Changed every memcmp to SCA equivalent mbedtls_platform_memcmp This makes physical attacks more difficult. Selftest memcmp functions were not changed.

commit: 61f412eb587dcb842c9388b93505bc078a58aac4 [log] [tgz]
author: Teppo Järvelin <teppo.jarvelin@arm.com> Thu Oct 03 12:25:22 2019 +0300
committer: Teppo Järvelin <teppo.jarvelin@arm.com> Thu Oct 03 13:14:33 2019 +0300
tree: aeec04ea080257880d100f8e848b7d91bbe739e1
parent: 51f65e4b86f59c7976168eeb61dbe16bbda88356 [diff] [blame]
diff --git a/library/pkcs5.c b/library/pkcs5.c
index a517778..f6610e7 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c

@@ -383,7 +383,7 @@
         ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i],
                                   slen[i], it_cnt[i], key_len[i], key );
         if( ret != 0 ||
-            memcmp( result_key[i], key, key_len[i] ) != 0 )
+                memcmp( result_key[i], key, key_len[i] ) != 0 )
         {
             if( verbose != 0 )
                 mbedtls_printf( "failed\n" );
commit	61f412eb587dcb842c9388b93505bc078a58aac4	[log] [tgz]
author	Teppo Järvelin <teppo.jarvelin@arm.com>	Thu Oct 03 12:25:22 2019 +0300
committer	Teppo Järvelin <teppo.jarvelin@arm.com>	Thu Oct 03 13:14:33 2019 +0300
tree	aeec04ea080257880d100f8e848b7d91bbe739e1
parent	51f65e4b86f59c7976168eeb61dbe16bbda88356 [diff] [blame]