MCUX CLNS
MCUX Crypto Library Normal Secure

Expectation handling support functionality. More...

Macros

#define MCUX_CSSL_FP_EXPECT(...)
 Declaration(s) of expected code flow behavior. More...
 
#define MCUX_CSSL_FP_CONDITIONAL(condition, ...)
 Handling of conditionally expected code flow behavior. More...
 
#define MCUX_CSSL_FP_ASSERT(...)
 Assert an expected state of the code flow. More...
 

Detailed Description

Expectation handling support functionality.

Macro Definition Documentation

◆ MCUX_CSSL_FP_EXPECT

#define MCUX_CSSL_FP_EXPECT (   ...)

Declaration(s) of expected code flow behavior.

This macro can be used to indicate expectations in the function body at another location than the function entry or exit.

Note
In general the use of this macro is discouraged, to avoid a potential security and/or code-size impact. However, it may be usefull for complex code, where an intermediate update can actually save code, since conditions for expectations can than be locallized.
Expectations
MCUX_CSSL_FP_FUNCTION_CALLED
MCUX_CSSL_FP_LOOP_ITERATIONS
MCUX_CSSL_FP_BRANCH_TAKEN_POSITIVE
MCUX_CSSL_FP_BRANCH_TAKEN_NEGATIVE
MCUX_CSSL_FP_SWITCH_TAKEN
See also
MCUX_CSSL_FP_FUNCTION_ENTRY
MCUX_CSSL_FP_FUNCTION_EXIT
MCUX_CSSL_FP_FUNCTION_EXIT_WITH_CHECK
MCUX_CSSL_FP_CONDITIONAL
Parameters
...The following parameters need to be passed (comma separated):
  • expect: One or more (comma separated) declarations of expected code flow behavior.

◆ MCUX_CSSL_FP_CONDITIONAL

#define MCUX_CSSL_FP_CONDITIONAL (   condition,
  ... 
)

Handling of conditionally expected code flow behavior.

This macro can be used to indicate expectations that are only true under a given condition.

Expectations
MCUX_CSSL_FP_FUNCTION_CALLED
MCUX_CSSL_FP_LOOP_ITERATIONS
MCUX_CSSL_FP_BRANCH_TAKEN_POSITIVE
MCUX_CSSL_FP_BRANCH_TAKEN_NEGATIVE
MCUX_CSSL_FP_SWITCH_TAKEN
See also
MCUX_CSSL_FP_FUNCTION_ENTRY
MCUX_CSSL_FP_FUNCTION_EXIT
MCUX_CSSL_FP_FUNCTION_EXIT_WITH_CHECK
MCUX_CSSL_FP_EXPECT
Parameters
conditionCondition under which the given expectations apply.
...One or more (comma separated) declarations of expected code flow behavior.

◆ MCUX_CSSL_FP_ASSERT

#define MCUX_CSSL_FP_ASSERT (   ...)

Assert an expected state of the code flow.

This macro can be used to check whether the code flow up to this point matches the expected state. Unlike the MCUX_CSSL_FP_EXPECT macro, it will not update the expectations, but merely perform a check on the recorded events against the already recorded expectations plus the ones provided as parameters.

If the check fails, the code defined in MCUX_CSSL_FP_ASSERT_CALLBACK() will be executed.

Note
MCUX_CSSL_FP_ASSERT_CALLBACK() must be defined before including the CSSL flow protection headers, otherwise a default implementation could be used.
See also
MCUX_CSSL_FP_EXPECT
Parameters
...The following parameters need to be passed (comma separated):
  • expect: One or more (comma separated) declarations of expected code flow behavior.