Force some compilers to respect volatile reads
Inspection of the generated assembly showed that before this commit, armcc 5 was optimizing away the successive reads to the volatile local variable that's used for double-checks. Inspection also reveals that inserting a call to an external function is enough to prevent it from doing that. The tested versions of ARM-GCC, Clang and Armcc 6 (aka armclang) all keep the double read, with our without a call to an external function in the middle. The inserted function can also be changed to insert a random delay if desired in the future, as it is appropriately places between the reads.
This commit is contained in:
Manuel Pégourié-Gonnard
parent
ca7b5ab5ef
commit
72a8c9e7dc
4 changed files with 19 additions and 0 deletions
|
|
@ -67,6 +67,7 @@
|
|||
#if defined(MBEDTLS_USE_TINYCRYPT)
|
||||
#include <tinycrypt/ecc.h>
|
||||
#include <tinycrypt/ecc_dsa.h>
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#if default_RNG_defined
|
||||
static uECC_RNG_Function g_rng_function = &default_CSPRNG;
|
||||
|
|
@ -304,6 +305,7 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash,
|
|||
/* Accept only if v == r. */
|
||||
diff = uECC_vli_equal(rx, r);
|
||||
if (diff == 0) {
|
||||
mbedtls_platform_enforce_volatile_reads();
|
||||
if (diff == 0) {
|
||||
return UECC_SUCCESS;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue