')
+    os.replace(tempfile, filename)
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index 93a3e11..fe3b787 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -59,6 +59,13 @@
 #include "mbedtls/bignum.h"
 #endif
 
+/** The type of test case arguments that contain binary data. */
+typedef struct data_tag
+{
+    uint8_t *   x;
+    uint32_t    len;
+} data_t;
+
 typedef enum
 {
     MBEDTLS_TEST_RESULT_SUCCESS = 0,
@@ -276,6 +283,28 @@
 #endif
 
 #if defined(MBEDTLS_BIGNUM_C)
+/** Allocate and populate a core MPI from a test case argument.
+ *
+ * This function allocates exactly as many limbs as necessary to fit
+ * the length of the input. In other words, it preserves leading zeros.
+ *
+ * The limb array is allocated with mbedtls_calloc() and must later be
+ * freed with mbedtls_free().
+ *
+ * \param[in,out] pX    The address where a pointer to the allocated limb
+ *                      array will be stored.
+ *                      \c *pX must be null on entry.
+ *                      On exit, \c *pX is null on error or if the number
+ *                      of limbs is 0.
+ * \param[out] plimbs   The address where the number of limbs will be stored.
+ * \param[in] input     The test argument to read.
+ *                      It is interpreted as a big-endian integer in base 256.
+ *
+ * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
+ */
+int mbedtls_test_read_mpi_core( mbedtls_mpi_uint **pX, size_t *plimbs,
+                                const data_t *input );
+
 /** Read an MPI from a hexadecimal string.
  *
  * Like mbedtls_mpi_read_string(), but size the resulting bignum based
@@ -291,7 +320,6 @@
  *
  * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
  */
-/* Since the library has exactly the desired behavior, this is trivial. */
 int mbedtls_test_read_mpi( mbedtls_mpi *X, const char *s );
 #endif /* MBEDTLS_BIGNUM_C */
 
diff --git a/tests/scripts/generate_bignum_tests.py b/tests/scripts/generate_bignum_tests.py
index 7626ecd..8a4d281 100755
--- a/tests/scripts/generate_bignum_tests.py
+++ b/tests/scripts/generate_bignum_tests.py
@@ -31,7 +31,7 @@
         function.
   - arguments(): a method to generate the list of arguments required for the
         test_function.
-  - generate_function_test(): a method to generate TestCases for the function.
+  - generate_function_tests(): a method to generate TestCases for the function.
         This should create instances of the class with required input data, and
         call `.create_test_case()` to yield the TestCase.
 
diff --git a/tests/src/helpers.c b/tests/src/helpers.c
index 4f976a2..557c13c 100644
--- a/tests/src/helpers.c
+++ b/tests/src/helpers.c
@@ -15,6 +15,7 @@
  *  limitations under the License.
  */
 
+#include <test/constant_flow.h>
 #include <test/helpers.h>
 #include <test/macros.h>
 #include <string.h>
@@ -102,8 +103,12 @@
 int mbedtls_test_equal( const char *test, int line_no, const char* filename,
                         unsigned long long value1, unsigned long long value2 )
 {
+    TEST_CF_PUBLIC( &value1, sizeof( value1 ) );
+    TEST_CF_PUBLIC( &value2, sizeof( value2 ) );
+
     if( value1 == value2 )
         return( 1 );
+
     if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED )
     {
         /* We've already recorded the test as having failed. Don't
@@ -125,8 +130,12 @@
 int mbedtls_test_le_u( const char *test, int line_no, const char* filename,
                        unsigned long long value1, unsigned long long value2 )
 {
+    TEST_CF_PUBLIC( &value1, sizeof( value1 ) );
+    TEST_CF_PUBLIC( &value2, sizeof( value2 ) );
+
     if( value1 <= value2 )
         return( 1 );
+
     if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED )
     {
         /* We've already recorded the test as having failed. Don't
@@ -148,8 +157,12 @@
 int mbedtls_test_le_s( const char *test, int line_no, const char* filename,
                        long long value1, long long value2 )
 {
+    TEST_CF_PUBLIC( &value1, sizeof( value1 ) );
+    TEST_CF_PUBLIC( &value2, sizeof( value2 ) );
+
     if( value1 <= value2 )
         return( 1 );
+
     if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED )
     {
         /* We've already recorded the test as having failed. Don't
@@ -332,6 +345,24 @@
 #endif /* MBEDTLS_TEST_HOOKS */
 
