TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 91d79387619e0a4fe6a0cc6e045102820b1a18d1^! / . / library / pkcs5.c
commit91d79387619e0a4fe6a0cc6e045102820b1a18d1[log] [tgz]
authorTeppo Järvelin <teppo.jarvelin@arm.com>Wed Oct 02 09:09:31 2019 +0300
committerTeppo Järvelin <teppo.jarvelin@arm.com>Wed Oct 30 14:07:04 2019 +0200
tree2b9aeda258513183faab54cdc313c91e5ce989ff
parentaeecf04be3ab7939a93ad6ad613a1f74a56c21b7 [diff] [blame]
Changed every memcpy to SCA equivalent mbedtls_platform_memcpy

This makes physical attacks more difficult.

diff --git a/library/pkcs5.c b/library/pkcs5.c
index c966a42..52e0eab 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c

@@ -189,7 +189,7 @@
     mbedtls_md_init( &md_ctx );
     mbedtls_cipher_init( &cipher_ctx );
 
-    memcpy( iv, enc_scheme_params.p, enc_scheme_params.len );
+    mbedtls_platform_memcpy( iv, enc_scheme_params.p, enc_scheme_params.len );
 
     if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
         goto exit;
@@ -256,7 +256,7 @@
         if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 )
             return( ret );
 
-        memcpy( md1, work, md_size );
+        mbedtls_platform_memcpy( md1, work, md_size );
 
         for( i = 1; i < iteration_count; i++ )
         {
@@ -278,7 +278,7 @@
         }
 
         use_len = ( key_length < md_size ) ? key_length : md_size;
-        memcpy( out_p, work, use_len );
+        mbedtls_platform_memcpy( out_p, work, use_len );
 
         key_length -= (uint32_t) use_len;
         out_p += use_len;