yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 14:25:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use double-checking of critical value in pk_verify()

Browse Source 
Also change the flow so that the default return value is a failing one.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-11-06 11:56:25 +01:00
parent 324c6e9cc9
commit ca7b5ab5ef
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
library/pk.c
View File

@ -577,6 +577,7 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *sig, size_t sig_len ) const unsigned char *sig, size_t sig_len )
{ {
int ret; int ret;
volatile int ret_fi;
uint8_t signature[2*NUM_ECC_BYTES]; uint8_t signature[2*NUM_ECC_BYTES];
unsigned char *p; unsigned char *p;
const struct uECC_Curve_t * uecc_curve = uECC_secp256r1(); const struct uECC_Curve_t * uecc_curve = uECC_secp256r1();
@ -589,12 +590,21 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
ret = uECC_verify( keypair->public_key, hash, ret_fi = uECC_verify( keypair->public_key, hash,
(unsigned) hash_len, signature, uecc_curve ); (unsigned) hash_len, signature, uecc_curve );
if( ret != UECC_SUCCESS )
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
return( 0 ); if( ret_fi == UECC_ATTACK_DETECTED )
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
if( ret_fi == UECC_SUCCESS )
{
if( ret_fi == UECC_SUCCESS )
return( 0 );
else
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
} }
/* /*