yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-25 15:15:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add double-checking of critical value in uECC_verify()

Browse source 
This hardens against attacks that glitch the conditional branch by making it
necessary for the attacker to inject two consecutive faults instead of one. If
desired, we could insert a random delay in order to further protect against
double-glitch attacks.

Also, when a single glitch is detected we report it.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-11-06 11:14:38 +01:00
parent 2b6312b7d9
commit e6d6f17738
1 changed files with 10 additions and 2 deletions

12
tinycrypt/ecc_dsa.c
View file

@ -214,6 +214,7 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash,
const uECC_word_t *point; const uECC_word_t *point;
bitcount_t num_bits; bitcount_t num_bits;
bitcount_t i; bitcount_t i;
volatile uECC_word_t diff;
uECC_word_t _public[NUM_ECC_WORDS * 2]; uECC_word_t _public[NUM_ECC_WORDS * 2];
uECC_word_t r[NUM_ECC_WORDS], s[NUM_ECC_WORDS]; uECC_word_t r[NUM_ECC_WORDS], s[NUM_ECC_WORDS];
@ -301,8 +302,15 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash,
} }
/* Accept only if v == r. */ /* Accept only if v == r. */
if (uECC_vli_equal(rx, r) == 0) diff = uECC_vli_equal(rx, r);
return UECC_SUCCESS; if (diff == 0) {
if (diff == 0) {
return UECC_SUCCESS;
}
else {
return UECC_ATTACK_DETECTED;
}
}
return UECC_FAILURE; return UECC_FAILURE;
} }