Fix undefined order of volatile access

Found by the IAR compiler.

While at it, make 'diff' non-volatile in uECC_check_curve_integrity(), as
there is no good reason to make it volatile, and making it volatile only
increases the code size and the burden of defining access ordering.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-12-05 15:30:09 +01:00
parent 83d7881cec
commit 645896e0ea

View file

@ -153,15 +153,20 @@ static int uECC_check_curve_integrity(void)
0x76, 0x0a, 0xe2, 0xbc, 0xce, 0x2a, 0xa2, 0xc6,
0x38, 0xf2, 0x19, 0x1d, 0x76, 0x72, 0x93, 0x49,
};
volatile unsigned char diff = 0;
unsigned char diff = 0;
unsigned char tmp1, tmp2;
volatile unsigned i;
if (uECC_compute_param_sha256(computed) != UECC_SUCCESS) {
return UECC_FAILURE;
}
for (i = 0; i < 32; i++)
diff |= computed[i] ^ reference[i];
for (i = 0; i < 32; i++) {
/* make sure the order of volatile accesses is well-defined */
tmp1 = computed[i];
tmp2 = reference[i];
diff |= tmp1 ^ tmp2;
}
/* i should be 32 */
mbedtls_platform_enforce_volatile_reads();
@ -282,10 +287,13 @@ uECC_word_t uECC_vli_equal(const uECC_word_t *left, const uECC_word_t *right)
{
uECC_word_t diff = 0;
uECC_word_t tmp1, tmp2;
volatile int i;
for (i = NUM_ECC_WORDS - 1; i >= 0; --i) {
diff |= (left[i] ^ right[i]);
tmp1 = left[i];
tmp2 = right[i];
diff |= (tmp1 ^ tmp2);
}
/* i should be -1 now */