commit afec8853c5ba39c2272e26a996a36f6257e0078c
author Andrzej Kurek <andrzej.kurek@arm.com> Wed Jul 15 16:31:27 2020 -0400
committer Andrzej Kurek <andrzej.kurek@arm.com> Wed Jul 15 16:31:27 2020 -0400
tree 3d978b1ef1deca5e0090efcad1f056f78940cc6b
parent c417c783e5f054df6be57e7fe5d696a46c499bec

Revert a part of the sensitive information duplication changes

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

library/aes.c

diff --git a/library/aes.c b/library/aes.c
index e49f74f..f6c4fc3 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -686,8 +686,6 @@
     unsigned int flow_ctrl = 0;
     volatile unsigned int i = 0;
     volatile int ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED;
-    volatile const unsigned char *key_dup = key;
-    volatile unsigned int keybits_dup = keybits;
     uint32_t *RK;
     uint32_t offset = 0;
 
@@ -816,10 +814,7 @@
 #endif
     ) )
     {
-        if( keybits_dup == keybits && key_dup == key )
-        {
-            return ret;
-        }
+        return ret;
     }
 
     mbedtls_platform_memset( RK, 0, ( keybits >> 5 ) * 4 );
@@ -1069,8 +1064,6 @@
     aes_r_data_t *aes_data_table[2];    // pointers to real and fake data
     int round_ctrl_table_len = ctx->nr + 2 + AES_SCA_CM_ROUNDS;
     volatile int flow_control;
-    volatile const unsigned char *input_dup = input;
-    volatile unsigned char *output_dup = output;
     // control bytes for AES calculation rounds,
     // reserve based on max rounds + dummy rounds + 2 (for initial key addition)
     uint8_t round_ctrl_table[( 14 + AES_SCA_CM_ROUNDS + 2 )];
@@ -1170,11 +1163,7 @@
 
     if( flow_control == tindex + dummy_rounds + 8 )
     {
-        /* Validate control path due possible fault injection */
-        if( output_dup == output && input_dup == input )
-        {
-            return 0;
-        }
+        return 0;
     }
 
     // Clear the output in case of a FI
@@ -1355,8 +1344,6 @@
     aes_r_data_t *aes_data_table[2];    // pointers to real and fake data
     int round_ctrl_table_len = ctx->nr + 2 + AES_SCA_CM_ROUNDS;
     volatile int flow_control;
-    volatile const unsigned char *input_dup = input;
-    volatile unsigned char *output_dup = output;
     // control bytes for AES calculation rounds,
     // reserve based on max rounds + dummy rounds + 2 (for initial key addition)
     uint8_t round_ctrl_table[( 14 + AES_SCA_CM_ROUNDS + 2 )];
@@ -1456,11 +1443,7 @@
 
     if( flow_control == tindex + dummy_rounds + 8 )
     {
-        /* Validate control path due possible fault injection */
-        if( output_dup == output && input_dup == input )
-        {
-            return 0;
-        }
+        return 0;
     }
 
     // Clear the output in case of a FI