mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 16:45:41 +01:00
Revert a part of sensitive information duplication from tinycrypt
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
parent
afec8853c5
commit
cf3e35cc58
@ -1239,8 +1239,6 @@ int uECC_compute_public_key(const uint8_t *private_key, uint8_t *public_key)
|
|||||||
int ret = UECC_FAULT_DETECTED;
|
int ret = UECC_FAULT_DETECTED;
|
||||||
uECC_word_t _private[NUM_ECC_WORDS];
|
uECC_word_t _private[NUM_ECC_WORDS];
|
||||||
uECC_word_t _public[NUM_ECC_WORDS * 2];
|
uECC_word_t _public[NUM_ECC_WORDS * 2];
|
||||||
volatile const uint8_t *private_key_dup = private_key;
|
|
||||||
volatile const uint8_t *public_key_dup = public_key;
|
|
||||||
|
|
||||||
uECC_vli_bytesToNative(
|
uECC_vli_bytesToNative(
|
||||||
_private,
|
_private,
|
||||||
@ -1266,8 +1264,6 @@ int uECC_compute_public_key(const uint8_t *private_key, uint8_t *public_key)
|
|||||||
uECC_vli_nativeToBytes(
|
uECC_vli_nativeToBytes(
|
||||||
public_key +
|
public_key +
|
||||||
NUM_ECC_BYTES, NUM_ECC_BYTES, _public + NUM_ECC_WORDS);
|
NUM_ECC_BYTES, NUM_ECC_BYTES, _public + NUM_ECC_WORDS);
|
||||||
if (private_key_dup != private_key || public_key_dup != public_key){
|
|
||||||
return UECC_FAULT_DETECTED;
|
|
||||||
}
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -170,9 +170,6 @@ int uECC_shared_secret(const uint8_t *public_key, const uint8_t *private_key,
|
|||||||
wordcount_t num_words = NUM_ECC_WORDS;
|
wordcount_t num_words = NUM_ECC_WORDS;
|
||||||
wordcount_t num_bytes = NUM_ECC_BYTES;
|
wordcount_t num_bytes = NUM_ECC_BYTES;
|
||||||
int r = UECC_FAULT_DETECTED;
|
int r = UECC_FAULT_DETECTED;
|
||||||
volatile const uint8_t *public_key_dup = public_key;
|
|
||||||
volatile const uint8_t *private_key_dup = private_key;
|
|
||||||
volatile const uint8_t *secret_dup = secret;
|
|
||||||
|
|
||||||
/* Converting buffers to correct bit order: */
|
/* Converting buffers to correct bit order: */
|
||||||
uECC_vli_bytesToNative(_private,
|
uECC_vli_bytesToNative(_private,
|
||||||
@ -190,11 +187,6 @@ int uECC_shared_secret(const uint8_t *public_key, const uint8_t *private_key,
|
|||||||
|
|
||||||
/* erasing temporary buffer used to store secret: */
|
/* erasing temporary buffer used to store secret: */
|
||||||
mbedtls_platform_zeroize(_private, sizeof(_private));
|
mbedtls_platform_zeroize(_private, sizeof(_private));
|
||||||
if (public_key_dup != public_key || private_key_dup != private_key || secret_dup != secret) {
|
|
||||||
/* Erase secret in case of FI */
|
|
||||||
mbedtls_platform_memset(secret, 0, NUM_ECC_BYTES);
|
|
||||||
return UECC_FAULT_DETECTED;
|
|
||||||
}
|
|
||||||
|
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
@ -204,10 +204,6 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash,
|
|||||||
bitcount_t i;
|
bitcount_t i;
|
||||||
bitcount_t flow_control;
|
bitcount_t flow_control;
|
||||||
volatile uECC_word_t diff;
|
volatile uECC_word_t diff;
|
||||||
volatile const uint8_t *public_key_dup = public_key;
|
|
||||||
volatile const uint8_t *message_hash_dup = message_hash;
|
|
||||||
volatile unsigned hash_size_dup = hash_size;
|
|
||||||
volatile const uint8_t *signature_dup = signature;
|
|
||||||
|
|
||||||
uECC_word_t _public[NUM_ECC_WORDS * 2];
|
uECC_word_t _public[NUM_ECC_WORDS * 2];
|
||||||
uECC_word_t r[NUM_ECC_WORDS], s[NUM_ECC_WORDS];
|
uECC_word_t r[NUM_ECC_WORDS], s[NUM_ECC_WORDS];
|
||||||
@ -309,10 +305,6 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash,
|
|||||||
* 1 (base value) + num_bits - 1 (from the loop) + 5 incrementations.
|
* 1 (base value) + num_bits - 1 (from the loop) + 5 incrementations.
|
||||||
*/
|
*/
|
||||||
if (diff == 0 && flow_control == (num_bits + 5)) {
|
if (diff == 0 && flow_control == (num_bits + 5)) {
|
||||||
if (public_key_dup != public_key || message_hash_dup != message_hash ||
|
|
||||||
hash_size_dup != hash_size || signature_dup != signature) {
|
|
||||||
return UECC_FAULT_DETECTED;
|
|
||||||
}
|
|
||||||
return UECC_SUCCESS;
|
return UECC_SUCCESS;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
Loading…
Reference in New Issue
Block a user