From ca7b5ab5ef0e8943fda34c6347a2f10136bd7fcf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 6 Nov 2019 11:56:25 +0100
Subject: [PATCH] Use double-checking of critical value in pk_verify()

Also change the flow so that the default return value is a failing one.
---
 library/pk.c | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/library/pk.c b/library/pk.c
index 857bafc2d..eaaa371b7 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -577,6 +577,7 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
                        const unsigned char *sig, size_t sig_len )
 {
     int ret;
+    volatile int ret_fi;
     uint8_t signature[2*NUM_ECC_BYTES];
     unsigned char *p;
     const struct uECC_Curve_t * uecc_curve = uECC_secp256r1();
@@ -589,12 +590,21 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     if( ret != 0 )
         return( ret );
 
-    ret = uECC_verify( keypair->public_key, hash,
-                       (unsigned) hash_len, signature, uecc_curve );
-    if( ret != UECC_SUCCESS )
-        return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+    ret_fi = uECC_verify( keypair->public_key, hash,
+                          (unsigned) hash_len, signature, uecc_curve );
 
-    return( 0 );
+    if( ret_fi == UECC_ATTACK_DETECTED )
+        return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
+
+    if( ret_fi == UECC_SUCCESS )
+    {
+        if( ret_fi == UECC_SUCCESS )
+            return( 0 );
+        else
+            return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
+    }
+
+    return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
 }
 
 /*