Add buffer and context clearing upon suspected FI
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/tinycrypt/ecc_dh.c b/tinycrypt/ecc_dh.c
index 197a61a..bf3a803 100644
--- a/tinycrypt/ecc_dh.c
+++ b/tinycrypt/ecc_dh.c
@@ -153,6 +153,8 @@
if (private_key == private_key_dup && public_key == public_key_dup) {
return UECC_SUCCESS;
}
+ /* Erase key in case of FI */
+ mbedtls_platform_memset(public_key, 0, 2*NUM_ECC_BYTES);
return UECC_FAULT_DETECTED;
}
}
@@ -189,6 +191,8 @@
/* erasing temporary buffer used to store secret: */
mbedtls_platform_zeroize(_private, sizeof(_private));
if (public_key_dup != public_key || private_key_dup != private_key || secret_dup != secret) {
+ /* Erase secret in case of FI */
+ mbedtls_platform_memset(secret, 0, NUM_ECC_BYTES);
return UECC_FAULT_DETECTED;
}
diff --git a/tinycrypt/ecc_dsa.c b/tinycrypt/ecc_dsa.c
index 2b06d44..15098e8 100644
--- a/tinycrypt/ecc_dsa.c
+++ b/tinycrypt/ecc_dsa.c
@@ -165,11 +165,13 @@
r = uECC_sign_with_k(private_key, message_hash, hash_size, k, signature);
/* don't keep trying if a fault was detected */
if (r == UECC_FAULT_DETECTED) {
+ mbedtls_platform_memset(signature, 0, 2*NUM_ECC_BYTES);
return r;
}
if (r == UECC_SUCCESS) {
if (private_key_dup != private_key || message_hash_dup != message_hash ||
hash_size_dup != hash_size || signature_dup != signature) {
+ mbedtls_platform_memset(signature, 0, 2*NUM_ECC_BYTES);
return UECC_FAULT_DETECTED;
}
return UECC_SUCCESS;