diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2017-04-09 12:23:59 +0200 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2017-04-09 12:23:59 +0200 |
| commit | 870ede284c573fac70d8598a7bbaffcae78ad398 (patch) | |
| tree | 030205d1f796c4c7ce119818fa4f41823ddf6eba | |
| parent | 09f275f63b48c6e8b623aac11fd15ce70d9a6f30 (diff) | |
| download | nettle-870ede284c573fac70d8598a7bbaffcae78ad398.tar.gz | |
Delete valgrind magic in pss-test.
* testsuite/pss-test.c: Delete magic to let valgrind to check if
pss_encode_mgf1 is side-channel silent with respect to the salt
and digest inputs. It turns out that the most significant bits of
the padded bignum, and hence its size, depends on these inputs.
Which results in a data-dependent branch in the normalization code
of at the end of gmp's mpz_import.
| -rw-r--r-- | ChangeLog | 9 | ||||
| -rw-r--r-- | testsuite/pss-test.c | 32 |
2 files changed, 9 insertions, 32 deletions
@@ -1,3 +1,12 @@ +2017-04-09 Niels Möller <nisse@lysator.liu.se> + + * testsuite/pss-test.c: Delete magic to let valgrind to check if + pss_encode_mgf1 is side-channel silent with respect to the salt + and digest inputs. It turns out that the most significant bits of + the padded bignum, and hence its size, depends on these inputs. + Which results in a data-dependent branch in the normalization code + of at the end of gmp's mpz_import. + 2017-04-04 Niels Möller <nisse@lysator.liu.se> * pss.c (pss_verify_mgf1): Use const for input mpz_t argument. diff --git a/testsuite/pss-test.c b/testsuite/pss-test.c index 81226554..f6ba697c 100644 --- a/testsuite/pss-test.c +++ b/testsuite/pss-test.c @@ -2,38 +2,6 @@ #include "pss.h" -#if HAVE_VALGRIND_MEMCHECK_H -# include <valgrind/memcheck.h> - -static void -test_unmark_mpz(mpz_t m) -{ - VALGRIND_MAKE_MEM_DEFINED (m, sizeof(*m)); - VALGRIND_MAKE_MEM_DEFINED (&m->_mp_d, sizeof(mp_limb_t) * mpz_size(m)); -} - -static int -pss_encode_mgf1_for_test(mpz_t m, size_t bits, - const struct nettle_hash *hash, - size_t salt_length, const uint8_t *salt, - const uint8_t *digest) -{ - int res; - - /* Makes valgrind trigger on any branches depending on the input - data. */ - VALGRIND_MAKE_MEM_UNDEFINED (salt, salt_length); - VALGRIND_MAKE_MEM_UNDEFINED (digest, hash->digest_size); - - res = pss_encode_mgf1 (m, bits, hash, salt_length, salt, digest); - VALGRIND_MAKE_MEM_DEFINED (&res, sizeof(res)); - test_unmark_mpz (m); - return res; -} -#else -#define pss_encode_mgf1_for_test pss_encode_mgf1 -#endif - void test_main(void) { |