Use double-checking of critical value in pk_verify()

Also change the flow so that the default return value is a failing one.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-11-06 11:56:25 +01:00
parent 324c6e9cc9
commit ca7b5ab5ef

View File

@ -577,6 +577,7 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *sig, size_t sig_len )
{
int ret;
volatile int ret_fi;
uint8_t signature[2*NUM_ECC_BYTES];
unsigned char *p;
const struct uECC_Curve_t * uecc_curve = uECC_secp256r1();
@ -589,12 +590,21 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
if( ret != 0 )
return( ret );
ret = uECC_verify( keypair->public_key, hash,
ret_fi = uECC_verify( keypair->public_key, hash,
(unsigned) hash_len, signature, uecc_curve );
if( ret != UECC_SUCCESS )
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
if( ret_fi == UECC_ATTACK_DETECTED )
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
if( ret_fi == UECC_SUCCESS )
{
if( ret_fi == UECC_SUCCESS )
return( 0 );
else
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
}
/*