boot: Harden critical path against fault attacks Add fault attack mitigation measures to code vital for the correct validation of images. Change-Id: If6eb1110a8c2966faf105d07ad2e95482a80a8d9 Signed-off-by: Raef Coles <raef.coles@arm.com> Signed-off-by: Tamas Ban <tamas.ban@arm.com>

commit: e8fe6cf2599a74e703438d400544fdd8b3e1174b [log] [tgz]
author: Raef Coles <raef.coles@arm.com> Tue May 26 13:07:40 2020 +0100
committer: Fabio Utzig <utzig@utzig.org> Fri Oct 02 07:31:11 2020 -0300
tree: 8dc9e55359bd9eedc1dcb836049c99c1ac3be29f
parent: 1dcc73b0b8946a5dd90de75111195ae69f17ac17 [diff] [blame]
diff --git a/boot/bootutil/src/bootutil_priv.h b/boot/bootutil/src/bootutil_priv.h
index 180cd5c..be9de71 100644
--- a/boot/bootutil/src/bootutil_priv.h
+++ b/boot/bootutil/src/bootutil_priv.h

@@ -36,6 +36,7 @@
 
 #include "bootutil/bootutil.h"
 #include "bootutil/image.h"
+#include "bootutil/fault_injection_hardening.h"
 #include "mcuboot_config/mcuboot_config.h"
 
 #ifdef MCUBOOT_ENC_IMAGES
@@ -284,8 +285,10 @@
 #endif
 };
 
-int bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig,
-                        size_t slen, uint8_t key_id);
+fih_int bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig,
+                            size_t slen, uint8_t key_id);
+
+fih_int boot_fih_memequal(const void *s1, const void *s2, size_t n);
 
 int boot_magic_compatible_check(uint8_t tbl_val, uint8_t val);
 uint32_t boot_status_sz(uint32_t min_write_sz);
commit	e8fe6cf2599a74e703438d400544fdd8b3e1174b	[log] [tgz]
author	Raef Coles <raef.coles@arm.com>	Tue May 26 13:07:40 2020 +0100
committer	Fabio Utzig <utzig@utzig.org>	Fri Oct 02 07:31:11 2020 -0300
tree	8dc9e55359bd9eedc1dcb836049c99c1ac3be29f
parent	1dcc73b0b8946a5dd90de75111195ae69f17ac17 [diff] [blame]