TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 3a256128d696322497f69f81b866d4fe75164ba0^! / . / library / ecp.c
commit3a256128d696322497f69f81b866d4fe75164ba0[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Thu Apr 20 11:20:26 2017 +0200
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Wed Aug 09 11:44:53 2017 +0200
tree969185a9c5da4604ceaca0f7ad71a9516e9e7b3f
parent53fbd63eb44a3ce09a7972b571ab6ce68023e461 [diff] [blame]
Reset ops_done at the right time

This should only be done in the top-level function.

Also, we need to know if we indeed are the top-level function or not: for
example, when mbedtls_ecp_muladd() calls mbedtls_ecp_mul(), the later should
not reset ops_done. This is handled by the "depth" parameter in the restart
context.

diff --git a/library/ecp.c b/library/ecp.c
index 673b547..2f6c1e8 100644
--- a/library/ecp.c
+++ b/library/ecp.c

@@ -164,6 +164,7 @@
         return;
 
     ctx->ops_done = 0;
+    ctx->depth = 0;
 
     ecp_restart_mul_free( ctx->rsm );
     mbedtls_free( ctx->rsm );
@@ -1769,10 +1770,6 @@
 
         ecp_restart_mul_init( rs_ctx->rsm );
     }
-
-    /* reset ops count for this call */
-    if( rs_ctx != NULL )
-        rs_ctx->ops_done = 0;
 #endif
 
     /* Is P the base point ? */
@@ -2104,10 +2101,11 @@
     char is_grp_capable = 0;
 #endif
 
-    /* Common sanity checks */
-    if( ( ret = mbedtls_ecp_check_privkey( grp, m ) ) != 0 ||
-        ( ret = mbedtls_ecp_check_pubkey( grp, P ) ) != 0 )
-        return( ret );
+#if defined(MBEDTLS_ECP_EARLY_RETURN)
+    /* reset ops count for this call if top-level */
+    if( rs_ctx != NULL && rs_ctx->depth++ == 0 )
+        rs_ctx->ops_done = 0;
+#endif
 
 #if defined(MBEDTLS_ECP_INTERNAL_ALT)
     if ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp )  )
@@ -2116,25 +2114,36 @@
     }
 
 #endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+    /* Common sanity checks */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( grp, m ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) );
+
+    ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
 #if defined(ECP_MONTGOMERY)
     if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY )
-        ret = ecp_mul_mxz( grp, R, m, P, f_rng, p_rng );
-
+        MBEDTLS_MPI_CHK( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) );
 #endif
 #if defined(ECP_SHORTWEIERSTRASS)
     if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
-        ret = ecp_mul_comb( grp, R, m, P, f_rng, p_rng, rs_ctx );
-
+        MBEDTLS_MPI_CHK( ecp_mul_comb( grp, R, m, P, f_rng, p_rng, rs_ctx ) );
 #endif
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+
 cleanup:
 
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
     if ( is_grp_capable )
     {
         mbedtls_internal_ecp_free( grp );
     }
 
 #endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#if defined(MBEDTLS_ECP_EARLY_RETURN)
+    if( rs_ctx != NULL )
+        rs_ctx->depth--;
+#endif
+
     return( ret );
 }