commit 4aaa34c03fa03124830460995bd61e976da28b7d
author Piotr Nowicki <piotr.nowicki@arm.com> Wed May 20 13:57:38 2020 +0200
committer Piotr Nowicki <piotr.nowicki@arm.com> Wed May 20 16:50:24 2020 +0200
tree 9713f7d9f9c853e77d827b93d828f28874358ad1
parent 2d21e3e47b93e7f3722c04d4e92d2d0b8e9be735

Add flow monitor protection to mbedtls_platform_memcmp()

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>

library/platform_util.c

diff --git a/library/platform_util.c b/library/platform_util.c
index 2c22b3c..2b8eb56 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -125,22 +125,25 @@
     volatile unsigned char diff = 0;
 
     size_t i = num;
-
+    size_t flow_counter = 0;
     size_t start_offset = (size_t) mbedtls_platform_random_in_range( num );
 
     for( i = start_offset; i < num; i++ )
     {
         unsigned char x = A[i], y = B[i];
+        flow_counter++;
         diff |= x ^ y;
     }
 
     for( i = 0; i < start_offset; i++ )
     {
         unsigned char x = A[i], y = B[i];
+        flow_counter++;
         diff |= x ^ y;
     }
 
-    return( diff );
+    /* Return 0 only when diff is 0 and flow_counter is equal to num */
+    return( (int) diff | (int) ( flow_counter ^ num ) );
 }
 
 uint32_t mbedtls_platform_random_in_range( size_t num )