Add buffer and context clearing upon suspected FI
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/library/aes.c b/library/aes.c
index 8cfb4ba..e49f74f 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -822,6 +822,7 @@
}
}
+ mbedtls_platform_memset( RK, 0, ( keybits >> 5 ) * 4 );
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */
@@ -1176,6 +1177,8 @@
}
}
+ // Clear the output in case of a FI
+ mbedtls_platform_memset( output, 0, 16 );
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
@@ -1460,6 +1463,8 @@
}
}
+ // Clear the output in case of a FI
+ mbedtls_platform_memset( output, 0, 16 );
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}