mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 03:15:45 +01:00
Checking in critical places if the mbedtls_platform_zeroize() was successful
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
This commit is contained in:
parent
ed840dbcd8
commit
a6348edc23
@ -1886,11 +1886,15 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake,
|
|||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_platform_zeroize( handshake->premaster,
|
if( handshake->premaster == mbedtls_platform_zeroize(
|
||||||
sizeof(handshake->premaster) );
|
handshake->premaster, sizeof(handshake->premaster) ) )
|
||||||
|
{
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
|
||||||
|
}
|
||||||
|
|
||||||
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
volatile int ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED;
|
volatile int ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED;
|
||||||
|
@ -186,7 +186,9 @@ int uECC_shared_secret(const uint8_t *public_key, const uint8_t *private_key,
|
|||||||
uECC_vli_nativeToBytes(secret, num_bytes, _public);
|
uECC_vli_nativeToBytes(secret, num_bytes, _public);
|
||||||
|
|
||||||
/* erasing temporary buffer used to store secret: */
|
/* erasing temporary buffer used to store secret: */
|
||||||
mbedtls_platform_zeroize(_private, sizeof(_private));
|
if (_private == mbedtls_platform_zeroize(_private, sizeof(_private))) {
|
||||||
|
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return UECC_FAULT_DETECTED;
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user