commit 0736325d80954911fe7dac3224468bc87d40803a
author Jarno Lamsa <jarno.lamsa@arm.com> Fri Sep 27 16:20:11 2019 +0300
committer Jarno Lamsa <jarno.lamsa@arm.com> Mon Sep 30 09:40:03 2019 +0300
tree 6b645b71360482b5d1a2aedb5942636d05a253d3
parent bf77960368e85e6909a8ed95ea0c8a998570b2ed

Add FI/SCA compliant versions of mem-functions

Add FI/SCA compliant memset, memcmp and memcpy-functions
to platform_util. Also add a stub implementation of a global
RNG-function.

library/platform_util.c

diff --git a/library/platform_util.c b/library/platform_util.c
index 6f6d8b6..73759cd 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -79,6 +79,71 @@
 }
 #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
 
+void mbedtls_platform_memset( void *ptr, int value, size_t num )
+{
+    /* Randomize start offset. */
+    size_t startOffset = mbedtls_random_in_range( num );
+    /* Randomize data */
+    size_t data = mbedtls_random_in_range( 0xff );
+
+    /* Perform a pair of memset operations from random locations with
+     * random data */
+    memset( ( void * ) ( ptr + startOffset ), value, ( num - startOffset ) );
+    memset( ( void * ) ptr, data, startOffset );
+
+    /* Perform the original memset */
+    memset( ptr, value, num );
+}
+
+void mbedtls_platform_memcpy( void *dst, const void *src, size_t num )
+{
+    /* Randomize start offset. */
+    size_t startOffset = mbedtls_random_in_range( num );
+    /* Randomize initial data to prevent leakage while copying */
+    size_t data = mbedtls_random_in_range( 0xff );
+
+    memset( ( void * ) dst, data, num );
+    memcpy( ( void * ) ( ( unsigned char * ) dst + startOffset ),
+            ( void * ) ( ( unsigned char * ) src + startOffset ),
+            ( num - startOffset ) );
+    memcpy( ( void * ) dst, ( void * ) src, startOffset );
+}
+
+int mbedtls_platform_memcmp( const void *buf1, const void *buf2, size_t num )
+{
+    volatile unsigned int equal = 0;
+
+    size_t i = num;
+
+    size_t startOffset = mbedtls_random_in_range( num );
+
+    for( i = startOffset; i < num; i++ )
+    {
+        equal += ( ( ( unsigned char * ) buf1 )[i] ==
+                   ( ( unsigned char * ) buf2 )[i] );
+    }
+
+    for( i = 0; i < startOffset; i++ )
+    {
+        equal += ( ( ( unsigned char * ) buf1 )[i] ==
+                   ( ( unsigned char * ) buf2 )[i] );
+    }
+
+    if ( equal == num )
+    {
+        return 0;
+    }
+
+    return 1;
+}
+
+//TODO: This is a stub implementation of the global RNG function.
+size_t mbedtls_random_in_range( size_t num )
+{
+    (void) num;
+    return 0;
+}
+
 #if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
 #include <time.h>
 #if !defined(_WIN32) && (defined(unix) || \