 #if defined(MBEDTLS_BIGNUM_C)
+#include "bignum_core.h"
+
+int mbedtls_test_read_mpi_core( mbedtls_mpi_uint **pX, size_t *plimbs,
+                                const data_t *input )
+{
+    /* Sanity check */
+    if( *pX != NULL )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    *plimbs = CHARS_TO_LIMBS( input->len );
+    if( *plimbs == 0 )
+        return( 0 );
+    *pX = mbedtls_calloc( *plimbs, sizeof( **pX ) );
+    if( *pX == NULL )
+        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
+    return( mbedtls_mpi_core_read_be( *pX, *plimbs, input->x, input->len ) );
+}
+
 int mbedtls_test_read_mpi( mbedtls_mpi *X, const char *s )
 {
     /* mbedtls_mpi_read_string() currently retains leading zeros.
diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index a620178..33cfc10 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -52,13 +52,6 @@
 #include <unistd.h>
 #endif
 
-/* Type for Hex parameters */
-typedef struct data_tag
-{
-    uint8_t *   x;
-    uint32_t    len;
-} data_t;
-
 /*----------------------------------------------------------------------------*/
 /* Status and error constants */
 
diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data
index 85812f5..be4c056 100644
--- a/tests/suites/test_suite_mpi.data
+++ b/tests/suites/test_suite_mpi.data
@@ -607,10 +607,10 @@
 mpi_core_lt_ct:"":"":0
 
 mbedtls_mpi_core_lt_ct: x>y (63 bit x, y first byte greater)
-mpi_core_lt_ct:"7FFFFFFFFFFFFFFF":"FF":0
+mpi_core_lt_ct:"7FFFFFFFFFFFFFFF":"00000000000000FF":0
 
 mbedtls_mpi_core_lt_ct: x<y (63 bit y, x first byte greater)
-mpi_core_lt_ct:"FF":"7FFFFFFFFFFFFFFF":1
+mpi_core_lt_ct:"00000000000000FF":"7FFFFFFFFFFFFFFF":1
 
 mbedtls_mpi_core_lt_ct: x>y (64 bit x, y=x-1)
 mpi_core_lt_ct:"8000000000000000":"7FFFFFFFFFFFFFFF":0
@@ -619,28 +619,28 @@
 mpi_core_lt_ct:"7FFFFFFFFFFFFFFF":"8000000000000000":1
 
 mbedtls_mpi_core_lt_ct: x>y (64 bit x, y=1)
-mpi_core_lt_ct:"8000000000000000":"01":0
+mpi_core_lt_ct:"8000000000000000":"0000000000000001":0
 
 mbedtls_mpi_core_lt_ct: x<y (64 bit y, x=1)
-mpi_core_lt_ct:"01":"8000000000000000":1
+mpi_core_lt_ct:"0000000000000001":"8000000000000000":1
 
 mbedtls_mpi_core_lt_ct: x>y (64 bit x, y=0)
-mpi_core_lt_ct:"8000000000000000":"00":0
+mpi_core_lt_ct:"8000000000000000":"0000000000000000":0
 
 mbedtls_mpi_core_lt_ct: x<y (64 bit y, x=0)
-mpi_core_lt_ct:"00":"8000000000000000":1
+mpi_core_lt_ct:"0000000000000000":"8000000000000000":1
 
 mbedtls_mpi_core_lt_ct: x>y (64 bit x, first bytes equal)
-mpi_core_lt_ct:"FFFFFFFFFFFFFFFF":"FF":0
+mpi_core_lt_ct:"FFFFFFFFFFFFFFFF":"00000000000000FF":0
 
 mbedtls_mpi_core_lt_ct: x<y (64 bit y, first bytes equal)
-mpi_core_lt_ct:"FF":"FFFFFFFFFFFFFFFF":1
+mpi_core_lt_ct:"00000000000000FF":"FFFFFFFFFFFFFFFF":1
 
 mbedtls_mpi_core_lt_ct: x>y (31 bit x, y first byte greater)
-mpi_core_lt_ct:"7FFFFFFF":"FF":0
+mpi_core_lt_ct:"7FFFFFFF":"000000FF":0
 
 mbedtls_mpi_core_lt_ct: x<y (31 bit y, x first byte greater)
-mpi_core_lt_ct:"FF":"7FFFFFFF":1
+mpi_core_lt_ct:"000000FF":"7FFFFFFF":1
 
