Duplicate sensitive buffer and buffer length information
Detect FI attacks on buffer pointers and buffer lengths.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/tinycrypt/ecc_dsa.c b/tinycrypt/ecc_dsa.c
index bb3ed81..b2adb9e 100644
--- a/tinycrypt/ecc_dsa.c
+++ b/tinycrypt/ecc_dsa.c
@@ -146,6 +146,10 @@
uECC_word_t _random[2*NUM_ECC_WORDS];
uECC_word_t k[NUM_ECC_WORDS];
uECC_word_t tries;
+ volatile const uint8_t *private_key_dup = private_key;
+ volatile const uint8_t *message_hash_dup = message_hash;
+ volatile unsigned hash_size_dup = hash_size;
+ volatile uint8_t *signature_dup = signature;
for (tries = 0; tries < uECC_RNG_MAX_TRIES; ++tries) {
/* Generating _random uniformly at random: */
@@ -164,6 +168,10 @@
return r;
}
if (r == UECC_SUCCESS) {
+ if(private_key_dup != private_key || message_hash_dup != message_hash ||
+ hash_size_dup != hash_size || signature_dup != signature){
+ return UECC_FAULT_DETECTED;
+ }
return UECC_SUCCESS;
}
/* else keep trying */
@@ -194,6 +202,11 @@
bitcount_t i;
bitcount_t flow_control;
volatile uECC_word_t diff;
+ volatile const uint8_t *public_key_dup = public_key;
+ volatile const uint8_t *message_hash_dup = message_hash;
+ volatile unsigned hash_size_dup = hash_size;
+ volatile const uint8_t *signature_dup = signature;
+
uECC_word_t _public[NUM_ECC_WORDS * 2];
uECC_word_t r[NUM_ECC_WORDS], s[NUM_ECC_WORDS];
@@ -295,6 +308,10 @@
* 1 (base value) + num_bits - 1 (from the loop) + 5 incrementations.
*/
if (diff == 0 && flow_control == (num_bits + 5)) {
+ if(public_key_dup != public_key || message_hash_dup != message_hash ||
+ hash_size_dup != hash_size || signature_dup != signature){
+ return UECC_FAULT_DETECTED;
+ }
return UECC_SUCCESS;
}
else {