mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2026-05-05 01:23:39 +02:00
bba5d7c439
The main goal is to validate that unpadding is constant-time, including error reporting. Use a separate test function, not annotations in the existing function, so that the functional tests can run on any platform, and we know from test outcomes where we have run the constant-time tests. The tests can only be actually constant-time if AES is constant time, since AES computations are part of what is checked. Thus this requires hardware-accelerated AES. We can't run our AESNI (or AESCE?) code under Msan (it doesn't detect when memory is written from assembly code), so these tests can only be run with Valgrind. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>