 mbedtls_mpi_core_lt_ct: x>y (32 bit x, y=x-1)
 mpi_core_lt_ct:"80000000":"7FFFFFFF":0
@@ -649,22 +649,22 @@
 mpi_core_lt_ct:"7FFFFFFF":"80000000":1
 
 mbedtls_mpi_core_lt_ct: x>y (32 bit x, y=1)
-mpi_core_lt_ct:"80000000":"01":0
+mpi_core_lt_ct:"80000000":"00000001":0
 
 mbedtls_mpi_core_lt_ct: x<y (32 bit y, x=1)
-mpi_core_lt_ct:"01":"80000000":1
+mpi_core_lt_ct:"00000001":"80000000":1
 
 mbedtls_mpi_core_lt_ct: x>y (32 bit x, y=0)
-mpi_core_lt_ct:"80000000":"00":0
+mpi_core_lt_ct:"80000000":"00000000":0
 
 mbedtls_mpi_core_lt_ct: x<y (32 bit y, x=0)
-mpi_core_lt_ct:"00":"80000000":1
+mpi_core_lt_ct:"00000000":"80000000":1
 
 mbedtls_mpi_core_lt_ct: x>y (32 bit x, first bytes equal)
-mpi_core_lt_ct:"FFFFFFFF":"FF":0
+mpi_core_lt_ct:"FFFFFFFF":"000000FF":0
 
 mbedtls_mpi_core_lt_ct: x<y (32 bit y, first bytes equal)
-mpi_core_lt_ct:"FF":"FFFFFFFF":1
+mpi_core_lt_ct:"000000FF":"FFFFFFFF":1
 
 mbedtls_mpi_core_lt_ct: x<y, zero vs non-zero MS limb
 mpi_core_lt_ct:"00FFFFFFFFFFFFFFFF":"01FFFFFFFFFFFFFFFF":1
diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index ff2eaac..d450197 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -728,38 +728,29 @@
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mpi_core_lt_ct( data_t * input_X, data_t * input_Y, int input_ret )
+void mpi_core_lt_ct( data_t * input_X, data_t * input_Y, int exp_ret )
 {
-    #define MAX_LEN 64
-    mbedtls_mpi_uint X[MAX_LEN];
-    mbedtls_mpi_uint Y[MAX_LEN];
-    unsigned exp_ret = input_ret;
-    unsigned ret;
-    size_t len = CHARS_TO_LIMBS(
-                    input_X->len > input_Y->len ? input_X->len : input_Y->len );
+    mbedtls_mpi_uint *X = NULL;
+    size_t X_limbs;
+    mbedtls_mpi_uint *Y = NULL;
+    size_t Y_limbs;
+    int ret;
 
-    TEST_LE_U( len, MAX_LEN );
+    TEST_EQUAL( 0, mbedtls_test_read_mpi_core( &X, &X_limbs, input_X ) );
+    TEST_EQUAL( 0, mbedtls_test_read_mpi_core( &Y, &Y_limbs, input_Y ) );
 
-    TEST_ASSERT( mbedtls_mpi_core_read_be( X, len, input_X->x, input_X->len )
-                 == 0 );
-    TEST_ASSERT( mbedtls_mpi_core_read_be( Y, len, input_Y->x, input_Y->len )
-                 == 0 );
+    /* We need two same-length limb arrays */
+    TEST_EQUAL( X_limbs, Y_limbs );
 
-    TEST_CF_SECRET( X, len * sizeof( mbedtls_mpi_uint ) );
-    TEST_CF_SECRET( Y, len * sizeof( mbedtls_mpi_uint ) );
+    TEST_CF_SECRET( X, X_limbs * sizeof( mbedtls_mpi_uint ) );
+    TEST_CF_SECRET( Y, X_limbs * sizeof( mbedtls_mpi_uint ) );
 
-    ret = mbedtls_mpi_core_lt_ct( X, Y, len );
-
-    TEST_CF_PUBLIC( X, len * sizeof( mbedtls_mpi_uint ) );
-    TEST_CF_PUBLIC( Y, len * sizeof( mbedtls_mpi_uint ) );
-    TEST_CF_PUBLIC( &ret, sizeof( ret ) );
-
+    ret = mbedtls_mpi_core_lt_ct( X, Y, X_limbs );
     TEST_EQUAL( ret, exp_ret );
 
 exit:
-    ;
-
-    #undef MAX_LEN
+    mbedtls_free( X );
+    mbedtls_free( Y );
 }
 /* END_CASE */