commit 6ce4988768d7b753777d8c7061da5c48d77687c2
author Arto Kinnunen <arto.kinnunen@arm.com> Tue Dec 03 13:56:06 2019 +0200
committer Arto Kinnunen <arto.kinnunen@arm.com> Tue Dec 10 15:00:37 2019 +0200
tree 4c6eee1eb23798935ca78dbcf753907de1a8639f
parent 76deef9fca266004eee4501d9aad1009123a8bd3

AES FI resistance

Add FI countermeasures to AES.

include/mbedtls/aes.h

diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 0f430a8..6990be0 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -172,7 +172,8 @@
  *                 <li>256 bits</li></ul>
  *
  * \return         \c 0 on success.
- * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
+ * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH or
+ *                 #MBEDTLS_ERR_PLATFORM_FAULT_DETECTED on failure.
  */
 int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
                     unsigned int keybits );
@@ -190,7 +191,8 @@
  *                 <li>256 bits</li></ul>
  *
  * \return         \c 0 on success.
- * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
+ * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH or
+ *                 #MBEDTLS_ERR_PLATFORM_FAULT_DETECTED on failure.
  */
 int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
                     unsigned int keybits );
@@ -602,6 +604,7 @@
  * \param output    The output (ciphertext) block.
  *
  * \return          \c 0 on success.
+ * \return             #MBEDTLS_ERR_PLATFORM_FAULT_DETECTED in case of error.
  */
 int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
                                   const unsigned char input[16],
@@ -617,6 +620,7 @@
  * \param output    The output (plaintext) block.
  *
  * \return          \c 0 on success.
+ * \return             #MBEDTLS_ERR_PLATFORM_FAULT_DETECTED in case of error.
  */
 int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
                                   const unsigned char input[16],