eden-emu/mbedtls
20
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Revert a part of the sensitive information duplication changes

Browse source 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek 2020-07-15 16:31:27 -04:00
parent c417c783e5
commit afec8853c5
No known key found for this signature in database
GPG key ID: 89A90840DC388527
5 changed files with 19 additions and 197 deletions
Download patch file Download diff file Expand all files Collapse all files

23
library/aes.c
View file

@ -686,8 +686,6 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int flow_ctrl = 0;
volatile unsigned int i = 0;
volatile int ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED;
volatile const unsigned char *key_dup = key;
volatile unsigned int keybits_dup = keybits;
uint32_t *RK;
uint32_t offset = 0;
@ -816,10 +814,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
#endif
) )
{
if( keybits_dup == keybits && key_dup == key )
{
return ret;
}
return ret;
}
mbedtls_platform_memset( RK, 0, ( keybits >> 5 ) * 4 );
@ -1069,8 +1064,6 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
aes_r_data_t *aes_data_table[2]; // pointers to real and fake data
int round_ctrl_table_len = ctx->nr + 2 + AES_SCA_CM_ROUNDS;
volatile int flow_control;
volatile const unsigned char *input_dup = input;
volatile unsigned char *output_dup = output;
// control bytes for AES calculation rounds,
// reserve based on max rounds + dummy rounds + 2 (for initial key addition)
uint8_t round_ctrl_table[( 14 + AES_SCA_CM_ROUNDS + 2 )];
@ -1170,11 +1163,7 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
if( flow_control == tindex + dummy_rounds + 8 )
{
/* Validate control path due possible fault injection */
if( output_dup == output && input_dup == input )
{
return 0;
}
return 0;
}
// Clear the output in case of a FI
@ -1355,8 +1344,6 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
aes_r_data_t *aes_data_table[2]; // pointers to real and fake data
int round_ctrl_table_len = ctx->nr + 2 + AES_SCA_CM_ROUNDS;
volatile int flow_control;
volatile const unsigned char *input_dup = input;
volatile unsigned char *output_dup = output;
// control bytes for AES calculation rounds,
// reserve based on max rounds + dummy rounds + 2 (for initial key addition)
uint8_t round_ctrl_table[( 14 + AES_SCA_CM_ROUNDS + 2 )];
@ -1456,11 +1443,7 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
if( flow_control == tindex + dummy_rounds + 8 )
{
/* Validate control path due possible fault injection */
if( output_dup == output && input_dup == input )
{
return 0;
}
return 0;
}
// Clear the output in case of a FI